Merge pull request #136 from jfrog/add-github-workflow-for-acceptance-tests

Add GitHub Workflow for acceptance testings

Author: Alex Hung

.github/workflows/acceptance-tests.yml

@@ -0,0 +1,225 @@
+on:
+  pull_request:
+    branches:
+      - main
+    types: [opened,synchronize]
+    paths:
+      - '**.go'
+  workflow_dispatch:
+
+name: Terraform & OpenTofu Acceptance Tests
+
+jobs:
+  acceptance-tests-matrix:
+    name: ${{ matrix.cli }}
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    environment: development
+    strategy:
+      fail-fast: true
+      matrix:
+        cli: [terraform, tofu]
+    outputs:
+      tf_version: ${{ steps.debug_tf_version.outputs.version }}
+      tofu_version: ${{ steps.install_opentofu_cli.outputs.version }}
+      artifactory_version: ${{ steps.run_artifactory_container.outputs.version }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Unshallow
+        run: git fetch --prune --unshallow
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.21
+      - name: Install Helm
+        run: |
+          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
+          chmod +x get_helm.sh
+          ./get_helm.sh
+          rm get_helm.sh
+      - name: Install Terraform CLI
+        id: install_terraform_cli
+        if: ${{ matrix.cli == 'terraform' }}
+        run: |
+          wget -q -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
+          gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
+          echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
+          sudo apt-get update
+          sudo apt-get install -y terraform
+      - name: Debug TF version
+        id: debug_tf_version
+        run: |
+          TF_VERSION=$(terraform -v -json | jq -r .terraform_version)
+          echo $TF_VERSION
+          echo "version=$TF_VERSION" >> "$GITHUB_OUTPUT"
+      - name: Install OpenTofu CLI
+        id: install_opentofu_cli
+        if: ${{ matrix.cli == 'tofu' }}
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
+          echo "Set up the OpenTofu repository"
+          sudo install -m 0755 -d /etc/apt/keyrings
+          curl -fsSL https://get.opentofu.org/opentofu.gpg | sudo tee /etc/apt/keyrings/opentofu.gpg >/dev/null
+          curl -fsSL https://packages.opentofu.org/opentofu/tofu/gpgkey | sudo gpg --no-tty --batch --dearmor -o /etc/apt/keyrings/opentofu-repo.gpg >/dev/null
+          sudo chmod a+r /etc/apt/keyrings/opentofu.gpg /etc/apt/keyrings/opentofu-repo.gpg
+          echo "Create the OpenTofu source list"
+          echo \
+            "deb [signed-by=/etc/apt/keyrings/opentofu.gpg,/etc/apt/keyrings/opentofu-repo.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main
+          deb-src [signed-by=/etc/apt/keyrings/opentofu.gpg,/etc/apt/keyrings/opentofu-repo.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main" | \
+            sudo tee /etc/apt/sources.list.d/opentofu.list > /dev/null
+          sudo chmod a+r /etc/apt/sources.list.d/opentofu.list
+          echo "Installing OpenTofu"
+          sudo apt-get update
+          sudo apt-get install -y tofu
+          echo "TF_ACC_TERRAFORM_PATH=$(which tofu)" >> "$GITHUB_ENV"
+          echo "TF_ACC_PROVIDER_NAMESPACE=hashicorp" >> "$GITHUB_ENV"
+          echo "TF_ACC_PROVIDER_HOST=registry.opentofu.org" >> "$GITHUB_ENV"
+          TOFU_VERSION=$(tofu -v -json | jq -r .terraform_version)
+          echo $TOFU_VERSION
+          echo "version=$TOFU_VERSION" >> "$GITHUB_OUTPUT"
+      - name: Install GoReleaser
+        run: |
+          echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list
+          sudo apt-get update
+          sudo apt-get install -y goreleaser
+      - name: Create Artifactory data directories and copy data
+        env:
+          ARTIFACTORY_LICENSE: ${{ secrets.ARTIFACTORY_LICENSE }}
+        run: |
+          mkdir -p ${{ runner.temp }}/artifactory/extra_conf
+          mkdir -p ${{ runner.temp }}/artifactory/var/etc
+          echo $ARTIFACTORY_LICENSE > ${{ runner.temp }}/artifactory/extra_conf/artifactory.lic
+          cp ${{ github.workspace }}/scripts/system.yaml ${{ runner.temp }}/artifactory/var/etc/system.yaml
+          sudo chown -R 1030:1030 ${{ runner.temp }}/artifactory/var
+      - name: Run Artifactory container
+        id: run_artifactory_container
+        run: |
+          echo "Get latest Artifactory image tag"
+          helm repo add artifactory https://charts.jfrog.io
+          helm repo update
+          ARTIFACTORY_VERSION=$(helm search repo | grep "artifactory " | awk '{$1=$1};1' |  cut -f3 -d " ")
+          echo "version=$ARTIFACTORY_VERSION" >> "$GITHUB_OUTPUT"
+          echo "Start up Artifactory container"
+          docker run -i --name artifactory -d --rm \
+            -v ${{ runner.temp }}/artifactory/extra_conf:/artifactory_extra_conf \
+            -v ${{ runner.temp }}/artifactory/var:/var/opt/jfrog/artifactory \
+            -p 8081:8081 -p 8082:8082 \
+            releases-docker.jfrog.io/jfrog/artifactory-pro:${ARTIFACTORY_VERSION}
+          echo "Set localhost to a container IP address, since we run docker inside of docker"
+          export LOCALHOST=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.Gateway}}{{end}}' artifactory)
+          export JFROG_URL="http://${LOCALHOST}:8082"
+          echo "JFROG_URL=$JFROG_URL" >> "$GITHUB_ENV"
+          echo "Waiting for Artifactory services to start at ${JFROG_URL}"
