Skip to content

Commit b4dd296

Browse files
hc-github-team-secure-vault-coreryancragun
hc-github-team-secure-vault-core
and
ryancragun
authored
[VAULT-41521] enos(ec2_infor): update scenario base images (hashicorp#11508) (hashicorp#11537) (hashicorp#11539)
Update the base images for all scenarios: - RHEL: upgrade base image for 10 to 10.1 - RHEL: upgrade base image for 9 to 9.7 - SLES: upgrade base image for 15 to 15.7 - SLES: add SLES 16.0 to the matrix - OpenSUSE: remove OpenSUSE Leap from the matrix I ended up removing OpenSUSE because the images that we were on were rarely updated and that resulted in very slow scenarios because of package upgrades. Also, despite the latest release being in October I didn't find any public cloud images produced for the new version of Leap. We can consider adding it back later but I'm comfortable just leaving SLES 15 and 16 in there for that test coverage. I also ended up fixing a bug in our integration host setup where we'd provision three nodes instead of one. That ought to result in many fewer instance provisions per scenario. I also had to make a few small tweaks in how we detected whether or not SELinux is enabled, as the prior implementation did not work for SLES 16. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>
1 parent 6b4fdbe commit b4dd296

26 files changed

+124
-156
lines changed

.github/workflows/test-run-enos-scenario-matrix.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -184,7 +184,6 @@ jobs:
184184
echo 'ENOS_VAR_aws_ssh_private_key_path=./support/private_key.pem'
185185
echo 'ENOS_VAR_consul_license_path=./support/consul.hclic'
186186
echo 'ENOS_VAR_distro_version_amzn=${{ matrix.attributes.distro_version_amzn }}'
187-
echo 'ENOS_VAR_distro_version_leap=${{ matrix.attributes.distro_version_leap }}'
188187
echo 'ENOS_VAR_distro_version_rhel=${{ matrix.attributes.distro_version_rhel }}'
189188
echo 'ENOS_VAR_distro_version_sles=${{ matrix.attributes.distro_version_sles }}'
190189
echo 'ENOS_VAR_distro_version_ubuntu=${{ matrix.attributes.distro_version_ubuntu }}'

enos/enos-dev-scenario-pr-replication.hcl

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ scenario "dev_pr_replication" {
2020
matrix {
2121
arch = ["amd64", "arm64"]
2222
artifact = ["local", "deb", "rpm", "zip"]
23-
distro = ["amzn", "leap", "rhel", "sles", "ubuntu"]
23+
distro = ["amzn", "rhel", "sles", "ubuntu"]
2424
edition = ["ent", "ent.fips1403", "ent.hsm", "ent.hsm.fips1403"]
2525
primary_backend = ["consul", "raft"]
2626
primary_seal = ["awskms", "pkcs11", "shamir"]
@@ -44,7 +44,7 @@ scenario "dev_pr_replication" {
4444

4545
exclude {
4646
artifact = ["deb", "rpm"]
47-
distro = ["sles", "leap"]
47+
distro = ["sles"]
4848
}
4949

5050
exclude {
@@ -78,7 +78,6 @@ scenario "dev_pr_replication" {
7878
// specified in enos-providers.hcl), and we need to be able to access both of those here.
7979
enos_provider = {
8080
amzn = provider.enos.ec2_user
81-
leap = provider.enos.ec2_user
8281
rhel = provider.enos.ec2_user
8382
sles = provider.enos.ec2_user
8483
ubuntu = provider.enos.ubuntu

enos/enos-dev-scenario-single-cluster.hcl

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ scenario "dev_single_cluster" {
2020
arch = ["amd64", "arm64"]
2121
artifact = ["local", "deb", "rpm", "zip"]
2222
backend = ["consul", "raft"]
23-
distro = ["amzn", "leap", "rhel", "sles", "ubuntu"]
23+
distro = ["amzn", "rhel", "sles", "ubuntu"]
2424
edition = ["ce", "ent", "ent.fips1403", "ent.hsm", "ent.hsm.fips1403"]
2525
seal = ["awskms", "pkcs11", "shamir"]
2626

@@ -41,7 +41,7 @@ scenario "dev_single_cluster" {
4141

4242
exclude {
4343
artifact = ["deb", "rpm"]
44-
distro = ["sles", "leap"]
44+
distro = ["sles"]
4545
}
4646

4747
exclude {
@@ -72,7 +72,6 @@ scenario "dev_single_cluster" {
7272
// specified in enos-providers.hcl), and we need to be able to access both of those here.
7373
enos_provider = {
7474
amzn = provider.enos.ec2_user
75-
leap = provider.enos.ec2_user
7675
rhel = provider.enos.ec2_user
7776
sles = provider.enos.ec2_user
7877
ubuntu = provider.enos.ubuntu

