-
Notifications
You must be signed in to change notification settings - Fork 148
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Ess terraform + run integration tests on BK agents (#5113)
* ESS by terraforms * Use bk runners * added state to artifacts * Add common.sh to scripts * Add depends_on * Inlined paclage variables * tmp disbale unit tests * tmp disbale unit tests * install tf * install tf * install tf * install tf * fix ec creds * Added auto-approve * Test run * package again * package again * package again * package again * package * package * added mage build:testBinaries * Install mage * Install mage * Install mage * Install mage * Install mage * fix go * Merged * Merged * fix * fix * Fix tests * Debug * Use custom image * New suod tests * Test run * Test run * Test run * Debug * Debug * Debug * Debug * Debug * Cleanup * Using subshell in newgrp * Using subshell in newgrp * Test new custom VM image * Test new custom VM image * Set terraform version * Cleanup * terraform 1.9.3 * terraform 1.9.3 * Debug * Explicit image version * Explicit image version * Explicit image version * Sudo tests * +x * Try mage integration:local * Use gotestsum * Use gotestsum * Run sudo tests * Run sudo tests * Debug * Debug * Debug * Debug * Debug * Debug * Debug * Debug * Increased test timeout * Groupped sudo tests * Quoted regexps * BK steps by groups * BK steps by groups * BK steps by groups * BK steps by groups * fix param propagation * Debug * Big run * reuse EC_API_KEY * Debug test * Debug a test * Revert debug * Debug * Html report * groupping, auto-retry, packaging * removed reruns * Reuse the initial ESS stack. Start a new stack for retries * Fix ess start path * Fix ess start path * Fix ess start path * Fix ess start path * Debug * Debug * Debug * Fix EC_KEY recovery * Added lock to artifacts * Fix artifacts download path * Fix artifacts download path * Fix artifacts download path * Removed unnecessaru build dependencies * Added build id * Separated BK integration tests to a dedicated pipeline * CLeanup * Applied proposed changes * Applied proposed changes * Applied proposed changes
- Loading branch information
Showing
14 changed files
with
567 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,160 @@ | ||
# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json | ||
|
||
env: | ||
DOCKER_REGISTRY: "docker.elastic.co" | ||
VAULT_PATH: "kv/ci-shared/observability-ingest/cloud/gcp" | ||
ASDF_MAGE_VERSION: 1.14.0 | ||
ASDF_GOLANG_VERSION: 1.22.6 | ||
ASDF_TERRAFORM_VERSION: 1.9.3 | ||
|
||
steps: | ||
- label: "Integration tests: packaging" | ||
key: "package-it" | ||
command: ".buildkite/scripts/steps/integration-package.sh" | ||
artifact_paths: | ||
- build/distributions/** | ||
agents: | ||
provider: "gcp" | ||
machineType: "n1-standard-8" | ||
|
||
- label: Start ESS stack for integration tests | ||
key: integration-ess | ||
depends_on: | ||
- package-it | ||
command: | | ||
#!/usr/bin/env bash | ||
set -euo pipefail | ||
source .buildkite/scripts/steps/ess_start.sh | ||
artifact_paths: | ||
- test_infra/ess/*.tfstate | ||
- test_infra/ess/*.lock.hcl | ||
agents: | ||
image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-beats-ci-with-hooks:0.5" | ||
useCustomGlobalHooks: true | ||
|
||
- group: "Stateful IT (Sudo): Ubuntu" | ||
key: integration-tests | ||
depends_on: | ||
- package-it | ||
- integration-ess | ||
steps: | ||
- label: "Default" | ||