+          until $(curl -sf -o /dev/null -m 5 ${JFROG_URL}/artifactory/api/system/ping/); do
+            printf '.'
+            sleep 5
+          done
+          echo "Waiting for Artifactory UI to start"
+          until $(curl -sf -o /dev/null -m 5 ${JFROG_URL}/ui/login/); do
+            printf '.'
+            sleep 5
+          done
+          export COOKIES=$(curl -s -c - "${JFROG_URL}/ui/api/v1/ui/auth/login?_spring_security_remember_me=false" \
+            --header "accept: application/json, text/plain, */*" \
+            --header "content-type: application/json;charset=UTF-8" \
+            --header "x-requested-with: XMLHttpRequest" \
+            -d '{"user":"admin","password":"'"${{ secrets.ARTIFACTORY_PASSWORD }}"'","type":"login"}' | grep FALSE)
+          export REFRESHTOKEN=$(echo $COOKIES | grep REFRESHTOKEN | awk '{print $7}')
+          export ACCESSTOKEN=$(echo $COOKIES | grep ACCESSTOKEN | awk '{print $14}')
+          export JFROG_ACCESS_TOKEN=$(curl -s -g --request GET "${JFROG_URL}/ui/api/v1/system/security/token?services[]=all" \
+            --header "accept: application/json, text/plain, */*" \
+            --header "x-requested-with: XMLHttpRequest" \
+            --header "cookie: ACCESSTOKEN=${ACCESSTOKEN}; REFRESHTOKEN=${REFRESHTOKEN}")
+          echo "::add-mask::$JFROG_ACCESS_TOKEN"
+          echo "JFROG_ACCESS_TOKEN=$JFROG_ACCESS_TOKEN" >> "$GITHUB_ENV"
+      - name: Execute acceptance tests
+        run: make acceptance
+      - name: Install provider
+        run: |
+          export PROVIDER_VERSION=$(git describe --tags --abbrev=0 | sed  -n 's/v\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1.\2.\3/p')
+          cat sample.tf | sed -e "s/version =.*/version = \"${PROVIDER_VERSION}\"/g" > sample.tf.tmp
+          cp sample.tf.tmp sample.tf && rm sample.tf.tmp
+          TERRAFORM_CLI=${{ matrix.cli }} make install
+      - name: Dump Artifactory logs
+        uses: jwalton/gh-docker-logs@v2
+        if: failure()
+        with:
+          tail: '10000'
+      - name: Clean up Docker container
+        run: docker stop artifactory
+      - name: Send workflow status to Slack
+        uses: slackapi/[email protected]
+        with:
+          payload: |
+            {
+              "text": "${{ github.workflow }} https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/job/${{ github.job }} ${{ matrix.cli }} GitHub Action result: ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}",
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": "${{ github.workflow }} <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/job/${{ github.job }}|${{ matrix.cli }} GitHub Action result>: ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
+                  }
+                }
+              ]
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PR_WEBHOOK }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+
+  update-changelog:
+    runs-on: ubuntu-latest
+    needs: acceptance-tests-matrix
+    if: ${{ github.event_name == 'pull_request' }}
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.ref }}
+      - name: Update CHANGELOG and push commit
+        env:
+          ARTIFACTORY_VERSION: ${{ needs.acceptance-tests-matrix.outputs.artifactory_version }}
+          TERRAFORM_VERSION: ${{ needs.acceptance-tests-matrix.outputs.tf_version }}
+          OPENTOFU_VERSION: ${{ needs.acceptance-tests-matrix.outputs.tofu_version }}
+        run: |
+          echo "Adding Artifactory version to CHANGELOG.md"
+          sed -i -E "0,/(##\s.+\..+\..+\s\(.+\)).*/ s/(##\s.+\..+\..+\s\(.+\)).*/\1. Tested on Artifactory $ARTIFACTORY_VERSION with Terraform $TERRAFORM_VERSION and OpenTofu $OPENTOFU_VERSION/" CHANGELOG.md
+          head -10 CHANGELOG.md
+          git add CHANGELOG.md
+          export REGEX="Changes to be committed*"
+          export GIT_STATUS=$(git status)
+          if [[ ${GIT_STATUS} =~ ${REGEX} ]]; then
+            echo "Commiting changes"
+            git config --global user.name 'JFrog CI'
+            git config --global user.email '[email protected]'
+            git config --get user.name
+            git config --get user.email
+            git commit --author="JFrog CI <[email protected]>" -m "JFrog Pipelines - Add Artifactory version to CHANGELOG.md"
+            git push
+          else
+            echo "There is nothing to commit: Artifactory version hadn't changed."
+          fi
+      - name: Send workflow status to Slack
+        uses: slackapi/[email protected]
+        if: success()
+        with:
+          payload: |
+            {
+              "text": "Terraform Provider Project. A new PR was submitted by ${{ github.event.pull_request.user.login }} - ${{ github.event.pull_request.html_url }}, branch ${{ github.event.pull_request.base.ref }}. Changes tested successfully. <@U01H1SLSPA8> or <@UNDRUL1EU> please, review and merge.",
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": "<http://github.com/${{ github.repository }}|Terraform Provider Project>. A new PR was submitted by *${{ github.event.pull_request.user.login }}* - <${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}>, branch *${{ github.event.pull_request.base.ref }}*. Changes tested successfully. <@U01H1SLSPA8> or <@UNDRUL1EU> please, review and merge."
+                  }
+                }
+              ]
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PR_WEBHOOK }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