enos/enos-dynamic-config.hcl

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,10 +11,9 @@ globals {
1111
sample_attributes = {
1212
aws_region = ["us-east-1", "us-west-2"]
1313
distro_version_amzn = ["2023"]
14-
distro_version_leap = ["15.6"]
15-
distro_version_rhel = ["8.10", "9.6"]
16-
distro_version_sles = ["15.6"]
14+
distro_version_rhel = ["8.10", "9.7", "10.1"]
15+
distro_version_sles = ["15.7", "16.0"]
1716
distro_version_ubuntu = ["22.04", "24.04"]
18-
upgrade_initial_version = ["1.18.0", "1.18.1", "1.18.2", "1.18.3", "1.18.4", "1.18.5", "1.18.6", "1.18.7", "1.18.8", "1.18.9", "1.18.10", "1.18.11", "1.18.12", "1.18.13", "1.19.0", "1.19.1", "1.19.2", "1.19.3", "1.19.4", "1.19.5", "1.19.6", "1.19.7", "1.19.8", "1.20.0", "1.20.1", "1.20.2"]
17+
upgrade_initial_version = ["1.19.0", "1.19.1", "1.19.2", "1.19.3", "1.19.4", "1.19.5", "1.19.6", "1.19.7", "1.19.8", "1.19.9", "1.19.10", "1.19.11", "1.19.12", "1.20.0", "1.20.1", "1.20.2", "1.20.3", "1.20.4", "1.20.5", "1.20.6", "1.21.0", "1.21.1"]
1918
}
2019
}

enos/enos-globals.hcl

Lines changed: 8 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -18,26 +18,27 @@ globals {
1818
config_modes = ["env", "file"]
1919
consul_editions = ["ce", "ent"]
2020
consul_versions = ["1.18.2", "1.19.2", "1.20.6", "1.21.1"]
21-
distros = ["amzn", "leap", "rhel", "sles", "ubuntu"]
21+
distros = ["amzn", "rhel", "sles", "ubuntu"]
2222
// Different distros may require different packages, or use different aliases for the same package
2323
distro_packages = {
24+
// NOTE: These versions must always match the output of enos_host_info.target_distro. They are
25+
// also used in various modules `artifact`, `ec2_info`, and `softhsm_install`. If you are adding
26+
// or modifying keys you probably have to update those modules.
2427
amzn = {
2528
"2" = ["nc", "openldap-clients"]
2629
"2023" = ["nc", "openldap-clients"]
2730
}
28-
leap = {
29-
"15.6" = ["netcat", "openssl", "openldap2-client"]
30-
}
3131
rhel = {
3232
"8.10" = ["nc", "openldap-clients"]
33-
"9.6" = ["nc", "openldap-clients"]
34-
"10.0" = ["nc", "openldap-clients"]
33+
"9.7" = ["nc", "openldap-clients"]
34+
"10.1" = ["nc", "openldap-clients"]
3535
}
3636
sles = {
3737
// When installing Vault RPM packages on a SLES AMI, the openssl package provided
3838
// isn't named "openssl, which rpm doesn't know how to handle. Therefore we add the
3939
// "correctly" named one in our package installation before installing Vault.
40-
"15.6" = ["netcat-openbsd", "openssl", "openldap2-client"]
40+
"15.7" = ["netcat-openbsd", "openssl", "openldap2-client"]
41+
"16.0" = ["netcat-openbsd", "openssl", "openldap2-client"]
4142
}
4243
ubuntu = {
4344
"22.04" = ["netcat", "ldap-utils"]
@@ -46,7 +47,6 @@ globals {
4647
}
4748
distro_version = {
4849
amzn = var.distro_version_amzn
49-
leap = var.distro_version_leap
5050
rhel = var.distro_version_rhel
5151
sles = var.distro_version_sles
5252
ubuntu = var.distro_version_ubuntu
@@ -56,7 +56,6 @@ globals {
5656
ip_versions = ["4", "6"]
5757
package_manager = {
5858
"amzn" = "yum"
59-
"leap" = "zypper"
6059
"rhel" = "yum"
6160
"sles" = "zypper"
6261
"ubuntu" = "apt"

enos/enos-samples-ce-build.hcl

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,7 @@ sample "build_ce_linux_amd64_rpm" {
141141
arch = ["amd64"]
142142
artifact_source = ["crt"]
143143
artifact_type = ["package"]
144-
distro = ["amzn", "leap", "rhel", "sles"]
144+
distro = ["amzn", "rhel", "sles"]
145145
edition = ["ce"]
146146
}
147147
}
@@ -151,7 +151,7 @@ sample "build_ce_linux_amd64_rpm" {
151151
arch = ["amd64"]
152152
artifact_source = ["crt"]
153153
artifact_type = ["package"]
154-
distro = ["amzn", "leap", "rhel", "sles"]
154+
distro = ["amzn", "rhel", "sles"]
155155
edition = ["ce"]
156156
}
157157
}
@@ -161,7 +161,7 @@ sample "build_ce_linux_amd64_rpm" {
161161
arch = ["amd64"]
162162
artifact_source = ["crt"]
163163
artifact_type = ["package"]
164-
distro = ["amzn", "leap", "rhel", "sles"]
164+
distro = ["amzn", "rhel", "sles"]
165165
edition = ["ce"]
166166
}
167167
}
@@ -171,7 +171,7 @@ sample "build_ce_linux_amd64_rpm" {
171171
arch = ["amd64"]
172172
artifact_source = ["crt"]
173173
artifact_type = ["package"]
174-
distro = ["amzn", "leap", "rhel", "sles"]
174+
distro = ["amzn", "rhel", "sles"]
175175
edition = ["ce"]
176176