key: stateful-ubuntu-default-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "default" "^(TestAPMConfig|TestDiagnosticsOptionalValues|TestIsolatedUnitsDiagnosticsOptionalValues|TestDiagnosticsCommand|TestIsolatedUnitsDiagnosticsCommand|TestEventLogFile|TestFakeComponent|TestFakeIsolatedUnitsComponent|TestOtelFileProcessing|TestOtelLogsIngestion|TestOtelAPMIngestion|TestPackageVersion)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "Upgrade" | ||
key: stateful-ubuntu-upgrade-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "upgrade" "^(TestUpgradeBrokenPackageVersion|TestStandaloneUpgradeWithGPGFallback|TestStandaloneUpgradeWithGPGFallbackOneRemoteFailing|TestStandaloneUpgradeRollback|TestStandaloneUpgradeRollbackOnRestarts|TestStandaloneUpgradeFailsWhenUpgradeIsInProgress|TestStandaloneUpgradeRetryDownload|TestStandaloneUpgradeSameCommit|TestStandaloneUpgrade|TestStandaloneUpgradeUninstallKillWatcher)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "Fleet" | ||
key: stateful-ubuntu-fleet-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
ls -lah build/distributions/ | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "fleet" "^(TestLongRunningAgentForLeaks|TestDelayEnroll|TestDelayEnrollUnprivileged|TestInstallAndCLIUninstallWithEndpointSecurity|TestInstallAndUnenrollWithEndpointSecurity|TestInstallWithEndpointSecurityAndRemoveEndpointIntegration|TestEndpointSecurityNonDefaultBasePath|TestEndpointSecurityUnprivileged|TestEndpointSecurityCannotSwitchToUnprivileged|TestEndpointLogsAreCollectedInDiagnostics|TestForceInstallOverProtectedPolicy|TestSetLogLevelFleetManaged|TestLogIngestionFleetManaged|TestMetricsMonitoringCorrectBinaries|TestEndpointAgentServiceMonitoring|TestMonitoringPreserveTextConfig|TestMonitoringLivenessReloadable|TestComponentBuildHashInDiagnostics|TestProxyURL|TestFleetManagedUpgradeUnprivileged)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "FQDN" | ||
key: stateful-ubuntu-fqdn-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
ls -lah build/distributions/ | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "fqdn" "^(TestFQDN)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "Deb" | ||
key: stateful-ubuntu-deb-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
ls -lah build/distributions/ | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "deb" "^(TestDebLogIngestFleetManaged|TestDebFleetUpgrade)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "Fleet Airgapped" | ||
key: stateful-ubuntu-fleet-airgapped-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
ls -lah build/distributions/ | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "fleet-airgapped" "^(TestFleetAirGappedUpgradeUnprivileged)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "Fleet Privileged" | ||
key: stateful-ubuntu-fleet-privileged-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
ls -lah build/distributions/ | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "fleet-privileged" "^(TestInstallFleetServerBootstrap|TestFleetManagedUpgradePrivileged)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: "Fleet Airgapped Privileged" | ||
key: stateful-ubuntu-fleet-airgapped-privileged-sudo | ||
command: | | ||
buildkite-agent artifact download build/distributions/** . --step 'package-it' | ||
ls -lah build/distributions/ | ||
.buildkite/scripts/steps/integration_tests_tf_sudo.sh "fleet-airgapped-privileged" "^(TestFleetAirGappedUpgradePrivileged)$$" | ||
artifact_paths: | ||
- build/** | ||
agents: | ||
provider: "gcp" | ||