.gitignore

@@ -3,7 +3,6 @@ dist/
 vendor/
 bin/
 .idea/
-.github/
 .modules/
 .terraform*
 terraform.d/

.goreleaser.yml

@@ -48,6 +48,9 @@ signs:
       - "--detach-sign"
       - "${artifact}"
 release:
+  extra_files:
+    - glob: 'terraform-registry-manifest.json'
+      name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
   # If you want to manually examine the release before its live, uncomment this line:
   # draft: true
 changelog:

GNUmakefile

@@ -12,19 +12,28 @@ PKG_NAME=pkg/${PRODUCT}
 PKG_VERSION_PATH=github.com/jfrog/terraform-provider-${PRODUCT}/${PKG_NAME}
 VERSION := $(shell git tag --sort=-creatordate | head -1 | sed  -n 's/v\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1.\2.\3/p')
 NEXT_VERSION := $(shell echo ${VERSION}| awk -F '.' '{print $$1 "." $$2 "." $$3 +1 }' )
-BUILD_PATH=terraform.d/plugins/registry.terraform.io/jfrog/${PRODUCT}/${NEXT_VERSION}/${TARGET_ARCH}
+
+TERRAFORM_CLI?=terraform
+
+REGISTRY_HOST=registry.terraform.io
+
+ifeq ($(TERRAFORM_CLI), tofu)
+REGISTRY_HOST=registry.opentofu.org
+endif
+
+BUILD_PATH=terraform.d/plugins/${REGISTRY_HOST}/jfrog/${PRODUCT}/${NEXT_VERSION}/${TARGET_ARCH}
+
 SONAR_SCANNER_VERSION?=4.7.0.2747
 SONAR_SCANNER_HOME?=${HOME}/.sonar/sonar-scanner-${SONAR_SCANNER_VERSION}-macosx
 
