Commit Graph

66 Commits

Author SHA1 Message Date
Dan Stough 94791f76b5
build: update gha to latest approved tsccr (#21061)
* build: update gha to latest approved tsccr

* chore: update hashicorp gha versions

* fix: update upload artifact workload to have unique ids
2024-05-14 15:49:03 -04:00
Deniz Onur Duzgun 3a6f2fba18
security: bump envoy version and k8s.io/apimachinery (#21017)
* security: bump envoy version

* add changelog
2024-05-02 13:36:02 -04:00
Michael Zalimeni ad23e96a32
ci: fix Envoy int test versions (#20964)
Follow-up to #20956
2024-04-08 21:27:38 +00:00
Deniz Onur Duzgun 3152ac3702
security: bump go, x/net and envoy versions (#20956)
* Bump go version

* Bump x/net

* Bump envoy version

* Add changelog

---------

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
2024-04-08 19:18:40 +00:00
Michael Zalimeni 5862c52642
[NET-7948] Bump Envoy version to address multiple CVEs (#20589)
security: Bump Envoy versions to address CVEs
2024-02-12 22:29:50 +00:00
skpratt 57bad0df85
add traffic permissions excludes and tests (#20453)
* add traffic permissions tests

* review fixes

* Update internal/mesh/internal/controllers/sidecarproxy/builder/local_app.go

Co-authored-by: John Landa <jonathanlanda@gmail.com>

---------

Co-authored-by: John Landa <jonathanlanda@gmail.com>
2024-02-07 20:21:44 +00:00
NicoletaPopoviciu b7b9bb0e83
Update Vault/Nomad versions. (#20322)
Update Vault/Nomad versions to ensure we're testing all the latest versions.

Update Vault/Nomad versions to ensure we're testing all the latest versions .
2024-01-30 16:36:08 -05:00
Michael Zalimeni a317064764
ci: Use Consul Go version for Vault int tests (#20219)
Unlike the Nomad tests (where Nomad is compiled from source and provides
the tests), Vault is installed as a binary, and local Consul tests are
run.

Fixes incorrect version change introduced in #20058.
2024-01-16 19:24:06 +00:00
Michael Zalimeni 3b111277ad
ci: Single source of truth for Go version in CI and Dockerfile (#20058)
ci: Set Go version consistently via .go-version

Ensure Go version is determined consistently for CI and Docker builds
rather than spread across several different files.

The intent is to eventually replace this with use of the `toolchain`
directive in Go 1.21.
2024-01-08 17:18:41 -05:00
John Murret 62a07b4204
update makefile, compatibility tests, and nightlies to use latest envoy. (#20048) 2023-12-22 15:56:48 +00:00
Michael Zalimeni 79e02f8a89
ci: upload test results to DataDog on test failure (#19956)
Due to the unintuitive behavior of GHA w.r.t. implicit status check
`success()`, test results were only being uploaded on success (failures
presumably came from retried tests that passed).
2023-12-14 23:13:04 +00:00
John Murret a5d5fd348b
fix actions to no longer use envoy 1.24.x to match supported versions. (#19918) 2023-12-12 12:37:07 -05:00
Chris S. Kim 5d7b1170af
Switch to github-actions format for integration tests (#19693) 2023-11-20 11:39:51 -05:00
cskh 04a3a3e8d0
Integ test (test/deployer): upgrade test with service mesh (#19658)
* Integ test (test/deployer): upgrade test with service mesh

* license
2023-11-15 19:32:37 -05:00
R.B. Boyer 4d7754ad25
test: update makefile to include ways to trigger deployer integration tests (#19553) 2023-11-07 12:41:14 -06:00
R.B. Boyer a72f868218
testing/deployer: update deployer to use v2 catalog constructs when requested (#19046)
This updates the testing/deployer (aka "topology test") framework to conditionally 
configure and launch catalog constructs using v2 resources. This is controlled via a 
Version field on the Node construct in a topology.Config. This only functions for a 
dataplane type and has other restrictions that match the rest of v2 (no peering, no 
wanfed, no mesh gateways).

Like config entries, you can statically provide a set of initial resources to be synced 
when bringing up the cluster (beyond those that are generated for you such as 
workloads, services, etc).

