mirror of https://github.com/status-im/consul.git
924 lines
30 KiB
YAML
924 lines
30 KiB
YAML
# Copyright (c) HashiCorp, Inc.
|
|
# SPDX-License-Identifier: MPL-2.0
|
|
|
|
---
|
|
version: 2.1
|
|
|
|
parameters:
|
|
commit:
|
|
type: string
|
|
default: ""
|
|
description: "Commit to run load tests against"
|
|
|
|
references:
|
|
paths:
|
|
test-results: &TEST_RESULTS_DIR /tmp/test-results
|
|
environment: &ENVIRONMENT
|
|
TEST_RESULTS_DIR: *TEST_RESULTS_DIR
|
|
EMAIL: noreply@hashicorp.com
|
|
GIT_AUTHOR_NAME: circleci-consul
|
|
GIT_COMMITTER_NAME: circleci-consul
|
|
S3_ARTIFACT_BUCKET: consul-dev-artifacts-v2
|
|
BASH_ENV: .circleci/bash_env.sh
|
|
GO_VERSION: 1.20.1
|
|
envoy-versions: &supported_envoy_versions
|
|
- &default_envoy_version "1.22.7"
|
|
- "1.23.4"
|
|
- "1.24.2"
|
|
- "1.25.1"
|
|
nomad-versions: &supported_nomad_versions
|
|
- &default_nomad_version "1.3.3"
|
|
- "1.2.10"
|
|
- "1.1.16"
|
|
vault-versions: &supported_vault_versions
|
|
- &default_vault_version "1.12.2"
|
|
- "1.11.6"
|
|
- "1.10.9"
|
|
- "1.9.10"
|
|
consul-versions: &consul_versions
|
|
- "1.14"
|
|
- "1.15"
|
|
images:
|
|
# When updating the Go version, remember to also update the versions in the
|
|
# workflows section for go-test-lib jobs.
|
|
go: &GOLANG_IMAGE docker.mirror.hashicorp.services/cimg/go:1.20.1
|
|
ember: &EMBER_IMAGE docker.mirror.hashicorp.services/circleci/node:16-browsers
|
|
ubuntu: &UBUNTU_CI_IMAGE ubuntu-2004:202201-02
|
|
cache:
|
|
yarn: &YARN_CACHE_KEY consul-ui-v9-{{ checksum "ui/yarn.lock" }}
|
|
|
|
steps:
|
|
install-gotestsum: &install-gotestsum
|
|
name: install gotestsum
|
|
environment:
|
|
GOTESTSUM_RELEASE: 1.9.0
|
|
command: |
|
|
ARCH=`uname -m`
|
|
if [[ "$ARCH" == "aarch64" ]]; then
|
|
ARCH="arm64"
|
|
else
|
|
ARCH="amd64"
|
|
fi
|
|
url=https://github.com/gotestyourself/gotestsum/releases/download
|
|
curl -sSL "${url}/v${GOTESTSUM_RELEASE}/gotestsum_${GOTESTSUM_RELEASE}_linux_${ARCH}.tar.gz" | \
|
|
sudo tar -xz --overwrite -C /usr/local/bin gotestsum
|
|
|
|
get-aws-cli: &get-aws-cli
|
|
run:
|
|
name: download and install AWS CLI
|
|
command: |
|
|
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
|
|
echo -e "${AWS_CLI_GPG_KEY}" | gpg --import
|
|
curl -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip.sig
|
|
gpg --verify awscliv2.sig awscliv2.zip
|
|
unzip awscliv2.zip
|
|
sudo ./aws/install
|
|
|
|
# This step MUST be at the end of any set of steps due to the 'when' condition
|
|
notify-slack-failure: ¬ify-slack-failure
|
|
name: notify-slack-failure
|
|
when: on_fail
|
|
command: |
|
|
if [[ $CIRCLE_BRANCH == "main" ]]; then
|
|
CIRCLE_ENDPOINT="https://app.circleci.com/pipelines/github/${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}?branch=${CIRCLE_BRANCH}"
|
|
GITHUB_ENDPOINT="https://github.com/${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}/commit/${CIRCLE_SHA1}"
|
|
COMMIT_MESSAGE=$(git log -1 --pretty=%B | head -n1)
|
|
SHORT_REF=$(git rev-parse --short "${CIRCLE_SHA1}")
