Skip to content

End to End Tests

End to End Tests #252

Workflow file for this run

---
name: End to End Tests
on:
pull_request:
branches:
- main
types: ['opened', 'reopened', 'synchronize', 'labeled']
workflow_dispatch:
inputs:
powershell_branch:
description: 'The branch to use for the powershell module'
default: 'main'
type: string
alz_bicep_branch:
description: 'The branch to use for the bicep module'
default: 'main'
type: string
alz_terraform_branch:
description: 'The branch to use for the terraform module'
default: 'main'
type: string
schedule:
- cron: '0 9 * * 1'
permissions:
id-token: write
contents: read
env:
BOOTSTRAP_MODULE_FOLDER: ./bsm
STARTER_MODULE_FOLDER: ./stm
POWERSHELL_MODULE_FOLDER: ./psm
TARGET_FOLDER: ./out
LOCAL_TARGET_FOLDER: ./loc
BICEP_STARTER_MODULE_REPOSITORY: Azure/ALZ-Bicep
TERRAFORM_STARTER_MODULE_REPOSITORY: Azure/alz-terraform-accelerator
POWERSHELL_MODULE_REPOSITORY: Azure/ALZ-PowerShell-Module
ALZ_POWERSHELL_BRANCH: ${{ inputs.powershell_branch != '' && inputs.powershell_branch || 'main' }}
ALZ_BICEP_BRANCH: ${{ inputs.alz_bicep_branch != '' && inputs.alz_bicep_branch || 'main' }}
ALZ_TERRAFORM_BRANCH: ${{ inputs.alz_terraform_branch != '' && inputs.alz_terraform_branch || 'main' }}
jobs:
e2e-test:
name: "${{ matrix.vcs }}-${{ matrix.iac }}-${{ matrix.ag }}-${{ matrix.os }}-${{ matrix.tf }}"
environment: ${{ github.event_name == 'schedule' && 'CSUTFAUTO' || 'CSUTF' }}
if: "${{ github.repository == 'Azure/accelerator-bootstrap-modules' && (contains(github.event.pull_request.labels.*.name, 'PR: Safe to test 🧪') || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule') }}"
strategy:
fail-fast: false
matrix:
vcs: ['github', 'azuredevops', 'local', 'legacy-github', 'legacy-azuredevops'] # Version Control System
iac: ['terraform', 'bicep']
ag: ['public', 'private', 'none'] # Self Hosted Agents
os: ['ubuntu', 'windows', 'macos'] # Operating System
tf: ['latest', '1.5.0'] # Terraform Version
exclude:
- iac: bicep
tf: 1.5.0
- vcs: local
ag: public
- vcs: local
ag: private
- vcs: legacy-github
ag: public
- vcs: legacy-github
ag: private
- vcs: legacy-azuredevops
ag: public
- vcs: legacy-azuredevops
ag: private
- vcs: azuredevops
tf: 1.5.0
- vcs: github
tf: 1.5.0
- os: windows
vcs: azuredevops
- os: macos
vcs: azuredevops
- os: windows
vcs: github
- os: macos
vcs: github
- iac: terraform
vcs: legacy-github
- tf: 1.5.0
vcs: legacy-github
- iac: terraform
vcs: legacy-azuredevops
- tf: 1.5.0
vcs: legacy-azuredevops
runs-on: ${{ matrix.os }}-latest
steps:
- name: Show env
run: env | sort
- name: Checkout Bootstrap Modules
uses: actions/checkout@v4
with:
path: ${{ env.BOOTSTRAP_MODULE_FOLDER }}
- name: Checkout PowerShell Module
uses: actions/checkout@v4
with:
repository: ${{ env.POWERSHELL_MODULE_REPOSITORY }}
ref: ${{ env.ALZ_POWERSHELL_BRANCH }}
path: ${{ env.POWERSHELL_MODULE_FOLDER }}
- name: Checkout Starter Modules for Bicep
uses: actions/checkout@v4
if: ${{ matrix.iac == 'bicep' }}
with:
repository: ${{ env.BICEP_STARTER_MODULE_REPOSITORY }}
ref: ${{ env.ALZ_BICEP_BRANCH }}
path: ${{ env.STARTER_MODULE_FOLDER }}
- name: Checkout Starter Modules for Terraform
uses: actions/checkout@v4
if: ${{ matrix.iac == 'terraform' }}
with:
repository: ${{ env.TERRAFORM_STARTER_MODULE_REPOSITORY }}
ref: ${{ env.ALZ_TERRAFORM_BRANCH }}
path: ${{ env.STARTER_MODULE_FOLDER }}
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ matrix.tf }}
terraform_wrapper: false
if: ${{ matrix.tf != 'latest' }}
- name: Setup ALZ Module Inputs
run: |
# Get Inputs
$infrastructureAsCode = "${{ matrix.iac }}"
