fix: update terraform with newer version (#24284)
The terraform shipped with snap (in the older version of Ubuntu) only supported public key encryption with ssh-rsa. New versions of Linux started deprecating ssh-rsa, so this version bump is required.pull/24299/head
parent
2f3733c2cb
commit
b352a179a2
|
@ -22,11 +22,11 @@ executors:
|
||||||
resource_class: large
|
resource_class: large
|
||||||
linux-amd64:
|
linux-amd64:
|
||||||
machine:
|
machine:
|
||||||
image: ubuntu-2004:202107-02
|
image: ubuntu-2204:current
|
||||||
resource_class: large
|
resource_class: large
|
||||||
linux-arm64:
|
linux-arm64:
|
||||||
machine:
|
machine:
|
||||||
image: ubuntu-2004:202101-01
|
image: ubuntu-2204:current
|
||||||
resource_class: arm.large
|
resource_class: arm.large
|
||||||
darwin:
|
darwin:
|
||||||
macos:
|
macos:
|
||||||
|
@ -503,8 +503,8 @@ jobs:
|
||||||
name: Install Package Dependencies
|
name: Install Package Dependencies
|
||||||
command: |
|
command: |
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
sudo apt-get update
|
sudo -E apt-get update
|
||||||
sudo apt-get install --yes \
|
sudo -E apt-get install --yes \
|
||||||
build-essential \
|
build-essential \
|
||||||
git \
|
git \
|
||||||
rpm \
|
rpm \
|
||||||
|
@ -664,7 +664,7 @@ jobs:
|
||||||
- checkout
|
- checkout
|
||||||
- add_ssh_keys:
|
- add_ssh_keys:
|
||||||
fingerprints:
|
fingerprints:
|
||||||
- "91:0a:5b:a7:f9:46:77:f3:5d:4a:cf:d2:44:c8:2c:5a"
|
- 3a:d1:7a:b7:57:d7:85:0b:76:79:85:51:38:f3:e4:67
|
||||||
- terraform/validate:
|
- terraform/validate:
|
||||||
path: scripts/ci/
|
path: scripts/ci/
|
||||||
- run:
|
- run:
|
||||||
|
@ -720,7 +720,7 @@ jobs:
|
||||||
# To ssh into aws without failing host key checks
|
# To ssh into aws without failing host key checks
|
||||||
- add_ssh_keys:
|
- add_ssh_keys:
|
||||||
fingerprints:
|
fingerprints:
|
||||||
- "91:0a:5b:a7:f9:46:77:f3:5d:4a:cf:d2:44:c8:2c:5a"
|
- 3a:d1:7a:b7:57:d7:85:0b:76:79:85:51:38:f3:e4:67
|
||||||
- run:
|
- run:
|
||||||
name: Set up AWS CLI
|
name: Set up AWS CLI
|
||||||
command: |
|
command: |
|
||||||
|
@ -758,7 +758,7 @@ jobs:
|
||||||
- checkout
|
- checkout
|
||||||
- add_ssh_keys:
|
- add_ssh_keys:
|
||||||
fingerprints:
|
fingerprints:
|
||||||
- "91:0a:5b:a7:f9:46:77:f3:5d:4a:cf:d2:44:c8:2c:5a"
|
- 3a:d1:7a:b7:57:d7:85:0b:76:79:85:51:38:f3:e4:67
|
||||||
- run:
|
- run:
|
||||||
name: Destroy AWS instances with datestring more than a day old
|
name: Destroy AWS instances with datestring more than a day old
|
||||||
no_output_timeout: 20m
|
no_output_timeout: 20m
|
||||||
|
@ -978,24 +978,18 @@ jobs:
|
||||||
/tmp/workspace/artifacts/influxdb2*-arm64.deb
|
/tmp/workspace/artifacts/influxdb2*-arm64.deb
|
||||||
|
|
||||||
check_package_rpm:
|
check_package_rpm:
|
||||||
|
executor: linux-amd64
|
||||||
parameters:
|
parameters:
|
||||||
arch:
|
arch:
|
||||||
type: string
|
type: string
|
||||||
executor: linux-amd64
|
|
||||||
steps:
|
steps:
|
||||||
- attach_workspace:
|
- attach_workspace:
|
||||||
at: /tmp/workspace
|
at: /tmp/workspace
|
||||||
- checkout
|
|
||||||
- run:
|
|
||||||
name: Install Dependencies
|
|
||||||
command: |
|
|
||||||
sudo snap install --classic terraform
|
|
||||||
- add_ssh_keys:
|
- add_ssh_keys:
|
||||||
fingerprints:
|
fingerprints:
|
||||||
- "91:0a:5b:a7:f9:46:77:f3:5d:4a:cf:d2:44:c8:2c:5a"
|
- 3a:d1:7a:b7:57:d7:85:0b:76:79:85:51:38:f3:e4:67
|
||||||
- run:
|
- checkout
|
||||||
name: Validate RPM Package
|
- run: |
|
||||||
command: |
|
AWS_ACCESS_KEY_ID=$TEST_AWS_ACCESS_KEY_ID \
|
||||||
export AWS_ACCESS_KEY_ID=$TEST_AWS_ACCESS_KEY_ID
|
AWS_SECRET_ACCESS_KEY=$TEST_AWS_SECRET_ACCESS_KEY \
|
||||||
export AWS_SECRET_ACCESS_KEY=$TEST_AWS_SECRET_ACCESS_KEY
|
.circleci/scripts/package-validation/redhat << parameters.arch >> /tmp/workspace/artifacts/influxdb2*.<< parameters.arch >>.rpm
|
||||||
.circleci/scripts/package-validation/redhat << parameters.arch >> /tmp/workspace/artifacts/influxdb2*.<< parameters.arch >>.rpm
|
|
||||||
|
|
|
@ -63,6 +63,30 @@ trap "terraform_free \"${arch}\" \"${package}\"" \
|
||||||
ERR \
|
ERR \
|
||||||
EXIT
|
EXIT
|
||||||
|
|
||||||
|
function terraform_setup()
|
||||||
|
{
|
||||||
|
# TODO(bnpfeife): remove this once the executor is updated.
|
||||||
|
#
|
||||||
|
# Unfortunately, terraform provided by the CircleCI executor is *terribly*
|
||||||
|
# out of date. Most Linux distributions are disabling "ssh-rsa" public key
|
||||||
|
# algorithms which this uses to remote into the ec2 instance . This
|
||||||
|
# installs the latest version of terraform.
|
||||||
|
#
|
||||||
|
# Addendum: the "terraform_version" CircleCI option is broken!
|
||||||
|
sudo tee /etc/apt/sources.list.d/hashicorp.list <<EOF >/dev/null || true
|
||||||
|
deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main
|
||||||
|
EOF
|
||||||
|
|
||||||
|
curl -fL https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \
|
||||||
|
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null
|
||||||
|
|
||||||
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
sudo -E apt-get update
|
||||||
|
sudo -E apt-get install --yes terraform
|
||||||
|
}
|
||||||
|
|
||||||
|
terraform_setup
|
||||||
|
|
||||||
terraform_init "${arch}" "${package}"
|
terraform_init "${arch}" "${package}"
|
||||||
|
|
||||||
printf 'Setup complete! Testing %s... (this takes several minutes!)' "${1}"
|
printf 'Setup complete! Testing %s... (this takes several minutes!)' "${1}"
|
||||||
|
|
Loading…
Reference in New Issue