chore: prep opentofu support (#892)

SAP · Aug 28, 2024 · fbc610f · fbc610f
1 parent 6807059
commit fbc610f
Show file tree

Hide file tree

Showing 5 changed files with 206 additions and 63 deletions.
diff --git a/.devcontainer/default/devcontainer.json b/.devcontainer/default/devcontainer.json
@@ -5,7 +5,10 @@
 	// Features to add to the dev container. More info: https://containers.dev/features.
 	"features": {
 		"ghcr.io/devcontainers/features/terraform:1": {},
-		"ghcr.io/devcontainers/features/github-cli:1": {}
+		"ghcr.io/devcontainers/features/github-cli:1": {},
+		"ghcr.io/robbert229/devcontainer-features/opentofu:1": {
+			"version": "1.8.1"
+		}
 	},
 	"customizations": {
 		"vscode": {

diff --git a/.devcontainer/withenvfile/devcontainer.json b/.devcontainer/withenvfile/devcontainer.json
@@ -4,7 +4,10 @@
 	// Features to add to the dev container. More info: https://containers.dev/features.
 	"features": {
 		"ghcr.io/devcontainers/features/terraform:1": {},
-		"ghcr.io/devcontainers/features/github-cli:1": {}
+		"ghcr.io/devcontainers/features/github-cli:1": {},
+		"ghcr.io/robbert229/devcontainer-features/opentofu:1": {
+			"version": "1.8.1"
+		}
 	},
 	"customizations": {
 		"vscode": {

diff --git a/.github/workflows/compatibility-test.yml b/.github/workflows/compatibility-test.yml
diff --git a/.github/workflows/schema-regression-test-opentofu.yml b/.github/workflows/schema-regression-test-opentofu.yml
@@ -0,0 +1,134 @@
+name: Regression Test - OpenTofu
+
+# Idea: 
+# 1. Setup infrastructure with stable release of the provider in the live environment
+# 2. Switch to a local build of the provider
+# 3. Execute a tofu plan and check for deviations
+# 4. Destroy the infrastructure
+# 5. If deviation was detected create/update an issue
+
+on:
+  workflow_dispatch:
+
+env:
+  PATH_TO_TFSCRIPT: 'regression-test'
+  DEV_OVERRIDE: 'assets/provider-config-ghaction.txt'
+  TEMP_PLAN_OUTPUT : 'plan-output.txt'
+
+permissions:
+  contents: read
+  issues: write
+
+jobs:
+  execute_regression_test:
+    name: Regression Test OpenTofu
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out Git repository
+      id: checkout_repo
+      uses: actions/checkout@v4
+
+    - name: Setup OpenTofu
+      id : setup_opentofu
+      uses: opentofu/setup-opentofu@v1
+      with:
+        tofu_wrapper: false
+        terraform_version: latest
+
+    - name: Tofu Init with stable provider
+      id: tofu_init
+      shell: bash
+      run: |
+        tofu -chdir=${{ env.PATH_TO_TFSCRIPT }} init -no-color
+
+    - name: tofu Apply with stable provider
+      id: tofu_apply
+      shell: bash
+      run: |
+        export BTP_USERNAME=${{ secrets.BTP_USERNAME }}
+        export BTP_PASSWORD=${{ secrets.BTP_PASSWORD }}
+        tofu -chdir=${{ env.PATH_TO_TFSCRIPT }} apply -var globalaccount=${{ secrets.GLOBALACCOUNT }} -auto-approve -no-color 
+
+    - name: Setup Go
+      uses: actions/[email protected]
+      with:
+        go-version-file: 'go.mod'
+
+    - name: Install local Terraform provider
+      id: build_provider
+      shell: bash
+      run: |
+        go mod tidy && make install
+
+    - name: Remove init data and place override
+      id: set_to_override
+      shell: bash
+      run: |
+        rm -rf .terraform && rm -rf .terraform.lock.hcl && cp ${{ env.DEV_OVERRIDE }} ~/.terraformrc
+
+    - name: Check for deviations in tofu plan
+      id: execute_deviation_check
+      shell: bash
+      run: |
+        export BTP_USERNAME=${{ secrets.BTP_USERNAME }}
+        export BTP_PASSWORD=${{ secrets.BTP_PASSWORD }}
+        tofu -chdir=${{ env.PATH_TO_TFSCRIPT }} plan -var globalaccount=${{ secrets.GLOBALACCOUNT }} -no-color -detailed-exitcode
+
+
+    - name: Remove init data and override
+      if: always()
+      id: remove_override
+      shell: bash
+      run: |
+        rm -rf .terraform && rm -rf .terraform.lock.hcl && rm -rf ~/.terraformrc
+
+    - name: Tofu Init with stable provider
+      if: always()
+      id: tofu_reinit
+      shell: bash
+      run: |
+        tofu -chdir=${{ env.PATH_TO_TFSCRIPT }} init -upgrade -no-color
+
+    - name: Tofu Destroy with stable provider
+      if: always()  
+      id: tofu_destroy
+      shell: bash
+      run: |
+        export BTP_USERNAME=${{ secrets.BTP_USERNAME }}
+        export BTP_PASSWORD=${{ secrets.BTP_PASSWORD }}
+        tofu -chdir=${{ env.PATH_TO_TFSCRIPT }} destroy -var globalaccount='${{ secrets.GLOBALACCOUNT }}' -auto-approve -no-color
+
+    - name: State deviation - find existing issue for deviation
+      id: find_deviation_issue
+      uses: micalevisk/last-issue-action@v2
+      if: ${{ steps.execute_deviation_check.outcome == 'failure' }} 
+      with: 
+        state: open
+        labels: |
+          state deviation
+          automated issue
+
+    - name: State deviation - create or update issue
+      uses: peter-evans/create-issue-from-file@v5
+      if: ${{ steps.execute_deviation_check.outcome == 'failure' }} 
+      with:
+        title: State deviation found
+        # If issue number is empty a new issue gets created
+        issue-number: ${{ steps.find_deviation_issue.outputs.issue-number }}
+        content-filepath: ${{ env.TEMP_PLAN_OUTPUT }}
+        labels: state deviation, automated issue
+
+    - name: Cleanup plan output
+      id: execute_plan_cleanup
+      if: always() 
+      shell: bash
+      run: |
+        rm -rf ${{ env.TEMP_PLAN_OUTPUT }}
+
+    - name: State deviation - Set run to failed
+      if: ${{ steps.execute_deviation_check.outcome == 'failure' }} 
+      uses: actions/github-script@v7
+      with:
+        script: |
+            core.setFailed('A state deviation was detected!')
diff --git a/.github/workflows/test-opentofu.yml b/.github/workflows/test-opentofu.yml
@@ -0,0 +1,64 @@
+# This is a restricted test set for OpenTofu
+# The full test is defined in the test.yml workflow. 
+# This file is intended to focus testing the OpenTofu compatibility against the latest provider version. 
+name: OpenTofu Provider Tests
+
+on:
+  workflow_dispatch:
+
+# Testing only needs permissions to read the repository contents.
+permissions:
+  contents: read
+
+
+jobs:
+  # Ensure project builds before running testing matrix
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - uses: actions/checkout@v4 # v4.0.0
+      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+        with:
+          go-version-file: 'go.mod'
+          cache: true
+      - run: go mod download
+      - run: go build -v .
+      - name: Run linters
+        uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v3.7.1
+        with:
+          version: latest
+
+
+  # Run acceptance tests in a matrix with OpenTofu CLI versions
+  test:
+    name: Terraform Provider Acceptance Tests for OpenTofu
+    needs: build
+    runs-on: ubuntu-latest
+    # Timeout for tests set to 25 minutes to safeguard long running tests (specifically for service instances) 
+    timeout-minutes: 25
+    strategy:
+      fail-fast: false
+      matrix:
+        # list of OpenTofu versions to test against
+        opentofu:
+          - '1.6.*'
+          - '1.7.*'
+          - '1.8.*'
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+        with:
+          go-version-file: 'go.mod'
+          cache: true
+      - uses: opentofu/setup-opentofu@v1
+        with:
+          tofu_version: ${{ matrix.opentofu }}
+          tofu_wrapper: false
+      - run: go mod download
+      - env:
+          TF_ACC: "1"
+        run: go test -v -cover -coverprofile=cover.out -timeout=1800s -parallel=4 ./...
+        timeout-minutes: 20
+