$versionControlSystem = "${{ matrix.vcs }}"
$operatingSystem = "${{ matrix.os }}"
$terraformVersion = "${{ matrix.tf }}"
$selfHostedAgents = "${{ matrix.ag }}"
$locations = @(
"uksouth",
"northeurope",
"eastus",
"eastus2",
"canadacentral",
"westeurope",
"westus2",
"westus3",
"australiaeast"
)
$jobIndex = ${{ strategy.job-index }}
$locationIndex = $jobIndex % $locations.Length
$location = $locations[$locationIndex]
$enableSelfHostedAgents = "false"
if($selfHostedAgents -eq "public" -or $selfHostedAgents -eq "private") {
$enableSelfHostedAgents = "true"
}
$enablePrivateNetworking = "false"
if($selfHostedAgents -eq "private") {
$enablePrivateNetworking = "true"
}
# Get Unique ID
$infrastructureAsCodeShort = $infrastructureAsCode.Substring(0, 1)
$versionControlSystemShort = $versionControlSystem.Substring(0, 1)
if($versionControlSystem.Contains("-")) {
$versionControlSystemSplit = $versionControlSystem.Split("-")
$versionControlSystemShort = $versionControlSystemSplit[0].Substring(0, 1) + $versionControlSystemSplit[1].Substring(0, 1)
}
$operatingSystemShort = $operatingSystem.Substring(0, 1)
$terraformVersionShort = if ($terraformVersion -eq "latest") { "l" } else { "m" }
$selfhostedAgentsShort = "n"
if($selfHostedAgents -eq "public") {
$selfhostedAgentsShort = "p"
}
if($selfHostedAgents -eq "private") {
$selfhostedAgentsShort = "r"
}
$localDeployAzureResources = if($terraformVersion -eq "latest") { "true" } else { "false" }
$runNumber = "${{ github.run_number }}"
Write-Host "Infrastructure As Code: $infrastructureAsCode ($infrastructureAsCodeShort)"
Write-Host "Version Control System: $versionControlSystem ($versionControlSystemShort)"
Write-Host "Operating System: $operatingSystem ($operatingSystemShort)"
Write-Host "Terraform Version: $terraformVersion ($terraformVersionShort)"
Write-Host "Self Hosted Agents: $selfHostedAgents ($selfhostedAgentsShort)"
Write-Host "Local Deploy Azure Resources: $localDeployAzureResources"
Write-Host "Run Number: $runNumber"
Write-Host "Location: $location"
$uniqueId = "$versionControlSystemShort$infrastructureAsCodeShort$selfhostedAgentsShort$operatingSystemShort$terraformVersionShort$runNumber".ToLower()
echo "UNIQUE_ID=$uniqueId" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
Write-Host "Unique ID: $uniqueId"
$versionControlSystemMapped = $versionControlSystem
if($versionControlSystem.Contains("-")) {
$versionControlSystemMapped = $versionControlSystem.Split("-")[1]
}
$Inputs = @{}
$Inputs["iac"] = $infrastructureAsCode
$Inputs["bootstrap"] = "alz_$versionControlSystemMapped"
$Inputs["starter"] = "test"
$Inputs["bootstrap_location"] = $location
$Inputs["bootstrap_subscription_id"] = ""
$Inputs["service_name"] = "alz"
$Inputs["environment_name"] = $uniqueId
$Inputs["postfix_number"] = "1"
$Inputs["create_branch_policies"] = "true"
$Inputs["use_private_networking"] = $enablePrivateNetworking
$Inputs["allow_storage_access_from_my_ip"] = "true"
if($versionControlSystem -eq "github") {
$Inputs["github_personal_access_token"] = "${{ secrets.VCS_TOKEN_GITHUB }}"
$Inputs["github_runners_personal_access_token"] = "${{ secrets.VCS_TOKEN_GITHUB }}"
$Inputs["github_organization_name"] = "${{ vars.VCS_ORGANIZATION }}"
$Inputs["use_separate_repository_for_workflow_templates"] = "true"
$Inputs["use_self_hosted_runners"] = $enableSelfHostedAgents
$Inputs["use_runner_group"] = "true"
}
if($versionControlSystem -eq "azuredevops") {
$Inputs["azure_devops_personal_access_token"] = "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}"