|
|
curl -X POST -H 'Content-type: application/json' \
|
|
--data \
|
|
"{ \
|
|
\"attachments\": [ \
|
|
{ \
|
|
\"fallback\": \"CircleCI job failed!\", \
|
|
\"text\": \"❌ Failed: \`${CIRCLE_USERNAME}\`'s <${CIRCLE_BUILD_URL}|${CIRCLE_STAGE}> job failed for commit <${GITHUB_ENDPOINT}|${SHORT_REF}> on \`${CIRCLE_BRANCH}\`!\n\n- <${COMMIT_MESSAGE}\", \
|
|
\"footer\": \"${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}\", \
|
|
\"ts\": \"$(date +%s)\", \
|
|
\"color\": \"danger\" \
|
|
} \
|
|
] \
|
|
}" "${FEED_CONSUL_GH_URL}"
|
|
else
|
|
echo "Not posting slack failure notifications for non-main branch"
|
|
fi
|
|
|
|
commands:
|
|
assume-role:
|
|
description: "Assume role to an ARN"
|
|
parameters:
|
|
access-key:
|
|
type: env_var_name
|
|
default: AWS_ACCESS_KEY_ID
|
|
secret-key:
|
|
type: env_var_name
|
|
default: AWS_SECRET_ACCESS_KEY
|
|
role-arn:
|
|
type: env_var_name
|
|
default: ROLE_ARN
|
|
steps:
|
|
# Only run the assume-role command for the main repo. The AWS credentials aren't available for forks.
|
|
- run: |
|
|
if [[ "${CIRCLE_BRANCH%%/*}/" != "pull/" ]]; then
|
|
export AWS_ACCESS_KEY_ID="${<< parameters.access-key >>}"
|
|
export AWS_SECRET_ACCESS_KEY="${<< parameters.secret-key >>}"
|
|
export ROLE_ARN="${<< parameters.role-arn >>}"
|
|
# assume role has duration of 15 min (the minimum allowed)
|
|
CREDENTIALS="$(aws sts assume-role --duration-seconds 900 --role-arn ${ROLE_ARN} --role-session-name build-${CIRCLE_SHA1} | jq '.Credentials')"
|
|
echo "export AWS_ACCESS_KEY_ID=$(echo $CREDENTIALS | jq -r '.AccessKeyId')" >> $BASH_ENV
|
|
echo "export AWS_SECRET_ACCESS_KEY=$(echo $CREDENTIALS | jq -r '.SecretAccessKey')" >> $BASH_ENV
|
|
echo "export AWS_SESSION_TOKEN=$(echo $CREDENTIALS | jq -r '.SessionToken')" >> $BASH_ENV
|
|
fi
|
|
|
|
run-go-test-full:
|
|
parameters:
|
|
go_test_flags:
|
|
type: string
|
|
default: ""
|
|
steps:
|
|
- attach_workspace:
|
|
at: /home/circleci/go/bin
|
|
- run: go mod download
|
|
- run:
|
|
name: go test
|
|
command: |
|
|
mkdir -p $TEST_RESULTS_DIR /tmp/jsonfile
|
|
PACKAGE_NAMES=$(go list -tags "$GOTAGS" ./... | circleci tests split --split-by=timings --timings-type=classname)
|
|
echo "Running $(echo $PACKAGE_NAMES | wc -w) packages"
|
|
echo $PACKAGE_NAMES
|
|
# some tests expect this umask, and arm images have a different default
|
|
umask 0022
|
|
|
|
<< parameters.go_test_flags >>
|
|
|
|
gotestsum \
|
|
--format=short-verbose \
|
|
--jsonfile /tmp/jsonfile/go-test-${CIRCLE_NODE_INDEX}.log \
|
|
--debug \
|
|
--rerun-fails=3 \
|
|
--rerun-fails-max-failures=40 \
|
|
--rerun-fails-report=/tmp/gotestsum-rerun-fails \
|
|
--packages="$PACKAGE_NAMES" \
|
|
--junitfile $TEST_RESULTS_DIR/gotestsum-report.xml -- \
|
|
-tags="$GOTAGS" -p 2 \
|
|
${GO_TEST_FLAGS-} \
|
|
-cover -coverprofile=coverage.txt
|
|
|
|
- store_test_results:
|
|
path: *TEST_RESULTS_DIR
|
|
- store_artifacts:
|
|
path: *TEST_RESULTS_DIR
|
|
- store_artifacts:
|
|
path: /tmp/jsonfile
|
|
- run: &rerun-fails-report