If you want to author a test that can be freely converted between v1 and v2 then that 
is possible. If you switch to the multi-port definition on a topology.Service (aka 
"workload/instance") then that makes v1 ineligible.

This also adds a starter set of "on every PR" integration tests for single and multiport 
under test-integ/catalogv2
2023-11-02 14:25:48 -05:00
cskh 4b26ed8eba
integ test: snapshot mesh frozen bug test (#19435)
* integ test: snapshot mesh frozen bug test
2023-10-30 18:20:23 -04:00
Chris Thain b1871fd08c
Backout Envoy 1.28.0 (#19306) 2023-10-20 17:03:54 +00:00
Chris Thain 681aef31e9
Update supported Envoy versions (#19276) 2023-10-19 21:08:20 +00:00
Sophie Gairo 61bd08c8b9
Net 4893- Ensure we're testing all the latest versions of Vault/Nomad (#19119)
* NET-5592 - update Nomad integration testing

* NET-4893: Ensure we're testing all the latest versions of Vault/Nomad
2023-10-17 12:55:16 -05:00
Eric Haberkorn ad3aab1ef7
Add traffic permissions integration tests. (#19008)
Add traffic permissions integration tests.
2023-10-06 12:06:12 -04:00
Chris S. Kim ca4ff6ba1d
Bump up compatibility test runner (#19081) 2023-10-05 13:02:12 -04:00
Chris S. Kim 1a9666c49d
Remove parallel flag (#19057) 2023-10-04 08:47:47 -07:00
John Murret 6f0df20d10
NET-5657 - consul-containers test for explicit upstreams (#18952)
* Explicit container test

* remove static resources

* fix passing serviceBindPorts

* WIP

* fix explicit upstream test

* use my image in CI until dataplane is fixed.

* gofmt

* fixing reference to v2beta1 in test-containers

* WIP

* remove bad references

* add missing license headers

* allow access internal/resource/resourcetest

* fix check-allowed-imports to append array items

* use preview image for dataplane

* revert some inadverntent comment updates in peering_topology

* add building local consul-dataplane image to compatibility-tests CI

* fix substitution in CI

* change upstreams to destinations based on incoming change

* fixing use of upstreams in resource update

* remove commented out lines and enable envoy concurrency on dataplane.

* changes to addess PR feedback

* small fixes

---------

Co-authored-by: Eric <eric@haberkorn.co>
2023-09-26 16:21:47 -04:00
Anita Akaeze f5985fedce
do not trigger integration tests (#18948) 2023-09-21 19:10:34 +00:00
Anita Akaeze 0236c48369
Update base ref property name (#18851)
* Update base ref property name

* Test skip ci (#18924)

test_push_merge

* cleanup test push code
2023-09-20 14:33:30 -07:00
Sophie Gairo a55c4a1c25
Test: NET-5592 - update Nomad integration testing (#18768)
NET-5592 - update Nomad integration testing
2023-09-12 14:59:27 -05:00
Curt Bushko f2ce472ae1
PLAT-1192 - Run CI on smaller instances (#18624)
Use smaller runners
2023-08-31 10:56:59 -04:00
Jared Kirschner 180c1e22c1
test: run automated tests against Vault 1.11 - 1.14 (#18590)
Begin to test against Vault 1.14. Drop tests against Vault 1.10.
2023-08-28 13:32:42 -04:00
Curt Bushko 7bc30e989c
Set concurrency for workflows (#18567)
* Set concurrency for workflows
2023-08-28 12:05:25 -04:00
Anita Akaeze 63fa78a141
NET-5382 & PLAT-1159: Do not trigger workflow if only doc files are in commit history (#18528)
NET-5382: Do not run workflow runs if at least one path matches
2023-08-23 15:26:05 -04:00
cskh d3837e389c
CI Split integration tests to run nightly and every PR (#18518)
* CI Split integration tests to run nightly and every PR

* Checkout release branch for nightly test
2023-08-18 10:56:33 -04:00
cskh 43d8898e08
bump testcontainers-go from 0.22.0 and remove pinned go version in in… (#18395)
* bump testcontainers-go from 0.22.0 and remove pinned go version in integ test

