Add ubuntu 18.04 to the tests and examples

examples/vault-consul-image/README.md

@@ -1,20 +1,21 @@
 # Vault and Consul Google Image
 
-This folder shows an example of how to use the [install-vault module](https://github.com/hashicorp/terraform-google-vault/tree/master/modules/install-vault) from this Module and 
+This folder shows an example of how to use the [install-vault module](https://github.com/hashicorp/terraform-google-vault/tree/master/modules/install-vault) from this Module and
 the [install-consul](https://github.com/hashicorp/terraform-google-consul/tree/master/modules/install-consul)
 and [install-dnsmasq](https://github.com/hashicorp/terraform-google-consul/tree/master/modules/install-dnsmasq) modules
 from the Consul GCP Module with [Packer](https://www.packer.io/) to create a [Google Image](
 https://cloud.google.com/compute/docs/images) that has Vault and Consul installed on top of:
- 
+
 1. Ubuntu 16.04
+1. Ubuntu 18.04
 
 You can use this Google Image to deploy a [Vault cluster](https://www.vaultproject.io/) by using the [vault-cluster
-module](https://github.com/hashicorp/terraform-google-vault/tree/master/modules/vault-cluster). This Vault cluster will use Consul as its storage backend, so you can also use the 
-same Google Image to deploy a separate [Consul server cluster](https://www.consul.io/) by using the [consul-cluster 
-module](https://github.com/hashicorp/terraform-google-consul/tree/master/modules/consul-cluster). 
+module](https://github.com/hashicorp/terraform-google-vault/tree/master/modules/vault-cluster). This Vault cluster will use Consul as its storage backend, so you can also use the
+same Google Image to deploy a separate [Consul server cluster](https://www.consul.io/) by using the [consul-cluster
+module](https://github.com/hashicorp/terraform-google-consul/tree/master/modules/consul-cluster).
 
-Check out the [vault-cluster-private](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-private) and 
-[vault-cluster-public](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-public) examples for working sample code. For more info on Vault 
+Check out the [vault-cluster-private](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-private) and
+[vault-cluster-public](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-public) examples for working sample code. For more info on Vault
 installation and configuration, check out the [install-vault](https://github.com/hashicorp/terraform-google-vault/tree/master/modules/install-vault) documentation.
 
 You can also use this example Packer template to build a Cloud Image that includes Enterprise versions of both Vault & Consul. See below for more
@@ -45,17 +46,17 @@ To build the Vault and Consul Google Image:
 
 1. Run `packer build vault-consul.json`.
 
-When the build finishes, it will output the ID of the new Google Image. To see how to deploy this Image, check out the 
-[vault-cluster-private](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-private) and [vault-cluster-public](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-public) 
+When the build finishes, it will output the ID of the new Google Image. To see how to deploy this Image, check out the
+[vault-cluster-private](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-private) and [vault-cluster-public](https://github.com/hashicorp/terraform-google-vault/tree/master/examples/vault-cluster-public)
 examples.
 
 
 
