mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-24 16:11:08 +02:00
27ab988205
Add `config_mode` variant to some scenarios so we can dynamically change how we primarily configure the Vault cluster, either by a configuration file or with environment variables. As part of this change we also: * Start consuming the Enos terraform provider from public Terraform registry. * Remove the old `seal_ha_beta` variant as it is no longer required. * Add a module that performs a `vault operator step-down` so that we can force leader elections in scenarios. * Wire up an operator step-down into some scenarios to test both the old and new multiseal code paths during leader elections. Signed-off-by: Ryan Cragun <me@ryan.ec>
54 lines
1.0 KiB
HCL
54 lines
1.0 KiB
HCL
# Copyright (c) HashiCorp, Inc.
|
|
# SPDX-License-Identifier: BUSL-1.1
|
|
|
|
terraform {
|
|
required_providers {
|
|
enos = {
|
|
source = "registry.terraform.io/hashicorp-forge/enos"
|
|
}
|
|
}
|
|
}
|
|
|
|
variable "packages" {
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "hosts" {
|
|
type = map(object({
|
|
private_ip = string
|
|
public_ip = string
|
|
}))
|
|
description = "The hosts to install packages on"
|
|
}
|
|
|
|
variable "timeout" {
|
|
type = number
|
|
description = "The max number of seconds to wait before timing out"
|
|
default = 120
|
|
}
|
|
|
|
variable "retry_interval" {
|
|
type = number
|
|
description = "How many seconds to wait between each retry"
|
|
default = 2
|
|
}
|
|
|
|
resource "enos_remote_exec" "install_packages" {
|
|
for_each = var.hosts
|
|
|
|
environment = {
|
|
PACKAGES = length(var.packages) >= 1 ? join(" ", var.packages) : "__skip"
|
|
RETRY_INTERVAL = var.retry_interval
|
|
TIMEOUT_SECONDS = var.timeout
|
|
}
|
|
|
|
scripts = [abspath("${path.module}/scripts/install-packages.sh")]
|
|
|
|
transport = {
|
|
ssh = {
|
|
host = each.value.public_ip
|
|
}
|
|
}
|
|
}
|