End to End Tests #252
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: End to End Tests | |
on: | |
pull_request: | |
branches: | |
- main | |
types: ['opened', 'reopened', 'synchronize', 'labeled'] | |
workflow_dispatch: | |
inputs: | |
powershell_branch: | |
description: 'The branch to use for the powershell module' | |
default: 'main' | |
type: string | |
alz_bicep_branch: | |
description: 'The branch to use for the bicep module' | |
default: 'main' | |
type: string | |
alz_terraform_branch: | |
description: 'The branch to use for the terraform module' | |
default: 'main' | |
type: string | |
schedule: | |
- cron: '0 9 * * 1' | |
permissions: | |
id-token: write | |
contents: read | |
env: | |
BOOTSTRAP_MODULE_FOLDER: ./bsm | |
STARTER_MODULE_FOLDER: ./stm | |
POWERSHELL_MODULE_FOLDER: ./psm | |
TARGET_FOLDER: ./out | |
LOCAL_TARGET_FOLDER: ./loc | |
BICEP_STARTER_MODULE_REPOSITORY: Azure/ALZ-Bicep | |
TERRAFORM_STARTER_MODULE_REPOSITORY: Azure/alz-terraform-accelerator | |
POWERSHELL_MODULE_REPOSITORY: Azure/ALZ-PowerShell-Module | |
ALZ_POWERSHELL_BRANCH: ${{ inputs.powershell_branch != '' && inputs.powershell_branch || 'main' }} | |
ALZ_BICEP_BRANCH: ${{ inputs.alz_bicep_branch != '' && inputs.alz_bicep_branch || 'main' }} | |
ALZ_TERRAFORM_BRANCH: ${{ inputs.alz_terraform_branch != '' && inputs.alz_terraform_branch || 'main' }} | |
jobs: | |
e2e-test: | |
name: "${{ matrix.vcs }}-${{ matrix.iac }}-${{ matrix.ag }}-${{ matrix.os }}-${{ matrix.tf }}" | |
environment: ${{ github.event_name == 'schedule' && 'CSUTFAUTO' || 'CSUTF' }} | |
if: "${{ github.repository == 'Azure/accelerator-bootstrap-modules' && (contains(github.event.pull_request.labels.*.name, 'PR: Safe to test 🧪') || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule') }}" | |
strategy: | |
fail-fast: false | |
matrix: | |
vcs: ['github', 'azuredevops', 'local', 'legacy-github', 'legacy-azuredevops'] # Version Control System | |
iac: ['terraform', 'bicep'] | |
ag: ['public', 'private', 'none'] # Self Hosted Agents | |
os: ['ubuntu', 'windows', 'macos'] # Operating System | |
tf: ['latest', '1.5.0'] # Terraform Version | |
exclude: | |
- iac: bicep | |
tf: 1.5.0 | |
- vcs: local | |
ag: public | |
- vcs: local | |
ag: private | |
- vcs: legacy-github | |
ag: public | |
- vcs: legacy-github | |
ag: private | |
- vcs: legacy-azuredevops | |
ag: public | |
- vcs: legacy-azuredevops | |
ag: private | |
- vcs: azuredevops | |
tf: 1.5.0 | |
- vcs: github | |
tf: 1.5.0 | |
- os: windows | |
vcs: azuredevops | |
- os: macos | |
vcs: azuredevops | |
- os: windows | |
vcs: github | |
- os: macos | |
vcs: github | |
- iac: terraform | |
vcs: legacy-github | |
- tf: 1.5.0 | |
vcs: legacy-github | |
- iac: terraform | |
vcs: legacy-azuredevops | |
- tf: 1.5.0 | |
vcs: legacy-azuredevops | |
runs-on: ${{ matrix.os }}-latest | |
steps: | |
- name: Show env | |
run: env | sort | |
- name: Checkout Bootstrap Modules | |
uses: actions/checkout@v4 | |
with: | |
path: ${{ env.BOOTSTRAP_MODULE_FOLDER }} | |
- name: Checkout PowerShell Module | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ env.POWERSHELL_MODULE_REPOSITORY }} | |
ref: ${{ env.ALZ_POWERSHELL_BRANCH }} | |
path: ${{ env.POWERSHELL_MODULE_FOLDER }} | |
- name: Checkout Starter Modules for Bicep | |
uses: actions/checkout@v4 | |
if: ${{ matrix.iac == 'bicep' }} | |
with: | |
repository: ${{ env.BICEP_STARTER_MODULE_REPOSITORY }} | |
ref: ${{ env.ALZ_BICEP_BRANCH }} | |
path: ${{ env.STARTER_MODULE_FOLDER }} | |
- name: Checkout Starter Modules for Terraform | |
uses: actions/checkout@v4 | |
if: ${{ matrix.iac == 'terraform' }} | |
with: | |
repository: ${{ env.TERRAFORM_STARTER_MODULE_REPOSITORY }} | |
ref: ${{ env.ALZ_TERRAFORM_BRANCH }} | |
path: ${{ env.STARTER_MODULE_FOLDER }} | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_version: ${{ matrix.tf }} | |
terraform_wrapper: false | |
if: ${{ matrix.tf != 'latest' }} | |
- name: Setup ALZ Module Inputs | |