$Inputs["azure_devops_agents_personal_access_token"] = "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}"
$Inputs["azure_devops_organization_name"] = "${{ vars.VCS_ORGANIZATION }}"
$Inputs["use_separate_repository_for_pipeline_templates"] = "true"
$Inputs["azure_devops_use_organisation_legacy_url"] = "false"
$Inputs["azure_devops_create_project"] = "true"
$Inputs["azure_devops_project_name"] = "alz-test-$uniqueId"
$Inputs["use_self_hosted_agents"] = $enableSelfHostedAgents
}
if($versionControlSystem -eq "local") {
$Inputs["target_directory"] = "${{ github.workspace }}/${{ env.LOCAL_TARGET_FOLDER }}"
$Inputs["create_bootstrap_resources_in_azure"] = $localDeployAzureResources
}
$Inputs["apply_approvers"] = ""
$Inputs["root_parent_management_group_id"] = ""
$Inputs["subscription_id_connectivity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["subscription_id_identity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["subscription_id_management"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["parent_management_group_display_name"] = "Tenant Root Group"
$Inputs["child_management_group_display_name"] = "E2E Test"
$Inputs["resource_group_location"] = $location
# Modern Bicep
if($infrastructureAsCode -eq "bicep") {
$Inputs["Prefix"] = $uniqueId
$Inputs["Location"] = $location
$Inputs["Environment"] = "live"
$Inputs["SecurityContact"] = "test@test.com"
$Inputs["networkType"] = "none"
}
# Legacy Bicep
if($versionControlSystem.StartsWith("legacy-")) {
$Inputs["Prefix"] = $uniqueId
$Inputs["Location"] = $location
$Inputs["Environment"] = "live"
$Inputs["SecurityContact"] = "test@test.com"
$Inputs["IdentitySubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["ManagementSubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
$Inputs["ConnectivitySubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}"
}
$json = $Inputs | ConvertTo-Json -Depth 100 | Out-File -FilePath inputs.json -Encoding utf8 -Force
shell: pwsh
- name: Run ALZ PowerShell
run: |
$myIp = Invoke-RestMethod -Uri http://ipinfo.io/json | Select -ExpandProperty ip
Write-Host "Runner IP Address: $myIp"
# Get Inputs
$versionControlSystem = "${{ matrix.vcs }}"
$infrastructureAsCode = "${{ matrix.iac }}"
# Install the Module
Write-Host "Installing the Accelerator PowerShell Module"
${{ env.POWERSHELL_MODULE_FOLDER }}/actions_bootstrap_for_e2e_tests.ps1 | Out-String | Write-Verbose
Invoke-Build -File ${{ env.POWERSHELL_MODULE_FOLDER }}/src/ALZ.build.ps1 BuildAndInstallOnly | Out-String | Write-Verbose
Write-Host "Installed Accelerator Module"
# Run the Module in a retry loop
$retryCount = 0
$maximumRetries = 10
$retryDelay = 10000
$success = $false
do {
$retryCount++
try {
Write-Host "Running the ALZ Module"
$starterModuleOverrideFolderPath = "${{ env.STARTER_MODULE_FOLDER }}"
if($infrastructureAsCode -eq "terraform") {
$starterModuleOverrideFolderPath = "$starterModuleOverrideFolderPath/templates"
}
if($versionControlSystem.StartsWith("legacy-")) {
Deploy-Accelerator -output "${{ env.TARGET_FOLDER }}" -inputs "./inputs.json" -bootstrapModuleOverrideFolderPath "${{ env.BOOTSTRAP_MODULE_FOLDER }}" -starterModuleOverrideFolderPath $starterModuleOverrideFolderPath -autoApprove -bicepLegacyMode $true -ErrorAction Stop -Verbose
} else {
Deploy-Accelerator -output "${{ env.TARGET_FOLDER }}" -inputs "./inputs.json" -bootstrapModuleOverrideFolderPath "${{ env.BOOTSTRAP_MODULE_FOLDER }}" -starterModuleOverrideFolderPath $starterModuleOverrideFolderPath -autoApprove -ErrorAction Stop -Verbose
}
if ($LastExitCode -eq 0) {
$success = $true
} else {
throw "Failed to apply the bootstrap environment."
}
} catch {
Write-Host "Failed to apply the bootstrap environment. Destroy and retry..."
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem
}
} while ($success -eq $false -and $retryCount -lt $maximumRetries)
if ($success -eq $false) {
Write-Host "File Structure after Bootstrap..."
$files = Get-ChildItem -File -Recurse -Force
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)}
throw "Failed to apply the bootstrap environment after $maximumRetries attempts."
} else {
Write-Host "Output Folder Structure after Bootstrap..."
$files = Get-ChildItem -Path "${{ env.TARGET_FOLDER }}" -File -Recurse -Force
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)}
if($versionControlSystem -eq "local") {
Write-Host ""
Write-Host "Local Output Folder Structure after Bootstrap..."
$files = Get-ChildItem -Path "${{ env.LOCAL_TARGET_FOLDER }}" -File -Recurse -Force
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)}
}
}
shell: pwsh
env:
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
ARM_USE_OIDC: true
- name: Run Pipelines or Actions
run: |
$infrastructureAsCode = "${{ matrix.iac }}"
# Get Inputs
$versionControlSystem = "${{ matrix.vcs }}"
if($versionControlSystem -eq "biceplegacy") {
Write-Host "Running in Bicep Legacy mode, so not pipelines to run..."
exit 0
}
$versionControlSystemOrganisationName = "${{ vars.VCS_ORGANIZATION }}"
$uniqueId = $ENV:UNIQUE_ID
if($versionControlSystem -eq "github") {
$repositoryName = "alz-$uniqueId"
Write-Host "Running GitHub Actions Test for CI"
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/github-action-run.ps1 `
-organizationName $versionControlSystemOrganisationName `
-repositoryName $repositoryName `
-workflowFileName "ci.yaml" `
-skipDestroy `
-personalAccessToken "${{ secrets.VCS_TOKEN_GITHUB }}" `
-iac $infrastructureAsCode
Write-Host "Running GitHub Actions Test for CD"
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/github-action-run.ps1 `
-organizationName $versionControlSystemOrganisationName `
-repositoryName $repositoryName `
-workflowFileName "cd.yaml" `
-personalAccessToken "${{ secrets.VCS_TOKEN_GITHUB }}"`
-iac $infrastructureAsCode
}
if($versionControlSystem -eq "azuredevops") {
$projectName = "alz-test-$uniqueId"
Write-Host "Running Azure DevOps Pipelines Test for CI"
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/azuredevops-pipeline-run.ps1 `
-organizationName $versionControlSystemOrganisationName `
-projectName $projectName `
-pipelineNamePart "Continuous Integration" `
-skipDestroy `
-personalAccessToken "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}"`
-iac $infrastructureAsCode
Write-Host "Running Azure DevOps Pipelines Test for CD"
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/azuredevops-pipeline-run.ps1 `
-organizationName $versionControlSystemOrganisationName `
-projectName $projectName `
-pipelineNamePart "Continuous Delivery" `
-personalAccessToken "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}"`
-iac $infrastructureAsCode
}
shell: pwsh
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: "latest"
terraform_wrapper: false
if: always()
- name: Run Terraform Destroy to Clean Up
if: always()
run: |
$myIp = Invoke-RestMethod -Uri http://ipinfo.io/json | Select -ExpandProperty ip
Write-Host "Runner IP Address: $myIp"
# Get Inputs
$versionControlSystem = "${{ matrix.vcs }}"
Write-Host "Installing the Accelerator PowerShell Module"
${{ env.POWERSHELL_MODULE_FOLDER }}/actions_bootstrap_for_e2e_tests.ps1 | Out-String | Write-Verbose
Invoke-Build -File ${{ env.POWERSHELL_MODULE_FOLDER }}/src/ALZ.build.ps1 BuildAndInstallOnly | Out-String | Write-Verbose
Write-Host "Installed Accelerator Module"
# Run destroy
${{ env.BOOTSTRAP_MODULE_FOLDER }}/.github/tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem
shell: pwsh
env:
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
ARM_USE_OIDC: true