 
 ## Creating your own Packer template for production usage
 
-When creating your own Packer template for production usage, you can copy the example in this folder more or less 
-exactly, except for one change: we recommend replacing the `file` provisioner with a call to `git clone` in the `shell` 
+When creating your own Packer template for production usage, you can copy the example in this folder more or less
+exactly, except for one change: we recommend replacing the `file` provisioner with a call to `git clone` in the `shell`
 provisioner. Instead of:
 
 ```json
@@ -91,8 +92,8 @@ Your code should look more like this:
 
 You should replace `<MODULE_VERSION>` in the code above with the version of this Module that you want to use (see
 the [Releases Page](https://github.com/hashicorp/terraform-google-vault/releases) for all available versions). That's because for production usage, you should always
-use a fixed, known version of this Module, downloaded from the official Git repo. On the other hand, when you're 
-just experimenting with the Module, it's OK to use a local checkout of the Module, uploaded from your own 
+use a fixed, known version of this Module, downloaded from the official Git repo. On the other hand, when you're
+just experimenting with the Module, it's OK to use a local checkout of the Module, uploaded from your own
 computer.
 
 ## Building an Image with the Enterprise versions installed

examples/vault-consul-image/vault-consul.json

@@ -13,12 +13,21 @@
     "tls_private_key_path": null
   },
   "builders": [{
-    "name": "ubuntu-16",
+    "name": "ubuntu16-image",
     "type": "googlecompute",
     "project_id": "{{user `project_id`}}",
     "source_image_family": "ubuntu-1604-lts",
     "zone": "{{user `zone`}}",
-    "image_name": "vault-consul-{{uuid | clean_image_name}}",
+    "image_name": "vault-consul-ubuntu16-{{uuid | clean_image_name}}",
+    "image_family": "vault-consul",
+    "ssh_username": "ubuntu"
+  },{
+    "name": "ubuntu18-image",
+    "type": "googlecompute",
+    "project_id": "{{user `project_id`}}",
+    "source_image_family": "ubuntu-1604-lts",
+    "zone": "{{user `zone`}}",
+    "image_name": "vault-consul-ubuntu18-{{uuid | clean_image_name}}",
     "image_family": "vault-consul",
     "ssh_username": "ubuntu"
   }],

test/terratest_helpers.go

@@ -46,11 +46,16 @@ func getUrlFromEnv(t *testing.T, key string) string {
 }
 
 // Compose packer image options
-func composeImageOptions(t *testing.T, packerBuildName string, testDir string, vaultDownloadUrl string) *packer.Options {
+func composeImageOptions(t *testing.T, packerBuildName string, testDir string, useEnterpriseVault bool, vaultDownloadUrl string) *packer.Options {
 	projectId := test_structure.LoadString(t, testDir, SAVED_GCP_PROJECT_ID)
 	zone := test_structure.LoadString(t, testDir, SAVED_GCP_ZONE_NAME)
 	tlsCert := loadTLSCert(t, WORK_DIR)
 
+	environmentVariables := map[string]string{}
+	if useEnterpriseVault == true {
+		environmentVariables[PACKER_VAR_VAULT_DOWNLOAD_URL] = vaultDownloadUrl
+	}
+
 	return &packer.Options{
 		Template: PACKER_TEMPLATE_PATH,
 		Only:     packerBuildName,
@@ -61,9 +66,7 @@ func composeImageOptions(t *testing.T, packerBuildName string, testDir string, v
 			PACKER_VAR_TLS_PUBLIC_KEY:  tlsCert.PublicKeyPath,
 			PAKCER_VAR_TLS_PRIVATE_KEY: tlsCert.PrivateKeyPath,
 		},
-		Env: map[string]string{
-			PACKER_VAR_VAULT_DOWNLOAD_URL: vaultDownloadUrl,
-		},
+		Env: environmentVariables,
 	}
 }
 

test/vault_cluster_auth_test.go

@@ -21,7 +21,7 @@ const (
 	EXAMPLE_SECRET = "42"
 )
 
-func runVaultIamAuthTest(t *testing.T) {
+func runVaultIamAuthTest(t *testing.T, packerBuildSaveName string) {
 	exampleDir := test_structure.CopyTerraformFolderToTemp(t, "../", "examples/vault-cluster-authentication-iam")
 
 	defer test_structure.RunTestStage(t, "teardown", func() {
@@ -38,7 +38,7 @@ func runVaultIamAuthTest(t *testing.T) {
 	test_structure.RunTestStage(t, "deploy", func() {
 		projectId := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_PROJECT_ID)
 		region := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_REGION_NAME)
