elastic
Label all cloud resources used for integration tests
Motivation
we usually deploy 2 types of assets:
- assets for manual testing, when developers try things out
- assets used for integration testing, which are used in CI
we should label all the cloud assets used for integration tests with ci:integration labels so they don't get deleted by accident and it is clear why they exists.
bonus points - add an owner: <name> label based on who created them.
Definition of done
- figure out which assets are used for integration tests
- add a
ci:integrationlabel to all of them
Out of scope
- using CloudCustodian to automatically label assets (?)
For AWS we have a completely separate account for CI testing, so it might be less crucial there if I'm not mistaken. @gurevichdmitry
@oren-zohar, you're right about AWS resources, but we also need to consider GCP and Azure accounts, which haven't received as much attention regarding labeling.
Task Update
AWS: The resources in the dev account are already tagged. When deploying using the create environment workflow, all other resources used for component and integration tests are deployed in a separate AWS test account.
Azure: All currently deployed resources have been updated with the tag ci:integration. Additionally, VM instances require extra tags related to organization policy, which I have also added. Azure integration tests (component tests) are using statically deployed resources, so only a manual update was needed. The next step is to update the create environment workflow to support adding tags for Elastic Agent VM deployment.
GCP: We currently have only basic integration tests; functional tests have not been implemented. Therefore, there are no resources that require tagging. The only task is to fix the GCP deployment to ensure it adds the necessary labels.