run: | | |
# Get Inputs | |
$infrastructureAsCode = "${{ matrix.iac }}" | |
$versionControlSystem = "${{ matrix.vcs }}" | |
$operatingSystem = "${{ matrix.os }}" | |
$terraformVersion = "${{ matrix.tf }}" | |
$selfHostedAgents = "${{ matrix.ag }}" | |
$locations = @( | |
"uksouth", | |
"northeurope", | |
"eastus", | |
"eastus2", | |
"canadacentral", | |
"westeurope", | |
"westus2", | |
"westus3", | |
"australiaeast" | |
) | |
$jobIndex = ${{ strategy.job-index }} | |
$locationIndex = $jobIndex % $locations.Length | |
$location = $locations[$locationIndex] | |
$enableSelfHostedAgents = "false" | |
if($selfHostedAgents -eq "public" -or $selfHostedAgents -eq "private") { | |
$enableSelfHostedAgents = "true" | |
} | |
$enablePrivateNetworking = "false" | |
if($selfHostedAgents -eq "private") { | |
$enablePrivateNetworking = "true" | |
} | |
# Get Unique ID | |
$infrastructureAsCodeShort = $infrastructureAsCode.Substring(0, 1) | |
$versionControlSystemShort = $versionControlSystem.Substring(0, 1) | |
if($versionControlSystem.Contains("-")) { | |
$versionControlSystemSplit = $versionControlSystem.Split("-") | |
$versionControlSystemShort = $versionControlSystemSplit[0].Substring(0, 1) + $versionControlSystemSplit[1].Substring(0, 1) | |
} | |
$operatingSystemShort = $operatingSystem.Substring(0, 1) | |
$terraformVersionShort = if ($terraformVersion -eq "latest") { "l" } else { "m" } | |
$selfhostedAgentsShort = "n" | |
if($selfHostedAgents -eq "public") { | |
$selfhostedAgentsShort = "p" | |
} | |
if($selfHostedAgents -eq "private") { | |
$selfhostedAgentsShort = "r" | |
} | |
$localDeployAzureResources = if($terraformVersion -eq "latest") { "true" } else { "false" } | |
$runNumber = "${{ github.run_number }}" | |
Write-Host "Infrastructure As Code: $infrastructureAsCode ($infrastructureAsCodeShort)" | |
Write-Host "Version Control System: $versionControlSystem ($versionControlSystemShort)" | |
Write-Host "Operating System: $operatingSystem ($operatingSystemShort)" | |
Write-Host "Terraform Version: $terraformVersion ($terraformVersionShort)" | |
Write-Host "Self Hosted Agents: $selfHostedAgents ($selfhostedAgentsShort)" | |
Write-Host "Local Deploy Azure Resources: $localDeployAzureResources" | |
Write-Host "Run Number: $runNumber" | |
Write-Host "Location: $location" | |
$uniqueId = "$versionControlSystemShort$infrastructureAsCodeShort$selfhostedAgentsShort$operatingSystemShort$terraformVersionShort$runNumber".ToLower() | |
echo "UNIQUE_ID=$uniqueId" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append | |
Write-Host "Unique ID: $uniqueId" | |
$versionControlSystemMapped = $versionControlSystem | |
if($versionControlSystem.Contains("-")) { | |
$versionControlSystemMapped = $versionControlSystem.Split("-")[1] | |
} | |
$Inputs = @{} | |
$Inputs["iac"] = $infrastructureAsCode | |
$Inputs["bootstrap"] = "alz_$versionControlSystemMapped" | |
$Inputs["starter"] = "test" | |
$Inputs["bootstrap_location"] = $location | |
$Inputs["bootstrap_subscription_id"] = "" | |
$Inputs["service_name"] = "alz" | |
$Inputs["environment_name"] = $uniqueId | |
$Inputs["postfix_number"] = "1" | |
$Inputs["create_branch_policies"] = "true" | |
$Inputs["use_private_networking"] = $enablePrivateNetworking | |
$Inputs["allow_storage_access_from_my_ip"] = "true" | |
if($versionControlSystem -eq "github") { | |
$Inputs["github_personal_access_token"] = "${{ secrets.VCS_TOKEN_GITHUB }}" | |
$Inputs["github_runners_personal_access_token"] = "${{ secrets.VCS_TOKEN_GITHUB }}" | |
$Inputs["github_organization_name"] = "${{ vars.VCS_ORGANIZATION }}" | |
$Inputs["use_separate_repository_for_workflow_templates"] = "true" | |
$Inputs["use_self_hosted_runners"] = $enableSelfHostedAgents | |
$Inputs["use_runner_group"] = "true" | |
} | |
if($versionControlSystem -eq "azuredevops") { | |
$Inputs["azure_devops_personal_access_token"] = "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" | |
