diff --git a/.github/workflows/test-run-enos-scenario-matrix.yml b/.github/workflows/test-run-enos-scenario-matrix.yml index babd4b98c9..d0fb41dcde 100644 --- a/.github/workflows/test-run-enos-scenario-matrix.yml +++ b/.github/workflows/test-run-enos-scenario-matrix.yml @@ -184,7 +184,6 @@ jobs: echo 'ENOS_VAR_aws_ssh_private_key_path=./support/private_key.pem' echo 'ENOS_VAR_consul_license_path=./support/consul.hclic' echo 'ENOS_VAR_distro_version_amzn=${{ matrix.attributes.distro_version_amzn }}' - echo 'ENOS_VAR_distro_version_leap=${{ matrix.attributes.distro_version_leap }}' echo 'ENOS_VAR_distro_version_rhel=${{ matrix.attributes.distro_version_rhel }}' echo 'ENOS_VAR_distro_version_sles=${{ matrix.attributes.distro_version_sles }}' echo 'ENOS_VAR_distro_version_ubuntu=${{ matrix.attributes.distro_version_ubuntu }}' diff --git a/enos/enos-dev-scenario-pr-replication.hcl b/enos/enos-dev-scenario-pr-replication.hcl index dcc7b5faf1..d4a49b2b2d 100644 --- a/enos/enos-dev-scenario-pr-replication.hcl +++ b/enos/enos-dev-scenario-pr-replication.hcl @@ -20,7 +20,7 @@ scenario "dev_pr_replication" { matrix { arch = ["amd64", "arm64"] artifact = ["local", "deb", "rpm", "zip"] - distro = ["amzn", "leap", "rhel", "sles", "ubuntu"] + distro = ["amzn", "rhel", "sles", "ubuntu"] edition = ["ent", "ent.fips1403", "ent.hsm", "ent.hsm.fips1403"] primary_backend = ["consul", "raft"] primary_seal = ["awskms", "pkcs11", "shamir"] @@ -44,7 +44,7 @@ scenario "dev_pr_replication" { exclude { artifact = ["deb", "rpm"] - distro = ["sles", "leap"] + distro = ["sles"] } exclude { @@ -78,7 +78,6 @@ scenario "dev_pr_replication" { // specified in enos-providers.hcl), and we need to be able to access both of those here. enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu diff --git a/enos/enos-dev-scenario-single-cluster.hcl b/enos/enos-dev-scenario-single-cluster.hcl index 13cb06a507..b1fe648f88 100644 --- a/enos/enos-dev-scenario-single-cluster.hcl +++ b/enos/enos-dev-scenario-single-cluster.hcl @@ -20,7 +20,7 @@ scenario "dev_single_cluster" { arch = ["amd64", "arm64"] artifact = ["local", "deb", "rpm", "zip"] backend = ["consul", "raft"] - distro = ["amzn", "leap", "rhel", "sles", "ubuntu"] + distro = ["amzn", "rhel", "sles", "ubuntu"] edition = ["ce", "ent", "ent.fips1403", "ent.hsm", "ent.hsm.fips1403"] seal = ["awskms", "pkcs11", "shamir"] @@ -41,7 +41,7 @@ scenario "dev_single_cluster" { exclude { artifact = ["deb", "rpm"] - distro = ["sles", "leap"] + distro = ["sles"] } exclude { @@ -72,7 +72,6 @@ scenario "dev_single_cluster" { // specified in enos-providers.hcl), and we need to be able to access both of those here. enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu diff --git a/enos/enos-dynamic-config.hcl b/enos/enos-dynamic-config.hcl index e3cb16fd23..6c82d2106f 100644 --- a/enos/enos-dynamic-config.hcl +++ b/enos/enos-dynamic-config.hcl @@ -11,10 +11,9 @@ globals { sample_attributes = { aws_region = ["us-east-1", "us-west-2"] distro_version_amzn = ["2023"] - distro_version_leap = ["15.6"] - distro_version_rhel = ["8.10", "9.6"] - distro_version_sles = ["15.6"] + distro_version_rhel = ["8.10", "9.7", "10.1"] + distro_version_sles = ["15.7", "16.0"] distro_version_ubuntu = ["22.04", "24.04"] - upgrade_initial_version = ["1.18.0", "1.18.1", "1.18.2", "1.18.3", "1.18.4", "1.18.5", "1.18.6", "1.18.7", "1.18.8", "1.18.9", "1.18.10", "1.18.11", "1.18.12", "1.18.13", "1.19.0", "1.19.1", "1.19.2", "1.19.3", "1.19.4", "1.19.5", "1.19.6", "1.19.7", "1.19.8", "1.20.0", "1.20.1", "1.20.2"] + upgrade_initial_version = ["1.19.0", "1.19.1", "1.19.2", "1.19.3", "1.19.4", "1.19.5", "1.19.6", "1.19.7", "1.19.8", "1.19.9", "1.19.10", "1.19.11", "1.19.12", "1.20.0", "1.20.1", "1.20.2", "1.20.3", "1.20.4", "1.20.5", "1.20.6", "1.21.0", "1.21.1"] } } diff --git a/enos/enos-globals.hcl b/enos/enos-globals.hcl index bfef9ba9ca..9940b15c16 100644 --- a/enos/enos-globals.hcl +++ b/enos/enos-globals.hcl @@ -18,26 +18,27 @@ globals { config_modes = ["env", "file"] consul_editions = ["ce", "ent"] consul_versions = ["1.18.2", "1.19.2", "1.20.6", "1.21.1"] - distros = ["amzn", "leap", "rhel", "sles", "ubuntu"] + distros = ["amzn", "rhel", "sles", "ubuntu"] // Different distros may require different packages, or use different aliases for the same package distro_packages = { + // NOTE: These versions must always match the output of enos_host_info.target_distro. They are + // also used in various modules `artifact`, `ec2_info`, and `softhsm_install`. If you are adding + // or modifying keys you probably have to update those modules. amzn = { "2" = ["nc", "openldap-clients"] "2023" = ["nc", "openldap-clients"] } - leap = { - "15.6" = ["netcat", "openssl", "openldap2-client"] - } rhel = { "8.10" = ["nc", "openldap-clients"] - "9.6" = ["nc", "openldap-clients"] - "10.0" = ["nc", "openldap-clients"] + "9.7" = ["nc", "openldap-clients"] + "10.1" = ["nc", "openldap-clients"] } sles = { // When installing Vault RPM packages on a SLES AMI, the openssl package provided // isn't named "openssl, which rpm doesn't know how to handle. Therefore we add the // "correctly" named one in our package installation before installing Vault. - "15.6" = ["netcat-openbsd", "openssl", "openldap2-client"] + "15.7" = ["netcat-openbsd", "openssl", "openldap2-client"] + "16.0" = ["netcat-openbsd", "openssl", "openldap2-client"] } ubuntu = { "22.04" = ["netcat", "ldap-utils"] @@ -46,7 +47,6 @@ globals { } distro_version = { amzn = var.distro_version_amzn - leap = var.distro_version_leap rhel = var.distro_version_rhel sles = var.distro_version_sles ubuntu = var.distro_version_ubuntu @@ -56,7 +56,6 @@ globals { ip_versions = ["4", "6"] package_manager = { "amzn" = "yum" - "leap" = "zypper" "rhel" = "yum" "sles" = "zypper" "ubuntu" = "apt" diff --git a/enos/enos-samples-ce-build.hcl b/enos/enos-samples-ce-build.hcl index cf8547dfba..d603bc1d67 100644 --- a/enos/enos-samples-ce-build.hcl +++ b/enos/enos-samples-ce-build.hcl @@ -141,7 +141,7 @@ sample "build_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["crt"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } @@ -151,7 +151,7 @@ sample "build_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["crt"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } @@ -161,7 +161,7 @@ sample "build_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["crt"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } @@ -171,7 +171,7 @@ sample "build_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["crt"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] exclude { diff --git a/enos/enos-samples-ce-release.hcl b/enos/enos-samples-ce-release.hcl index 00306ddd22..d0e111b5e2 100644 --- a/enos/enos-samples-ce-release.hcl +++ b/enos/enos-samples-ce-release.hcl @@ -141,7 +141,7 @@ sample "release_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["artifactory"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } @@ -151,7 +151,7 @@ sample "release_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["artifactory"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } @@ -161,7 +161,7 @@ sample "release_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["artifactory"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } @@ -171,7 +171,7 @@ sample "release_ce_linux_amd64_rpm" { arch = ["amd64"] artifact_source = ["artifactory"] artifact_type = ["package"] - distro = ["amzn", "leap", "rhel", "sles"] + distro = ["amzn", "rhel", "sles"] edition = ["ce"] } } diff --git a/enos/enos-scenario-agent.hcl b/enos/enos-scenario-agent.hcl index edafa58ca2..d8dcfcd219 100644 --- a/enos/enos-scenario-agent.hcl +++ b/enos/enos-scenario-agent.hcl @@ -63,10 +63,10 @@ scenario "agent" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -88,7 +88,6 @@ scenario "agent" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -182,6 +181,7 @@ scenario "agent" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-autopilot.hcl b/enos/enos-scenario-autopilot.hcl index 95a4919160..c6fe07e264 100644 --- a/enos/enos-scenario-autopilot.hcl +++ b/enos/enos-scenario-autopilot.hcl @@ -71,10 +71,10 @@ scenario "autopilot" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -96,7 +96,6 @@ scenario "autopilot" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -179,6 +178,7 @@ scenario "autopilot" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-benchmark.hcl b/enos/enos-scenario-benchmark.hcl index 40a45eebd3..0561ab5877 100644 --- a/enos/enos-scenario-benchmark.hcl +++ b/enos/enos-scenario-benchmark.hcl @@ -90,10 +90,10 @@ scenario "benchmark" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -115,7 +115,6 @@ scenario "benchmark" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu diff --git a/enos/enos-scenario-dr-replication.hcl b/enos/enos-scenario-dr-replication.hcl index a38ebd2b27..5f4b5dc380 100644 --- a/enos/enos-scenario-dr-replication.hcl +++ b/enos/enos-scenario-dr-replication.hcl @@ -75,15 +75,15 @@ scenario "dr_replication" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { primary_seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } exclude { secondary_seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -110,7 +110,6 @@ scenario "dr_replication" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -222,6 +221,7 @@ scenario "dr_replication" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-pr-replication.hcl b/enos/enos-scenario-pr-replication.hcl index f091fc9e51..d95dc1af98 100644 --- a/enos/enos-scenario-pr-replication.hcl +++ b/enos/enos-scenario-pr-replication.hcl @@ -75,15 +75,15 @@ scenario "pr_replication" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { primary_seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } exclude { secondary_seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -110,7 +110,6 @@ scenario "pr_replication" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -222,6 +221,7 @@ scenario "pr_replication" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-proxy.hcl b/enos/enos-scenario-proxy.hcl index 035fa0b75b..c973ebcf5f 100644 --- a/enos/enos-scenario-proxy.hcl +++ b/enos/enos-scenario-proxy.hcl @@ -63,10 +63,10 @@ scenario "proxy" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -88,7 +88,6 @@ scenario "proxy" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -189,6 +188,7 @@ scenario "proxy" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-seal-ha.hcl