test/e2e: allow to disable CVM for AWS

Currently CAA will attempt to instantiate confidential VMs in AWS. If we want it disabled then we must set DISABLECVM=true in kustomization.yaml. This allows the e2e suite to disable CVM for AWS by pass the `disablecvm=true` property to the test framework. Signed-off-by: Wainer dos Santos Moschetta <[email protected]>
confidential-containers · Sep 17, 2024 · 4d1d6bb · 4d1d6bb
1 parent 14b6b9a
commit 4d1d6bb
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 0 deletions.
diff --git a/src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml b/src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml
@@ -19,6 +19,7 @@ configMapGenerator:
   - CLOUD_PROVIDER="aws"
   - ENABLE_CLOUD_PROVIDER_EXTERNAL_PLUGIN="false" # flag to enable/disable dynamically load cloud provider external plugin feature
   - CLOUD_CONFIG_VERIFY="false" # It's better set as true to enable could config verify in production env
+  #- DISABLECVM="true" # Uncomment it if you want a generic VM
   #- PAUSE_IMAGE="" # Uncomment and set if you want to use a specific pause image
   #- VXLAN_PORT="" # Uncomment and set if you want to use a specific vxlan port. Defaults to 4789
   #- PODVM_LAUNCHTEMPLATE_NAME="" # Uncomment and set if you want to use launch template

diff --git a/src/cloud-api-adaptor/test/e2e/README.md b/src/cloud-api-adaptor/test/e2e/README.md
@@ -130,6 +130,7 @@ Use the properties on the table below for AWS:
 |aws_vpc_sg_id|AWS VPC Security Groups ID||
 |aws_vpc_subnet_id|AWS VPC Subnet ID||
 |cluster_type|Kubernetes cluster type. Either **onprem** or **eks** (see Notes below) |onprem|
+|disablecvm|Set to `true` to disable confidential VM||
 |pause_image|Kubernetes pause image||
 |podvm_aws_ami_id|AWS AMI ID of the podvm||
 |ssh_kp_name|AWS SSH key-pair name ||

diff --git a/src/cloud-api-adaptor/test/provisioner/aws/provision_common.go b/src/cloud-api-adaptor/test/provisioner/aws/provision_common.go
@@ -102,6 +102,7 @@ type AWSProvisioner struct {
 	AwsConfig  aws.Config
 	iamClient  *iam.Client
 	Cluster    Cluster
+	Disablecvm string
 	ec2Client  *ec2.Client
 	s3Client   *s3.Client
 	Bucket     *S3Bucket
@@ -161,6 +162,7 @@ func NewAWSProvisioner(properties map[string]string) (pv.CloudProvisioner, error
 		},
 		Cluster:    cluster,
 		Image:      NewAMIImage(ec2Client, properties),
+		Disablecvm: properties["disablecvm"],
 		PauseImage: properties["pause_image"],
 		Vpc:        vpc,
 		PublicIP:   properties["use_public_ip"],
@@ -256,6 +258,7 @@ func (a *AWSProvisioner) GetProperties(ctx context.Context, cfg *envconf.Config)
 	credentials, _ := a.AwsConfig.Credentials.Retrieve(context.TODO())
 
 	return map[string]string{
+		"disablecvm":           a.Disablecvm,
 		"pause_image":          a.PauseImage,
 		"podvm_launchtemplate": "",
 		"podvm_ami":            a.Image.ID,
@@ -1005,6 +1008,7 @@ func (a *AwsInstallOverlay) Edit(ctx context.Context, cfg *envconf.Config, prope
 
 	// Mapping the internal properties to ConfigMapGenerator properties.
 	mapProps := map[string]string{
+		"disablecvm":           "DISABLECVM",
 		"pause_image":          "PAUSE_IMAGE",
 		"podvm_launchtemplate": "PODVM_LAUNCHTEMPLATE_NAME",
 		"podvm_ami":            "PODVM_AMI_ID",