|
|
name: "Re-run fails report"
|
|
command: |
|
|
.circleci/scripts/rerun-fails-report.sh /tmp/gotestsum-rerun-fails
|
|
- run: *notify-slack-failure
|
|
|
|
jobs:
|
|
check-go-mod:
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
steps:
|
|
- checkout
|
|
- run: go mod tidy
|
|
- run: |
|
|
if [[ -n $(git status -s) ]]; then
|
|
echo "Git directory has changes"
|
|
git status -s
|
|
exit 1
|
|
fi
|
|
- run: *notify-slack-failure
|
|
|
|
# build is a templated job for build-x
|
|
build-distros: &build-distros
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
resource_class: large
|
|
environment: &build-env
|
|
<<: *ENVIRONMENT
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Build
|
|
command: |
|
|
for os in $XC_OS; do
|
|
target="./pkg/bin/${GOOS}_${GOARCH}/"
|
|
GOOS="$os" CGO_ENABLED=0 go build -o "${target}" -ldflags "${GOLDFLAGS}" -tags "${GOTAGS}"
|
|
done
|
|
|
|
# save dev build to CircleCI
|
|
- store_artifacts:
|
|
path: ./pkg/bin
|
|
- run: *notify-slack-failure
|
|
|
|
# build all 386 architecture supported OS binaries
|
|
build-386:
|
|
<<: *build-distros
|
|
environment:
|
|
<<: *build-env
|
|
XC_OS: "freebsd linux windows"
|
|
GOARCH: "386"
|
|
|
|
# build all amd64 architecture supported OS binaries
|
|
build-amd64:
|
|
<<: *build-distros
|
|
environment:
|
|
<<: *build-env
|
|
XC_OS: "darwin freebsd linux solaris windows"
|
|
GOARCH: "amd64"
|
|
|
|
# build all arm/arm64 architecture supported OS binaries
|
|
build-arm:
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
resource_class: large
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
CGO_ENABLED: 1
|
|
GOOS: linux
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
command: |
|
|
sudo rm -fv /etc/apt/sources.list.d/github_git-lfs.list # workaround for https://github.com/actions/runner-images/issues/1983
|
|
sudo apt-get update --allow-releaseinfo-change-suite --allow-releaseinfo-change-version && sudo apt-get install -y gcc-arm-linux-gnueabi gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu
|
|
- run:
|
|
environment:
|
|
GOARM: 5
|
|
CC: arm-linux-gnueabi-gcc
|
|
GOARCH: arm
|
|
command: go build -o ./pkg/bin/linux_armel/consul -ldflags="-linkmode=external ${GOLDFLAGS}"
|
|
- run:
|
|
environment:
|
|
GOARM: 6
|
|
CC: arm-linux-gnueabihf-gcc
|
|
GOARCH: arm
|
|
command: go build -o ./pkg/bin/linux_armhf/consul -ldflags="-linkmode=external ${GOLDFLAGS}"
|
|
- run:
|
|
environment:
|
|
CC: aarch64-linux-gnu-gcc
|
|
GOARCH: arm64
|
|
command: go build -o ./pkg/bin/linux_aarch64/consul -ldflags="-linkmode=external ${GOLDFLAGS}"
|
|
- store_artifacts:
|
|
path: ./pkg/bin
|
|
- run: *notify-slack-failure
|
|
|
|
# create a development build
|
|
dev-build:
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
resource_class: large
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
steps:
|
|
- checkout
|
|
- attach_workspace: # this normally runs as the first job and has nothing to attach; only used in main branch after rebuilding UI
|
|
at: .