b/enos/enos-scenario-seal-ha.hcl index 6962165fb5..e0fe63713d 100644 --- a/enos/enos-scenario-seal-ha.hcl +++ b/enos/enos-scenario-seal-ha.hcl @@ -73,15 +73,15 @@ scenario "seal_ha" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { primary_seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } exclude { secondary_seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -103,7 +103,6 @@ scenario "seal_ha" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -221,6 +220,7 @@ scenario "seal_ha" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-smoke.hcl b/enos/enos-scenario-smoke.hcl index 42264025fe..c6ffff5226 100644 --- a/enos/enos-scenario-smoke.hcl +++ b/enos/enos-scenario-smoke.hcl @@ -62,10 +62,10 @@ scenario "smoke" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -87,7 +87,6 @@ scenario "smoke" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -179,6 +178,7 @@ scenario "smoke" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-scenario-upgrade.hcl b/enos/enos-scenario-upgrade.hcl index ae23058fb1..ac69be03c5 100644 --- a/enos/enos-scenario-upgrade.hcl +++ b/enos/enos-scenario-upgrade.hcl @@ -72,10 +72,10 @@ scenario "upgrade" { edition = [for e in matrix.edition : e if !strcontains(e, "hsm")] } - // softhsm packages not available for leap/sles. + // softhsm packages not available for sles (at the time of development) exclude { seal = ["pkcs11"] - distro = ["leap", "sles"] + distro = ["sles"] } // Testing in IPV6 mode is currently implemented for integrated Raft storage only @@ -97,7 +97,6 @@ scenario "upgrade" { artifact_path = matrix.artifact_source != "artifactory" ? abspath(var.vault_artifact_path) : null enos_provider = { amzn = provider.enos.ec2_user - leap = provider.enos.ec2_user rhel = provider.enos.ec2_user sles = provider.enos.ec2_user ubuntu = provider.enos.ubuntu @@ -191,6 +190,7 @@ scenario "upgrade" { ami_id = step.ec2_info.ami_ids["arm64"]["ubuntu"]["24.04"] cluster_tag_key = global.vault_tag_key common_tags = global.tags + instance_count = 1 vpc_id = step.create_vpc.id } } diff --git a/enos/enos-variables.hcl b/enos/enos-variables.hcl index 2e7fcec507..ba899a1f4f 100644 --- a/enos/enos-variables.hcl +++ b/enos/enos-variables.hcl @@ -68,26 +68,20 @@ variable "distro_version_amzn" { default = "2023" // or "2", though pkcs11 has not been tested with 2 } -variable "distro_version_leap" { - description = "The version of openSUSE leap to use" - type = string - default = "15.6" -} - variable "distro_version_rhel" { - description = "The version of RHEL to use" + description = "The version of RedHat Enterprise Linux to use" type = string - default = "10.0" // or "8.10", "9.6" + default = "10.1" // or "8.10", "9.7" } variable "distro_version_sles" { - description = "The version of SUSE SLES to use" + description = "The version of SUSE Enterprise Linux to use" type = string - default = "15.6" + default = "16.0" // or "15.7" } variable "distro_version_ubuntu" { - description = "The version of ubuntu to use" + description = "The version of Ubuntu Linux to use" type = string default = "24.04" // or "22.04" } diff --git a/enos/enos.vars.hcl b/enos/enos.vars.hcl index 6ab7b8452e..b57d6c54db 100644 --- a/enos/enos.vars.hcl +++ b/enos/enos.vars.hcl @@ -34,17 +34,14 @@ // resources. // project_name = "vault-enos-integration" -// distro_version_amzn is the version of Amazon Linux 2 to use for "distro:amzn" variants -// distro_version_amzn = "2" - -// distro_version_leap is