Skip to content

Merge pull request #99 from equinix-labs/fix-keyscan #5

Merge pull request #99 from equinix-labs/fix-keyscan

Merge pull request #99 from equinix-labs/fix-keyscan #5

Workflow file for this run

name: 'integration'
on:
workflow_dispatch:
push:
branches:
- main
paths-ignore:
- 'LICENSE'
- '**.md'
jobs:
integrate:
name: Integration Tests
runs-on: ubuntu-latest
timeout-minutes: 180
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
TF_IN_AUTOMATION: 1
TF_VERSION: 1.7.5
TF_VAR_create_project: false
TF_VAR_metal_bastion_plan: "m3.small.x86"
TF_VAR_metal_nutanix_os: "nutanix_lts_6_5_poc"
TF_VAR_metal_nutanix_plan: "m3.large.x86"
TF_VAR_nutanix_node_count: 1
TF_VAR_skip_cluster_creation: false
TF_VAR_cluster_subnet: "192.168.96.0/22"
TF_VAR_cluster_gateway: "192.168.96.1"
TF_VAR_metal_metro: "sl"
TF_VAR_metal_organization_id: ${{ secrets.METAL_ORGANIZATION_ID }}
steps:
- name: Checkout from GitHub
uses: actions/checkout@v4
- name: Add SHORT_SHA env property with commit short SHA
run: echo "SHORT_SHA=`echo ${{ github.event.pull_request.head.sha }} | cut -c1-8`" >> $GITHUB_ENV
- name: Install Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ env.TF_VERSION }}
- name: Initialize Terraform, Modules, and Plugins
id: init
run: terraform init -input=false
- name: Create temporary project
id: metal-project
uses: equinix-labs/[email protected]
with:
userToken: ${{ secrets.METAL_AUTH_TOKEN }}
- name: Terraform Project Variables
run: |
echo TF_VAR_metal_auth_token=$TF_VAR_metal_auth_token >> $GITHUB_ENV
echo TF_VAR_metal_project_id=$TF_VAR_metal_project_id >> $GITHUB_ENV
echo TF_VAR_cluster_name=nutanix-$SHORT_SHA >> $GITHUB_ENV
env:
TF_VAR_metal_auth_token: ${{ steps.metal-project.outputs.projectToken }}
TF_VAR_metal_project_id: ${{ steps.metal-project.outputs.projectID }}
- name: Set up SSH
run: |
mkdir -p $HOME/.ssh
chmod 700 $HOME/.ssh
echo $PROJECT_PRIVATE_SSH_KEY | base64 -d > $HOME/.ssh/id_rsa
echo $PROJECT_PUBLIC_SSH_KEY > $HOME/.ssh/id_rsa.pub
chmod 600 $HOME/.ssh/id_rsa*
eval "$(ssh-agent -a $SSH_AUTH_SOCK)"
ssh-add $HOME/.ssh/id_rsa
env:
PROJECT_PRIVATE_SSH_KEY: ${{ steps.metal-project.outputs.projectSSHPrivateKeyBase64 }}
PROJECT_PUBLIC_SSH_KEY: ${{ steps.metal-project.outputs.projectSSHPublicKey }}
- name: Terraform Plan
id: plan
timeout-minutes: 120
run: terraform plan -out=tfplan -input=false
- name: Terraform Apply
id: apply
timeout-minutes: 120
run: |
terraform apply -input=false tfplan
ssh-add $(terraform output -raw ssh_private_key)
ssh-keyscan -H $(terraform output -raw bastion_public_ip) >> ~/.ssh/known_hosts
ssh-keyscan -H -p 22 -t rsa -T 10 -o StrictHostKeyChecking=no -o "ProxyCommand=ssh -W %h:%p root@$(terraform output -raw bastion_public_ip)" $(terraform output -raw cvim_ip_address) >> ~/.ssh/known_hosts
# Show meaningful status via "cluster status". alternatively, "ncc health_checks run_all", which can take a while
# For more commands: https://portal.nutanix.com/page/documents/kbs/details?targetId=kA07V000000LVVSSA4
ssh -j root@$(terraform output -raw bastion_public_ip) nutanix@$(terraform output -raw cvim_ip_address) cluster status
- name: Terraform Destroy with Retry
id: destroy
if: ${{ always() }}
run: |
attempts=0
max_attempts=3
delay=60 # delay in seconds
until [ $attempts -ge $max_attempts ]
do
terraform destroy -input=false -auto-approve && break
attempts=$((attempts+1))
echo "Terraform destroy failed. Retrying in $delay seconds..."
sleep $delay
done
if [ $attempts -ge $max_attempts ]; then
echo "Terraform destroy failed after $max_attempts attempts."
exit 1
fi
- name: Project Delete
if: ${{ always() }}
uses: equinix-labs/[email protected]
with:
authToken: ${{ secrets.METAL_AUTH_TOKEN }}
projectID: ${{ steps.metal-project.outputs.projectID }}