terraform: align infrastructure module attributes (#2703)

* all vars have snail_case * make iam schema consistent * infrastructure schema * terraform: update AWS infrastructure module * fix ci * terraform: update AWS infrastructure module * terraform: update AWS IAM module * terraform: update Azure Infrastructure module inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update Azure IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update OpenStack Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update QEMU Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-module: fix input name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: tidy * cli: ignore whitespace in Terraform variable tests * terraform-module: fix AWS output names * terraform-module: fix output references Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: rename `api_server_cert_sans` * Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * fix self-managed * terraform: revert AWS modules output file renaming * terraform: remove duplicate varable declaration * terraform: rename Azure location field * ci: adjust output name in self-managed e2e test * e2e: continuously print output in upgrade test * e2e: write to output variables * cli: migrate IAM variable names * cli: make `location` field optional --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2025-05-02 06:16:08 -04:00 · 2023-12-15 10:36:58 +01:00 · 2023-12-15 10:36:58 +01:00 · 9667dfff58
commit 9667dfff58
parent 6f6f28b8cc
76 changed files with 745 additions and 767 deletions
--- a/cli/internal/terraform/terraform.go
+++ b/cli/internal/terraform/terraform.go
@ -95,13 +95,13 @@ func (c *Client) ShowIAM(ctx context.Context, provider cloudprovider.Provider) (

 	switch provider {
 	case cloudprovider.GCP:
-		saKeyOutputRaw, ok := tfState.Values.Outputs["sa_key"]
+		saKeyOutputRaw, ok := tfState.Values.Outputs["service_account_key"]
 		if !ok {
-			return IAMOutput{}, errors.New("no service account key output found")
+			return IAMOutput{}, errors.New("no service_account_key output found")
 		}
 		saKeyOutput, ok := saKeyOutputRaw.Value.(string)
 		if !ok {
-			return IAMOutput{}, errors.New("invalid type in service account key output: not a string")
+			return IAMOutput{}, errors.New("invalid type in service_account_key output: not a string")
 		}
 		return IAMOutput{
 			GCP: GCPIAMOutput{
@ -111,27 +111,27 @@ func (c *Client) ShowIAM(ctx context.Context, provider cloudprovider.Provider) (
 	case cloudprovider.Azure:
 		subscriptionIDRaw, ok := tfState.Values.Outputs["subscription_id"]
 		if !ok {
-			return IAMOutput{}, errors.New("no subscription id output found")
+			return IAMOutput{}, errors.New("no subscription_id output found")
 		}
 		subscriptionIDOutput, ok := subscriptionIDRaw.Value.(string)
 		if !ok {
-			return IAMOutput{}, errors.New("invalid type in subscription id output: not a string")
+			return IAMOutput{}, errors.New("invalid type in subscription_id output: not a string")
 		}
 		tenantIDRaw, ok := tfState.Values.Outputs["tenant_id"]
 		if !ok {
-			return IAMOutput{}, errors.New("no tenant id output found")
+			return IAMOutput{}, errors.New("no tenant_id output found")
 		}
 		tenantIDOutput, ok := tenantIDRaw.Value.(string)
 		if !ok {
-			return IAMOutput{}, errors.New("invalid type in tenant id output: not a string")
+			return IAMOutput{}, errors.New("invalid type in tenant_id output: not a string")
 		}
 		uamiIDRaw, ok := tfState.Values.Outputs["uami_id"]
 		if !ok {
-			return IAMOutput{}, errors.New("no UAMI id output found")
+			return IAMOutput{}, errors.New("no uami_id output found")
 		}
 		uamiIDOutput, ok := uamiIDRaw.Value.(string)
 		if !ok {
-			return IAMOutput{}, errors.New("invalid type in UAMI id output: not a string")
+			return IAMOutput{}, errors.New("invalid type in uami_id output: not a string")
 		}
 		return IAMOutput{
 			Azure: AzureIAMOutput{
@ -141,21 +141,21 @@ func (c *Client) ShowIAM(ctx context.Context, provider cloudprovider.Provider) (
 			},
 		}, nil
 	case cloudprovider.AWS:
-		controlPlaneProfileRaw, ok := tfState.Values.Outputs["control_plane_instance_profile"]
+		controlPlaneProfileRaw, ok := tfState.Values.Outputs["iam_instance_profile_name_control_plane"]
 		if !ok {
-			return IAMOutput{}, errors.New("no control plane instance profile output found")
+			return IAMOutput{}, errors.New("no iam_instance_profile_name_control_plane output found")
 		}
 		controlPlaneProfileOutput, ok := controlPlaneProfileRaw.Value.(string)
 		if !ok {
-			return IAMOutput{}, errors.New("invalid type in control plane instance profile output: not a string")
+			return IAMOutput{}, errors.New("invalid type in iam_instance_profile_name_control_plane output: not a string")
 		}
-		workerNodeProfileRaw, ok := tfState.Values.Outputs["worker_nodes_instance_profile"]
+		workerNodeProfileRaw, ok := tfState.Values.Outputs["iam_instance_profile_name_worker_nodes"]
 		if !ok {
-			return IAMOutput{}, errors.New("no worker node instance profile output found")
+			return IAMOutput{}, errors.New("no iam_instance_profile_name_worker_nodes output found")
 		}
 		workerNodeProfileOutput, ok := workerNodeProfileRaw.Value.(string)
 		if !ok {
-			return IAMOutput{}, errors.New("invalid type in worker node instance profile output: not a string")
+			return IAMOutput{}, errors.New("invalid type in iam_instance_profile_name_worker_nodes output: not a string")
 		}
 		return IAMOutput{
 			AWS: AWSIAMOutput{
@ -209,13 +209,13 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
 		return state.Infrastructure{}, fmt.Errorf("convert api_server_cert_sans output: %w", err)
 	}