the version of openSUSE Leap to use for "distro:leap" variants -// distro_version_leap = "15.5" +// distro_version_amzn is the version of Amazon Linux to use for "distro:amzn" variants +// distro_version_amzn = "2023" // distro_version_rhel is the version of RHEL to use for "distro:rhel" variants. -// distro_version_rhel = "9.3" // or "8.9" +// distro_version_rhel = "10.1" // or "8.10" or "9.7" // distro_version_sles is the version of SUSE SLES to use for "distro:sles" variants. -// distro_version_sles = "v15_sp5_standard" +// distro_version_sles = "16.0" // or "15.7" // distro_version_ubuntu is the version of ubuntu to use for "distro:ubuntu" variants // distro_version_ubuntu = "22.04" // or "24.04" diff --git a/enos/modules/artifact/metadata/main.tf b/enos/modules/artifact/metadata/main.tf index 7ca4870f8d..6c6d3a1acb 100644 --- a/enos/modules/artifact/metadata/main.tf +++ b/enos/modules/artifact/metadata/main.tf @@ -21,9 +21,9 @@ variable "distro" { type = string validation { - condition = contains(["amzn", "leap", "rhel", "sles", "ubuntu"], var.distro) + condition = contains(["amzn", "rhel", "sles", "ubuntu"], var.distro) error_message = <<-EOF - distro must be one of "amzn", "leap", "rhel", "sles", "ubuntu" + distro must be one of "amzn", "rhel", "sles", "ubuntu" EOF } } @@ -69,21 +69,18 @@ locals { package_extensions = { amd64 = { amzn = local.package_extension_amd64_rpm - leap = local.package_extension_amd64_rpm rhel = local.package_extension_amd64_rpm sles = local.package_extension_amd64_rpm ubuntu = local.package_extension_amd64_deb } arm64 = { amzn = local.package_extension_arm64_rpm - leap = local.package_extension_arm64_rpm rhel = local.package_extension_arm64_rpm sles = local.package_extension_arm64_rpm ubuntu = local.package_extension_arm64_deb } s390x = { amzn = null - leap = local.package_extension_s390x_rpm rhel = local.package_extension_s390x_rpm sles = local.package_extension_s390x_rpm ubuntu = local.package_extension_s390x_deb @@ -115,7 +112,6 @@ locals { // file name prefixes for the install packages of vault for the various distributions and artifact types (package or bundle) package_prefixes = { amzn = local.package_prefixes_rpm, - leap = local.package_prefixes_rpm, rhel = local.package_prefixes_rpm, sles = local.package_prefixes_rpm, ubuntu = local.package_prefixes_deb, @@ -126,7 +122,6 @@ locals { release_repo_apt = "hashicorp-apt-release-local*" release_repos = { amzn = local.release_repo_rpm - leap = local.release_repo_rpm rhel = local.release_repo_rpm sles = local.release_repo_rpm ubuntu = local.release_repo_apt @@ -142,21 +137,22 @@ locals { release_path_deb = "pool/${var.arch}/main" release_sub_path_rpm = "${local.release_package_rpm_arch[var.arch]}/stable" release_path_distro = { + // NOTE: The versions here always correspond to the output of enos_host_info.distro_version. These are used in + // several modules so if you change the keys here also consider the "artifact/metadata", "ec2_info", + // "install_packages" and "softhsm_install" modules. amzn = { "2" = "AmazonLinux/2/${local.release_sub_path_rpm}" "2023" = "AmazonLinux/latest/${local.release_sub_path_rpm}" "latest" = "AmazonLinux/latest/${local.release_sub_path_rpm}" } - leap = { - "15.6" = "RHEL/9/${local.release_sub_path_rpm}" - } rhel = { "8.10" = "RHEL/8/${local.release_sub_path_rpm}" - "9.6" = "RHEL/9/${local.release_sub_path_rpm}" - "10.0" = "RHEL/10/${local.release_sub_path_rpm}" + "9.7" = "RHEL/9/${local.release_sub_path_rpm}" + "10.1" = "RHEL/10/${local.release_sub_path_rpm}" } sles = { - "15.6" = "RHEL/9/${local.release_sub_path_rpm}" + "15.7" = "RHEL/9/${local.release_sub_path_rpm}" + "16.0" = "RHEL/10/${local.release_sub_path_rpm}" } ubuntu = { "22.04" = local.release_path_deb, diff --git a/enos/modules/disable_selinux/scripts/make-selinux-permissive.sh b/enos/modules/disable_selinux/scripts/make-selinux-permissive.sh index 689a3ab045..0bc0f607b1 100644 --- a/enos/modules/disable_selinux/scripts/make-selinux-permissive.sh +++ b/enos/modules/disable_selinux/scripts/make-selinux-permissive.sh @@ -9,7 +9,7 @@ fail() { exit 1 } -if ! type getenforce &> /dev/null; then +if ! sudo bash -c 'type getenforce'; then exit 0 fi diff --git a/enos/modules/ec2_info/main.tf b/enos/modules/ec2_info/main.tf index f3c9d1a16d..f66425c142 100644 --- a/enos/modules/ec2_info/main.tf +++ b/enos/modules/ec2_info/main.tf @@ -1,37 +1,28 @@ # Copyright IBM Corp. 2016, 2025 # SPDX-License-Identifier: BUSL-1.1 -# Note: in order to use the openSUSE Leap AMIs, the AWS account in use must "subscribe" -# and accept SUSE's terms of use. You can do this at the links below. If the AWS account -# you are using is already subscribed, this confirmation will be displayed on each page. -# openSUSE Leap arm64 subscription: https://aws.amazon.com/marketplace/server/procurement?productId=a516e959-df54-4035-bb1a-63599b7a6df9 -# openSUSE Leap amd64 subscription: https://aws.amazon.com/marketplace/server/procurement?productId=5535c495-72d4-4355-b169-54ffa874f849 - locals { architectures = toset(["arm64", "x86_64"]) amazon_owner_id = "591542846629" canonical_owner_id = "099720109477" suse_owner_id = "013907871322" - opensuse_owner_id = "679593333241" redhat_owner_id = "309956199498" ids = { - // NOTE: If you modify these versions you'll probably also need to update the `softhsm_install` - // module to match. + // NOTE: The versions here always correspond to the output of enos_host_info.distro_version. These are used in + // several modules so if you change the keys here also consider the "artifact/metadata", "ec2_info", "arm64" = { "amzn" = { "2" = data.aws_ami.amzn_2["arm64"].id "2023" = data.aws_ami.amzn_2023["arm64"].id } - "leap" = { - "15.6" = data.aws_ami.leap_15["arm64"].id - } "rhel" = { "8.10" = data.aws_ami.rhel_8["arm64"].id - "9.6" = data.aws_ami.rhel_9["arm64"].id - "10.0" = data.aws_ami.rhel_10["arm64"].id + "9.7" = data.aws_ami.rhel_9["arm64"].id + "10.1" = data.aws_ami.rhel_10["arm64"].id } "sles" = { - "15.6" = data.aws_ami.sles_15["arm64"].id + "15.7" = data.aws_ami.sles_15["arm64"].id + "16.0" = data.aws_ami.sles_16["arm64"].id } "ubuntu" = { "22.04" = data.aws_ami.ubuntu_2204["arm64"].id @@ -43,16 +34,14 @@ locals { "2" = data.aws_ami.amzn_2["x86_64"].id "2023" = data.aws_ami.amzn_2023["x86_64"].id } - "leap" = { - "15.6" = data.aws_ami.leap_15["x86_64"].id - } "rhel" = { "8.10" = data.aws_ami.rhel_8["x86_64"].id - "9.6" = data.aws_ami.rhel_9["x86_64"].id - "10.0" = data.aws_ami.rhel_10["x86_64"].id + "9.7" = data.aws_ami.rhel_9["x86_64"].id + "10.1" = data.aws_ami.rhel_10["x86_64"].id } "sles" = { - "15.6" = data.aws_ami.sles_15["x86_64"].id + "15.7" = data.aws_ami.sles_15["x86_64"].id + "16.0" = data.aws_ami.sles_16["x86_64"].id } "ubuntu" = { "22.04" = data.aws_ami.ubuntu_2204["x86_64"].id @@ -96,30 +85,13 @@ data "aws_ami" "amzn_2023" { owners = [local.amazon_owner_id] } -data "aws_ami" "leap_15" { - most_recent = true - for_each = local.architectures - - filter { - name = "name" - values = ["openSUSE-Leap-15-6*"] - } - - filter { - name = "architecture" - values = [each.value] - } - - owners = [local.opensuse_owner_id] -} - data "aws_ami" "rhel_8" { most_recent = true for_each = local.architectures filter { name = "name" - values = ["RHEL-8.10*HVM-20*"] + values = ["RHEL-8.10*HVM_GA-20*"] } filter { @@ -141,7 +113,7 @@ data "aws_ami" "rhel_9" { filter { name = "name" - values = ["RHEL-9.6*HVM-20*"] + values = ["RHEL-9.7*HVM_GA-20*"] } filter { @@ -163,7 +135,7 @@ data "aws_ami" "rhel_10" { filter { name = "name" - values = ["RHEL-10.0*HVM-20*"] + values = ["RHEL-10.1*HVM_GA-20*"] } filter { @@ -185,7 +157,24 @@ data "aws_ami" "sles_15" { filter { name = "name" - values = ["suse-sles-15-sp6-v*-hvm-*"] + values = ["suse-sles-15-sp7-v*-hvm-*"] + } + + filter { + name = "architecture" + values = [each.value] + } + + owners = [local.suse_owner_id] +} + +data "aws_ami" "sles_16" { + most_recent = true + for_each = local.architectures + + filter { + name = "name" + values = ["suse-sles-16-0-v*-hvm-ssd-*"] } filter { diff --git a/enos/modules/install_packages/main.tf b/enos/modules/install_packages/main.tf index 9fb59f1a10..ba7b514ce5 100644 --- a/enos/modules/install_packages/main.tf +++ b/enos/modules/install_packages/main.tf @@ -15,20 +15,22 @@ locals { "arm64" = "aarch64" } package_manager = { - "amzn" = "yum" - "opensuse-leap" = "zypper" - "rhel" = "dnf" - "sles" = "zypper" - "ubuntu" = "apt" + "amzn" = "yum" + "rhel" = "dnf" + "sles" = "zypper" + "ubuntu" = "apt" } distro_repos = { + // NOTE: The versions here always correspond to the output of enos_host_info.distro_version. These are used in + // several modules so if you change the keys here also consider the "artifact/metadata", "ec2_info", "sles" = { - "15.6" = "https://download.opensuse.org/repositories/network:utilities/SLE_15_SP6/network:utilities.repo" + "15.7" = "https://download.opensuse.org/repositories/network:utilities/15.6/network:utilities.repo" + "16.0" = "https://download.opensuse.org/repositories/network:utilities/16.0/network:utilities.repo" } "rhel" = { "8.10" = "https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm" - "9.6" = "https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm" - "10.0" = "https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm" + "9.7" = "https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm" + "10.1" = "https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm" } } } diff --git a/enos/modules/softhsm_install/main.tf b/enos/modules/softhsm_install/main.tf index 6ce353d9cc..80278d1ac0 100644 --- a/enos/modules/softhsm_install/main.tf +++ b/enos/modules/softhsm_install/main.tf @@ -38,14 +38,15 @@ variable "timeout" { locals { packages = var.include_tools ? { - // These packages match the distros that are currently defined in the `ec2_info` module. + // NOTE: The versions here always correspond to the output of enos_host_info.distro_version. These are used in + // several modules so if you change the keys here also consider the "artifact/metadata", "ec2_info", amzn = { "2023" = ["softhsm", "opensc"] } rhel = { "8.10" = ["softhsm", "opensc"] - "9.6" = ["softhsm", "opensc"] - "10.0" = ["softhsm", "opensc"] + "9.7" = ["softhsm", "opensc"] + "10.1" = ["softhsm", "opensc"] } ubuntu = { "22.04" = ["softhsm", "opensc"] @@ -57,8 +58,8 @@ locals { } rhel = { "8.10" = ["softhsm"] - "9.6" = ["softhsm"] - "10.0" = ["softhsm"] + "9.7" = ["softhsm"] + "10.1" = ["softhsm"] } ubuntu = { "22.04" = ["softhsm"] diff --git a/enos/modules/vault_cluster/main.tf b/enos/modules/vault_cluster/main.tf index 7dc349499b..e84683955d 100644 --- a/enos/modules/vault_cluster/main.tf +++ b/enos/modules/vault_cluster/main.tf @@ -39,11 +39,10 @@ locals { } leader = toset(slice(local.instances, 0, 1)) netcat_command = { - amzn = "nc" - opensuse-leap = "netcat" - rhel = "nc" - sles = "nc" - ubuntu = "netcat" + amzn = "nc" + rhel = "nc" + sles = "nc" + ubuntu = "netcat" } recovery_shares = { "awskms" = 5 diff --git a/tools/pipeline/internal/pkg/generate/enos_dynamic_config.go b/tools/pipeline/internal/pkg/generate/enos_dynamic_config.go index 44ae97cf3c..1517b78b88 100644 --- a/tools/pipeline/internal/pkg/generate/enos_dynamic_config.go +++ b/tools/pipeline/internal/pkg/generate/enos_dynamic_config.go @@ -45,7 +45,6 @@ type Globals struct { type SampleAttrs struct { AWSRegion []string `json:"aws_region,omitempty" hcl:"aws_region" cty:"aws_region"` DistroVersionAmzn []string `json:"distro_version_amzn,omitempty" hcl:"distro_version_amzn" cty:"distro_version_amzn"` - DistroVersionLeap []string `json:"distro_version_leap,omitempty" hcl:"distro_version_leap" cty:"distro_version_leap"` DistroVersionRhel []string `json:"distro_version_rhel,omitempty" hcl:"distro_version_rhel" cty:"distro_version_rhel"` DistroVersionSles []string `json:"distro_version_sles,omitempty" hcl:"distro_version_sles" cty:"distro_version_sles"` DistroVersionUbuntu []string `json:"distro_version_ubuntu,omitempty" hcl:"distro_version_ubuntu" cty:"distro_version_ubuntu"` @@ -135,9 +134,8 @@ func (e *EnosDynamicConfigReq) getSampleAttrs(ctx context.Context) (*SampleAttrs AWSRegion: []string{"us-east-1", "us-west-2"}, // Current distro defaults DistroVersionAmzn: []string{"2023"}, - DistroVersionLeap: []string{"15.6"}, - DistroVersionRhel: []string{"8.10", "9.6", "10.0"}, - DistroVersionSles: []string{"15.6"}, + DistroVersionRhel: []string{"8.10", "9.7", "10.1"}, + DistroVersionSles: []string{"15.7", "16.0"}, DistroVersionUbuntu: []string{"22.04", "24.04"}, } diff --git a/tools/pipeline/internal/pkg/generate/enos_dynamic_config_test.go b/tools/pipeline/internal/pkg/generate/enos_dynamic_config_test.go index 5f27641d21..ddf523e4d2 100644 --- a/tools/pipeline/internal/pkg/generate/enos_dynamic_config_test.go +++ b/tools/pipeline/internal/pkg/generate/enos_dynamic_config_test.go @@ -229,9 +229,8 @@ func Test_EnosDynamicConfigReq_Run(t *testing.T) { SampleAttributes: &SampleAttrs{ AWSRegion: []string{"us-east-1", "us-west-2"}, DistroVersionAmzn: []string{"2023"}, - DistroVersionLeap: []string{"15.6"}, - DistroVersionRhel: []string{"8.10", "9.6", "10.0"}, - DistroVersionSles: []string{"15.6"}, + DistroVersionRhel: []string{"8.10", "9.7", "10.1"}, + DistroVersionSles: []string{"15.7", "16.0"}, DistroVersionUbuntu: []string{"22.04", "24.04"}, UpgradeInitialVersion: versions, }, @@ -251,9 +250,8 @@ globals { sample_attributes = { aws_region = ["us-east-1", "us-west-2"] distro_version_amzn = ["2023"] - distro_version_leap = ["15.6"] - distro_version_rhel = ["8.10", "9.6", "10.0"] - distro_version_sles = ["15.6"] + distro_version_rhel = ["8.10", "9.7", "10.1"] + distro_version_sles = ["15.7", "16.0"] distro_version_ubuntu = ["22.04", "24.04"] upgrade_initial_version = ["1.16.6", "1.16.7", "1.16.8", "1.16.9", "1.16.10", "1.17.3", "1.17.4", "1.17.6", "1.18.0-rc1"] }