$Inputs["azure_devops_agents_personal_access_token"] = "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" | |
$Inputs["azure_devops_organization_name"] = "${{ vars.VCS_ORGANIZATION }}" | |
$Inputs["use_separate_repository_for_pipeline_templates"] = "true" | |
$Inputs["azure_devops_use_organisation_legacy_url"] = "false" | |
$Inputs["azure_devops_create_project"] = "true" | |
$Inputs["azure_devops_project_name"] = "alz-test-$uniqueId" | |
$Inputs["use_self_hosted_agents"] = $enableSelfHostedAgents | |
} | |
if($versionControlSystem -eq "local") { | |
$Inputs["target_directory"] = "${{ github.workspace }}/${{ env.LOCAL_TARGET_FOLDER }}" | |
$Inputs["create_bootstrap_resources_in_azure"] = $localDeployAzureResources | |
} | |
$Inputs["apply_approvers"] = "" | |
$Inputs["root_parent_management_group_id"] = "" | |
$Inputs["subscription_id_connectivity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["subscription_id_identity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["subscription_id_management"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["parent_management_group_display_name"] = "Tenant Root Group" | |
$Inputs["child_management_group_display_name"] = "E2E Test" | |
$Inputs["resource_group_location"] = $location | |
# Modern Bicep | |
if($infrastructureAsCode -eq "bicep") { | |
$Inputs["Prefix"] = $uniqueId | |
$Inputs["Location"] = $location | |
$Inputs["Environment"] = "live" | |
$Inputs["SecurityContact"] = "test@test.com" | |
$Inputs["networkType"] = "none" | |
} | |
# Legacy Bicep | |
if($versionControlSystem.StartsWith("legacy-")) { | |
$Inputs["Prefix"] = $uniqueId | |
$Inputs["Location"] = $location | |
$Inputs["Environment"] = "live" | |
$Inputs["SecurityContact"] = "test@test.com" | |
$Inputs["IdentitySubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["ManagementSubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["ConnectivitySubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
} | |
$json = $Inputs | ConvertTo-Json -Depth 100 | Out-File -FilePath inputs.json -Encoding utf8 -Force | |
shell: pwsh | |
- name: Run ALZ PowerShell | |
run: | | |
$myIp = Invoke-RestMethod -Uri http://ipinfo.io/json | Select -ExpandProperty ip | |
Write-Host "Runner IP Address: $myIp" | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.vcs }}" | |
$infrastructureAsCode = "${{ matrix.iac }}" | |
# Install the Module | |
Write-Host "Installing the Accelerator PowerShell Module" | |
${{ env.POWERSHELL_MODULE_FOLDER }}/actions_bootstrap_for_e2e_tests.ps1 | Out-String | Write-Verbose | |
Invoke-Build -File ${{ env.POWERSHELL_MODULE_FOLDER }}/src/ALZ.build.ps1 BuildAndInstallOnly | Out-String | Write-Verbose | |
Write-Host "Installed Accelerator Module" | |
# Run the Module in a retry loop | |
$retryCount = 0 | |
$maximumRetries = 10 | |
$retryDelay = 10000 | |
$success = $false | |
do { | |
$retryCount++ | |
try { | |
Write-Host "Running the ALZ Module" | |
$starterModuleOverrideFolderPath = "${{ env.STARTER_MODULE_FOLDER }}" | |
if($infrastructureAsCode -eq "terraform") { | |
$starterModuleOverrideFolderPath = "$starterModuleOverrideFolderPath/templates" | |
} | |
if($versionControlSystem.StartsWith("legacy-")) { | |
Deploy-Accelerator -output "${{ env.TARGET_FOLDER }}" -inputs "./inputs.json" -bootstrapModuleOverrideFolderPath "${{ env.BOOTSTRAP_MODULE_FOLDER }}" -starterModuleOverrideFolderPath $starterModuleOverrideFolderPath -autoApprove -bicepLegacyMode $true -ErrorAction Stop -Verbose | |
} else { | |
Deploy-Accelerator -output "${{ env.TARGET_FOLDER }}" -inputs "./inputs.json" -bootstrapModuleOverrideFolderPath "${{ env.BOOTSTRAP_MODULE_FOLDER }}" -starterModuleOverrideFolderPath $starterModuleOverrideFolderPath -autoApprove -ErrorAction Stop -Verbose | |
} | |
if ($LastExitCode -eq 0) { | |
$success = $true | |
} else { | |
throw "Failed to apply the bootstrap environment." | |
} | |
} catch { | |
Write-Host "Failed to apply the bootstrap environment. Destroy and retry..." | |