|
|
- run:
|
|
name: Build
|
|
command: |
|
|
make dev
|
|
mkdir -p /home/circleci/go/bin
|
|
cp ./bin/consul /home/circleci/go/bin/consul
|
|
|
|
# save dev build to pass to downstream jobs
|
|
- persist_to_workspace:
|
|
root: /home/circleci/go/bin
|
|
paths:
|
|
- consul
|
|
- run: *notify-slack-failure
|
|
|
|
# upload development build to s3
|
|
dev-upload-s3:
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
steps:
|
|
- checkout
|
|
- *get-aws-cli
|
|
- assume-role:
|
|
access-key: AWS_ACCESS_KEY_ID_S3_UPLOAD
|
|
secret-key: AWS_SECRET_ACCESS_KEY_S3_UPLOAD
|
|
role-arn: ROLE_ARN_S3_UPLOAD
|
|
# get consul binary
|
|
- attach_workspace:
|
|
at: bin/
|
|
- run:
|
|
name: package binary
|
|
command: zip -j consul.zip bin/consul
|
|
- run:
|
|
name: Upload to s3
|
|
command: |
|
|
if [ -n "${S3_ARTIFACT_PATH}" ]; then
|
|
aws s3 cp \
|
|
--metadata "CIRCLECI=${CIRCLECI},CIRCLE_BUILD_URL=${CIRCLE_BUILD_URL},CIRCLE_BRANCH=${CIRCLE_BRANCH}" \
|
|
"consul.zip" "s3://${S3_ARTIFACT_BUCKET}/${S3_ARTIFACT_PATH}/${CIRCLE_SHA1}.zip" --acl public-read
|
|
else
|
|
echo "CircleCI - S3_ARTIFACT_PATH was not set"
|
|
exit 1
|
|
fi
|
|
- run: *notify-slack-failure
|
|
|
|
# upload dev docker image
|
|
dev-upload-docker:
|
|
docker:
|
|
- image: *GOLANG_IMAGE # use a circleci image so the attach_workspace step works (has ca-certs installed)
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
steps:
|
|
- checkout
|
|
# get consul binary
|
|
- attach_workspace:
|
|
at: bin/
|
|
- setup_remote_docker
|
|
- run: make ci.dev-docker
|
|
- run: *notify-slack-failure
|
|
nomad-integration-test: &NOMAD_TESTS
|
|
docker:
|
|
- image: docker.mirror.hashicorp.services/cimg/go:1.20
|
|
parameters:
|
|
nomad-version:
|
|
type: enum
|
|
enum: *supported_nomad_versions
|
|
default: *default_nomad_version
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
NOMAD_WORKING_DIR: &NOMAD_WORKING_DIR /home/circleci/go/src/github.com/hashicorp/nomad
|
|
NOMAD_VERSION: << parameters.nomad-version >>
|
|
steps: &NOMAD_INTEGRATION_TEST_STEPS
|
|
- run: git clone https://github.com/hashicorp/nomad.git --branch v${NOMAD_VERSION} ${NOMAD_WORKING_DIR}
|
|
|
|
# get consul binary
|
|
- attach_workspace:
|
|
at: /home/circleci/go/bin
|
|
|
|
# make dev build of nomad
|
|
- run:
|
|
command: make pkg/linux_amd64/nomad
|
|
working_directory: *NOMAD_WORKING_DIR
|
|
|
|
- run: *install-gotestsum
|
|
|
|
# run integration tests
|
|
- run:
|
|
name: go test
|
|
command: |
|
|
mkdir -p $TEST_RESULTS_DIR
|
|
gotestsum \
|
|
--format=short-verbose \
|
|
--junitfile $TEST_RESULTS_DIR/results.xml -- \
|
|
./command/agent/consul -run TestConsul
|
|
working_directory: *NOMAD_WORKING_DIR
|
|
|
|
# store test results for CircleCI
|
|
- store_test_results:
|
|
path: *TEST_RESULTS_DIR
|
|
- store_artifacts:
|
|
path: *TEST_RESULTS_DIR
|
|
- run: *notify-slack-failure
|
|
|
|
# build frontend yarn cache
|
|
frontend-cache:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
steps:
|
|
- checkout
|
|
|
|
# cache yarn deps
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
|
|
- run:
|
|
name: install yarn packages
|
|
command: cd ui && make deps
|
|
|
|
- save_cache:
|
|
key: *YARN_CACHE_KEY
|
|
paths:
|
|
- ui/node_modules
|
|
- ui/packages/consul-ui/node_modules
|
|
- run: *notify-slack-failure
|
|
|
|
# build ember so frontend tests run faster
|
|
ember-build-oss: &ember-build-oss
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
environment:
|
|
JOBS: 2 # limit parallelism for broccoli-babel-transpiler
|
|
CONSUL_NSPACES_ENABLED: 0
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- run: cd ui/packages/consul-ui && make build-ci
|
|
|
|
# saves the build to a workspace to be passed to a downstream job
|
|
- persist_to_workspace:
|
|
root: ui
|
|
paths:
|
|
- packages/consul-ui/dist
|
|
- run: *notify-slack-failure
|
|
|
|
# build ember so frontend tests run faster
|
|
ember-build-ent:
|
|
<<: *ember-build-oss
|
|
environment:
|
|
JOBS: 2 # limit parallelism for broccoli-babel-transpiler
|
|
CONSUL_NSPACES_ENABLED: 1
|
|
|
|
# rebuild UI for packaging
|
|
ember-build-prod:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
environment:
|
|
JOBS: 2 # limit parallelism for broccoli-babel-transpiler