-	secretOutput, ok := tfState.Values.Outputs["initSecret"]
+	secretOutput, ok := tfState.Values.Outputs["init_secret"]
 	if !ok {
-		return state.Infrastructure{}, errors.New("no initSecret output found")
+		return state.Infrastructure{}, errors.New("no init_secret output found")
 	}
 	secret, ok := secretOutput.Value.(string)
 	if !ok {
-		return state.Infrastructure{}, errors.New("invalid type in initSecret output: not a string")
+		return state.Infrastructure{}, errors.New("invalid type in init_Secret output: not a string")
 	}

 	uidOutput, ok := tfState.Values.Outputs["uid"]
@ -236,13 +236,13 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
 		return state.Infrastructure{}, errors.New("invalid type in name output: not a string")
 	}

-	cidrNodesOutput, ok := tfState.Values.Outputs["ip_cidr_nodes"]
+	cidrNodesOutput, ok := tfState.Values.Outputs["ip_cidr_node"]
 	if !ok {
-		return state.Infrastructure{}, errors.New("no ip_cidr_nodes output found")
+		return state.Infrastructure{}, errors.New("no ip_cidr_node output found")
 	}
 	cidrNodes, ok := cidrNodesOutput.Value.(string)
 	if !ok {
-		return state.Infrastructure{}, errors.New("invalid type in ip_cidr_nodes output: not a string")
+		return state.Infrastructure{}, errors.New("invalid type in ip_cidr_node output: not a string")
 	}

 	res := state.Infrastructure{
@ -266,13 +266,13 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
 			return state.Infrastructure{}, errors.New("invalid type in project output: not a string")
 		}

