From cb6bef7b3b91f398d59d2435f302b554ddfd8c57 Mon Sep 17 00:00:00 2001
From: Michael Pregman <pregman@google.com>
Date: Thu, 25 May 2023 10:32:39 -0700
Subject: [PATCH 1/3] Add manually-run SSH test.

---
 launcher/image/test/create_vm.sh       |  1 +
 launcher/image/test/test_ssh_manual.sh | 76 ++++++++++++++++++++++++++
 2 files changed, 77 insertions(+)
 create mode 100644 launcher/image/test/test_ssh_manual.sh

diff --git a/launcher/image/test/create_vm.sh b/launcher/image/test/create_vm.sh
index d0eeffd94..9cc2a5752 100644
--- a/launcher/image/test/create_vm.sh
+++ b/launcher/image/test/create_vm.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+local OPTIND
 set -euxo pipefail
 
 print_usage() {
diff --git a/launcher/image/test/test_ssh_manual.sh b/launcher/image/test/test_ssh_manual.sh
new file mode 100644
index 000000000..78bb1e1d2
--- /dev/null
+++ b/launcher/image/test/test_ssh_manual.sh
@@ -0,0 +1,76 @@
+#!/bin/bash
+set -euxo pipefail
+
+print_usage() {
+    echo "usage: test_ssh_manual.sh [-i imageName] [-p imageProject]"
+    echo "  -i <imageName>: which image name to use for the VM"
+    echo "  -p <imageProject>: which image project to use for the VM"
+    exit 1
+}
+
+run_ssh_test() {
+    BUILD_ID=$(date +%s)
+    HOME_DIR=$(echo ~)
+    VM_NAME="cs-ssh-test-$BUILD_ID"
+    WORKLOAD_IMAGE='us-west1-docker.pkg.dev/confidential-space-images-dev/cs-integ-test-images/basic-test:latest'
+    ZONE="us-central1-a"
+
+    ACCOUNT_NAME=$(gcloud config list account --format "value(core.account)" | tr @. _)
+    PROJECT_NAME=$(gcloud config get-value project)
+
+    # Create a new VM
+    source create_vm.sh -n $VM_NAME -i $IMAGE_NAME -p $IMAGE_PROJECT -m tee-image-reference=$WORKLOAD_IMAGE,tee-container-log-redirect=true,tee-cmd=["newCmd"],tee-env-ALLOWED_OVERRIDE=overridden,enable-osconfig=TRUE -z $ZONE
+
+    # Add an SSH public key to an OS Login profile
+    gcloud compute os-login ssh-keys add --key-file=$HOME_DIR/.ssh/google_compute_engine.pub || true
+
+    echo "Sleeping so settings have time to propagate."
+    sleep 30
+
+    # SSH into VM with script
+    if [[ $IMAGE_NAME == *"debug"* ]]; then
+        if ssh -i ~/.ssh/google_compute_engine -o StrictHostKeyChecking=no $ACCOUNT_NAME@nic0.$VM_NAME.$ZONE.c.$PROJECT_NAME.internal.gcpnode.com "echo 'SSHABLE'; exit" ; then
+            echo "Success: SSH to host was successful"
+            sed -i '$ d' ~/.ssh/known_hosts
+        else
+            echo "TEST FAILED: SSH to host was ussuccessful"
+        fi
+    else
+        if ssh -i ~/.ssh/google_compute_engine -o StrictHostKeyChecking=no $ACCOUNT_NAME@nic0.$VM_NAME.$ZONE.c.$PROJECT_NAME.internal.gcpnode.com "echo 'SSHABLE'; exit" ; then
+            echo "TEST FAILED: SSH to host was successful"
+            sed -i '$ d' ~/.ssh/known_hosts
+        else
+            echo "Success: SSH to host was ussuccessful"
+        fi
+    fi
+    
+
+    # Clean up
+    CLEANUP=true
+    source cleanup.sh $VM_NAME $ZONE
+}
+
+IMAGE_NAME=''
+IMAGE_PROJECT=''
+
+# In getopts, a ':' following a letter means that that flag takes an argument.
+# For example, i: means -i takes an additional argument.
+while getopts 'i:p:' flag; do
+  case "${flag}" in
+    i) IMAGE_NAME=${OPTARG} ;;
+    p) IMAGE_PROJECT=${OPTARG} ;;
+    *) print_usage ;;
+  esac
+done
+
+if [ -z "$IMAGE_NAME" ]; then
+    echo "Empty image name supplied."
+    exit 1
+fi
+
+if [ -z "$IMAGE_PROJECT" ]; then
+    echo "Empty image project supplied."
+    exit 1
+fi
+
+run_ssh_test
\ No newline at end of file

From 51003def30b1bcd1f43e255b2763a95f03089586 Mon Sep 17 00:00:00 2001
From: Michael Pregman <pregman@google.com>
Date: Thu, 25 May 2023 10:44:09 -0700
Subject: [PATCH 2/3] New line

---
 launcher/image/test/test_ssh_manual.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/launcher/image/test/test_ssh_manual.sh b/launcher/image/test/test_ssh_manual.sh
index 78bb1e1d2..5f3dfdc3a 100644
--- a/launcher/image/test/test_ssh_manual.sh
+++ b/launcher/image/test/test_ssh_manual.sh
@@ -73,4 +73,4 @@ if [ -z "$IMAGE_PROJECT" ]; then
     exit 1
 fi
 
-run_ssh_test
\ No newline at end of file
+run_ssh_test

From 395dc4484aa1c226792ef7f1148f6d6c0ff790ce Mon Sep 17 00:00:00 2001
From: Michael Pregman <pregman@google.com>
Date: Thu, 6 Jul 2023 12:25:10 -0700
Subject: [PATCH 3/3] Remove unnecessary tee references.

---
 launcher/image/test/test_ssh_manual.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 mode change 100644 => 100755 launcher/image/test/test_ssh_manual.sh

diff --git a/launcher/image/test/test_ssh_manual.sh b/launcher/image/test/test_ssh_manual.sh
old mode 100644
new mode 100755
index 5f3dfdc3a..452b6a456
--- a/launcher/image/test/test_ssh_manual.sh
+++ b/launcher/image/test/test_ssh_manual.sh
@@ -19,7 +19,7 @@ run_ssh_test() {
     PROJECT_NAME=$(gcloud config get-value project)
 
     # Create a new VM
-    source create_vm.sh -n $VM_NAME -i $IMAGE_NAME -p $IMAGE_PROJECT -m tee-image-reference=$WORKLOAD_IMAGE,tee-container-log-redirect=true,tee-cmd=["newCmd"],tee-env-ALLOWED_OVERRIDE=overridden,enable-osconfig=TRUE -z $ZONE
+    source create_vm.sh -n $VM_NAME -i $IMAGE_NAME -p $IMAGE_PROJECT -m tee-image-reference=$WORKLOAD_IMAGE,tee-container-log-redirect=true,enable-osconfig=TRUE -z $ZONE
 
     # Add an SSH public key to an OS Login profile
     gcloud compute os-login ssh-keys add --key-file=$HOME_DIR/.ssh/google_compute_engine.pub || true