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- run: cd ui && make
|
|
|
|
# saves the build to a workspace to be passed to a downstream job
|
|
- persist_to_workspace:
|
|
root: ui
|
|
paths:
|
|
- packages/consul-ui/dist
|
|
- run: *notify-slack-failure
|
|
|
|
# commits static assets to git
|
|
publish-static-assets:
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
steps:
|
|
- checkout
|
|
- add_ssh_keys: # needs a key to push updated static asset commit back to github
|
|
fingerprints:
|
|
- "94:03:9e:8b:24:7f:36:60:00:30:b8:32:ed:e7:59:10"
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: move compiled ui files to agent/uiserver
|
|
command: |
|
|
rm -rf agent/uiserver/dist
|
|
mv packages/consul-ui/dist agent/uiserver
|
|
- run:
|
|
name: commit agent/uiserver/dist/ if there are UI changes
|
|
command: |
|
|
# check if there are any changes in ui/
|
|
# if there are, we commit the ui static asset file
|
|
# HEAD^! is shorthand for HEAD^..HEAD (parent of HEAD and HEAD)
|
|
if ! git diff --quiet --exit-code HEAD^! ui/; then
|
|
git config --local user.email "github-team-consul-core@hashicorp.com"
|
|
git config --local user.name "hc-github-team-consul-core"
|
|
|
|
# -B resets the CI branch to main which may diverge history
|
|
# but we will force push anyways.
|
|
git checkout -B ci/main-assetfs-build main
|
|
|
|
short_sha=$(git rev-parse --short HEAD)
|
|
git add agent/uiserver/dist/
|
|
git commit -m "auto-updated agent/uiserver/dist/ from commit ${short_sha}"
|
|
git push --force origin ci/main-assetfs-build
|
|
else
|
|
echo "no UI changes so no static assets to publish"
|
|
fi
|
|
- run: *notify-slack-failure
|
|
|
|
# run node tests
|
|
node-tests:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- attach_workspace:
|
|
at: ui
|
|
- run:
|
|
working_directory: ui/packages/consul-ui
|
|
command: make test-node
|
|
- run: *notify-slack-failure
|
|
# run yarn workspace wide checks/tests
|
|
workspace-tests:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- attach_workspace:
|
|
at: ui
|
|
- run:
|
|
working_directory: ui
|
|
command: make test-workspace
|
|
- run: *notify-slack-failure
|
|
|
|
# run ember frontend tests
|
|
ember-test-oss:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
environment:
|
|
EMBER_TEST_REPORT: test-results/report-oss.xml #outputs test report for CircleCI test summary
|
|
EMBER_TEST_PARALLEL: true #enables test parallelization with ember-exam
|
|
CONSUL_NSPACES_ENABLED: 0
|
|
parallelism: 4
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- attach_workspace:
|
|
at: ui
|
|
- run:
|
|
working_directory: ui/packages/consul-ui
|
|
command: node_modules/.bin/ember exam --split=$CIRCLE_NODE_TOTAL --partition=`expr $CIRCLE_NODE_INDEX + 1` --path dist --silent -r xunit
|
|
- store_test_results:
|
|
path: ui/packages/consul-ui/test-results
|
|
- run: *notify-slack-failure
|
|
|
|
# run ember frontend tests
|
|
ember-test-ent:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
environment:
|
|
EMBER_TEST_REPORT: test-results/report-ent.xml #outputs test report for CircleCI test summary
|
|
EMBER_TEST_PARALLEL: true #enables test parallelization with ember-exam
|
|
CONSUL_NSPACES_ENABLED: 1
|
|
parallelism: 4
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- attach_workspace:
|
|
at: ui
|
|
- run:
|
|
working_directory: ui/packages/consul-ui
|
|
command: node_modules/.bin/ember exam --split=$CIRCLE_NODE_TOTAL --partition=`expr $CIRCLE_NODE_INDEX + 1` --path dist --silent -r xunit
|
|
- store_test_results:
|
|
path: ui/packages/consul-ui/test-results
|
|
- run: *notify-slack-failure
|
|
|
|
# run ember frontend unit tests to produce coverage report
|
|
ember-coverage:
|
|
docker:
|
|
- image: *EMBER_IMAGE
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: *YARN_CACHE_KEY
|
|
- attach_workspace:
|
|
at: ui
|
|
- run:
|
|
working_directory: ui/packages/consul-ui
|
|
command: make test-coverage-ci
|
|
- run: *notify-slack-failure
|
|
|
|
compatibility-integration-test:
|
|
machine:
|
|
image: *UBUNTU_CI_IMAGE
|
|
docker_layer_caching: true
|
|
parallelism: 1
|
|
steps:
|
|
- checkout
|
|
# Get go binary from workspace
|
|
- attach_workspace:
|
|
at: .
