Add ability to run acceptance tests against Sensu-Go CI builds #1115
Conversation
|
Current travis matrix is very minimal to see if this actually works. If we wanted to test all operating systems and both Puppet 5 and Puppet 6. |
|
Encrypting multiple files requires using single tar archive of all files that is then encrypted. This is why previous license was removed, now in tar archive. The script |
treydock
force-pushed
the
ci-builds
branch
3 times, most recently
from
dbeec8e
to
09d09ad
Compare
|
@ghoneycutt It seems that this PR has broken all other PRs because I had to modify the encryption key contents to support new encrypted file and travis CLI re-uses same key name so now the PRs without this change are broken. I think what's left for this PR is to determine the matrix we want to use with CI builds. Do we want to test the full matrix with CI builds or just a select few? Also it seems allow_failures will not trigger a failure notification on slack. |
|
I may have fixed the issue, not sure how but managed to get different environment variables assigned by travis CLI but had to update #1117 with newly encrypted file. |
treydock
changed the title
|
Removed WIP, added CI builds for all operating systems supported |
.gitignore
Outdated
| @@ -53,3 +53,5 @@ doc/** | |||
|
|
|||
| # secrets | |||
| tests/sensu_license.json | |||
| tests/ci_build.sh | |||
There was a problem hiding this comment.
is this being auto generated? where?
There was a problem hiding this comment.
It's in tests/secrets.tar. It has the secret token for packagecloud so only exists inside encrypted tar archive. We can only encrypt one file and now require two files be encrypted and travis docs say in that case to encrypt a tar archive with files needing to be kept secret.
There was a problem hiding this comment.
Could you add instructions on how this file would be decrypted for local development
There was a problem hiding this comment.
I added scripts and added those scripts to tests/README.md. The decryption of those files is only necessary if one wishes to run tests against a CI build. The absence of the secrets being decrypted and certain env variables will just test latest production package.
treydock
force-pushed
the
ci-builds
branch
5 times, most recently
from
16f65d6
to
ac9403f
Compare
| #!/bin/bash | ||
|
|
||
| DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" | ||
| travis encrypt-file ${DIR}/secrets.tar.enc --decrypt --key $TRAVIS_CI_KEY --iv $TRAVIS_CI_IV |
There was a problem hiding this comment.
what's IV in the environment variable stand for?
There was a problem hiding this comment.
Part of openssl. I couldn't find in man page but googled it: https://stackoverflow.com/a/39412887. According to unofficial sources it's Initialization Vector which is part of the AES encryption.
| @@ -21,3 +21,17 @@ Copy certs from vagrant instance to this repo | |||
| \cp -r /etc/puppetlabs/puppet/ssl/* /vagrant/tests/ssl/ | |||
| ``` | |||
|
|
|||
| # Secrets | |||
There was a problem hiding this comment.
Could you add some more text around what files these touch and when you might need to use them.
There was a problem hiding this comment.
Added additional text. Also updated decrypt script to throw error if needed environment variables are not set.
| fi | ||
|
|
||
| curl -s https://${CI_BUILD_TOKEN}:@packagecloud.io/install/repositories/sensu/ci-builds/${script} | bash 1>/dev/null 2>&1 | ||
|
|
There was a problem hiding this comment.
Notice your files often have a trailing newline. This should not be there. Maybe an editor plugin can help?
Pull Request Checklist
Description
Add ability to run acceptance tests in Travis against Sensu-Go CI builds.
Motivation and Context
This is going to allow this module to run full acceptance test suite against unreleased versions of Sensu-Go.