imageProject: elastic-images-qa | ||
machineType: "n1-standard-8" | ||
image: "family/platform-ingest-elastic-agent-ubuntu-2204" | ||
|
||
- label: ESS stack cleanup | ||
depends_on: integration-tests | ||
allow_dependency_failure: true | ||
command: | | ||
buildkite-agent artifact download "test_infra/ess/**" . --step "integration-ess" | ||
ls -lah test_infra/ess | ||
.buildkite/scripts/steps/ess_down.sh | ||
agents: | ||
image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-beats-ci-with-hooks:0.5" | ||
useCustomGlobalHooks: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
#!/bin/bash | ||
|
||
set -euo pipefail | ||
|
||
if [[ -z "${WORKSPACE-""}" ]]; then | ||
WORKSPACE=$(git rev-parse --show-toplevel) | ||
export WORKSPACE | ||
fi | ||
|
||
BEAT_VERSION=$(grep -oE '[0-9]+\.[0-9]+\.[0-9]+(\-[a-zA-Z]+[0-9]+)?' "${WORKSPACE}/version/version.go") | ||
export BEAT_VERSION | ||
|
||
getOSOptions() { | ||
case $(uname | tr '[:upper:]' '[:lower:]') in | ||
linux*) | ||
export AGENT_OS_NAME=linux | ||
;; | ||
darwin*) | ||
export AGENT_OS_NAME=darwin | ||
;; | ||
msys*) | ||
export AGENT_OS_NAME=windows | ||
;; | ||
*) | ||
export AGENT_OS_NAME=notset | ||
;; | ||
esac | ||
case $(uname -m | tr '[:upper:]' '[:lower:]') in | ||
aarch64*) | ||
export AGENT_OS_ARCH=arm64 | ||
;; | ||
arm64*) | ||
export AGENT_OS_ARCH=arm64 | ||
;; | ||
amd64*) | ||
export AGENT_OS_ARCH=amd64 | ||
;; | ||
x86_64*) | ||
export AGENT_OS_ARCH=amd64 | ||
;; | ||
*) | ||
export AGENT_OS_ARCH=notset | ||
;; | ||
esac | ||
} | ||
|
||
google_cloud_auth() { | ||
local keyFile=$1 | ||
|
||
gcloud auth activate-service-account --key-file ${keyFile} 2> /dev/null | ||
|
||
export GOOGLE_APPLICATION_CREDENTIALS=${secretFileLocation} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
#!/bin/bash | ||
set -euo pipefail | ||
|
||
retry() { | ||
local retries=$1 | ||
shift | ||
|
||
local count=0 | ||
until "$@"; do | ||
exit=$? | ||
wait=$((2 ** count)) | ||
count=$((count + 1)) | ||
if [ $count -lt "$retries" ]; then | ||
>&2 echo "Retry $count/$retries exited $exit, retrying in $wait seconds..." | ||
sleep $wait | ||
else | ||
>&2 echo "Retry $count/$retries exited $exit, no more retries left." | ||
return $exit | ||
fi | ||
done | ||
return 0 | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
#!/usr/bin/env bash | ||
set -euo pipefail | ||
|
||
function ess_up() { | ||
echo "~~~ Staring ESS Stack" | ||
local WORKSPACE=$(git rev-parse --show-toplevel) | ||
local TF_DIR="${WORKSPACE}/test_infra/ess/" | ||
local STACK_VERSION=$1 | ||
local ESS_REGION=${2:-"gcp-us-west2"} | ||
|
||
if [ -z "$STACK_VERSION" ]; then | ||
echo "Error: Specify stack version: ess_up [stack_version]" >&2 | ||
return 1 | ||
fi | ||
|
||
export EC_API_KEY=$(retry 5 vault kv get -field=apiKey kv/ci-shared/platform-ingest/platform-ingest-ec-prod) | ||
|
||
if [[ -z "${EC_API_KEY}" ]]; then | ||
echo "Error: Failed to get EC API key from vault" >&2 | ||
exit 1 | ||
fi | ||
|
||
BUILDKITE_BUILD_CREATOR="${BUILDKITE_BUILD_CREATOR:-"$(get_git_user_email)"}" | ||
BUILDKITE_BUILD_NUMBER="${BUILDKITE_BUILD_NUMBER:-"0"}" | ||
BUILDKITE_PIPELINE_SLUG="${BUILDKITE_PIPELINE_SLUG:-"elastic-agent-integration-tests"}" | ||
|
||
pushd "${TF_DIR}" | ||
terraform init | ||
terraform apply \ | ||
-auto-approve \ | ||
-var="stack_version=${STACK_VERSION}" \ | ||
-var="ess_region=${ESS_REGION}" \ | ||
-var="creator=${BUILDKITE_BUILD_CREATOR}" \ | ||
-var="buildkite_id=${BUILDKITE_BUILD_NUMBER}" \ | ||
-var="pipeline=${BUILDKITE_PIPELINE_SLUG}" | ||
|
||
export ELASTICSEARCH_HOST=$(terraform output -raw es_host) | ||
export ELASTICSEARCH_USERNAME=$(terraform output -raw es_username) | ||
export ELASTICSEARCH_PASSWORD=$(terraform output -raw es_password) | ||
export KIBANA_HOST=$(terraform output -raw kibana_endpoint) | ||
export KIBANA_USERNAME=$ELASTICSEARCH_USERNAME | ||
export KIBANA_PASSWORD=$ELASTICSEARCH_PASSWORD | ||
popd | ||
} | ||
|
||
function ess_down() { | ||
echo "~~~ Tearing down the ESS Stack" | ||
local WORKSPACE=$(git rev-parse --show-toplevel) | ||
local TF_DIR="${WORKSPACE}/test_infra/ess/" | ||
if [ -z "${EC_API_KEY:-}" ]; then | ||
export EC_API_KEY=$(retry 5 vault kv get -field=apiKey kv/ci-shared/platform-ingest/platform-ingest-ec-prod) | ||
fi | ||
|
||
pushd "${TF_DIR}" | ||
terraform init | ||
terraform destroy -auto-approve | ||
popd | ||
} | ||
|
||
function get_git_user_email() { | ||
if ! git rev-parse --is-inside-work-tree &>/dev/null; then | ||
echo "unknown" | ||
return | ||
fi | ||
|
||
local email | ||
email=$(git config --get user.email) | ||
|
||
if [ -z "$email" ]; then | ||
echo "unknown" | ||
else | ||
echo "$email" | ||
fi | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/usr/bin/env bash | ||
set -euo pipefail | ||
|
||
source .buildkite/scripts/common2.sh | ||
|
||
source .buildkite/scripts/steps/ess.sh | ||
|
||
ess_down || echo "Failed to stop ESS stack" >&2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
#!/usr/bin/env bash | ||
set -euo pipefail | ||
|
||
source .buildkite/scripts/common2.sh | ||
|
||
source .buildkite/scripts/steps/ess.sh | ||
|
||
OVERRIDE_STACK_VERSION="$(cat .package-version)" | ||
OVERRIDE_STACK_VERSION=${OVERRIDE_STACK_VERSION}"-SNAPSHOT" | ||
|
||
ess_up $OVERRIDE_STACK_VERSION || echo "Failed to start ESS stack" >&2 | ||
|
||
echo "ES_HOST: ${ELASTICSEARCH_HOST}" | ||
buildkite-agent meta-data set "es.host" $ELASTICSEARCH_HOST | ||
buildkite-agent meta-data set "es.username" $ELASTICSEARCH_USERNAME | ||
buildkite-agent meta-data set "es.pwd" $ELASTICSEARCH_PASSWORD | ||
buildkite-agent meta-data set "kibana.host" $KIBANA_HOST | ||
buildkite-agent meta-data set "kibana.username" $KIBANA_USERNAME | ||
buildkite-agent meta-data set "kibana.pwd" $KIBANA_PASSWORD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
#!/usr/bin/env bash | ||
set -euo pipefail | ||
|
||
source .buildkite/scripts/common2.sh | ||
source .buildkite/scripts/steps/ess.sh | ||
|
||
|
||
# Override the agent package version using a string with format <major>.<minor>.<patch> | ||
# There is a time when the snapshot is not built yet, so we cannot use the latest version automatically | ||
# This file is managed by an automation (mage integration:UpdateAgentPackageVersion) that check if the snapshot is ready. | ||
OVERRIDE_AGENT_PACKAGE_VERSION="$(cat .package-version)" | ||
OVERRIDE_TEST_AGENT_VERSION=${OVERRIDE_AGENT_PACKAGE_VERSION}"-SNAPSHOT" | ||
|
||
echo "~~~ Bulding test binaries" | ||
mage build:testBinaries | ||
|
||
ess_up $OVERRIDE_TEST_AGENT_VERSION || echo "Failed to start ESS stack" >&2 | ||
trap 'ess_down' EXIT | ||
|
||
echo "~~~ Running integration tests" | ||
AGENT_VERSION="8.16.0-SNAPSHOT" SNAPSHOT=true TEST_DEFINE_PREFIX=non_sudo_linux gotestsum --no-color -f standard-verbose --junitfile build/TEST-go-integration.xml --jsonfile build/TEST-go-integration.out.json -- -tags integration github.com/elastic/elastic-agent/testing/integration |
Oops, something went wrong.