-		cidrPodsOutput, ok := tfState.Values.Outputs["ip_cidr_pods"]
+		cidrPodsOutput, ok := tfState.Values.Outputs["ip_cidr_pod"]
 		if !ok {
-			return state.Infrastructure{}, errors.New("no ip_cidr_pods output found")
+			return state.Infrastructure{}, errors.New("no ip_cidr_pod output found")
 		}
 		cidrPods, ok := cidrPodsOutput.Value.(string)
 		if !ok {
-			return state.Infrastructure{}, errors.New("invalid type in ip_cidr_pods output: not a string")
+			return state.Infrastructure{}, errors.New("invalid type in ip_cidr_pod output: not a string")
 		}

 		res.GCP = &state.GCP{
@ -280,13 +280,13 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
 			IPCidrPod: cidrPods,
 		}
 	case cloudprovider.Azure:
-		attestationURLOutput, ok := tfState.Values.Outputs["attestationURL"]
+		attestationURLOutput, ok := tfState.Values.Outputs["attestation_url"]
 		if !ok {
-			return state.Infrastructure{}, errors.New("no attestationURL output found")
+			return state.Infrastructure{}, errors.New("no attestation_url output found")
 		}
 		attestationURL, ok := attestationURLOutput.Value.(string)
 		if !ok {
-			return state.Infrastructure{}, errors.New("invalid type in attestationURL output: not a string")
+			return state.Infrastructure{}, errors.New("invalid type in attestation_url output: not a string")
 		}

 		azureUAMIOutput, ok := tfState.Values.Outputs["user_assigned_identity_client_id"]
--- a/cli/internal/terraform/terraform_test.go
+++ b/cli/internal/terraform/terraform_test.go
@ -122,7 +122,7 @@ func TestPrepareIAM(t *testing.T) {
 		ServiceAccountID: "const-test-case",
 	}
 	azureVars := &AzureIAMVariables{
-		Region:        "westus",
+		Location:      "westus",
 		ResourceGroup: "constell-test-rg",
 	}
 	awsVars := &AWSIAMVariables{
@ -218,7 +218,7 @@ func TestCreateCluster(t *testing.T) {
 					"in_cluster_endpoint": {
 						Value: "192.0.2.101",
 					},
-					"initSecret": {
+					"init_secret": {
 						Value: "initSecret",
 					},
 					"uid": {
@ -230,7 +230,7 @@ func TestCreateCluster(t *testing.T) {
 					"name": {
 						Value: "constell-12345abc",
 					},
-					"ip_cidr_nodes": {
+					"ip_cidr_node": {
 						Value: "192.0.2.103/32",
 					},
 				},
@ -248,13 +248,13 @@ func TestCreateCluster(t *testing.T) {
 					"in_cluster_endpoint": {
 						Value: "192.0.2.101",
 					},
-					"initSecret": {
+					"init_secret": {
 						Value: "initSecret",
 					},
 					"uid": {
 						Value: "12345abc",
 					},
-					"attestationURL": {
+					"attestation_url": {
 						Value: "https://12345.neu.attest.azure.net",
 					},
 					"api_server_cert_sans": {
@ -278,7 +278,7 @@ func TestCreateCluster(t *testing.T) {
 					"name": {
 						Value: "constell-12345abc",
 					},
-					"ip_cidr_nodes": {
+					"ip_cidr_node": {
 						Value: "192.0.2.103/32",
 					},
 				},
@ -460,7 +460,7 @@ func TestCreateCluster(t *testing.T) {
 			tf: &stubTerraform{
 				showState: &tfjson.State{
 					Values: &tfjson.StateValues{
-						Outputs: map[string]*tfjson.StateOutput{"attestationURL": {Value: 42}},
+						Outputs: map[string]*tfjson.StateOutput{"attestation_url": {Value: 42}},
 					},
 				},
 			},
@ -506,7 +506,7 @@ func TestCreateIAM(t *testing.T) {
 		workingState := tfjson.State{
 			Values: &tfjson.StateValues{
 				Outputs: map[string]*tfjson.StateOutput{
-					"sa_key": {
+					"service_account_key": {
 						Value: "12345678_abcdefg",
 					},
 					"subscription_id": {
@ -524,11 +524,11 @@ func TestCreateIAM(t *testing.T) {
 					"application_client_secret_value": {
 						Value: "test_application_client_secret_value",
 					},
-					"control_plane_instance_profile": {
-						Value: "test_control_plane_instance_profile",
+					"iam_instance_profile_name_control_plane": {
+						Value: "test_iam_instance_profile_name_control_plane",
 					},
-					"worker_nodes_instance_profile": {
-						Value: "test_worker_nodes_instance_profile",
+					"iam_instance_profile_name_worker_nodes": {
+						Value: "test_iam_instance_profile_name_worker_nodes",
 					},
 				},
 			},
@ -542,7 +542,7 @@ func TestCreateIAM(t *testing.T) {
 		ServiceAccountID: "const-test-case",
 	}
 	azureVars := &AzureIAMVariables{
-		Region:        "westus",
+		Location:      "westus",
 		ResourceGroup: "constell-test-rg",
 	}
 	awsVars := &AWSIAMVariables{
@ -607,7 +607,7 @@ func TestCreateIAM(t *testing.T) {
 			fs:       afero.NewMemMapFs(),
 			wantErr:  true,
 		},
-		"gcp no sa_key": {
+		"gcp no service_account_key": {
 			pathBase: path.Join(constants.TerraformEmbeddedDir, "iam"),
 			provider: cloudprovider.GCP,
 			vars:     gcpVars,
@ -621,14 +621,14 @@ func TestCreateIAM(t *testing.T) {
 			fs:      afero.NewMemMapFs(),
 			wantErr: true,
 		},
-		"gcp sa_key has wrong type": {
+		"gcp service_account_key has wrong type": {
 			pathBase: path.Join(constants.TerraformEmbeddedDir, "iam"),
 			provider: cloudprovider.GCP,
 			vars:     gcpVars,
 			tf: &stubTerraform{
 				showState: &tfjson.State{
 					Values: &tfjson.StateValues{
-						Outputs: map[string]*tfjson.StateOutput{"sa_key": {Value: 42}},
+						Outputs: map[string]*tfjson.StateOutput{"service_account_key": {Value: 42}},
 					},
 				},
 			},
@ -706,8 +706,8 @@ func TestCreateIAM(t *testing.T) {
 			tf:       &stubTerraform{showState: newTestState()},
 			fs:       afero.NewMemMapFs(),
 			want: IAMOutput{AWS: AWSIAMOutput{
-				ControlPlaneInstanceProfile: "test_control_plane_instance_profile",
-				WorkerNodeInstanceProfile:   "test_worker_nodes_instance_profile",
+				ControlPlaneInstanceProfile: "test_iam_instance_profile_name_control_plane",
+				WorkerNodeInstanceProfile:   "test_iam_instance_profile_name_worker_nodes",
 			}},
 		},
 		"aws init fails": {
@ -734,7 +734,7 @@ func TestCreateIAM(t *testing.T) {
 			fs:       afero.NewMemMapFs(),
 			wantErr:  true,
 		},
-		"aws no control_plane_instance_profile": {
+		"aws no iam_instance_profile_name_control_plane": {
 			pathBase: path.Join(constants.TerraformEmbeddedDir, "iam"),
 			provider: cloudprovider.AWS,
 			vars:     awsVars,
@ -748,14 +748,14 @@ func TestCreateIAM(t *testing.T) {
 			fs:      afero.NewMemMapFs(),
 			wantErr: true,
 		},
-		"azure control_plane_instance_profile has wrong type": {
+		"azure iam_instance_profile_name_control_plane has wrong type": {
 			pathBase: path.Join(constants.TerraformEmbeddedDir, "iam"),
 			provider: cloudprovider.AWS,
 			vars:     awsVars,
 			tf: &stubTerraform{
 				showState: &tfjson.State{
 					Values: &tfjson.StateValues{
-						Outputs: map[string]*tfjson.StateOutput{"control_plane_instance_profile": {Value: 42}},
+						Outputs: map[string]*tfjson.StateOutput{"iam_instance_profile_name_control_plane": {Value: 42}},
 					},
 				},
 			},
@ -1129,7 +1129,7 @@ func TestShowIAM(t *testing.T) {
 		"GCP success": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"sa_key": "key",
+					"service_account_key": "key",
 				}),
 			},
 			csp: cloudprovider.GCP,
@ -1137,7 +1137,7 @@ func TestShowIAM(t *testing.T) {
 		"GCP wrong data type": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"sa_key": map[string]any{},
+					"service_account_key": map[string]any{},
 				}),
 			},
 			csp:     cloudprovider.GCP,
@ -1226,45 +1226,45 @@ func TestShowIAM(t *testing.T) {
 		"AWS success": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"control_plane_instance_profile": "profile",
-					"worker_nodes_instance_profile":  "profile",
+					"iam_instance_profile_name_control_plane": "profile",
+					"iam_instance_profile_name_worker_nodes":  "profile",
 				}),
 			},
 			csp: cloudprovider.AWS,
 		},
-		"AWS wrong data type control_plane_instance_profile": {
+		"AWS wrong data type iam_instance_profile_name_control_plane": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"control_plane_instance_profile": map[string]any{},
-					"worker_nodes_instance_profile":  "profile",
+					"iam_instance_profile_name_control_plane": map[string]any{},
+					"iam_instance_profile_name_worker_nodes":  "profile",
 				}),
 			},
 			csp:     cloudprovider.AWS,
 			wantErr: true,
 		},
-		"AWS wrong data type worker_nodes_instance_profile": {
+		"AWS wrong data type iam_instance_profile_name_worker_nodes": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"control_plane_instance_profile": "profile",
-					"worker_nodes_instance_profile":  map[string]any{},
+					"iam_instance_profile_name_control_plane": "profile",
+					"iam_instance_profile_name_worker_nodes":  map[string]any{},
 				}),
 			},
 			csp:     cloudprovider.AWS,
 			wantErr: true,
 		},
-		"AWS missing control_plane_instance_profile": {
+		"AWS missing iam_instance_profile_name_control_plane": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"worker_nodes_instance_profile": "profile",
+					"iam_instance_profile_name_worker_nodes": "profile",
 				}),
 			},
 			csp:     cloudprovider.AWS,
 			wantErr: true,
 		},
-		"AWS missing worker_nodes_instance_profile": {
+		"AWS missing iam_instance_profile_name_worker_nodes": {
 			tf: &stubTerraform{
 				showState: getTfjsonState(map[string]any{
-					"control_plane_instance_profile": "profile",
+					"iam_instance_profile_name_control_plane": "profile",
 				}),
 			},
 			csp:     cloudprovider.AWS,
--- a/cli/internal/terraform/variables.go
+++ b/cli/internal/terraform/variables.go
@ -38,8 +38,9 @@ func VariablesFromBytes[T any](b []byte, vars *T) error {
 		return fmt.Errorf("parsing variables: %w", err)
 	}

