mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-23 15:41:07 +02:00
174da88b9d
* VAULT-28146: Add IPV6 support to enos scenarios Add support for testing all raft storage scenarios and variants when running Vault with IPV6 networking. We retain our previous support for IPV4 and create a new variant `ip_version` which can be used to configure the IP version that we wish to test with. It's important to note that the VPC in IPV6 mode is technically mixed and that target machines still associate public IPV6 addresses. That allows us to execute our resources against them from IPV4 networks like developer machines and CI runners. Despite that, we've taken care to ensure that only IPV6 addresses are used in IPV6 mode. Because we previously had assumed the IP Version, Vault address, and listener ports in so many places, this PR is essentially a rewrite and removal of those assumptions. There are also a few places where improvements to scenarios have been included as I encountered them while working on the IPV6 changes. Signed-off-by: Ryan Cragun <me@ryan.ec>
205 lines
5.4 KiB
HCL
205 lines
5.4 KiB
HCL
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
variable "artifactory_username" {
|
|
type = string
|
|
description = "The username to use when testing an artifact from artifactory"
|
|
default = null
|
|
sensitive = true
|
|
}
|
|
|
|
variable "artifactory_token" {
|
|
type = string
|
|
description = "The token to use when authenticating to artifactory"
|
|
default = null
|
|
sensitive = true
|
|
}
|
|
|
|
variable "artifactory_host" {
|
|
type = string
|
|
description = "The artifactory host to search for vault artifacts"
|
|
default = "https://artifactory.hashicorp.engineering/artifactory"
|
|
}
|
|
|
|
variable "artifactory_repo" {
|
|
type = string
|
|
description = "The artifactory repo to search for vault artifacts"
|
|
default = "hashicorp-crt-stable-local*"
|
|
}
|
|
|
|
variable "aws_region" {
|
|
description = "The AWS region where we'll create infrastructure"
|
|
type = string
|
|
default = "us-east-1"
|
|
}
|
|
|
|
variable "aws_ssh_keypair_name" {
|
|
description = "The AWS keypair to use for SSH"
|
|
type = string
|
|
default = "enos-ci-ssh-key"
|
|
}
|
|
|
|
variable "aws_ssh_private_key_path" {
|
|
description = "The path to the AWS keypair private key"
|
|
type = string
|
|
default = "./support/private_key.pem"
|
|
}
|
|
|
|
variable "backend_edition" {
|
|
description = "The backend release edition if applicable"
|
|
type = string
|
|
default = "ce" // or "ent"
|
|
}
|
|
|
|
variable "backend_instance_type" {
|
|
description = "The instance type to use for the Vault backend. Must be arm64/nitro compatible"
|
|
type = string
|
|
default = "t4g.small"
|
|
}
|
|
|
|
variable "backend_license_path" {
|
|
description = "The license for the backend if applicable (Consul Enterprise)"
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "backend_log_level" {
|
|
description = "The server log level for the backend. Supported values include 'trace', 'debug', 'info', 'warn', 'error'"
|
|
type = string
|
|
default = "trace"
|
|
}
|
|
|
|
variable "project_name" {
|
|
description = "The description of the project"
|
|
type = string
|
|
default = "vault-enos-integration"
|
|
}
|
|
|
|
variable "distro_version_amzn2" {
|
|
description = "The version of Amazon Linux 2 to use"
|
|
type = string
|
|
default = "2"
|
|
}
|
|
|
|
variable "distro_version_leap" {
|
|
description = "The version of openSUSE leap to use"
|
|
type = string
|
|
default = "15.5"
|
|
}
|
|
|
|
variable "distro_version_rhel" {
|
|
description = "The version of RHEL to use"
|
|
type = string
|
|
default = "9.3" // or "8.9"
|
|
}
|
|
|
|
variable "distro_version_sles" {
|
|
description = "The version of SUSE SLES to use"
|
|
type = string
|
|
default = "v15_sp5_standard"
|
|
}
|
|
|
|
variable "distro_version_ubuntu" {
|
|
description = "The version of ubuntu to use"
|
|
type = string
|
|
default = "22.04" // or "20.04"
|
|
}
|
|
|
|
variable "tags" {
|
|
description = "Tags that will be applied to infrastructure resources that support tagging"
|
|
type = map(string)
|
|
default = null
|
|
}
|
|
|
|
variable "terraform_plugin_cache_dir" {
|
|
description = "The directory to cache Terraform modules and providers"
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "ui_test_filter" {
|
|
type = string
|
|
description = "A test filter to limit the ui tests to execute. Will be appended to the ember test command as '-f=\"<filter>\"'"
|
|
default = null
|
|
}
|
|
|
|
variable "ui_run_tests" {
|
|
type = bool
|
|
description = "Whether to run the UI tests or not. If set to false a cluster will be created but no tests will be run"
|
|
default = true
|
|
}
|
|
|
|
variable "vault_artifact_type" {
|
|
description = "The type of Vault artifact to use when installing Vault from artifactory. It should be 'package' for .deb or .rpm package and 'bundle' for .zip bundles"
|
|
default = "bundle"
|
|
}
|
|
|
|
variable "vault_artifact_path" {
|
|
description = "Path to CRT generated or local vault.zip bundle"
|
|
type = string
|
|
default = "/tmp/vault.zip"
|
|
}
|
|
|
|
variable "vault_build_date" {
|
|
description = "The build date for Vault artifact"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "vault_enable_audit_devices" {
|
|
description = "If true every audit device will be enabled"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "vault_install_dir" {
|
|
type = string
|
|
description = "The directory where the Vault binary will be installed"
|
|
default = "/opt/vault/bin"
|
|
}
|
|
|
|
variable "vault_instance_count" {
|
|
description = "How many instances to create for the Vault cluster"
|
|
type = number
|
|
default = 3
|
|
}
|
|
|
|
variable "vault_license_path" {
|
|
description = "The path to a valid Vault enterprise edition license. This is only required for non-ce editions"
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "vault_local_build_tags" {
|
|
description = "The build tags to pass to the Go compiler for builder:local variants"
|
|
type = list(string)
|
|
default = null
|
|
}
|
|
|
|
variable "vault_log_level" {
|
|
description = "The server log level for Vault logs. Supported values (in order of detail) are trace, debug, info, warn, and err."
|
|
type = string
|
|
default = "trace"
|
|
}
|
|
|
|
variable "vault_product_version" {
|
|
description = "The version of Vault we are testing"
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "vault_revision" {
|
|
description = "The git sha of Vault artifact we are testing"
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "vault_upgrade_initial_release" {
|
|
description = "The Vault release to deploy before upgrading"
|
|
default = {
|
|
edition = "ce"
|
|
// Vault 1.10.5 has a known issue with retry_join.
|
|
version = "1.10.4"
|
|
}
|
|
}
|