Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-06-19 03:39:32 -04:00
Code Issues Projects Releases Packages Wiki Activity

ci: Terraform provider e2e tests (#2712)

Browse source 
* Refactor selfManagedInfra input to clusterCreation in e2e tests
* Run e2e test using terraform provider
* Allow insecure measurement fetching in Terraform provider
* Run Terraform provider test instead of module test in weekly runs

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2023-12-15 10:37:29 +01:00 committed by GitHub
parent 9667dfff58
commit 724ee44466
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 415 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

9
terraform-provider-constellation/internal/provider/attestation_data_source.go
View file

@ -47,6 +47,7 @@ type AttestationDataSourceModel struct {
AttestationVariant types.String `tfsdk:"attestation_variant"`
ImageVersion types.String `tfsdk:"image_version"`
MaaURL types.String `tfsdk:"maa_url"`
Insecure types.Bool `tfsdk:"insecure"`
Attestation types.Object `tfsdk:"attestation"`
}
@ -97,6 +98,10 @@ func (d *AttestationDataSource) Schema(_ context.Context, _ datasource.SchemaReq
MarkdownDescription: "For Azure only, the URL of the Microsoft Azure Attestation service",
Optional: true,
},
"insecure": schema.BoolAttribute{
MarkdownDescription: "DON'T USE IN PRODUCTION Skip the signature verification when fetching measurements for the image.",
Optional: true,
},
"attestation": newAttestationConfigAttribute(attributeOutput),
},
}
@ -154,6 +159,8 @@ func (d *AttestationDataSource) Read(ctx context.Context, req datasource.ReadReq
return
}
insecureFetch := data.Insecure.ValueBool()
snpVersions := attestationconfigapi.SEVSNPVersionAPI{}
if attestationVariant.Equal(variant.AzureSEVSNP{}) || attestationVariant.Equal(variant.AWSSEVSNP{}) {
snpVersions, err = d.fetcher.FetchSEVSNPVersionLatest(ctx, attestationVariant)
@ -174,7 +181,7 @@ func (d *AttestationDataSource) Read(ctx context.Context, req datasource.ReadReq
imageVersion = d.version // Use provider version as default.
}
fetchedMeasurements, err := verifyFetcher.FetchAndVerifyMeasurements(ctx, imageVersion,
csp, attestationVariant, false)
csp, attestationVariant, insecureFetch)
if err != nil {
var rekErr *measurements.RekorError
if errors.As(err, &rekErr) {