-	if err := gohcl.DecodeBody(file.Body, nil, vars); err != nil {
-		return fmt.Errorf("decoding variables: %w", err)
+	diags := gohcl.DecodeBody(file.Body, nil, vars)
+	if diags.HasErrors() {
+		return fmt.Errorf("decoding variables: %w", diags)
 	}
 	return nil
 }
@ -52,12 +53,12 @@ type AWSClusterVariables struct {
 	Region string `hcl:"region" cty:"region"`
 	// Zone is the AWS zone to use in the given region.
 	Zone string `hcl:"zone" cty:"zone"`
-	// AMIImageID is the ID of the AMI image to use.
-	AMIImageID string `hcl:"ami" cty:"ami"`
-	// IAMGroupControlPlane is the IAM group to use for the control-plane nodes.
-	IAMProfileControlPlane string `hcl:"iam_instance_profile_control_plane" cty:"iam_instance_profile_control_plane"`
-	// IAMGroupWorkerNodes is the IAM group to use for the worker nodes.
-	IAMProfileWorkerNodes string `hcl:"iam_instance_profile_worker_nodes" cty:"iam_instance_profile_worker_nodes"`
+	// ImageID is the ID of the AMI to use.
+	ImageID string `hcl:"image_id" cty:"image_id"`
+	// IAMProfileControlPlane is the IAM group to use for the control-plane nodes.
+	IAMProfileControlPlane string `hcl:"iam_instance_profile_name_control_plane" cty:"iam_instance_profile_name_control_plane"`
+	// IAMProfileWorkerNodes is the IAM group to use for the worker nodes.
+	IAMProfileWorkerNodes string `hcl:"iam_instance_profile_name_worker_nodes" cty:"iam_instance_profile_name_worker_nodes"`
 	// Debug is true if debug mode is enabled.
 	Debug bool `hcl:"debug" cty:"debug"`
 	// EnableSNP controls enablement of the EC2 cpu-option "AmdSevSnp".
@ -244,8 +245,11 @@ type AzureNodeGroup struct {

 // AzureIAMVariables is user configuration for creating the IAM configuration with Terraform on Microsoft Azure.
 type AzureIAMVariables struct {
-	// Region is the Azure region to use. (e.g. westus)
-	Region string `hcl:"region" cty:"region"`
+	// Region is the Azure location to use. (e.g. westus).
+	// THIS FIELD IS DEPRECATED AND ONLY KEPT FOR MIGRATION PURPOSES. DO NOT USE.
+	Region *string `hcl:"region" cty:"region"` // TODO(msanft): Remove this field once v2.14.0 is released.
+	// Location is the Azure location to use. (e.g. westus)
+	Location string `hcl:"location,optional" cty:"location"` // TODO(msanft): Make this required once v2.14.0 is released.
 	// ServicePrincipal is the name of the service principal to use.
 	ServicePrincipal string `hcl:"service_principal_name" cty:"service_principal_name"`
 	// ResourceGroup is the name of the resource group to use.
@ -282,7 +286,7 @@ type OpenStackClusterVariables struct {
 	// FloatingIPPoolID is the ID of the OpenStack floating IP pool to use for public IPs.
 	FloatingIPPoolID string `hcl:"floating_ip_pool_id" cty:"floating_ip_pool_id"`
 	// ImageURL is the URL of the OpenStack image to use.
-	ImageURL string `hcl:"image_url" cty:"image_url"`
+	ImageURL string `hcl:"image_id" cty:"image_id"`
 	// DirectDownload decides whether to download the image directly from the URL to OpenStack or to upload it from the local machine.
 	DirectDownload bool `hcl:"direct_download" cty:"direct_download"`
 	// OpenstackUserDomainName is the OpenStack user domain name to use.
@ -347,7 +351,7 @@ type QEMUVariables struct {
 	// Can be either "uefi" or "direct-linux-boot".
 	BootMode string `hcl:"constellation_boot_mode" cty:"constellation_boot_mode"`
 	// ImagePath is the path to the image to use for the nodes.
-	ImagePath string `hcl:"constellation_os_image" cty:"constellation_os_image"`
+	ImagePath string `hcl:"image_id" cty:"image_id"`
 	// ImageFormat is the format of the image from ImagePath.
 	ImageFormat string `hcl:"image_format" cty:"image_format"`
 	// MetadataAPIImage is the container image to use for the metadata API.
--- a/cli/internal/terraform/variables_test.go
+++ b/cli/internal/terraform/variables_test.go
@ -7,6 +7,7 @@ SPDX-License-Identifier: AGPL-3.0-only
 package terraform

 import (
+	"strings"
 	"testing"

 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
@ -38,7 +39,7 @@ func TestAWSClusterVariables(t *testing.T) {
 		},
 		Region:                 "eu-central-1",
 		Zone:                   "eu-central-1a",
-		AMIImageID:             "ami-0123456789abcdef",
+		ImageID:                "ami-0123456789abcdef",
 		IAMProfileControlPlane: "arn:aws:iam::123456789012:instance-profile/cluster-name-controlplane",
 		IAMProfileWorkerNodes:  "arn:aws:iam::123456789012:instance-profile/cluster-name-worker",
 		Debug:                  true,
@ -47,14 +48,14 @@ func TestAWSClusterVariables(t *testing.T) {
 	}