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem | |
} | |
} while ($success -eq $false -and $retryCount -lt $maximumRetries) | |
if ($success -eq $false) { | |
Write-Host "File Structure after Bootstrap..." | |
$files = Get-ChildItem -File -Recurse -Force | |
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)} | |
throw "Failed to apply the bootstrap environment after $maximumRetries attempts." | |
} else { | |
Write-Host "Output Folder Structure after Bootstrap..." | |
$files = Get-ChildItem -Path "${{ env.TARGET_FOLDER }}" -File -Recurse -Force | |
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)} | |
if($versionControlSystem -eq "local") { | |
Write-Host "" | |
Write-Host "Local Output Folder Structure after Bootstrap..." | |
$files = Get-ChildItem -Path "${{ env.LOCAL_TARGET_FOLDER }}" -File -Recurse -Force | |
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)} | |
} | |
} | |
shell: pwsh | |
env: | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_USE_OIDC: true | |
- name: Run Pipelines or Actions | |
run: | | |
$infrastructureAsCode = "${{ matrix.iac }}" | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.vcs }}" | |
if($versionControlSystem -eq "biceplegacy") { | |
Write-Host "Running in Bicep Legacy mode, so not pipelines to run..." | |
exit 0 | |
} | |
$versionControlSystemOrganisationName = "${{ vars.VCS_ORGANIZATION }}" | |
$uniqueId = $ENV:UNIQUE_ID | |
if($versionControlSystem -eq "github") { | |
$repositoryName = "alz-$uniqueId" | |
Write-Host "Running GitHub Actions Test for CI" | |
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/github-action-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-repositoryName $repositoryName ` | |
-workflowFileName "ci.yaml" ` | |
-skipDestroy ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_GITHUB }}" ` | |
-iac $infrastructureAsCode | |
Write-Host "Running GitHub Actions Test for CD" | |
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/github-action-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-repositoryName $repositoryName ` | |
-workflowFileName "cd.yaml" ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_GITHUB }}"` | |
-iac $infrastructureAsCode | |
} | |
if($versionControlSystem -eq "azuredevops") { | |
$projectName = "alz-test-$uniqueId" | |
Write-Host "Running Azure DevOps Pipelines Test for CI" | |
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/azuredevops-pipeline-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-projectName $projectName ` | |
-pipelineNamePart "Continuous Integration" ` | |
-skipDestroy ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}"` | |
-iac $infrastructureAsCode | |
Write-Host "Running Azure DevOps Pipelines Test for CD" | |
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/azuredevops-pipeline-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-projectName $projectName ` | |
-pipelineNamePart "Continuous Delivery" ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}"` | |
-iac $infrastructureAsCode | |
} | |
shell: pwsh | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_version: "latest" | |
terraform_wrapper: false | |
if: always() | |
- name: Run Terraform Destroy to Clean Up | |
if: always() | |
run: | | |
$myIp = Invoke-RestMethod -Uri http://ipinfo.io/json | Select -ExpandProperty ip | |
Write-Host "Runner IP Address: $myIp" | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.vcs }}" | |
Write-Host "Installing the Accelerator PowerShell Module" | |
${{ env.POWERSHELL_MODULE_FOLDER }}/actions_bootstrap_for_e2e_tests.ps1 | Out-String | Write-Verbose | |
Invoke-Build -File ${{ env.POWERSHELL_MODULE_FOLDER }}/src/ALZ.build.ps1 BuildAndInstallOnly | Out-String | Write-Verbose | |
Write-Host "Installed Accelerator Module" | |
# Run destroy | |
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem | |
shell: pwsh | |
env: | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_USE_OIDC: true |