chore(e2e): Added windows based boundary worker scenario and module (#5973)

* Added windows based boundary worker scenario and module
* powershell script to run boundary on startup
* merged member server scenario

Author: dillanb-hashi

enos/enos-modules.hcl

@@ -127,6 +127,10 @@ module "aws_windows_client" {
   source = "./modules/aws_windows_client"
 }
 
+module "aws_rdp_member_server_with_worker" {
+  source = "./modules/aws_rdp_member_server_with_worker"
+}
+
 module "vault" {
   source = "./modules/aws_vault"
 

enos/enos-scenario-e2e-aws-windows.hcl

@@ -52,18 +52,19 @@ scenario "e2e_aws_windows" {
     }
   }
 
-  step "read_boundary_license" {
-    module = module.read_license
+  step "create_base_infra" {
+    module = module.aws_vpc_ipv6
+
+    depends_on = [
+      step.find_azs,
+    ]
 
     variables {
-      license_path = local.boundary_license_path
+      availability_zones = step.find_azs.availability_zones
+      common_tags        = local.tags
     }
   }
 
-  step "create_db_password" {
-    module = module.random_stringifier
-  }
-
   step "build_boundary_linux" {
     module = matrix.builder == "crt" ? module.build_crt : module.build_local
 
@@ -77,7 +78,7 @@ scenario "e2e_aws_windows" {
     module = matrix.builder == "crt" ? module.build_crt : module.build_local
 
     depends_on = [
-      step.build_boundary_linux
+      step.build_boundary_linux,
     ]
 
     variables {
@@ -90,19 +91,6 @@ scenario "e2e_aws_windows" {
     }
   }
 
-  step "create_base_infra" {
-    module = module.aws_vpc_ipv6
-
-    depends_on = [
-      step.find_azs,
-    ]
-
-    variables {
-      availability_zones = step.find_azs.availability_zones
-      common_tags        = local.tags
-    }
-  }
-
   step "create_windows_client" {
     module = module.aws_windows_client
 
@@ -119,6 +107,14 @@ scenario "e2e_aws_windows" {
     }
   }
 
+  step "read_boundary_license" {
+    module = module.read_license
+
+    variables {
+      license_path = local.boundary_license_path
+    }
+  }
+
   step "create_vault_cluster" {
     module = module.vault
     depends_on = [
@@ -142,13 +138,29 @@ scenario "e2e_aws_windows" {
     }
   }
 
+  step "create_db_password" {
+    module = module.random_stringifier
+  }
+
+  step "create_rdp_domain_controller" {
+    module = module.aws_rdp_domain_controller
+    depends_on = [
+      step.create_base_infra,
+    ]
+
+    variables {
+      vpc_id         = step.create_base_infra.vpc_id
+      server_version = matrix.rdp_server
+    }
+  }
+
   step "create_boundary_cluster" {
     module = module.aws_boundary
     depends_on = [
       step.create_base_infra,
-      step.create_windows_client,
       step.create_db_password,
       step.build_boundary_linux,
+      step.create_windows_client,
       step.create_vault_cluster,
       step.read_boundary_license
     ]
@@ -210,15 +222,29 @@ scenario "e2e_aws_windows" {
     }
   }
 
-  step "create_rdp_domain_controller" {
-    module = module.aws_rdp_domain_controller
+  step "create_windows_worker" {
+    module = module.aws_rdp_member_server_with_worker
     depends_on = [
       step.create_base_infra,
+      step.create_rdp_domain_controller,
+      step.build_boundary_windows,
+      step.create_boundary_cluster,
     ]
 
     variables {
-      vpc_id         = step.create_base_infra.vpc_id
-      server_version = matrix.rdp_server
+      vpc_id                              = step.create_base_infra.vpc_id
+      server_version                      = matrix.rdp_server
+      boundary_cli_zip_path               = step.build_boundary_windows.artifact_path
+      kms_key_arn                         = step.create_base_infra.kms_key_arn
+      controller_ip                       = step.create_boundary_cluster.public_controller_addresses[0]
+      iam_name                            = step.create_boundary_cluster.iam_instance_profile_name
+      boundary_security_group             = step.create_boundary_cluster.boundary_sg_id
+      active_directory_domain             = step.create_rdp_domain_controller.domain_name
+      domain_controller_aws_keypair_name  = step.create_rdp_domain_controller.keypair_name
+      domain_controller_ip                = step.create_rdp_domain_controller.private_ip
+      domain_admin_password               = step.create_rdp_domain_controller.password
+      domain_controller_private_key       = step.create_rdp_domain_controller.ssh_private_key
+      domain_controller_sec_group_id_list = step.create_rdp_domain_controller.security_group_id_list
     }
   }
 
@@ -347,4 +373,20 @@ scenario "e2e_aws_windows" {
   output "windows_client_ssh_key" {
     value = step.create_windows_client.ssh_private_key
   }
-}
+
+  output "windows_worker_admin_username" {
+    value = step.create_windows_worker.admin_username
+  }
+
+  output "windows_worker_admin_password" {
+    value = step.create_windows_worker.admin_password
+  }
+
+  output "windows_worker_public_ip" {
+    value = step.create_windows_worker.public_ip
+  }
+
+  output "windows_worker_private_ip" {
+    value = step.create_windows_worker.private_ip
+  }
+}

enos/modules/aws_boundary/outputs.tf

@@ -211,6 +211,11 @@ output "public_controller_addresses" {
   value = var.ip_version == "4" ? aws_instance.controller[*].public_ip : aws_instance.controller[*].ipv6_addresses[0]
 }
 
+output "boundary_sg_id" {
+  description = "A secruity group id that covers basic boundary ports and ssh"
+  value       = aws_security_group.boundary_sg.id
+}
+
 output "controller_aux_sg_id" {
   description = "A security group ID that covers the controllers for adding extra rules to"
   value       = aws_security_group.boundary_aux_sg.id

enos/modules/aws_boundary/variables.tf

@@ -31,7 +31,7 @@ variable "worker_instance_type" {
 variable "worker_type_tags" {
   description = "Tag to set on worker for use in worker filters"
   type        = list(string)
-  default     = ["collocated", "prod", "webservers"]
+  default     = ["collocated", "prod", "webservers", "linux"]
 }
 
 variable "worker_ebs_iops" {