 	// test that the variables are correctly rendered
-	want := `name                               = "cluster-name"
-region                             = "eu-central-1"
-zone                               = "eu-central-1a"
-ami                                = "ami-0123456789abcdef"
-iam_instance_profile_control_plane = "arn:aws:iam::123456789012:instance-profile/cluster-name-controlplane"
-iam_instance_profile_worker_nodes  = "arn:aws:iam::123456789012:instance-profile/cluster-name-worker"
-debug                              = true
-enable_snp                         = true
+	want := `name                                    = "cluster-name"
+region                                  = "eu-central-1"
+zone                                    = "eu-central-1a"
+image_id                                = "ami-0123456789abcdef"
+iam_instance_profile_name_control_plane = "arn:aws:iam::123456789012:instance-profile/cluster-name-controlplane"
+iam_instance_profile_name_worker_nodes  = "arn:aws:iam::123456789012:instance-profile/cluster-name-worker"
+debug                                   = true
+enable_snp                              = true
 node_groups = {
  control_plane_default = {
    disk_size     = 30
@ -77,7 +78,7 @@ custom_endpoint        = "example.com"
 internal_load_balancer = false
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestAWSIAMVariables(t *testing.T) {
@ -91,7 +92,7 @@ func TestAWSIAMVariables(t *testing.T) {
 name_prefix = "my-prefix"
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestGCPClusterVariables(t *testing.T) {
@ -152,7 +153,7 @@ custom_endpoint        = "example.com"
 internal_load_balancer = false
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestGCPIAMVariables(t *testing.T) {
@ -170,7 +171,7 @@ zone               = "eu-central-1a"
 service_account_id = "my-service-account"
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestAzureClusterVariables(t *testing.T) {
@ -230,23 +231,23 @@ marketplace_image = {
 }
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestAzureIAMVariables(t *testing.T) {
 	vars := AzureIAMVariables{
-		Region:           "eu-central-1",
+		Location:         "eu-central-1",
 		ServicePrincipal: "my-service-principal",
 		ResourceGroup:    "my-resource-group",
 	}

 	// test that the variables are correctly rendered
-	want := `region                 = "eu-central-1"
+	want := `location                 = "eu-central-1"
 service_principal_name = "my-service-principal"
 resource_group_name    = "my-resource-group"
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestOpenStackClusterVariables(t *testing.T) {
@ -287,7 +288,7 @@ node_groups = {
 }
 cloud                      = "my-cloud"
 floating_ip_pool_id        = "fip-pool-0123456789abcdef"
-image_url                  = "https://example.com/image.raw"
+image_id                  = "https://example.com/image.raw"
 direct_download            = true
 openstack_user_domain_name = "my-user-domain"
 openstack_username         = "my-username"
@ -297,7 +298,7 @@ custom_endpoint            = "example.com"
 internal_load_balancer     = false
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestQEMUClusterVariables(t *testing.T) {
@ -341,7 +342,7 @@ machine                 = "q35"
 libvirt_uri             = "qemu:///system"
 libvirt_socket_path     = "/var/run/libvirt/libvirt-sock"
 constellation_boot_mode = "uefi"
-constellation_os_image  = "/var/lib/libvirt/images/cluster-name.qcow2"
+image_id  = "/var/lib/libvirt/images/cluster-name.qcow2"
 image_format            = "raw"
 metadata_api_image      = "example.com/metadata-api:latest"
 metadata_libvirt_uri    = "qemu:///system"
@ -352,7 +353,7 @@ custom_endpoint         = "example.com"
 internal_load_balancer  = false
 `
 	got := vars.String()
-	assert.Equal(t, want, got)
+	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
 }

 func TestVariablesFromBytes(t *testing.T) {
@ -367,7 +368,7 @@ func TestVariablesFromBytes(t *testing.T) {
 	assert.Equal(awsVars, loadedAWSVars)

 	azureVars := AzureIAMVariables{
-		Region: "test",
+		Location: "test",
 	}
 	var loadedAzureVars AzureIAMVariables
 	err = VariablesFromBytes([]byte(azureVars.String()), &loadedAzureVars)