-		imageID := test_structure.LoadString(t, WORK_DIR, SAVED_OPEN_SOURCE_VAULT_IMAGE)
+		imageID := test_structure.LoadString(t, WORK_DIR, packerBuildSaveName)
 
 		// GCP only supports lowercase names for some resources
 		uniqueID := strings.ToLower(random.UniqueId())
@@ -69,7 +69,7 @@ func runVaultIamAuthTest(t *testing.T) {
 	})
 }
 
-func runVaultGceAuthTest(t *testing.T) {
+func runVaultGceAuthTest(t *testing.T, packerBuildSaveName string) {
 	exampleDir := test_structure.CopyTerraformFolderToTemp(t, "../", "examples/vault-cluster-authentication-gce")
 
 	defer test_structure.RunTestStage(t, "teardown", func() {
@@ -86,7 +86,7 @@ func runVaultGceAuthTest(t *testing.T) {
 	test_structure.RunTestStage(t, "deploy", func() {
 		projectId := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_PROJECT_ID)
 		region := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_REGION_NAME)
-		imageID := test_structure.LoadString(t, WORK_DIR, SAVED_OPEN_SOURCE_VAULT_IMAGE)
+		imageID := test_structure.LoadString(t, WORK_DIR, packerBuildSaveName)
 
 		// GCP only supports lowercase names for some resources
 		uniqueID := strings.ToLower(random.UniqueId())

test/vault_cluster_enterprise_test.go

@@ -36,7 +36,7 @@ const (
 // 5. SSH into a Vault node and initialize the Vault cluster
 // 6. SSH to each other Vault node, restart vault and test that it is unsealed
 // 7.  SSH to a Vault node and make sure you can communicate with the nodes via Consul-managed DNS
-func runVaultEnterpriseClusterTest(t *testing.T) {
+func runVaultEnterpriseClusterTest(t *testing.T, packerBuildSaveName string) {
 	exampleDir := test_structure.CopyTerraformFolderToTemp(t, "../", "examples/vault-cluster-enterprise")
 
 	defer test_structure.RunTestStage(t, "teardown", func() {
@@ -53,7 +53,7 @@ func runVaultEnterpriseClusterTest(t *testing.T) {
 	test_structure.RunTestStage(t, "deploy", func() {
 		projectId := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_PROJECT_ID)
 		region := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_REGION_NAME)
-		imageID := test_structure.LoadString(t, WORK_DIR, SAVED_ENTERPRISE_VAULT_IMAGE)
+		imageID := test_structure.LoadString(t, WORK_DIR, packerBuildSaveName)
 
 		// GCP only supports lowercase names for some resources
 		uniqueID := strings.ToLower(random.UniqueId())

test/vault_cluster_private_test.go

@@ -17,7 +17,7 @@ const (
 	TFVAR_NAME_SUBNET_CIDR         = "subnet_ip_cidr_range"
 )
 
-func runVaultPrivateClusterTest(t *testing.T) {
+func runVaultPrivateClusterTest(t *testing.T, packerBuildSaveName string) {
 	exampleDir := test_structure.CopyTerraformFolderToTemp(t, "../", "examples/vault-cluster-private")
 
 	defer test_structure.RunTestStage(t, "teardown", func() {
@@ -34,7 +34,7 @@ func runVaultPrivateClusterTest(t *testing.T) {
 	test_structure.RunTestStage(t, "deploy", func() {
 		projectId := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_PROJECT_ID)
 		region := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_REGION_NAME)
-		imageID := test_structure.LoadString(t, WORK_DIR, SAVED_OPEN_SOURCE_VAULT_IMAGE)
+		imageID := test_structure.LoadString(t, WORK_DIR, packerBuildSaveName)
 
 		// GCP only supports lowercase names for some resources
 		uniqueID := strings.ToLower(random.UniqueId())

test/vault_cluster_public_test.go

@@ -23,7 +23,7 @@ const TFVAR_NAME_CONSUL_SOURCE_IMAGE = "consul_server_source_image"
 const TFVAR_NAME_CONSUL_SERVER_CLUSTER_NAME = "consul_server_cluster_name"
 const TFVAR_NAME_CONSUL_SERVER_CLUSTER_MACHINE_TYPE = "consul_server_machine_type"
 
-func runVaultPublicClusterTest(t *testing.T) {
+func runVaultPublicClusterTest(t *testing.T, packerBuildSaveName string) {
 	exampleDir := test_structure.CopyTerraformFolderToTemp(t, "../", ".")
 
 	defer test_structure.RunTestStage(t, "teardown", func() {
@@ -38,7 +38,7 @@ func runVaultPublicClusterTest(t *testing.T) {
 	test_structure.RunTestStage(t, "deploy", func() {
 		projectId := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_PROJECT_ID)
 		region := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_REGION_NAME)
