test: add test building and cloning the image

Currently only works with Packer 1.9 or older. Packer 1.10 broke something with Terratest and it needs this PR merged: gruntwork-io/terratest#1380
SneakyBugs · Apr 18, 2024 · 9c97d3d · 9c97d3d
1 parent de73923
commit 9c97d3d
Show file tree

Hide file tree

Showing 7 changed files with 1,139 additions and 4 deletions.
diff --git a/go.mod b/go.mod
@@ -0,0 +1,59 @@
+module git.houseofkummer.com/homelab/devops/kubernetes-image-builder
+
+go 1.21.3
+
+require (
+	github.com/gruntwork-io/terratest v0.46.13
+	golang.org/x/crypto v0.22.0
+)
+
+require (
+	cloud.google.com/go v0.110.0 // indirect
+	cloud.google.com/go/compute v1.19.1 // indirect
+	cloud.google.com/go/compute/metadata v0.2.3 // indirect
+	cloud.google.com/go/iam v0.13.0 // indirect
+	cloud.google.com/go/storage v1.28.1 // indirect
+	github.com/agext/levenshtein v1.2.3 // indirect
+	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
+	github.com/aws/aws-sdk-go v1.44.122 // indirect
+	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
+	github.com/googleapis/gax-go/v2 v2.7.1 // indirect
+	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-getter v1.7.1 // indirect
+	github.com/hashicorp/go-multierror v1.1.0 // indirect
+	github.com/hashicorp/go-safetemp v1.0.0 // indirect
+	github.com/hashicorp/go-version v1.6.0 // indirect
+	github.com/hashicorp/hcl/v2 v2.9.1 // indirect
+	github.com/hashicorp/terraform-json v0.13.0 // indirect
+	github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/klauspost/compress v1.15.11 // indirect
+	github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/stretchr/testify v1.9.0 // indirect
+	github.com/tmccombs/hcl2json v0.3.3 // indirect
+	github.com/ulikunitz/xz v0.5.10 // indirect
+	github.com/zclconf/go-cty v1.9.1 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/oauth2 v0.8.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
+	google.golang.org/api v0.114.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
+	google.golang.org/grpc v1.56.3 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)
diff --git a/go.sum b/go.sum
diff --git a/test/helpers.go b/test/helpers.go
@@ -0,0 +1,50 @@
+package test
+
+import (
+	"crypto/ed25519"
+	"crypto/rand"
+	"crypto/x509"
+	"encoding/pem"
+
+	tgssh "github.com/gruntwork-io/terratest/modules/ssh"
+	"github.com/gruntwork-io/terratest/modules/testing"
+	"golang.org/x/crypto/ssh"
+)
+
+func generateED25519KeyPair(t testing.TestingT) *tgssh.KeyPair {
+	keyPair, err := generateED25519KeyPairE(t)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return keyPair
+}
+
+// Terratest contains a utility to generate RSA key pairs. As of OpenSSH 8.8
+// ssh-rsa is disabled by default and is considered weak.
+// See https://www.openssh.com/txt/release-8.7
+// It is inspired by the existing GenerateRSAKeyPair from Terratest.
+// See https://github.com/gruntwork-io/terratest/blob/v0.40.12/modules/ssh/key_pair.go
+func generateED25519KeyPairE(t testing.TestingT) (*tgssh.KeyPair, error) {
+	publicKey, privateKey, err := ed25519.GenerateKey(rand.Reader)
+	if err != nil {
+		return nil, err
+	}
+
+	keyPKCS8, err := x509.MarshalPKCS8PrivateKey(privateKey)
+	if err != nil {
+		return nil, err
+	}
+
+	keyPEMBlock := &pem.Block{
+		Type:  "PRIVATE KEY",
+		Bytes: keyPKCS8,
+	}
+	keyPEM := string(pem.EncodeToMemory(keyPEMBlock))
+
+	sshPubKey, err := ssh.NewPublicKey(publicKey)
+	if err != nil {
+		return nil, err
+	}
+	pubKeyString := string(ssh.MarshalAuthorizedKey(sshPubKey))
+	return &tgssh.KeyPair{PublicKey: pubKeyString, PrivateKey: keyPEM}, nil
+}
diff --git a/test/packer_test.go b/test/packer_test.go
@@ -0,0 +1,49 @@
+package test
+
+import (
+	"os"
+	"testing"
+
+	"github.com/gruntwork-io/terratest/modules/packer"
+	"github.com/gruntwork-io/terratest/modules/shell"
+	"github.com/gruntwork-io/terratest/modules/ssh"
+	"github.com/gruntwork-io/terratest/modules/terraform"
+)
+
+func TestPackerImage(t *testing.T) {
+	_, ok := os.LookupEnv("TEST_EXISTING_TEMPLATE")
+	if !ok {
+		packerOptions := &packer.Options{
+			Template:   "image.pkr.hcl",
+			WorkingDir: "..",
+		}
+
+		shell.RunCommand(t, shell.Command{
+			Command: "rm",
+			Args:    []string{"-rf", "../build"},
+		})
+		packer.BuildArtifact(t, packerOptions)
+	}
+
+	sshKeyPair := generateED25519KeyPair(t)
+
+	terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+		TerraformDir: "terraform",
+		Vars: map[string]interface{}{
+			"authorized_key": sshKeyPair.PublicKey,
+		},
+	})
+
+	defer terraform.Destroy(t, terraformOptions)
+	terraform.InitAndApply(t, terraformOptions)
+
+	sshIP := terraform.Output(t, terraformOptions, "ip")
+	host := ssh.Host{
+		Hostname:    sshIP,
+		SshUserName: "terraform",
+		SshKeyPair:  sshKeyPair,
+	}
+
+	// Check Cloud Init ran successfully and SSH works.
+	ssh.CheckSshCommand(t, host, "cloud-init status --wait")
+}
diff --git a/test/terraform/main.tf b/test/terraform/main.tf
@@ -16,7 +16,7 @@ resource "libvirt_cloudinit_disk" "config" {
         sudo: ALL=(ALL) NOPASSWD:ALL
         shell: /bin/bash
         ssh-authorized-keys:
-          ${indent(6, yamlencode(var.authorized_keys))}
+          - ${var.authorized_key}
     packages:
       - qemu-guest-agent
     runcmd:

diff --git a/test/terraform/variables.tf b/test/terraform/variables.tf
@@ -8,9 +8,9 @@ variable "user" {
   default = "terraform"
 }
 
-variable "authorized_keys" {
-  type    = list(string)
-  default = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICmTzPVmwo0Q7txYnDkD2ubmRxLUBP1MB5x5j8+v0hK8 lior-workstation"]
+variable "authorized_key" {
+  type    = string
+  default = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICmTzPVmwo0Q7txYnDkD2ubmRxLUBP1MB5x5j8+v0hK8 lior-workstation"
 }
 
 variable "memory" {

diff --git a/test/terraform/versions.tf b/test/terraform/versions.tf
@@ -11,3 +11,7 @@ terraform {
     }
   }
 }
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -11,3 +11,7 @@ terraform { @@
         }
       }
     }
+    provider "libvirt" {
+      uri = "qemu:///system"
+    }