|
|
# Build the consul:local image from the already built binary
|
|
- run:
|
|
command: |
|
|
sudo rm -rf /usr/local/go
|
|
wget https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz
|
|
sudo tar -C /usr/local -xzvf go${GO_VERSION}.linux-amd64.tar.gz
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
- run: *install-gotestsum
|
|
- run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile .
|
|
- run:
|
|
name: Compatibility Integration Tests
|
|
command: |
|
|
mkdir -p /tmp/test-results/
|
|
cd ./test/integration/consul-container
|
|
docker run --rm consul:local consul version
|
|
gotestsum \
|
|
--raw-command \
|
|
--format=short-verbose \
|
|
--debug \
|
|
--rerun-fails=3 \
|
|
--packages="./..." \
|
|
-- \
|
|
go test \
|
|
-p=4 \
|
|
-timeout=30m \
|
|
-json \
|
|
`go list ./... | grep -v upgrade` \
|
|
--target-image consul \
|
|
--target-version local \
|
|
--latest-image consul \
|
|
--latest-version latest
|
|
ls -lrt
|
|
environment:
|
|
# this is needed because of incompatibility between RYUK container and circleci
|
|
GOTESTSUM_JUNITFILE: /tmp/test-results/results.xml
|
|
GOTESTSUM_FORMAT: standard-verbose
|
|
COMPOSE_INTERACTIVE_NO_CLI: 1
|
|
# tput complains if this isn't set to something.
|
|
TERM: ansi
|
|
- store_test_results:
|
|
path: *TEST_RESULTS_DIR
|
|
- store_artifacts:
|
|
path: *TEST_RESULTS_DIR
|
|
- run: *notify-slack-failure
|
|
|
|
upgrade-integration-test:
|
|
machine:
|
|
image: *UBUNTU_CI_IMAGE
|
|
docker_layer_caching: true
|
|
parallelism: 3
|
|
resource_class: large
|
|
parameters:
|
|
consul-version:
|
|
type: enum
|
|
enum: *consul_versions
|
|
environment:
|
|
CONSUL_VERSION: << parameters.consul-version >>
|
|
steps:
|
|
- checkout
|
|
# Get go binary from workspace
|
|
- attach_workspace:
|
|
at: .
|
|
# Build the consul:local image from the already built binary
|
|
- run:
|
|
command: |
|
|
sudo rm -rf /usr/local/go
|
|
wget https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz
|
|
sudo tar -C /usr/local -xzvf go${GO_VERSION}.linux-amd64.tar.gz
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
- run: *install-gotestsum
|
|
- run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile .
|
|
- run:
|
|
name: Upgrade Integration Tests
|
|
command: |
|
|
mkdir -p /tmp/test-results/
|
|
cd ./test/integration/consul-container
|
|
docker run --rm consul:local consul version
|
|
gotestsum \
|
|
--raw-command \
|
|
--format=short-verbose \
|
|
--debug \
|
|
--rerun-fails=3 \
|
|
--packages="./..." \
|
|
-- \
|
|
go test \
|
|
-p=4 \
|
|
-tags "${GOTAGS}" \
|
|
-timeout=30m \
|
|
-json \
|
|
./.../upgrade/ \
|
|
--target-image consul \
|
|
--target-version local \
|
|
--latest-image consul \
|
|
--latest-version $CONSUL_VERSION
|
|
ls -lrt
|
|
environment:
|
|
# this is needed because of incompatibility between RYUK container and circleci
|
|
GOTESTSUM_JUNITFILE: /tmp/test-results/results.xml
|
|
GOTESTSUM_FORMAT: standard-verbose
|
|
COMPOSE_INTERACTIVE_NO_CLI: 1
|
|
# tput complains if this isn't set to something.
|
|
TERM: ansi
|
|
- store_test_results:
|
|
path: *TEST_RESULTS_DIR
|
|
- store_artifacts:
|
|
path: *TEST_RESULTS_DIR
|
|
- run: *notify-slack-failure
|
|
|
|
# Lints all *.dockerfile but don't fail at this time
|
|
dockerfile-lint:
|
|
docker:
|
|
- image: docker.mirror.hashicorp.services/hadolint/hadolint:latest-debian
|
|
steps:
|
|
- run: apt-get -qq update; apt-get -y install git # the hadolint container doesn't have git
|
|
- checkout
|
|
- run:
|
|
name: Dockefile lint
|
|
command: |
|
|
for file in $(find . -type f -name *.dockerfile); do
|
|
hadolint $file || true
|
|
done
|
|
|
|
envoy-integration-test: &ENVOY_TESTS
|
|
machine:
|
|
image: *UBUNTU_CI_IMAGE
|
|
parallelism: 4
|
|
resource_class: medium
|
|
parameters:
|
|
envoy-version:
|
|
type: enum
|
|
enum: *supported_envoy_versions
|
|
default: *default_envoy_version
|
|
xds-target:
|
|
type: enum
|
|
enum: ["server", "client"]
|
|
default: "server"
|
|
environment:
|
|
ENVOY_VERSION: << parameters.envoy-version >>
|
|
XDS_TARGET: << parameters.xds-target >>
|
|
AWS_LAMBDA_REGION: us-west-2
|
|
steps: &ENVOY_INTEGRATION_TEST_STEPS
|
|
- checkout
|
|
- assume-role:
|
|
access-key: AWS_ACCESS_KEY_ID_LAMBDA
|
|
secret-key: AWS_SECRET_ACCESS_KEY_LAMBDA
|
|
role-arn: ROLE_ARN_LAMBDA
|
|
# Get go binary from workspace
|
|
- attach_workspace:
|
|
at: .
|
|
- run: *install-gotestsum
|
|
# Build the consul:local image from the already built binary
|
|
- run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile .
|
|
- run:
|
|
name: Envoy Integration Tests
|
|
command: |
|
|
subtests=$(ls -d test/integration/connect/envoy/*/ | xargs -n 1 basename | circleci tests split)
|
|
echo "Running $(echo $subtests | wc -w) subtests"
|
|
echo "$subtests"
|
|
subtests_pipe_sepr=$(echo "$subtests" | xargs | sed 's/ /|/g')
|
|
mkdir -p /tmp/test-results/
|
|
gotestsum -- -timeout=30m -tags integration ./test/integration/connect/envoy -run="TestEnvoy/($subtests_pipe_sepr)"
|
|
environment:
|
|
GOTESTSUM_JUNITFILE: /tmp/test-results/results.xml
|
|
GOTESTSUM_FORMAT: standard-verbose
|
|
COMPOSE_INTERACTIVE_NO_CLI: 1
|
|
LAMBDA_TESTS_ENABLED: "true"
|
|
# tput complains if this isn't set to something.
|
|
TERM: ansi
|
|
- store_artifacts:
|
|
path: ./test/integration/connect/envoy/workdir/logs
|
|
destination: container-logs
|
|
- store_test_results:
|
|
path: *TEST_RESULTS_DIR
|
|
- store_artifacts:
|
|
path: *TEST_RESULTS_DIR
|
|
- run: *notify-slack-failure
|
|
|
|
# run integration tests for the connect ca providers with vault
|
|
vault-integration-test:
|
|
docker:
|
|
- image: *GOLANG_IMAGE
|
|
parameters:
|
|
vault-version:
|
|
type: enum
|
|
enum: *supported_vault_versions
|
|
default: *default_vault_version
|
|
environment:
|
|
<<: *ENVIRONMENT
|
|
VAULT_BINARY_VERSION: << parameters.vault-version >>
|
|
steps: &VAULT_INTEGRATION_TEST_STEPS
|
|
- run:
|
|
name: Install vault
|
|
command: |
|
|
wget -q -O /tmp/vault.zip https://releases.hashicorp.com/vault/${VAULT_BINARY_VERSION}/vault_${VAULT_BINARY_VERSION}_linux_amd64.zip
|
|
sudo unzip -d /usr/local/bin /tmp/vault.zip
|
|
rm -rf /tmp/vault*
|
|
vault version
|
|
- checkout
|
|
- run: go mod download
|
|
- run:
|
|
name: go test
|
|
command: |
|
|
mkdir -p $TEST_RESULTS_DIR
|
|
make test-connect-ca-providers
|
|
- store_test_results:
