ci: add e2e test for self-managed infrastructure (#2472)

* add self-managed infra e2e test * self-managed terminatio Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix upgrade test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix indentation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use -r when copying dir Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add terraform variable parsing * copy constellation conf Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unnecessary line breaks * add missing value Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add image fetching for CSP Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix quoting Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing input to internal lb test * normalize Azure URLs.. Of course * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix expressions * initsecret to hex * update hexdump cmd * add build test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add node / pod cidr outputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * explicitly delete the state file Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing license header Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * always write all outputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix list output Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove state-file and admin-conf on destroy * dont use test payload Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [remove] use self managed infra in manual e2e for testing Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * init: always skip infrastructure phase * patch maa in workflow Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * default to Constellation-created infra in e2e test --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2025-05-06 08:15:48 -04:00 · 2023-10-27 09:37:26 +02:00 · 2023-10-27 09:37:26 +02:00 · 402a8834ca
commit 402a8834ca
parent f4bfbe3564
24 changed files with 417 additions and 11 deletions
--- a/hack/image-fetch/main.go
+++ b/hack/image-fetch/main.go
@ -0,0 +1,68 @@
+/*
+Copyright (c) Edgeless Systems GmbH
+
+SPDX-License-Identifier: AGPL-3.0-only
+*/
+
+/*
+imagefetch retrieves a CSP image reference from a Constellation config in the CWD.
+This is especially useful when using self-managed infrastructure, where the image
+reference needs to be chosen by the user, which would usually happen manually.
+*/
+package main
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+	"regexp"
+
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
+	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
+	"github.com/edgelesssys/constellation/v2/internal/config"
+	"github.com/edgelesssys/constellation/v2/internal/constants"
+	"github.com/edgelesssys/constellation/v2/internal/file"
+	"github.com/edgelesssys/constellation/v2/internal/imagefetcher"
+	"github.com/spf13/afero"
+)
+
+var (
+	caseInsensitiveCommunityGalleriesRegexp = regexp.MustCompile(`(?i)\/communitygalleries\/`)
+	caseInsensitiveImagesRegExp             = regexp.MustCompile(`(?i)\/images\/`)
+	caseInsensitiveVersionsRegExp           = regexp.MustCompile(`(?i)\/versions\/`)
+)
+
+func main() {
+	cwd := os.Getenv("BUILD_WORKING_DIRECTORY") // set by Bazel, for bazel run compatibility
+	ctx := context.Background()
+
+	fh := file.NewHandler(afero.NewOsFs())
+	attFetcher := attestationconfigapi.NewFetcher()
+	conf, err := config.New(fh, filepath.Join(cwd, constants.ConfigFilename), attFetcher, true)
+	var configValidationErr *config.ValidationError
+	if errors.As(err, &configValidationErr) {
+		fmt.Println(configValidationErr.LongMessage())
+	}
+	if err != nil {
+		panic(err)
+	}
+
+	imgFetcher := imagefetcher.New()
+	provider := conf.GetProvider()
+	attestationVariant := conf.GetAttestationConfig().GetVariant()
+	region := conf.GetRegion()
+	image, err := imgFetcher.FetchReference(ctx, provider, attestationVariant, conf.Image, region)
+	if err != nil {
+		panic(err)
+	}
+
+	if provider == cloudprovider.Azure {
+		image = caseInsensitiveCommunityGalleriesRegexp.ReplaceAllString(image, "/communityGalleries/")
+		image = caseInsensitiveImagesRegExp.ReplaceAllString(image, "/images/")
+		image = caseInsensitiveVersionsRegExp.ReplaceAllString(image, "/versions/")
+	}
+
+	fmt.Println(image)
+}