SolaceProducts · bczoma · Jun 28, 2024 · Mar 19, 2024 · Mar 19, 2024 · Mar 19, 2024
diff --git a/.github/workflows/module-test-pipeline.yml b/.github/workflows/module-test-pipeline.yml
@@ -0,0 +1,124 @@
+name: Provider Test Pipeline
+
+on: push
+
+jobs:
+  test:
+    name: Run Provider setup and tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Terraform latest - with token
+        uses: hashicorp/setup-terraform@v3
+        with:
+          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+          terraform_wrapper: true
+
+      - name: Setup test broker
+        run: |
+          mkdir -p $HOME/solace; chmod 777 $HOME/solace
+          docker run -d -p 8080:8080 -p 55555:55555 --shm-size=1g --env username_admin_globalaccesslevel=admin --env username_admin_password=admin --env system_scaling_maxkafkabridgecount="10" --name=solace \
+            --env system_scaling_maxconnectioncount="1000" --mount type=bind,source=$HOME/solace,destination=/var/lib/solace,ro=false solace/solace-pubsub-standard:latest
+          while ! curl -s localhost:8080 | grep aurelia ; do sleep 1 ; done
+
+      # - name: Setup if private provider is required
+      #   run: |
+      #     export PRIVATE_PROVIDER_VERSION="1.0.0-rc.7"
+      #     if [ -n "$PRIVATE_PROVIDER_VERSION" ]; then
+      #       echo "Using private provider version $PRIVATE_PROVIDER_VERSION"
+      #       grep -rl 'source  = "' . | xargs sed -i 's@source  = ".*$@source  = "app.terraform.io/SolaceDev/solacebroker"@g'
+      #       grep -rl 'version = "' . | xargs sed -i "s@  version = \".*\$@  version = \"${PRIVATE_PROVIDER_VERSION}\"@g"
+      #     fi
+
+      - name: Test module from template on test broker
+        run: |
+          ci/scripts/test-module.sh ci/template-test
+
+      - name: Test module root on test broker
+        run: |
+          ci/scripts/test-module.sh ci/module-test
+
+      - name: Test examples
+        run: |
+          shopt -s extglob
+          for d in examples/!(basic-client-username)/; do (ci/scripts/test-module.sh "$d"); done
+          # ci/scripts/test-module.sh examples/basic-client-username/ -var-file=secret.tfvars
+
+      - name: Discard any changes in checked out code
+        run: |
+          git checkout -- .
+
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.22"
+
+      - name: Checkout generator
+        uses: actions/checkout@v4
+        with:
+          repository: SolaceDev/broker-terraform-code-generator
+          token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
+          path: broker-terraform-code-generator
+          ref: "main"
+
+      - name: Build and install generator
+        run: |
+          pushd broker-terraform-code-generator
+          go install .
+          ls ~/go/bin
+          popd
+
+      - name: Generate provider code
+        run: |
+          SWAGGER_SPEC_NAME=`ls ci/swagger_spec`
+          echo "Generating code using spec $SWAGGER_SPEC_NAME"
+          rm ./*.tf
+          SEMP_V2_SWAGGER_CONFIG_EXTENDED_JSON="ci/swagger_spec/$SWAGGER_SPEC_NAME" MODULE_TEMPLATE_FOLDER="internal/gen-template" ~/go/bin/broker-terraform-code-generator software-module
+
+      - name: Add copyright headers where needed
+        run: |
+          go install github.com/google/addlicense@latest
+          addlicense -c 'Solace Corporation. All rights reserved.' -v -l apache ./*.tf
+          addlicense -c 'Solace Corporation. All rights reserved.' -v -l apache $(find ./examples -name "*.tf" -type f -print0 | xargs -0)
+
+      - name: Ensure version reflects release candidate version
+        run: |
+          # only if ${GITHUB_REF_NAME} starts with 'v' or 'dev' and followed by a semver
+          if [[ $GITHUB_REF_NAME =~ ^(v|dev)[0-9]+\.[0-9]+\.[0-9]+.*$ ]]; then
+            VERSION=$(echo "${GITHUB_REF_NAME}" | cut -d'v' -f2)
+            echo $VERSION > VERSION
+          fi
+
+      - name: Check changed files
+        uses: tj-actions/verify-changed-files@v17
+        id: check-changed-files
+        with:
+          files: |
+            !broker-terraform-code-generator
+
+      - name: Run step only when any of the above files change.
