From 4dcea9aab100b41bc8b303af1692946105d3bf8f Mon Sep 17 00:00:00 2001 From: Seth L <81644108+sethAmazon@users.noreply.github.com> Date: Wed, 30 Mar 2022 16:40:19 -0400 Subject: [PATCH] Support Fork Testing On Personal AWS (#414) --- .github/workflows/integrationTest.yml | 24 ++++++++++++++++---- integration/msi/tools/create_msi.ps1 | 5 ++-- integration/terraform/ec2/linux/README.md | 21 ++++++++++++++++- integration/terraform/ec2/linux/main.tf | 3 +++ integration/terraform/ec2/linux/variables.tf | 5 ++++ integration/terraform/ec2/win/main.tf | 7 ++++-- integration/terraform/ec2/win/variables.tf | 10 ++++++++ 7 files changed, 66 insertions(+), 9 deletions(-) diff --git a/.github/workflows/integrationTest.yml b/.github/workflows/integrationTest.yml index dc100223a9..943742449c 100644 --- a/.github/workflows/integrationTest.yml +++ b/.github/workflows/integrationTest.yml @@ -6,7 +6,10 @@ env: PRIVATE_KEY: ${{ secrets.AWS_PRIVATE_KEY }} TERRAFORM_AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_AWS_ACCESS_KEY_ID }} TERRAFORM_AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_AWS_SECRET_ACCESS_KEY }} - S3_INTEGRATION_BUCKET: cloudwatch-agent-integration-bucket + S3_INTEGRATION_BUCKET: ${{ secrets.S3_INTEGRATION_BUCKET }} + KEY_NAME: ${{ secrets.KEY_NAME }} + VPC_SECURITY_GROUPS_IDS: ${{ secrets.VPC_SECURITY_GROUPS_IDS }} + IAM_ROLE: ${{ secrets.IAM_ROLE }} on: push: @@ -149,9 +152,10 @@ jobs: key: "cached_msi_${{ github.sha }}" path: buildMSI/amazon-cloudwatch-agent.msi + # Using the env variable returns "" for bucket name thus use the secret - name: Copy msi if: steps.cached_msi.outputs.cache-hit != 'true' - run: aws s3 cp s3://${S3_INTEGRATION_BUCKET}/integration-test/packaging/${{ github.sha }}/buildMSI.zip . + run: aws s3 cp s3://${{ secrets.S3_INTEGRATION_BUCKET }}/integration-test/packaging/${{ github.sha }}/buildMSI.zip . - name: Create msi if: steps.cached_msi.outputs.cache-hit != 'true' @@ -162,7 +166,7 @@ jobs: $env:PATH = $env:PATH + $wixToolsetBinPath Expand-Archive buildMSI.zip -Force cd buildMSI - .\create_msi.ps1 ${{ github.sha }} + .\create_msi.ps1 ${{ github.sha }} ${{ secrets.S3_INTEGRATION_BUCKET }} StartLocalStack: name: 'StartLocalStack' @@ -196,7 +200,10 @@ jobs: -var="ssh_key=${PRIVATE_KEY}" -var="github_repo=${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git" -var="github_sha=${GITHUB_SHA}" - -var="s3_bucket=${S3_INTEGRATION_BUCKET}" && + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" + -var="vpc_security_group_ids=${VPC_SECURITY_GROUPS_IDS}" + -var="key_name=${KEY_NAME}" + -var="iam_instance_profile=${IAM_ROLE}" && LOCAL_STACK_HOST_NAME=$(terraform output -raw public_dns) && echo $LOCAL_STACK_HOST_NAME && echo "::set-output name=local_stack_host_name::$LOCAL_STACK_HOST_NAME" && @@ -301,6 +308,10 @@ jobs: -var="binary_name=${{ matrix.arrays.binaryName }}" -var="local_stack_host_name=${{ needs.StartLocalStack.outputs.local_stack_host_name }}" -var="s3_bucket=${S3_INTEGRATION_BUCKET}" + -var="vpc_security_group_ids=${VPC_SECURITY_GROUPS_IDS}" + -var="key_name=${KEY_NAME}" + -var="test_name=${{ matrix.arrays.os }}" + -var="iam_instance_profile=${IAM_ROLE}" - name: Terraform destroy if: ${{ always() && steps.ec2-linux-integration-test.outputs.cache-hit != 'true' }} @@ -352,9 +363,14 @@ jobs: echo run terraform and execute test code && terraform apply --auto-approve -var="ssh_key=${PRIVATE_KEY}" + -var="key_name=${KEY_NAME}" -var="github_repo=${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git" -var="github_sha=${GITHUB_SHA}" -var="ami=${{ matrix.arrays.ami }}" + -var="test_name=${{ matrix.arrays.os }}" + -var="iam_instance_profile=${IAM_ROLE}" + -var="vpc_security_group_ids=${VPC_SECURITY_GROUPS_IDS}" + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" - name: Terraform destroy if: ${{ always() && steps.ec2-win-integration-test.outputs.cache-hit != 'true' }} diff --git a/integration/msi/tools/create_msi.ps1 b/integration/msi/tools/create_msi.ps1 index 2638163ee3..31eb8fab91 100644 --- a/integration/msi/tools/create_msi.ps1 +++ b/integration/msi/tools/create_msi.ps1 @@ -1,10 +1,11 @@ # get the version $version=$args[0] +$bucket=$args[1] # create msi candle.exe -ext WixUtilExtension.dll ./amazon-cloudwatch-agent.wxs light.exe -ext WixUtilExtension.dll ./amazon-cloudwatch-agent.wixobj # upload to s3 -aws s3 cp ./amazon-cloudwatch-agent.msi "s3://cloudwatch-agent-integration-bucket/integration-test/packaging/$version/amazon-cloudwatch-agent.msi" -Write-Host "s3 for msi is s3://cloudwatch-agent-integration-bucket/integration-test/packaging/$version/amazon-cloudwatch-agent.msi" \ No newline at end of file +aws s3 cp ./amazon-cloudwatch-agent.msi "s3://$bucket/integration-test/packaging/$version/amazon-cloudwatch-agent.msi" +Write-Host "s3 for msi is s3://$bucket/integration-test/packaging/$version/amazon-cloudwatch-agent.msi" \ No newline at end of file diff --git a/integration/terraform/ec2/linux/README.md b/integration/terraform/ec2/linux/README.md index 202fae509b..91a4f6dee6 100644 --- a/integration/terraform/ec2/linux/README.md +++ b/integration/terraform/ec2/linux/README.md @@ -122,4 +122,23 @@ This process generates a new ami we can then use for testing 2. Go to local stack directory 1. cd ${path to agent dir}/integration/terraform/ec2/localstack 3. Tear down localstack state - 1. terraform destroy --auto-approve \ No newline at end of file + 1. terraform destroy --auto-approve + +**How To Run On Your Own Fork** +1. Follow "Create resources and setup local" except install terraform + 1. You may skip installing terraform since terraform will be installed on GitHub action runners +2. Set up GitHub action secrets in your fork + 1. Left side is the key name: right side is key value + 2. Do not wrap values in quotes + 1. This is a correct value + 2. "This is not a correct value" + 3. Must be repository secrets not environment secrets + 4. ``` + AWS_PRIVATE_KEY: ${Your private key} + TERRAFORM_AWS_ACCESS_KEY_ID: ${User aws access key} + TERRAFORM_AWS_SECRET_ACCESS_KEY: ${User aws secret key} + S3_INTEGRATION_BUCKET: ${Bucket to save build} + KEY_NAME: ${Key pair name for ec2} + VPC_SECURITY_GROUPS_IDS: ${Security group within your vpc the value should look like ["sg-013585129c1f92bf0"]} + IAM_ROLE: ${Role the ec2 instance should assume} + ``` \ No newline at end of file diff --git a/integration/terraform/ec2/linux/main.tf b/integration/terraform/ec2/linux/main.tf index 381a9b78c3..ef713a6343 100644 --- a/integration/terraform/ec2/linux/main.tf +++ b/integration/terraform/ec2/linux/main.tf @@ -32,6 +32,9 @@ resource "aws_instance" "integration-test" { host = self.public_dns } } + tags = { + Name = var.test_name + } } data "aws_ami" "latest" { diff --git a/integration/terraform/ec2/linux/variables.tf b/integration/terraform/ec2/linux/variables.tf index b9f0dd102c..6fccb179e3 100644 --- a/integration/terraform/ec2/linux/variables.tf +++ b/integration/terraform/ec2/linux/variables.tf @@ -77,4 +77,9 @@ variable "local_stack_host_name" { variable "s3_bucket" { type = string default = "" +} + +variable "test_name" { + type = string + default = "" } \ No newline at end of file diff --git a/integration/terraform/ec2/win/main.tf b/integration/terraform/ec2/win/main.tf index 60bac19b64..d1fbe3bd76 100644 --- a/integration/terraform/ec2/win/main.tf +++ b/integration/terraform/ec2/win/main.tf @@ -12,7 +12,7 @@ resource "aws_instance" "integration-test" { "git clone ${var.github_repo}", "cd amazon-cloudwatch-agent", "git reset --hard ${var.github_sha}", - "aws s3 cp s3://cloudwatch-agent-integration-bucket/integration-test/packaging/${var.github_sha}/amazon-cloudwatch-agent.msi .", + "aws s3 cp s3://${var.s3_bucket}/integration-test/packaging/${var.github_sha}/amazon-cloudwatch-agent.msi .", "msiexec /i amazon-cloudwatch-agent.msi", ] connection { @@ -24,11 +24,14 @@ resource "aws_instance" "integration-test" { target_platform = "windows" } } + tags = { + Name = var.test_name + } } data "aws_ami" "latest" { most_recent = true - owners = ["self"] + owners = ["self", "506463145083"] filter { name = "name" diff --git a/integration/terraform/ec2/win/variables.tf b/integration/terraform/ec2/win/variables.tf index a1e156405c..121d13cb25 100644 --- a/integration/terraform/ec2/win/variables.tf +++ b/integration/terraform/ec2/win/variables.tf @@ -41,4 +41,14 @@ variable "github_sha" { variable "github_repo" { type = string default = "" +} + +variable "test_name" { + type = string + default = "" +} + +variable "s3_bucket" { + type = string + default = "" } \ No newline at end of file