diff --git a/.github/workflows/component_canaries.yml b/.github/workflows/component_canaries.yml index 8d7e3db2d..ddb3748b9 100644 --- a/.github/workflows/component_canaries.yml +++ b/.github/workflows/component_canaries.yml @@ -32,10 +32,10 @@ jobs: runs-on: ubuntu-20.04 if: ${{ inputs.PLATFORM == 'macos' }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ env.AWS_ASSUME_ROLE }} aws-region: us-east-2 @@ -68,10 +68,10 @@ jobs: runs-on: ubuntu-20.04 if: ${{ inputs.PLATFORM == 'linux' }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ env.AWS_ASSUME_ROLE }} aws-region: us-east-2 @@ -130,10 +130,10 @@ jobs: runs-on: ubuntu-20.04 if: ${{ inputs.PLATFORM == 'windows' }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ env.AWS_ASSUME_ROLE }} aws-region: us-east-2 diff --git a/test/canaries/deploy_canaries.yml b/test/canaries/deploy_canaries.yml index 2065f5133..42799759a 100644 --- a/test/canaries/deploy_canaries.yml +++ b/test/canaries/deploy_canaries.yml @@ -19,27 +19,31 @@ block: - name: install latest agent on host - include_role: + ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: - target_version: "{{ current_version }}" repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: install latest agent in container - include_role: + ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: is_containerized: true target_version: "{{ current_version }}-rc" display_name: "{{ inventory_hostname }}-current" + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: install previous agent in container - include_role: + # Remove the "when" condition after second release https://new-relic.atlassian.net/browse/NR-355851 + when: "'-fips' not in inventory_hostname" + ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: is_containerized: true target_version: "{{ previous_version }}" display_name: "{{ inventory_hostname }}-previous" + fips_enabled: "{{ '-fips' in inventory_hostname }}" # Windows - name: installation-agent-no-clean diff --git a/test/packaging/ansible/installation-pinned.yml b/test/packaging/ansible/installation-pinned.yml index ca331425c..9c4d316d7 100644 --- a/test/packaging/ansible/installation-pinned.yml +++ b/test/packaging/ansible/installation-pinned.yml @@ -18,22 +18,12 @@ block: - name: Install agent - # when: "'-fips' not in inventory_hostname" ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: target_version: "{{ target_agent_version }}" repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - - # TODO: https://new-relic.atlassian.net/browse/NR-355845 Uncomment when FIPS version is available for the minimum version - # - name: Install agent - FIPS - # when: "'-fips' in inventory_hostname" - # ansible.builtin.include_role: - # name: caos.ansible_roles.infra_agent - # vars: - # target_version: "{{ target_agent_version }}" - # repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - # fips_enabled: true + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: Assert version ansible.builtin.include_role: diff --git a/test/packaging/ansible/installation-privileged.yml b/test/packaging/ansible/installation-privileged.yml index 59f58e443..c8ed336ef 100644 --- a/test/packaging/ansible/installation-privileged.yml +++ b/test/packaging/ansible/installation-privileged.yml @@ -21,19 +21,11 @@ block: - name: Install agent - when: "'-fips' not in inventory_hostname" ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - - - name: Install agent - FIPS - when: "'-fips' in inventory_hostname" - ansible.builtin.include_role: - name: caos.ansible_roles.infra_agent - vars: - repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - fips_enabled: true + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: Assert privileged caps ansible.builtin.include_role: diff --git a/test/packaging/ansible/installation-root.yml b/test/packaging/ansible/installation-root.yml index 4a61f9566..022e3c809 100644 --- a/test/packaging/ansible/installation-root.yml +++ b/test/packaging/ansible/installation-root.yml @@ -21,19 +21,11 @@ block: - name: Install agent - when: "'-fips' not in inventory_hostname" ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - - - name: Install agent - FIPS - when: "'-fips' in inventory_hostname" - ansible.builtin.include_role: - name: caos.ansible_roles.infra_agent - vars: - repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - fips_enabled: true + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: Assert root ansible.builtin.include_role: diff --git a/test/packaging/ansible/installation-unprivileged.yml b/test/packaging/ansible/installation-unprivileged.yml index a882ee169..15b8f3dba 100644 --- a/test/packaging/ansible/installation-unprivileged.yml +++ b/test/packaging/ansible/installation-unprivileged.yml @@ -26,14 +26,7 @@ name: caos.ansible_roles.infra_agent vars: repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - - - name: Install agent - FIPS - when: "'-fips' in inventory_hostname" - ansible.builtin.include_role: - name: caos.ansible_roles.infra_agent - vars: - repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - fips_enabled: true + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: Assert no privileged caps ansible.builtin.include_role: diff --git a/test/packaging/ansible/shutdown-and-terminate.yml b/test/packaging/ansible/shutdown-and-terminate.yml index 19e15d272..3074b9fb9 100644 --- a/test/packaging/ansible/shutdown-and-terminate.yml +++ b/test/packaging/ansible/shutdown-and-terminate.yml @@ -16,21 +16,12 @@ tasks: - name: Install agent - when: "'-fips' not in inventory_hostname" ansible.builtin.include_role: name: caos.ansible_roles.infra_agent vars: display_name: "{{ iid }}:{{ inventory_hostname }}" repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - - - name: Install agent - FIPS - when: "'-fips' in inventory_hostname" - ansible.builtin.include_role: - name: caos.ansible_roles.infra_agent - vars: - display_name: "{{ iid }}:{{ inventory_hostname }}" - repo_endpoint: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - fips_enabled: true + fips_enabled: "{{ '-fips' in inventory_hostname }}" - name: Install agent windows (HNR) hosts: testing_hosts_windows diff --git a/test/packaging/ansible/test.yml b/test/packaging/ansible/test.yml index 561ee9c7b..988590861 100644 --- a/test/packaging/ansible/test.yml +++ b/test/packaging/ansible/test.yml @@ -2,7 +2,7 @@ - name: Pinned version agent installation import_playbook: installation-pinned.yml - when: "'-fips' not in inventory_hostname" # TODO: https://new-relic.atlassian.net/browse/NR-355841 + when: "'-fips' not in inventory_hostname" # TODO: https://new-relic.atlassian.net/browse/NR-355845 - name: Agent installation as root import_playbook: installation-root.yml