Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add SSH test for image. #314

Merged
merged 3 commits into from
Jul 6, 2023
Merged

Add SSH test for image. #314

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
cb6bef7
Add manually-run SSH test.
michael-pregman May 25, 2023
51003de
New line
michael-pregman May 25, 2023
395dc44
Remove unnecessary tee references.
michael-pregman Jul 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions launcher/image/test/create_vm.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#!/bin/bash
local OPTIND
set -euxo pipefail

print_usage() {
Expand Down
76 changes: 76 additions & 0 deletions launcher/image/test/test_ssh_manual.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
#!/bin/bash
set -euxo pipefail

print_usage() {
echo "usage: test_ssh_manual.sh [-i imageName] [-p imageProject]"
echo " -i <imageName>: which image name to use for the VM"
echo " -p <imageProject>: which image project to use for the VM"
exit 1
}

run_ssh_test() {
BUILD_ID=$(date +%s)
HOME_DIR=$(echo ~)
VM_NAME="cs-ssh-test-$BUILD_ID"
WORKLOAD_IMAGE='us-west1-docker.pkg.dev/confidential-space-images-dev/cs-integ-test-images/basic-test:latest'
ZONE="us-central1-a"

ACCOUNT_NAME=$(gcloud config list account --format "value(core.account)" | tr @. _)
PROJECT_NAME=$(gcloud config get-value project)

# Create a new VM
source create_vm.sh -n $VM_NAME -i $IMAGE_NAME -p $IMAGE_PROJECT -m tee-image-reference=$WORKLOAD_IMAGE,tee-container-log-redirect=true,tee-cmd=["newCmd"],tee-env-ALLOWED_OVERRIDE=overridden,enable-osconfig=TRUE -z $ZONE
jkl73 marked this conversation as resolved.
Show resolved Hide resolved

# Add an SSH public key to an OS Login profile
gcloud compute os-login ssh-keys add --key-file=$HOME_DIR/.ssh/google_compute_engine.pub || true
jkl73 marked this conversation as resolved.
Show resolved Hide resolved

echo "Sleeping so settings have time to propagate."
sleep 30

# SSH into VM with script
if [[ $IMAGE_NAME == *"debug"* ]]; then
if ssh -i ~/.ssh/google_compute_engine -o StrictHostKeyChecking=no $ACCOUNT_NAME@nic0.$VM_NAME.$ZONE.c.$PROJECT_NAME.internal.gcpnode.com "echo 'SSHABLE'; exit" ; then
jkl73 marked this conversation as resolved.
Show resolved Hide resolved
echo "Success: SSH to host was successful"
sed -i '$ d' ~/.ssh/known_hosts
else
echo "TEST FAILED: SSH to host was ussuccessful"
fi
else
if ssh -i ~/.ssh/google_compute_engine -o StrictHostKeyChecking=no $ACCOUNT_NAME@nic0.$VM_NAME.$ZONE.c.$PROJECT_NAME.internal.gcpnode.com "echo 'SSHABLE'; exit" ; then
echo "TEST FAILED: SSH to host was successful"
sed -i '$ d' ~/.ssh/known_hosts
else
echo "Success: SSH to host was ussuccessful"
fi
fi


# Clean up
CLEANUP=true
source cleanup.sh $VM_NAME $ZONE
}

IMAGE_NAME=''
IMAGE_PROJECT=''

# In getopts, a ':' following a letter means that that flag takes an argument.
# For example, i: means -i takes an additional argument.
while getopts 'i:p:' flag; do
case "${flag}" in
i) IMAGE_NAME=${OPTARG} ;;
p) IMAGE_PROJECT=${OPTARG} ;;
*) print_usage ;;
esac
done

if [ -z "$IMAGE_NAME" ]; then
echo "Empty image name supplied."
exit 1
fi

if [ -z "$IMAGE_PROJECT" ]; then
echo "Empty image project supplied."
exit 1
fi

run_ssh_test