From 4d1d6bba20ca78fc9f5ef17ba5999ba4fb91c8f7 Mon Sep 17 00:00:00 2001 From: Wainer dos Santos Moschetta Date: Tue, 23 Jul 2024 10:19:22 -0300 Subject: [PATCH] test/e2e: allow to disable CVM for AWS Currently CAA will attempt to instantiate confidential VMs in AWS. If we want it disabled then we must set DISABLECVM=true in kustomization.yaml. This allows the e2e suite to disable CVM for AWS by pass the `disablecvm=true` property to the test framework. Signed-off-by: Wainer dos Santos Moschetta --- src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml | 1 + src/cloud-api-adaptor/test/e2e/README.md | 1 + .../test/provisioner/aws/provision_common.go | 4 ++++ 3 files changed, 6 insertions(+) diff --git a/src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml b/src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml index 5c511f262..e8bc50b70 100644 --- a/src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml +++ b/src/cloud-api-adaptor/install/overlays/aws/kustomization.yaml @@ -19,6 +19,7 @@ configMapGenerator: - CLOUD_PROVIDER="aws" - ENABLE_CLOUD_PROVIDER_EXTERNAL_PLUGIN="false" # flag to enable/disable dynamically load cloud provider external plugin feature - CLOUD_CONFIG_VERIFY="false" # It's better set as true to enable could config verify in production env + #- DISABLECVM="true" # Uncomment it if you want a generic VM #- PAUSE_IMAGE="" # Uncomment and set if you want to use a specific pause image #- VXLAN_PORT="" # Uncomment and set if you want to use a specific vxlan port. Defaults to 4789 #- PODVM_LAUNCHTEMPLATE_NAME="" # Uncomment and set if you want to use launch template diff --git a/src/cloud-api-adaptor/test/e2e/README.md b/src/cloud-api-adaptor/test/e2e/README.md index a02317684..49ed2e627 100644 --- a/src/cloud-api-adaptor/test/e2e/README.md +++ b/src/cloud-api-adaptor/test/e2e/README.md @@ -130,6 +130,7 @@ Use the properties on the table below for AWS: |aws_vpc_sg_id|AWS VPC Security Groups ID|| |aws_vpc_subnet_id|AWS VPC Subnet ID|| |cluster_type|Kubernetes cluster type. Either **onprem** or **eks** (see Notes below) |onprem| +|disablecvm|Set to `true` to disable confidential VM|| |pause_image|Kubernetes pause image|| |podvm_aws_ami_id|AWS AMI ID of the podvm|| |ssh_kp_name|AWS SSH key-pair name || diff --git a/src/cloud-api-adaptor/test/provisioner/aws/provision_common.go b/src/cloud-api-adaptor/test/provisioner/aws/provision_common.go index 930b1137a..9c898479c 100644 --- a/src/cloud-api-adaptor/test/provisioner/aws/provision_common.go +++ b/src/cloud-api-adaptor/test/provisioner/aws/provision_common.go @@ -102,6 +102,7 @@ type AWSProvisioner struct { AwsConfig aws.Config iamClient *iam.Client Cluster Cluster + Disablecvm string ec2Client *ec2.Client s3Client *s3.Client Bucket *S3Bucket @@ -161,6 +162,7 @@ func NewAWSProvisioner(properties map[string]string) (pv.CloudProvisioner, error }, Cluster: cluster, Image: NewAMIImage(ec2Client, properties), + Disablecvm: properties["disablecvm"], PauseImage: properties["pause_image"], Vpc: vpc, PublicIP: properties["use_public_ip"], @@ -256,6 +258,7 @@ func (a *AWSProvisioner) GetProperties(ctx context.Context, cfg *envconf.Config) credentials, _ := a.AwsConfig.Credentials.Retrieve(context.TODO()) return map[string]string{ + "disablecvm": a.Disablecvm, "pause_image": a.PauseImage, "podvm_launchtemplate": "", "podvm_ami": a.Image.ID, @@ -1005,6 +1008,7 @@ func (a *AwsInstallOverlay) Edit(ctx context.Context, cfg *envconf.Config, prope // Mapping the internal properties to ConfigMapGenerator properties. mapProps := map[string]string{ + "disablecvm": "DISABLECVM", "pause_image": "PAUSE_IMAGE", "podvm_launchtemplate": "PODVM_LAUNCHTEMPLATE_NAME", "podvm_ami": "PODVM_AMI_ID",