-
Notifications
You must be signed in to change notification settings - Fork 3.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add testing for linux packages
- Loading branch information
Showing
5 changed files
with
391 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| #!/bin/bash | ||
| set -o errexit \ | ||
| -o nounset \ | ||
| -o pipefail | ||
|
|
||
| path="$(dirname "$(realpath "${BASH_SOURCE[0]}")")" | ||
|
|
||
| "${path}/validate" deb "${1}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,97 @@ | ||
| #!/bin/bash | ||
| set -o errexit \ | ||
| -o nounset \ | ||
| -o pipefail | ||
|
|
||
| # $1 -> architecture | ||
| # $2 -> package path | ||
| case ${1} in | ||
| x86_64) arch=x86_64 ;; | ||
| aarch64) arch=arm64 ;; | ||
| esac | ||
|
|
||
| package="$(realpath "${2}")" | ||
|
|
||
| path="$(dirname "$(realpath "${BASH_SOURCE[0]}")")" | ||
|
|
||
| terraform_init() { | ||
| pushd "${path}/tf" &>/dev/null | ||
|
|
||
| # Unfortunately, CircleCI doesn't offer any RPM based machine images. | ||
| # This is required to test the functionality of the systemd services. | ||
| # (systemd doesn't run within docker containers). This will spawn a | ||
| # Amazon Linux instance in AWS. | ||
| terraform init | ||
| terraform apply \ | ||
| -auto-approve \ | ||
| -var "architecture=${1}" \ | ||
| -var "package_path=${2}" \ | ||
| -var "identifier=${CIRCLE_JOB}" | ||
|
|
||
| popd &>/dev/null | ||
| } | ||
|
|
||
| terraform_free() { | ||
| pushd "${path}/tf" &>/dev/null | ||
|
|
||
| terraform destroy \ | ||
| -auto-approve \ | ||
| -var "architecture=${1}" \ | ||
| -var "package_path=${2}" \ | ||
| -var "identifier=${CIRCLE_JOB}" | ||
|
|
||
| popd &>/dev/null | ||
| } | ||
|
|
||
| terraform_ip() { | ||
| pushd "${path}/tf" &>/dev/null | ||
|
|
||
| terraform output -raw node_ssh | ||
|
|
||
| popd &>/dev/null | ||
| } | ||
|
|
||
|
|
||
| # This ensures that the associated resources within AWS are released | ||
| # upon exit or when encountering an error. This is setup before the | ||
| # call to "terraform apply" so even partially initialized resources | ||
| # are released. | ||
| # shellcheck disable=SC2064 | ||
| trap "terraform_free \"${arch}\" \"${package}\"" \ | ||
| SIGINT \ | ||
| SIGTERM \ | ||
| ERR \ | ||
| EXIT | ||
|
|
||
| function terraform_setup() | ||
| { | ||
| # TODO(bnpfeife): remove this once the executor is updated. | ||
| # | ||
| # Unfortunately, terraform provided by the CircleCI executor is *terribly* | ||
| # out of date. Most Linux distributions are disabling "ssh-rsa" public key | ||
| # algorithms which this uses to remote into the ec2 instance . This | ||
| # installs the latest version of terraform. | ||
| # | ||
| # Addendum: the "terraform_version" CircleCI option is broken! | ||
| sudo tee /etc/apt/sources.list.d/hashicorp.list <<EOF >/dev/null || true | ||
| deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main | ||
| EOF | ||
|
|
||
| curl -fL https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \ | ||
| sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null | ||
|
|
||
| export DEBIAN_FRONTEND=noninteractive | ||
| sudo -E apt-get update | ||
| sudo -E apt-get install --yes terraform | ||
| } | ||
|
|
||
| terraform_setup | ||
|
|
||
| terraform_init "${arch}" "${package}" | ||
|
|
||
| printf 'Setup complete! Testing %s... (this takes several minutes!)' "${1}" | ||
|
|
||
| # Since terraform *just* created this instance, the host key is not | ||
| # known. Therefore, we'll disable StrictHostKeyChecking so ssh does | ||
| # not wait for user input. | ||
| ssh -o 'StrictHostKeyChecking=no' "ec2-user@$(terraform_ip)" 'sudo ./validate rpm ./influxdb3.rpm' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| terraform { | ||
| required_providers { | ||
| aws = { | ||
| source = "hashicorp/aws" | ||
| version = "~> 2.70" | ||
| } | ||
| } | ||
| } | ||
|
|
||
| variable "architecture" { | ||
| type = string | ||
| } | ||
|
|
||
| variable "identifier" { | ||
| type = string | ||
| } | ||
|
|
||
| variable "package_path" { | ||
| type = string | ||
| } | ||
|
|
||
| provider "aws" { | ||
| region = "us-east-1" | ||
| } | ||
|
|
||
| data "aws_ami" "test_ami" { | ||
| most_recent = true | ||
|
|
||
| filter { | ||
| name = "name" | ||
| values = ["al20*-ami-20*"] | ||
| } | ||
| filter { | ||
| name = "virtualization-type" | ||
| values = ["hvm"] | ||
| } | ||
| filter { | ||
| name = "architecture" | ||
| values = [var.architecture] | ||
| } | ||
|
|
||
| owners = ["137112412989"] | ||
| } | ||
|
|
||
| resource "aws_security_group" "influxdb_test_package_sg" { | ||
| ingress { | ||
| description = "Allow ssh connection" | ||
| from_port = 22 | ||
| to_port = 22 | ||
| protocol = "tcp" | ||
| cidr_blocks = ["0.0.0.0/0"] | ||
| } | ||
|
|
||
| egress { | ||
| description = "Allow all outgoing" | ||
| from_port = 0 | ||
| to_port = 0 | ||
| protocol = "all" | ||
| cidr_blocks = ["0.0.0.0/0"] | ||
| } | ||
| } | ||
|
|
||
| resource "aws_instance" "test_instance" { | ||
| count = 1 | ||
| ami = data.aws_ami.test_ami.id | ||
| instance_type = var.architecture == "x86_64" ? "t2.micro" : "c6g.medium" | ||
| key_name = "circleci-oss-test" | ||
| vpc_security_group_ids = [aws_security_group.influxdb_test_package_sg.id] | ||
|
|
||
| tags = { | ||
| Name = format("circleci_%s_test_%s", var.identifier, var.architecture) | ||
| } | ||
|
|
||
| provisioner "file" { | ||
| source = var.package_path | ||
| destination = "/home/ec2-user/influxdb3.rpm" | ||
|
|
||
| connection { | ||
| type = "ssh" | ||
| user = "ec2-user" | ||
| host = self.public_dns | ||
| agent = true | ||
| } | ||
| } | ||
|
|
||
| provisioner "file" { | ||
| source = "../validate" | ||
| destination = "/home/ec2-user/validate" | ||
|
|
||
| connection { | ||
| type = "ssh" | ||
| user = "ec2-user" | ||
| host = self.public_dns | ||
| agent = true | ||
| } | ||
| } | ||
|
|
||
| provisioner "remote-exec" { | ||
| inline = [ | ||
| "chmod +x /home/ec2-user/validate", | ||
| ] | ||
|
|
||
| connection { | ||
| type = "ssh" | ||
| user = "ec2-user" | ||
| host = self.public_dns | ||
| agent = true | ||
| } | ||
| } | ||
| } | ||
|
|
||
| output "node_ssh" { | ||
| value = aws_instance.test_instance.0.public_dns | ||
| } |
Oops, something went wrong.