+        if: steps.check-changed-files.outputs.files_changed == 'true'
+        run: |
+          echo "Changed files: ${{ steps.check-changed-files.outputs.changed_files }}"
+
+      - name: Commit back any updated source code
+        if: steps.check-changed-files.outputs.files_changed == 'true'
+        uses: EndBug/add-and-commit@v9
+        with:
+          committer_name: GitHub Actions
+          committer_email: [email protected]
+          message: 'Updating generated source'
+          add: ". ':!broker-terraform-code-generator'"
+          new_branch: GeneratedSourceUpdates-${{ github.ref_name }}
+
+      - name: Create pull request
+        if: steps.check-changed-files.outputs.files_changed == 'true'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          CURRENT_BRANCH=${GITHUB_REF_NAME}
+          gh pr create -B ${CURRENT_BRANCH} -H "GeneratedSourceUpdates-${CURRENT_BRANCH}" --title "Merge updates into ${CURRENT_BRANCH}" --body 'Created by Github action'
+          echo Review and approve PR before push can continue
+          exit 1 // force actions stop here
diff --git a/.github/workflows/prep-internal-release.yml b/.github/workflows/prep-internal-release.yml
@@ -0,0 +1,122 @@
+# Launched manually
+on:
+  workflow_dispatch:
+    inputs:
+      prev_branch_name:
+        description: 'Prev branch name, must start with v'
+        required: true
+        default: 'v0.1.0-rc.1'
+      release_branch_name:
+        description: 'Release branch name, must start with v'
+        required: true
+        default: 'v0.1.0-rc.2'
+
+
+jobs:
+  build:
+    name: Prep release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.22"
+
+      - name: Checkout the code
+        uses: actions/checkout@v2
+
+      - name: Check release version and set next version
+        run: |
+          if ! echo "${{ github.event.inputs.release_branch_name }}" | grep ^v ; then
+            echo "Incorrect release branch name ${{ github.event.inputs.release_branch_name }}, must start with 'v'" ; exit 1
+          fi
+          if echo "${{ github.ref_name }}" | grep ^dev ; then
+            # set next dev version GH env, otherwise set it empty
+            echo "NEXT_DEV_VERSION=$(echo ${{ github.ref_name }} | awk -F. -v OFS=. '{$NF += 1 ; print}')" >> $GITHUB_ENV
+          fi
+
+      - name: Code format, dependencies, checks
+        run: |
+          find . -type d -print0 | xargs -0 -n1 terraform fmt
+
+      - name: Setup test broker
+        run: |
+          mkdir -p $HOME/solace; chmod 777 $HOME/solace
+          docker run -d -p 8080:8080 -p 55555:55555 --shm-size=1g --env username_admin_globalaccesslevel=admin --env username_admin_password=admin --env system_scaling_maxkafkabridgecount="10" --name=solace \
+            --env system_scaling_maxconnectioncount="1000" --mount type=bind,source=$HOME/solace,destination=/var/lib/solace,ro=false solace/solace-pubsub-standard:latest
+          while ! curl -s localhost:8080 | grep aurelia ; do sleep 1 ; done
+
+      # - name: Check code builds and pass acceptance test
+      #   run: |
+      #     ci/scripts/test-module.sh ci/module-test
+      #     shopt -s extglob
+      #     for d in examples/!(basic-client-username)/; do (ci/scripts/test-module.sh "$d"); done
+
+      - name: Ensure version reflects release candidate version
+        run: |
+          VERSION=$(echo "${{ github.event.inputs.release_branch_name }}" | cut -d'v' -f2)
+          echo $VERSION > VERSION
+
+      - name: Add copyright headers where needed
+        run: |
+          go install github.com/google/addlicense@latest
+          addlicense -c 'Solace Corporation. All rights reserved.' -v -l apache ./*.tf
+          addlicense -c 'Solace Corporation. All rights reserved.' -v -l apache $(find ./examples -name "*.tf" -type f -print0 | xargs -0)
+
+      - name: Check changed files
+        uses: tj-actions/verify-changed-files@v17
+        id: check-changed-files
+
+      - name: Run step only when any of the files change
+        if: steps.check-changed-files.outputs.files_changed == 'true'
+        run: |
+          echo "Changed files: ${{ steps.check-changed-files.outputs.changed_files }}"
+
+      - name: Commit back updates when any of the files change
+        if: steps.check-changed-files.outputs.files_changed == 'true'
+        uses: EndBug/add-and-commit@v9
+        with:
+          committer_name: GitHub Actions
