diff --git a/ibm/acctest/acctest.go b/ibm/acctest/acctest.go index 658fe510323..51cbe577604 100644 --- a/ibm/acctest/acctest.go +++ b/ibm/acctest/acctest.go @@ -74,6 +74,8 @@ var ISZoneName3 string var IsResourceGroupID string var ISCIDR string var ISCIDR2 string +var ISPublicSSHKeyFilePath string +var ISPrivateSSHKeyFilePath string var ISAddressPrefixCIDR string var InstanceName string var InstanceProfileName string @@ -581,10 +583,22 @@ func init() { fmt.Println("[INFO] Set the environment variable SL_CIDR_2 for testing ibm_is_subnet else it is set to default value '10.240.64.0/24'") } - ISAddressPrefixCIDR = os.Getenv("SL_ADDRESS_PREFIX_CIDR") - if ISAddressPrefixCIDR == "" { - ISAddressPrefixCIDR = "10.120.0.0/24" - fmt.Println("[INFO] Set the environment variable SL_ADDRESS_PREFIX_CIDR for testing ibm_is_vpc_address_prefix else it is set to default value '10.120.0.0/24'") + ISCIDR2 = os.Getenv("SL_CIDR_2") + if ISCIDR2 == "" { + ISCIDR2 = "10.240.64.0/24" + fmt.Println("[INFO] Set the environment variable SL_CIDR_2 for testing ibm_is_subnet else it is set to default value '10.240.64.0/24'") + } + + ISPublicSSHKeyFilePath = os.Getenv("IS_PUBLIC_SSH_KEY_PATH") + if ISPublicSSHKeyFilePath == "" { + ISPublicSSHKeyFilePath = "./test-fixtures/.ssh/pkcs8_rsa.pub" + fmt.Println("[INFO] Set the environment variable SL_CIDR_2 for testing ibm_is_instance datasource else it is set to default value './test-fixtures/.ssh/pkcs8_rsa.pub'") + } + + ISPrivateSSHKeyFilePath = os.Getenv("IS_PRIVATE_SSH_KEY_PATH") + if ISPrivateSSHKeyFilePath == "" { + ISPrivateSSHKeyFilePath = "./test-fixtures/.ssh/pkcs8_rsa" + fmt.Println("[INFO] Set the environment variable IS_PRIVATE_SSH_KEY_PATH for testing ibm_is_instance datasource else it is set to default value './test-fixtures/.ssh/pkcs8_rsa'") } IsResourceGroupID = os.Getenv("SL_RESOURCE_GROUP_ID") diff --git a/ibm/service/vpc/data_source_ibm_is_bare_metal_server_initialization.go b/ibm/service/vpc/data_source_ibm_is_bare_metal_server_initialization.go index 97312ca472e..6bb166795aa 100644 --- a/ibm/service/vpc/data_source_ibm_is_bare_metal_server_initialization.go +++ b/ibm/service/vpc/data_source_ibm_is_bare_metal_server_initialization.go @@ -165,20 +165,17 @@ func dataSourceIBMISBareMetalServerInitializationRead(context context.Context, d if keyFlag != "" { block, err := pem.Decode(keybytes) if block == nil { - return diag.FromErr(fmt.Errorf("[ERROR] Failed to load the private key from the given key contents. Instead of the key file path, please make sure the private key is pem format")) + return diag.FromErr(fmt.Errorf("[ERROR] Failed to load the private key from the given key contents. Instead of the key file path, please make sure the private key is pem format (%v)", err)) } isEncrypted := false - switch block.Type { - case "RSA PRIVATE KEY": - isEncrypted = x509.IsEncryptedPEMBlock(block) - case "OPENSSH PRIVATE KEY": + if block.Type == "OPENSSH PRIVATE KEY" { var err error isEncrypted, err = isOpenSSHPrivKeyEncrypted(block.Bytes) if err != nil { return diag.FromErr(fmt.Errorf("[ERROR] Failed to check if the provided open ssh key is encrypted or not %s", err)) } - default: - return diag.FromErr(fmt.Errorf("[ERROR] PEM and OpenSSH private key formats with RSA key type are supported, can not support this key file type: %s", err)) + } else { + isEncrypted = x509.IsEncryptedPEMBlock(block) } passphrase := "" var privateKey interface{} diff --git a/ibm/service/vpc/data_source_ibm_is_instance.go b/ibm/service/vpc/data_source_ibm_is_instance.go index 755b83f7cbb..7eda5dac547 100644 --- a/ibm/service/vpc/data_source_ibm_is_instance.go +++ b/ibm/service/vpc/data_source_ibm_is_instance.go @@ -926,20 +926,17 @@ func instanceGetByName(d *schema.ResourceData, meta interface{}, name string) er if keyFlag != "" { block, err := pem.Decode(keybytes) if block == nil { - return fmt.Errorf("[ERROR] Failed to load the private key from the given key contents. Instead of the key file path, please make sure