177177
exclude {

enos/enos-samples-ce-release.hcl

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,7 @@ sample "release_ce_linux_amd64_rpm" {
141141
arch = ["amd64"]
142142
artifact_source = ["artifactory"]
143143
artifact_type = ["package"]
144-
distro = ["amzn", "leap", "rhel", "sles"]
144+
distro = ["amzn", "rhel", "sles"]
145145
edition = ["ce"]
146146
}
147147
}
@@ -151,7 +151,7 @@ sample "release_ce_linux_amd64_rpm" {
151151
arch = ["amd64"]
152152
artifact_source = ["artifactory"]
153153
artifact_type = ["package"]
154-
distro = ["amzn", "leap", "rhel", "sles"]
154+
distro = ["amzn", "rhel", "sles"]
155155
edition = ["ce"]
156156
}
157157
}
@@ -161,7 +161,7 @@ sample "release_ce_linux_amd64_rpm" {
161161
arch = ["amd64"]
162162
artifact_source = ["artifactory"]
163163
artifact_type = ["package"]
164-
distro = ["amzn", "leap", "rhel", "sles"]
164+
distro = ["amzn", "rhel", "sles"]
165165
edition = ["ce"]
166166
}
167167
}
@@ -171,7 +171,7 @@ sample "release_ce_linux_amd64_rpm" {
171171
arch = ["amd64"]
172172
artifact_source = ["artifactory"]
173173
artifact_type = ["package"]
174-
distro = ["amzn", "leap", "rhel", "sles"]
174+
distro = ["amzn", "rhel", "sles"]
175175
edition = ["ce"]
176176
}
177177
}

enos/enos-scenario-agent.hcl

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -63,10 +63,10 @@ scenario "agent" {
6363
edition = [for e in matrix.edition : e if !strcontains(e, "hsm")]
6464
}
6565

66-
// softhsm packages not available for leap/sles.
66+
// softhsm packages not available for sles (at the time of development)
6767
exclude {
6868
seal = ["pkcs11"]
69-
distro = ["leap", "sles"]
69+
distro = ["sles"]
7070
}
7171

7272
// Testing in IPV6 mode is currently implemented for integrated Raft storage only
@@ -88,7 +88,6 @@ scenario "agent" {
8888
artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null
8989
enos_provider = {
9090
amzn = provider.enos.ec2_user
91-
leap = provider.enos.ec2_user
9291
rhel = provider.enos.ec2_user
9392
sles = provider.enos.ec2_user
9493
ubuntu = provider.enos.ubuntu
@@ -182,6 +181,7 @@ scenario "agent" {
182181
ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"]
183182
cluster_tag_key = global.vault_tag_key
184183
common_tags = global.tags
184+
instance_count = 1
185185
vpc_id = step.create_vpc.id
186186
}
187187
}

enos/enos-scenario-autopilot.hcl

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -71,10 +71,10 @@ scenario "autopilot" {
7171
edition = [for e in matrix.edition : e if !strcontains(e, "hsm")]
7272
}
7373

74-
// softhsm packages not available for leap/sles.
74+
// softhsm packages not available for sles (at the time of development)
7575
exclude {
7676
seal = ["pkcs11"]
77-
distro = ["leap", "sles"]
77+
distro = ["sles"]
7878
}
7979

8080
// Testing in IPV6 mode is currently implemented for integrated Raft storage only
@@ -96,7 +96,6 @@ scenario "autopilot" {
9696
artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null
9797
enos_provider = {
9898
amzn = provider.enos.ec2_user
99-
leap = provider.enos.ec2_user
10099
rhel = provider.enos.ec2_user
101100
sles = provider.enos.ec2_user
102101
ubuntu = provider.enos.ubuntu
@@ -179,6 +178,7 @@ scenario "autopilot" {
179178
ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"]
180179
cluster_tag_key = global.vault_tag_key
181180
common_tags = global.tags
181+
instance_count = 1
182182
vpc_id = step.create_vpc.id
183183
}
184184
}

enos/enos-scenario-benchmark.hcl

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -90,10 +90,10 @@ scenario "benchmark" {
9090
edition = [for e in matrix.edition : e if !strcontains(e, "hsm")]
9191
}
9292

93-
// softhsm packages not available for leap/sles.
93+
// softhsm packages not available for sles (at the time of development)
9494
exclude {
9595
seal = ["pkcs11"]
96-
distro = ["leap", "sles"]
96+
distro = ["sles"]
9797
}
9898

9999
// Testing in IPV6 mode is currently implemented for integrated Raft storage only
@@ -115,7 +115,6 @@ scenario "benchmark" {
115115
artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null
116116
enos_provider = {
117117
amzn = provider.enos.ec2_user
118-
leap = provider.enos.ec2_user
119118
rhel = provider.enos.ec2_user
120119
sles = provider.enos.ec2_user
121120
ubuntu = provider.enos.ubuntu

0 commit comments

Comments
 (0)