image: OpenStack vTPM (#1616)

* cli: allow vpc traffic between nodes on OpenStack * image: enable vTPM on OpenStack * cli: add create tests for OpenStack
2025-08-08 15:02:18 -04:00 · 2023-04-05 16:49:03 +02:00 · 2023-04-05 16:49:03 +02:00 · 69de06dd1f
commit 69de06dd1f
parent 509b3d5d58
15 changed files with 151 additions and 41 deletions
--- a/cli/internal/cloudcmd/create.go
+++ b/cli/internal/cloudcmd/create.go
@ -23,6 +23,7 @@ import (
 	"github.com/Azure/azure-sdk-for-go/profiles/latest/attestation/attestation"
 	azpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+
 	"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/image"
 	"github.com/edgelesssys/constellation/v2/cli/internal/libvirt"
--- a/cli/internal/cloudcmd/create_test.go
+++ b/cli/internal/cloudcmd/create_test.go
@ -13,14 +13,17 @@ import (
 	"runtime"
 	"testing"

+	"github.com/stretchr/testify/assert"
+
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/variant"
-	"github.com/stretchr/testify/assert"
 )

 func TestCreator(t *testing.T) {
+	// TODO(malt3): remove once OpenStack is fully supported.
+	t.Setenv("CONSTELLATION_OPENSTACK_DEV", "1")
 	failOnNonAMD64 := (runtime.GOARCH != "amd64") || (runtime.GOOS != "linux")
 	ip := "192.0.2.1"
 	someErr := errors.New("failed")
@ -110,6 +113,47 @@ func TestCreator(t *testing.T) {
 			wantRollback:          true,
 			wantTerraformRollback: true,
 		},
+		"openstack": {
+			tfClient: &stubTerraformClient{ip: ip},
+			libvirt:  &stubLibvirtRunner{},
+			provider: cloudprovider.OpenStack,
+			config: func() *config.Config {
+				cfg := config.Default()
+				cfg.Provider.OpenStack.Cloud = "testcloud"
+				return cfg
+			}(),
+		},
+		"openstack without clouds.yaml": {
+			tfClient: &stubTerraformClient{ip: ip},
+			libvirt:  &stubLibvirtRunner{},
+			provider: cloudprovider.OpenStack,
+			config:   config.Default(),
+			wantErr:  true,
+		},
+		"openstack newTerraformClient error": {
+			newTfClientErr: someErr,
+			libvirt:        &stubLibvirtRunner{},
+			provider:       cloudprovider.OpenStack,
+			config: func() *config.Config {
+				cfg := config.Default()
+				cfg.Provider.OpenStack.Cloud = "testcloud"
+				return cfg
+			}(),
+			wantErr: true,
+		},
+		"openstack create cluster error": {
+			tfClient: &stubTerraformClient{createClusterErr: someErr},
+			libvirt:  &stubLibvirtRunner{},
+			provider: cloudprovider.OpenStack,
+			config: func() *config.Config {
+				cfg := config.Default()
+				cfg.Provider.OpenStack.Cloud = "testcloud"
+				return cfg
+			}(),
+			wantErr:               true,
+			wantRollback:          true,
+			wantTerraformRollback: true,
+		},
 		"qemu": {
 			tfClient: &stubTerraformClient{ip: ip},
 			libvirt:  &stubLibvirtRunner{},
@ -152,7 +196,6 @@ func TestCreator(t *testing.T) {
 	for name, tc := range testCases {
 		t.Run(name, func(t *testing.T) {
 			assert := assert.New(t)
-
 			creator := &Creator{
 				out: &bytes.Buffer{},
 				image: &stubImageFetcher{
--- a/cli/internal/cloudcmd/validators_test.go
+++ b/cli/internal/cloudcmd/validators_test.go
@ -12,6 +12,10 @@ import (
 	"encoding/hex"
 	"testing"

+	"github.com/spf13/cobra"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
 	"github.com/edgelesssys/constellation/v2/internal/atls"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/azure/snp"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/azure/trustedlaunch"
@ -22,9 +26,6 @@ import (
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/variant"
-	"github.com/spf13/cobra"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 )

 func TestNewValidator(t *testing.T) {
@ -71,6 +72,16 @@ func TestNewValidator(t *testing.T) {
 				},
 			},
 		},
+		"openstack": {
+			config: &config.Config{
+				AttestationVariant: variant.QEMUVTPM{}.String(),
+				Provider: config.ProviderConfig{
+					OpenStack: &config.OpenStackConfig{
+						Measurements: testPCRs,
+					},
+				},
+			},
+		},
 		"qemu": {
 			config: &config.Config{
 				AttestationVariant: variant.QEMUVTPM{}.String(),