|
|
path: *TEST_RESULTS_DIR
|
|
- run: *notify-slack-failure
|
|
|
|
# The noop job is a used as a very fast job in the verify-ci workflow because every workflow
|
|
# requires at least one job. It does nothing.
|
|
noop:
|
|
docker:
|
|
- image: docker.mirror.hashicorp.services/alpine:latest
|
|
steps:
|
|
- run: "echo ok"
|
|
|
|
workflows:
|
|
build-distros:
|
|
jobs:
|
|
- check-go-mod: &filter-ignore-non-go-branches
|
|
filters:
|
|
branches:
|
|
ignore:
|
|
- stable-website
|
|
- /^docs\/.*/
|
|
- /^ui\/.*/
|
|
- /^mktg-.*/ # Digital Team Terraform-generated branches' prefix
|
|
- /^backport\/docs\/.*/
|
|
- /^backport\/ui\/.*/
|
|
- /^backport\/mktg-.*/
|
|
- build-386: &require-check-go-mod
|
|
requires:
|
|
- check-go-mod
|
|
- build-amd64: *require-check-go-mod
|
|
- build-arm: *require-check-go-mod
|
|
# every commit on main will have a rebuilt UI
|
|
- frontend-cache:
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
- ember-build-prod:
|
|
requires:
|
|
- frontend-cache
|
|
- publish-static-assets:
|
|
requires:
|
|
- ember-build-prod
|
|
- dev-build:
|
|
requires:
|
|
- ember-build-prod
|
|
- dev-upload-s3:
|
|
requires:
|
|
- dev-build
|
|
- dev-upload-docker:
|
|
requires:
|
|
- dev-build
|
|
context: consul-ci
|
|
- noop
|
|
test-integrations:
|
|
jobs:
|
|
- dev-build: *filter-ignore-non-go-branches
|
|
- dev-upload-s3: &dev-upload
|
|
requires:
|
|
- dev-build
|
|
filters:
|
|
branches:
|
|
ignore:
|
|
- /^pull\/.*$/ # only push dev builds from non forks
|
|
- main # all main dev uploads will include a UI rebuild in build-distros
|
|
- dev-upload-docker:
|
|
<<: *dev-upload
|
|
context: consul-ci
|
|
- nomad-integration-test:
|
|
requires:
|
|
- dev-build
|
|
matrix:
|
|
parameters:
|
|
nomad-version: *supported_nomad_versions
|
|
- vault-integration-test:
|
|
matrix:
|
|
parameters:
|
|
vault-version: *supported_vault_versions
|
|
<<: *filter-ignore-non-go-branches
|
|
- envoy-integration-test:
|
|
requires:
|
|
- dev-build
|
|
matrix:
|
|
parameters:
|
|
envoy-version: *supported_envoy_versions
|
|
xds-target: ["server", "client"]
|
|
- compatibility-integration-test:
|
|
requires:
|
|
- dev-build
|
|
- upgrade-integration-test:
|
|
requires:
|
|
- dev-build
|
|
matrix:
|
|
parameters:
|
|
consul-version: *consul_versions
|
|
|
|
- noop
|
|
frontend:
|
|
jobs:
|
|
- frontend-cache:
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
- /^ui\/.*/
|
|
- /^backport\/ui\/.*/
|
|
- workspace-tests:
|
|
requires:
|
|
- frontend-cache
|
|
- node-tests:
|
|
requires:
|
|
- frontend-cache
|
|
- ember-build-oss:
|
|
requires:
|
|
- frontend-cache
|
|
- ember-build-ent:
|
|
requires:
|
|
- frontend-cache
|
|
- ember-test-oss:
|
|
requires:
|
|
- ember-build-oss
|
|
- ember-test-ent:
|
|
requires:
|
|
- ember-build-ent
|
|
# ember-coverage in CI uses the dist/ folder to run tests so it requires
|
|
# either/or ent/oss to be built first
|
|
- ember-coverage:
|
|
requires:
|
|
- ember-build-ent
|
|
- noop
|