Conversation
moduli
force-pushed
the
moduli-e2e-enos-vars
branch
2 times, most recently
from
9826373 to
2deb930
Compare
There was a problem hiding this comment.
Pull request overview
This PR refactors Enos e2e scenarios/modules to reduce reliance on manually-supplied variables by deriving values (Boundary edition, repo root, binary path) and generating SSH keys, while also standardizing SSH transport inputs across AWS modules.
Changes:
- Replace/clean up scenario variables by introducing helper modules (
get_boundary_edition,get_repo_root,get_binary_path, SSH keypair modules). - Update AWS modules and scenarios to pass explicit SSH
private_key_path/keypair inputs instead of relying on a global Enos provider transport block. - Adjust license handling to be edition-aware and simplify scenario wiring around license inputs.
Reviewed changes
Copilot reviewed 44 out of 44 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| enos/modules/test_e2e_ui/main.tf | Removes debug/local path vars; currently leaves UI e2e exec as a no-op. |
| enos/modules/test_e2e_docker/main.tf | Replaces debug_no_run with is_ci; adjusts env vars and execution gating. |
| enos/modules/test_e2e/main.tf | Replaces debug_no_run with is_ci; updates some variable defaults/descriptions. |
| enos/modules/ssh_keypair/main.tf | New module to generate (or reuse) a local SSH private key file. |
| enos/modules/read_license/main.tf | Adds edition-based license validation and conditional license output. |
| enos/modules/get_repo_root/main.tf | New module to resolve repo root via git rev-parse. |
| enos/modules/get_boundary_edition/main.tf | New module to derive edition via make edition at repo root. |
| enos/modules/get_binary_path/main.tf | New module to locate a binary via shell and expose its path. |
| enos/modules/generate_docker_image_name/main.tf | New helper to build Docker image names/tags by edition. |
| enos/modules/check_boundary_edition/main.tf | New module wrapper around a shell script to print edition. |
| enos/modules/check_boundary_edition/edition.sh | New script to run make edition. |
| enos/modules/binary_finder/main.tf | Removes legacy binary-finder implementation. |
| enos/modules/aws_worker/variables.tf | Renames SSH keypair variable; adds SSH private key path input. |
| enos/modules/aws_worker/main.tf | Wires SSH user/private key path into Enos SSH transport blocks. |
| enos/modules/aws_vault/vault-instances.tf | Wires SSH user/private key path into Enos SSH transport blocks. |
| enos/modules/aws_vault/variables.tf | Renames SSH keypair variable; adds SSH private key path input. |
| enos/modules/aws_target/main.tf | Adds SSH private key path variable; uses it in SSH transport. |
| enos/modules/aws_ssh_keypair/main.tf | New module to generate/upload an AWS keypair and write the private key locally. |
| enos/modules/aws_boundary/variables.tf | Replaces ssh user/keypair inputs with keypair name + private key path. |
| enos/modules/aws_boundary/boundary-instances.tf | Wires SSH user/private key path into Enos SSH transport blocks. |
| enos/enos.vars.hcl | Updates example vars; reorganizes/rewrites guidance comments. |
| enos/enos.hcl | Removes global provider "enos" transport config. |
| enos/enos-variables.hcl | Removes legacy vars (e.g., boundary_edition/e2e_debug_no_run/src dirs); adds is_ci; adjusts defaults. |
| enos/enos-scenario-e2e-ui-docker.hcl | Switches to derived edition + generated SSH key; simplifies license wiring. |
| enos/enos-scenario-e2e-ui-aws.hcl | Switches to derived edition + generated SSH key; simplifies license wiring. |
| enos/enos-scenario-e2e-docker-worker-registration-worker-led.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-docker-worker-registration-controller-led.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-docker-base.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-docker-base-with-worker.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-docker-base-with-worker-version.hcl | Uses derived edition + generated SSH key; uses docker image-name helper. |
| enos/enos-scenario-e2e-docker-base-with-vault.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-docker-base-with-gcp.hcl | Uses derived edition and binary path helper; adds is_ci to test step. |
| enos/enos-scenario-e2e-docker-base-plus.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-docker-base-connect.hcl | Uses derived edition, generated SSH key, and binary path helper. |
| enos/enos-scenario-e2e-database.hcl | Uses derived edition, generated SSH key, and binary path helper; updates deps. |
| enos/enos-scenario-e2e-aws.hcl | Uses derived edition + generated SSH key; updates module inputs/deps. |
| enos/enos-scenario-e2e-aws-rdp-target.hcl | Removes explicit Enos provider from scenario providers list. |
| enos/enos-scenario-e2e-aws-rdp-base.hcl | Uses repo-root helper and generated SSH key; updates module inputs/deps. |
| enos/enos-scenario-e2e-aws-base.hcl | Uses derived edition + generated SSH key; updates module inputs/deps. |
| enos/enos-scenario-e2e-aws-base-with-vault.hcl | Uses derived edition + generated SSH key; updates module inputs/deps. |
| enos/enos-modules.hcl | Registers new helper/keypair modules; removes legacy wiring. |
| enos/ci/hcp-resources/main.tf | Generates SSH keypair and wires it into Enos provider transport and modules. |
| enos/README.md | Adds missing local dependencies; fixes code fence formatting. |
| .github/workflows/enos-run.yml | Updates CI env vars and adds ENOS_VAR_is_ci; removes deprecated vars. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
moduli
force-pushed
the
moduli-e2e-enos-vars
branch
from
f129036 to
3235442
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 32 out of 32 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
moduli
force-pushed
the
moduli-e2e-enos-vars
branch
2 times, most recently
from
d0b7fde to
09e915b
Compare
# Conflicts: # .github/workflows/enos-run.yml
moduli
force-pushed
the
moduli-e2e-enos-vars
branch
from
09e915b to
8653e5b
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 31 out of 31 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
moduli
force-pushed
the
moduli-e2e-enos-vars
branch
from
5ee5ae9 to
8d99b49
Compare
dillanb-hashi
approved these changes
Apr 22, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR makes all other currently required enos variables either optional or obsolete in order to reduce the amount of setup needed to use the tool.
A previous PR removed the need for
aws_ssh_private_key_pathandaws_ssh_keypair_name: #6583.This PR removes the need for
local_boundary_dirlocal_boundary_src_dirlocal_boundary_ui_src_dirboundary_editiondebug_no_runThis is achieved by doing the following
local_boundary_diris now programmatically determined by runningwhich boundarylocal_boundary_src_diris now programmatically determined by runninggit rev-parse --show-toplevellocal_boundary_ui_src_dirwas removed (it wasn't needed)boundary_editionis now programmatically determined by runningmake editiondebug_no_runhas been replaced byis_ci, which will be set in github actions workflows. This will trigger the e2e tests to automatically run after creating infra.Now, you can start enos scenarios without needing to configure anything in
enos.vars.hcl(assuming you have the dependencies installed (e.g. enos cli, terraform, go).Enterprise-changes were tested in https://github.com/hashicorp/boundary-enterprise/pull/2354 and will be cherry-picked into the ce -> ent merge pr.
https://hashicorp.atlassian.net/browse/ICU-18941
PCI review checklist
Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.