+          committer_email: [email protected]
+          message: 'Updating release candidate [skip ci]'
+          new_branch: GeneratedSourceUpdates-${{ github.ref_name }}
+
+      - name: Create pull request if needed, then break here because manual approval of the changes is required
+        if: steps.check-changed-files.outputs.files_changed == 'true'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          CURRENT_BRANCH=${GITHUB_REF_NAME}
+          gh pr create -B ${CURRENT_BRANCH} -H "GeneratedSourceUpdates-${CURRENT_BRANCH}" --title "Merge generated source updates into release candidate ${CURRENT_BRANCH}" --body 'Created by Github action'
+          echo Review and approve PR before release can continue
+          exit 1 // force actions stop here
+
+      - name: Create release branch starting point
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          git fetch
+          git push origin refs/remotes/origin/${{ github.event.inputs.prev_branch_name }}:refs/heads/${{ github.event.inputs.release_branch_name }}
+
+      - name: Create PR to release branch
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          CURRENT_BRANCH=${GITHUB_REF_NAME}
+          gh pr create -B ${{ github.event.inputs.release_branch_name }} --title "New release ${{ github.event.inputs.release_branch_name }}" --body 'Created by Github action'
+
+      # - name: Create PR to release branch
+      #   uses: peterjgrainger/[email protected]
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     branch: "${{ github.event.inputs.release_branch_name }}"
+
+      # - name: Tag the release branch
+      #   if: env.NEXT_DEV_VERSION != ''
+      #   uses: peterjgrainger/[email protected]
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     branch: ${{ env.NEXT_DEV_VERSION }}
+
diff --git a/.github/workflows/verify-registry-release.yml b/.github/workflows/verify-registry-release.yml
@@ -0,0 +1,59 @@
+# Launched manually to test new release from registry
+on:
+  workflow_dispatch:
+    inputs:
+      release_version:
+        description: 'The version of the release in the Terraform registry (expecting semver format)'
+        required: true
+        default: '0.1.0-rc.1'
+      public_release:
+        type: boolean
+        description: 'Check if this is a public release (from registry.terraform.io). Private release is from app.terraform.io'
+        required: true
+        default: false
+
+jobs:
+  build:
+    name: Verify registry release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.22"
+
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Setup test broker
+        run: |
+          mkdir -p $HOME/solace; chmod 777 $HOME/solace
+          docker run -d -p 8080:8080 -p 55555:55555 --shm-size=1g --env username_admin_globalaccesslevel=admin --env username_admin_password=admin --env system_scaling_maxkafkabridgecount="10" --name=solace \
+            --mount type=bind,source=$HOME/solace,destination=/var/lib/solace,ro=false solace/solace-pubsub-standard:latest
+          while ! curl -s localhost:8080 | grep aurelia ; do sleep 1 ; done
+
+      - name: Set up Terraform latest - public
+        if: ${{ github.event.inputs.public_release != 'false' }}
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_wrapper: true
+
+      - name: Set up Terraform latest - private, with token
+        if: ${{ github.event.inputs.public_release == 'false' }}
+        uses: hashicorp/setup-terraform@v3
+        with:
+          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+          terraform_wrapper: true
+
+      - name: Setup token and patch module with release information
+        run: |
+          MODULENAME=service
+          if [ "${{ github.event.inputs.public_release }}" == "false" ] ; then
+            echo Internal release
+            MODULE_REF="app.terraform.io/SolaceDev/$MODULENAME/solacebroker"
+          else
+            echo Public release
+            MODULE_REF="SolaceProducts/$MODULENAME/solacebroker"
+          fi
+          ci/scripts/test-module.sh ci/module-test/ "" $MODULE_REF "${{ github.event.inputs.release_version }}"
+
diff --git a/.gitignore b/.gitignore
@@ -4,18 +4,12 @@
 # .tfstate files
 *.tfstate
 *.tfstate.*
+*.lock.hcl
 
 # Crash log files
 crash.log
 crash.*.log
 
-# Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
-# to change depending on the environment.
-*.tfvars
-*.tfvars.json
-
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf