diff --git a/.github/actions/setup_bazel_nix/action.yml b/.github/actions/setup_bazel_nix/action.yml index 733e20b0dd0..a669100eb0d 100644 --- a/.github/actions/setup_bazel_nix/action.yml +++ b/.github/actions/setup_bazel_nix/action.yml @@ -121,6 +121,8 @@ runs: - name: Install nix if: steps.check_inputs.outputs.nixPreinstalled == 'false' uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 + with: + extra_nix_config: "allow_unfree = true" - name: Set $USER if not set shell: bash diff --git a/.github/workflows/e2e-test-provider-example.yml b/.github/workflows/e2e-test-provider-example.yml index 56408c7f9e7..7b91d7d3963 100644 --- a/.github/workflows/e2e-test-provider-example.yml +++ b/.github/workflows/e2e-test-provider-example.yml @@ -31,10 +31,6 @@ on: description: Kubernetes version to target for the upgrade, empty for no upgrade. type: string required: false - toProviderVersion: - description: Provider version and microservice version to target for the upgrade (with v prefix). Empty value means use provider from source. - type: string - required: false workflow_call: inputs: ref: @@ -61,10 +57,6 @@ on: description: Kubernetes version to target for the upgrade, empty for target's default version. type: string required: false - toProviderVersion: - description: Provider version and microservice version to target for the upgrade (with v prefix). Empty value means use provider from source. - type: string - required: false jobs: provider-example-test: @@ -111,16 +103,6 @@ jobs: last_three="${run_id: -3}" echo "prefix=e2e-${last_three}" | tee -a "$GITHUB_OUTPUT" - - name: Install dependencies (Terraform) - shell: bash - run: | - sudo apt update && sudo apt install gpg - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update - sudo apt install terraform=1.4.4-* - - name: Log in to the Container registry uses: ./.github/actions/container_registry_login with: @@ -129,42 +111,18 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Setup bazel - if: inputs.providerVersion == '' || inputs.toProviderVersion == '' uses: ./.github/actions/setup_bazel_nix with: useCache: "true" buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }} + nixTools: terraform-1.5.3 - - name: Build CLI # CLI is needed for the upgrade assert and container push is needed for the microservice upgrade - uses: ./.github/actions/build_cli - with: - enterpriseCLI: true - outputPath: "build/constellation" - push: true - - - name: Build Terraform provider binary - if: inputs.providerVersion == '' || inputs.toProviderVersion == '' - uses: ./.github/actions/build_tf_provider - with: - targetOS: 'linux' - targetArch: 'amd64' - outputPath: "build/terraform-provider-constellation" - - - name: Add to local Terraform registry - if: inputs.providerVersion == '' # only move if needed, because otherwise the public TF registry will not be used + - name: Build Constellation provider # CLI is needed for the upgrade assert and container push is needed for the microservice upgrade shell: bash - id: install_tf_provider run: | - bazel build //bazel/settings:tag - - repository_root=$(git rev-parse --show-toplevel) - out_rel=$(bazel cquery --output=files //bazel/settings:tag) - build_version=$(cat "$(realpath "${repository_root}/${out_rel}")") - - terraform_provider_dir="${HOME}/.terraform.d/plugins/registry.terraform.io/edgelesssys/constellation/${build_version#v}/linux_amd64/" - mkdir -p "${terraform_provider_dir}" - mv build/terraform-provider-constellation "${terraform_provider_dir}/terraform-provider-constellation_${build_version}" - echo "build_version=${build_version}" | tee -a "$GITHUB_OUTPUT" + mkdir build + cd build + bazel run //:devbuild --cli_edition=enterprise - name: Login to AWS (IAM + Cluster role) if: inputs.cloudProvider == 'aws' @@ -333,12 +291,12 @@ jobs: terraform_provider_dir="${HOME}/.terraform.d/plugins/registry.terraform.io/edgelesssys/constellation/${build_version#v}/linux_amd64/" # remove local registry if it was used and public registry should be used now - if [[ "${{ inputs.providerVersion }}" == "" && "${{ inputs.toProviderVersion }}" != "" ]]; then + if [[ "${{ inputs.providerVersion }}" == "" ]]; then rm -rf "${terraform_provider_dir}" fi # add to local registry if it was not used and local registry should be used now - if [[ "${{ inputs.providerVersion }}" != "" && "${{ inputs.toProviderVersion }}" == "" ]]; then + if [[ "${{ inputs.providerVersion }}" != "" ]]; then mkdir -p "${terraform_provider_dir}" mv build/terraform-provider-constellation "${terraform_provider_dir}/terraform-provider-constellation_${build_version}" fi @@ -364,11 +322,7 @@ jobs: EOF fi - if [[ "${{ inputs.toProviderVersion }}" == "" ]]; then - prefixed_version=${{ steps.upgrade_tf_provider.outputs.build_version }} - else - prefixed_version="${{ inputs.toProviderVersion }}" - fi + prefixed_version=${{ steps.upgrade_tf_provider.outputs.build_version }} version=${prefixed_version#v} # remove v prefix # needs to be explicitly set to upgrade