the private key is pem format") + return fmt.Errorf("[ERROR] Failed to load the private key from the given key contents. Instead of the key file path, please make sure the private key is pem format (%v)", err) } isEncrypted := false - switch block.Type { - case "RSA PRIVATE KEY": - isEncrypted = x509.IsEncryptedPEMBlock(block) - case "OPENSSH PRIVATE KEY": + if block.Type == "OPENSSH PRIVATE KEY" { var err error isEncrypted, err = isOpenSSHPrivKeyEncrypted(block.Bytes) if err != nil { return fmt.Errorf("[ERROR] Failed to check if the provided open ssh key is encrypted or not %s", err) } - default: - return fmt.Errorf("PEM and OpenSSH private key formats with RSA key type are supported, can not support this key file type: %s", err) + } else { + isEncrypted = x509.IsEncryptedPEMBlock(block) } passphrase := "" var privateKey interface{} diff --git a/ibm/service/vpc/data_source_ibm_is_instance_test.go b/ibm/service/vpc/data_source_ibm_is_instance_test.go index 13f8bf20a81..fe42000ab06 100644 --- a/ibm/service/vpc/data_source_ibm_is_instance_test.go +++ b/ibm/service/vpc/data_source_ibm_is_instance_test.go @@ -50,6 +50,42 @@ func TestAccIBMISInstanceDataSource_basic(t *testing.T) { }, }) } +func TestAccIBMISInstanceDataSource_PKCS8SSH(t *testing.T) { + + vpcname := fmt.Sprintf("tfins-vpc-%d", acctest.RandIntRange(10, 100)) + subnetname := fmt.Sprintf("tfins-subnet-%d", acctest.RandIntRange(10, 100)) + sshname := fmt.Sprintf("tfins-ssh-%d", acctest.RandIntRange(10, 100)) + instanceName := fmt.Sprintf("tfins-name-%d", acctest.RandIntRange(10, 100)) + resName := "data.ibm_is_instance.ds_instance" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMISInstanceDataSourcePKCS8SSHConfig(vpcname, subnetname, sshname, instanceName), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + resName, "name", instanceName), + resource.TestCheckResourceAttr( + resName, "tags.#", "1"), + resource.TestCheckResourceAttrSet( + resName, "primary_network_interface.0.port_speed"), + resource.TestCheckResourceAttrSet( + resName, "availability_policy_host_failure"), + resource.TestCheckResourceAttrSet( + resName, "lifecycle_state"), + resource.TestCheckResourceAttr( + resName, "lifecycle_reasons.#", "0"), + resource.TestCheckResourceAttrSet( + resName, "vcpu.#"), + resource.TestCheckResourceAttrSet( + resName, "vcpu.0.manufacturer"), + ), + }, + }, + }) +} func TestAccIBMISInstanceDataSource_reserved_ip(t *testing.T) { vpcname := fmt.Sprintf("tfins-vpc-%d", acctest.RandIntRange(10, 100)) @@ -129,6 +165,46 @@ data "ibm_is_instance" "ds_instance" { passphrase = "" }`, vpcname, subnetname, acc.ISZoneName, acc.ISCIDR, sshname, instanceName, acc.IsWinImage, acc.InstanceProfileName, acc.ISZoneName) } +func testAccCheckIBMISInstanceDataSourcePKCS8SSHConfig(vpcname, subnetname, sshname, instanceName string) string { + return fmt.Sprintf(` + resource "ibm_is_vpc" "testacc_vpc" { + name = "%s" + } + + resource "ibm_is_subnet" "testacc_subnet" { + name = "%s" + vpc = ibm_is_vpc.testacc_vpc.id + zone = "%s" + ipv4_cidr_block = "%s" + } + + resource "ibm_is_ssh_key" "testacc_sshkey" { + name = "%s" + public_key = file("%s") + } + + resource "ibm_is_instance" "testacc_instance" { + name = "%s" + image = "%s" + profile = "%s" + primary_network_interface { + subnet = ibm_is_subnet.testacc_subnet.id + } + vpc = ibm_is_vpc.testacc_vpc.id + zone = "%s" + keys = [ibm_is_ssh_key.testacc_sshkey.id] + network_interfaces { + subnet = ibm_is_subnet.testacc_subnet.id + name = "eth1" + } + tags = ["tag1"] + } + data "ibm_is_instance" "ds_instance" { + name = ibm_is_instance.testacc_instance.name + private_key = file("%s") + passphrase = "" + }`, vpcname, subnetname, acc.ISZoneName, acc.ISCIDR, sshname, acc.ISPublicSSHKeyFilePath, instanceName, acc.IsWinImage, acc.InstanceProfileName, acc.ISZoneName, acc.ISPrivateSSHKeyFilePath) +} func testAccCheckIBMISInstanceDataSourceReservedIpConfig(vpcname, subnetname, sshname, publicKey, instanceName string) string { return fmt.Sprintf(`