* go mod tidy

* Replace deprecated target.Authority with target.URL.Host
2023-08-08 18:08:14 +00:00
cskh 7902ae20a1
Upgrade test: remove outdated test and disable log due to verbosity (#18403)
* remove outdated test

* disable log since we have too many parallel tests
2023-08-08 13:16:32 -04:00
Curt Bushko 449e050741
Update actions for TSCCR (#18317)
Update action versions before deadline
2023-07-28 12:49:23 -04:00
Michael Zalimeni cf4deeb7ea
Update list of Envoy versions (#18300)
Update supported envoy versions to 1.24.10, 1.25.9, 1.26.4, 1.27.0.
2023-07-26 21:48:29 +00:00
John Murret 639210e28d
Revert "NET-4996 - filter go-tests and test-integration workflows from running on docs only and ui only changes" (#18248)
Revert "NET-4996 - filter go-tests and test-integration workflows from running on docs only and ui only changes (#18236)"

This reverts commit a11dba710e.
2023-07-24 10:05:43 -06:00
John Murret a11dba710e
NET-4996 - filter go-tests and test-integration workflows from running on docs only and ui only changes (#18236) 2023-07-23 13:08:15 -06:00
hashicorp-tsccr[bot] 1ef5dfcfc6
SEC-090: Automated trusted workflow pinning (2023-07-18) (#18174)
Result of tsccr-helper -log-level=info -pin-all-workflows .

Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
2023-07-19 16:56:50 -07:00
Nick Irvine cd3fc9e1d0
add peering_commontopo tests [NET-3700] (#17951)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Co-authored-by: NiniOak <anita.akaeze@hashicorp.com>
2023-07-18 16:41:30 -07:00
Nick Irvine 05b665e856
chore: bump upgrade integrations tests to 1.15, 116 [NET-4743] (#18130) 2023-07-14 17:13:41 -04:00
John Murret a2c6953d0d
[NET-4895] ci - api tests and consul container tests error because of dependency bugs with go 1.20.6. Pin go to 1.20.5. (#18124)
### Description
The following jobs started failing when go 1.20.6 was released:
- `go-test-api-1-19`
- `go-test-api-1-20`
- `compatibility-integration-tests`
- `upgrade-integration-tests`

`compatibility-integration-tests` and `compatibility-integration-tests`
to this testcontainers issue:
https://github.com/testcontainers/testcontainers-go/issues/1359. This
issue calls for testcontainers to release a new version when one of
their dependencies is fixed. When that is done, we will unpin the go
versions in `compatibility-integration-tests` and
`compatibility-integration-tests`.

### Testing & Reproduction steps

See these jobs broken in CI and then see them work with this PR.

---------

Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
2023-07-13 19:26:35 +00:00
Nick Irvine 3dc6f8fc06
ci: use gotestsum v1.10.1 [NET-4042] (#18088) 2023-07-11 17:13:54 -07:00
Matt Keeler 1864874726
CI Updates (#17834)
* Ensure that git access to private repos uses the ELEVATED_GITHUB_TOKEN

* Bump the runner size for the protobuf generation check

This has failed previously when the runner process that communicates with GitHub gets starved causing the job to fail.
2023-06-22 10:56:45 -04:00
Michael Zalimeni 500dcb1f21
Set GOPRIVATE for all hashicorp repos in CI (#17817)
Consistently set GOPRIVATE to include all hashicorp repos, s.t. private
modules are successfully pulled in enterprise CI.
2023-06-21 11:26:27 -04:00
Curt Bushko 0c15748c5a
[core]: Pin github action workflows (#17695) 2023-06-13 13:00:55 -04:00
Michael Zalimeni 30e0c234ab
Update list of Envoy versions (#17546) 2023-06-09 02:37:49 +00:00
John Murret b8eb98fcac
CI: do not upload test metrics to datadog on forks (#17448)
* bypass uploading testmetrics to datadog on forks / when api is not available

* add exclusions to upgrade tests
2023-05-24 18:57:49 +00:00
cskh 7166582b3e
CI: upload test results to datadog (#17438)
Co-authored-by: John Murret <john.murret@hashicorp.com>
2023-05-24 13:40:22 -04:00
cskh 1339c79f8d
consul-container test: no splitting and on single runner (#17394) 2023-05-17 14:57:12 -04:00