 default: build
 
 install: clean build
-	rm -fR .terraform.d && \
 	mkdir -p ${BUILD_PATH} && \
 		mv -v dist/terraform-provider-${PRODUCT}_${GORELEASER_ARCH}/terraform-provider-${PRODUCT}_v${NEXT_VERSION}* ${BUILD_PATH} && \
 		rm -f .terraform.lock.hcl && \
 		sed -i.bak '0,/version = ".*"/s//version = "${NEXT_VERSION}"/' sample.tf && rm sample.tf.bak && \
-		terraform init
+		${TERRAFORM_CLI} init
 
 install_tfc: clean build_tfc
 	mkdir -p tfc-testing/${BUILD_PATH} && \
@@ -33,8 +42,8 @@ install_tfc: clean build_tfc
 		mv -v dist/terraform-provider-${PRODUCT}_linux_amd64_v1/terraform-provider-${PRODUCT}_v${NEXT_VERSION}* tfc-testing/terraform.d/plugins/registry.terraform.io/jfrog/${PRODUCT}/${NEXT_VERSION}/linux_amd64 && \
 		sed -i.bak '0,/version = ".*"/s//version = "${NEXT_VERSION}"/' tfc-testing/sample.tf && rm tfc-testing/sample.tf.bak && \
 		cd tfc-testing && \
-		terraform providers lock -platform=linux_amd64 -platform=darwin_amd64 -fs-mirror=terraform.d/plugins && \
-		terraform init
+		${TERRAFORM_CLI} providers lock -platform=linux_amd64 -platform=darwin_amd64 -fs-mirror=terraform.d/plugins && \
+		${TERRAFORM_CLI} init
 
 clean:
 	rm -fR dist terraform.d/ .terraform terraform.tfstate* .terraform.lock.hcl
@@ -63,7 +72,7 @@ test:
 
 test_tfc: install_tfc
 	cd tfc-testing && \
-	terraform plan
+	${TERRAFORM_CLI} plan
 
 attach:
 	dlv --listen=:2345 --headless=true --api-version=2 --accept-multiclient attach $$(pgrep terraform-provider-${PRODUCT})
@@ -82,7 +91,7 @@ scan:
 
 fmt:
 	@echo "==> Fixing source code with gofmt..."
-	@go fmt ./...
+	@go fmt ./pkg/...
 
 doc:
 	rm -rfv docs/*

README.md

@@ -1,3 +1,5 @@
+[![Terraform & OpenTofu Acceptance Tests](https://github.com/jfrog/terraform-provider-project/actions/workflows/acceptance-tests.yml/badge.svg)](https://github.com/jfrog/terraform-provider-project/actions/workflows/acceptance-tests.yml)
+
 # Terraform Provider for Artifactory Project
 
 [![Actions Status](https://github.com/jfrog/terraform-provider-project/workflows/release/badge.svg)](https://github.com/jfrog/terraform-provider-project/actions)

go.mod

@@ -3,6 +3,8 @@ module github.com/jfrog/terraform-provider-project
 // if you need to do local dev, literally just uncomment the line below
 // replace github.com/jfrog/terraform-provider-shared => ../terraform-provider-shared
 
+go 1.21.5
+
 require (
 	github.com/go-resty/resty/v2 v2.13.1
 	github.com/hashicorp/terraform-plugin-docs v0.19.4
@@ -90,7 +92,3 @@ require (
 	gopkg.in/yaml.v2 v2.3.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
-
-go 1.21
-
-toolchain go1.21.5

scripts/system.yaml

@@ -0,0 +1,16 @@
+## @formatter:off
+## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE
+## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.
+configVersion: 1
+## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products.
+## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog
+
+## NOTE: Sensitive information such as passwords and join key are encrypted on first read.
+## NOTE: The provided commented key and value is the default.
+
+## SHARED CONFIGURATIONS
+## A shared section for keys across all services in this config
+shared:
+    database:
+        ## To run Artifactory with any database other than PostgreSQL allowNonPostgresql set to true.
+        allowNonPostgresql: true