-		imageID := test_structure.LoadString(t, WORK_DIR, SAVED_OPEN_SOURCE_VAULT_IMAGE)
+		imageID := test_structure.LoadString(t, WORK_DIR, packerBuildSaveName)
 
 		// GCP only supports lowercase names for some resources
 		uniqueID := strings.ToLower(random.UniqueId())

test/vault_main_test.go

@@ -12,16 +12,19 @@ import (
 )
 
 const (
-	IMAGE_EXAMPLE_PATH            = "../examples/vault-consul-ami/vault-consul.json"
-	WORK_DIR                      = "./"
-	PACKER_BUILD_NAME             = "ubuntu-16"
-	SAVED_OPEN_SOURCE_VAULT_IMAGE = "ImageOpenSourceVault"
-	SAVED_ENTERPRISE_VAULT_IMAGE  = "ImageEnterpriseVault"
+	IMAGE_EXAMPLE_PATH = "../examples/vault-consul-ami/vault-consul.json"
+	WORK_DIR           = "./"
 )
 
 type testCase struct {
-	Name string           // Name of the test
-	Func func(*testing.T) // Function that runs the test
+	Name string                   // Name of the test
+	Func func(*testing.T, string) // Function that runs the test
+}
+
+type packerBuild struct {
+	SaveName           string // Name of the test data save file
+	PackerBuildName    string // Name of the packer build
+	useEnterpriseVault bool   // Use Vault Enterprise or not
 }
 
 var testCases = []testCase{
@@ -47,6 +50,29 @@ var testCases = []testCase{
 	},
 }
 
+var packerBuilds = []packerBuild{
+	{
+		"OpenSourceVaultOnUbuntu16ImageID",
+		"ubuntu16-image",
+		false,
+	},
+	{
+		"OpenSourceVaultOnUbuntu18ImageID",
+		"ubuntu18-image",
+		false,
+	},
+	{
+		"EnterpriseVaultOnUbuntu16ImageID",
+		"ubuntu16-image",
+		true,
+	},
+	{
+		"EnterpriseVaultOnUbuntu18ImageID",
+		"ubuntu18-image",
+		true,
+	},
+}
+
 // To test this on CircleCI you need two URLs set a environment variables(VAULT_PACKER_TEMPLATE_VAR_VAULT_DOWNLOAD_URL)
 // so the Vault Enterprise versions can be downloaded. You would also need to set these two variables locally to run the
 // tests. The reason behind this is to prevent the actual url from being visible in the code and logs.
@@ -68,21 +94,23 @@ func TestMainVaultCluster(t *testing.T) {
 		tlsCert := generateSelfSignedTlsCert(t)
 		saveTLSCert(t, WORK_DIR, tlsCert)
 
-		packerImageOptions := map[string]*packer.Options{
-			SAVED_OPEN_SOURCE_VAULT_IMAGE: composeImageOptions(t, PACKER_BUILD_NAME, WORK_DIR, ""),
-			SAVED_ENTERPRISE_VAULT_IMAGE:  composeImageOptions(t, PACKER_BUILD_NAME, WORK_DIR, vaultDownloadUrl),
+		packerImageOptions := map[string]*packer.Options{}
+		for _, packerBuildItem := range packerBuilds {
+			packerImageOptions[packerBuildItem.SaveName] = composeImageOptions(t, packerBuildItem.PackerBuildName, WORK_DIR, packerBuildItem.useEnterpriseVault, vaultDownloadUrl)
 		}
 
 		imageIds := packer.BuildArtifacts(t, packerImageOptions)
-		test_structure.SaveString(t, WORK_DIR, SAVED_OPEN_SOURCE_VAULT_IMAGE, imageIds[SAVED_OPEN_SOURCE_VAULT_IMAGE])
-		test_structure.SaveString(t, WORK_DIR, SAVED_ENTERPRISE_VAULT_IMAGE, imageIds[SAVED_ENTERPRISE_VAULT_IMAGE])
+		for imageKey, imageId := range imageIds {
+			test_structure.SaveString(t, WORK_DIR, imageKey, imageId)
+		}
 	})
 
 	defer test_structure.RunTestStage(t, "delete_images", func() {
 		projectID := test_structure.LoadString(t, WORK_DIR, SAVED_GCP_PROJECT_ID)
 
-		deleteVaultImage(t, WORK_DIR, projectID, SAVED_OPEN_SOURCE_VAULT_IMAGE)
-		deleteVaultImage(t, WORK_DIR, projectID, SAVED_ENTERPRISE_VAULT_IMAGE)
+		for _, packerBuildItem := range packerBuilds {
+			deleteVaultImage(t, WORK_DIR, projectID, packerBuildItem.SaveName)
+		}
 
 		tlsCert := loadTLSCert(t, WORK_DIR)
 		cleanupTLSCertFiles(tlsCert)
@@ -104,9 +132,12 @@ func runAllTests(t *testing.T) {
 		// "Be Careful with Table Driven Tests and t.Parallel()"
 		// https://gist.github.com/posener/92a55c4cd441fc5e5e85f27bca008721
 		testCase := testCase
-		t.Run(fmt.Sprintf("%sWithUbuntu", testCase.Name), func(t *testing.T) {
-			t.Parallel()
-			testCase.Func(t)
-		})
+		for _, packerBuildItem := range packerBuilds {
+			packerBuildItem := packerBuildItem
+			t.Run(fmt.Sprintf("%sWith%s", testCase.Name, packerBuildItem.SaveName), func(t *testing.T) {
+				t.Parallel()
+				testCase.Func(t, packerBuildItem.SaveName)
+			})
+		}
 	}
 }