From abe85c0a30708fd6b34e1b0630d33946a3442d74 Mon Sep 17 00:00:00 2001 From: Yang Chiu Date: Mon, 4 Dec 2023 14:58:50 +0800 Subject: [PATCH] infra: add custom ssh public key for debugging Signed-off-by: Yang Chiu --- test_framework/Jenkinsfile | 1 + test_framework/terraform/aws/oracle/data.tf | 4 ++++ .../oracle/user-data-scripts/provision_k3s_agent.sh.tpl | 4 ++++ .../oracle/user-data-scripts/provision_k3s_server.sh.tpl | 3 +++ .../oracle/user-data-scripts/provision_rke2_agent.sh.tpl | 5 +++++ .../oracle/user-data-scripts/provision_rke2_server.sh.tpl | 4 ++++ test_framework/terraform/aws/oracle/variables.tf | 6 ++++++ test_framework/terraform/aws/rhel/data.tf | 4 ++++ .../aws/rhel/user-data-scripts/provision_k3s_agent.sh.tpl | 4 ++++ .../aws/rhel/user-data-scripts/provision_k3s_server.sh.tpl | 4 ++++ .../aws/rhel/user-data-scripts/provision_rke2_agent.sh.tpl | 7 ++++++- .../rhel/user-data-scripts/provision_rke2_server.sh.tpl | 4 ++++ test_framework/terraform/aws/rhel/variables.tf | 6 ++++++ test_framework/terraform/aws/rockylinux/data.tf | 4 ++++ .../user-data-scripts/provision_k3s_agent.sh.tpl | 4 ++++ .../user-data-scripts/provision_k3s_server.sh.tpl | 3 +++ .../user-data-scripts/provision_rke2_agent.sh.tpl | 5 +++++ .../user-data-scripts/provision_rke2_server.sh.tpl | 4 ++++ test_framework/terraform/aws/rockylinux/variables.tf | 6 ++++++ test_framework/terraform/aws/sle-micro/data.tf | 4 ++++ .../sle-micro/user-data-scripts/provision_k3s_agent.sh.tpl | 4 ++++ .../user-data-scripts/provision_k3s_server.sh.tpl | 4 ++++ .../user-data-scripts/provision_rke2_agent.sh.tpl | 7 ++++++- .../user-data-scripts/provision_rke2_server.sh.tpl | 6 +++++- test_framework/terraform/aws/sle-micro/variables.tf | 6 ++++++ test_framework/terraform/aws/sles/data.tf | 4 ++++ .../aws/sles/user-data-scripts/provision_k3s_agent.sh.tpl | 4 ++++ .../aws/sles/user-data-scripts/provision_k3s_server.sh.tpl | 3 +++ .../aws/sles/user-data-scripts/provision_rke2_agent.sh.tpl | 5 +++++ .../sles/user-data-scripts/provision_rke2_server.sh.tpl | 4 ++++ test_framework/terraform/aws/sles/variables.tf | 6 ++++++ test_framework/terraform/aws/ubuntu/data.tf | 4 ++++ .../ubuntu/user-data-scripts/provision_k3s_agent.sh.tpl | 4 ++++ .../ubuntu/user-data-scripts/provision_k3s_server.sh.tpl | 3 +++ .../ubuntu/user-data-scripts/provision_rke2_agent.sh.tpl | 7 ++++++- .../ubuntu/user-data-scripts/provision_rke2_server.sh.tpl | 3 +++ test_framework/terraform/aws/ubuntu/variables.tf | 6 ++++++ 37 files changed, 162 insertions(+), 4 deletions(-) diff --git a/test_framework/Jenkinsfile b/test_framework/Jenkinsfile index 56b1a081bf..19afb95911 100644 --- a/test_framework/Jenkinsfile +++ b/test_framework/Jenkinsfile @@ -136,6 +136,7 @@ node { --env TF_VAR_azure_tenant_id=${AZURE_TENANT_ID} \ --env TF_VAR_azure_subscription_id=${AZURE_SUBSCRIPTION_ID} \ --env TF_VAR_cis_hardening=${CIS_HARDENING} \ + --env TF_VAR_custom_ssh_public_key="${CUSTOM_SSH_PUBLIC_KEY}" \ ${imageName} """ diff --git a/test_framework/terraform/aws/oracle/data.tf b/test_framework/terraform/aws/oracle/data.tf index 0365770e87..1072b2ce91 100644 --- a/test_framework/terraform/aws/oracle/data.tf +++ b/test_framework/terraform/aws/oracle/data.tf @@ -27,6 +27,7 @@ data "template_file" "provision_k3s_server" { k3s_cluster_secret = random_password.cluster_secret.result k3s_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -37,6 +38,7 @@ data "template_file" "provision_k3s_agent" { k3s_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:6443" k3s_cluster_secret = random_password.cluster_secret.result k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -47,6 +49,7 @@ data "template_file" "provision_rke2_server" { rke2_cluster_secret = random_password.cluster_secret.result rke2_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip rke2_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -57,5 +60,6 @@ data "template_file" "provision_rke2_agent" { rke2_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:9345" rke2_cluster_secret = random_password.cluster_secret.result rke2_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } diff --git a/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_agent.sh.tpl b/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_agent.sh.tpl index 36fc5dc613..092350791b 100755 --- a/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_agent.sh.tpl +++ b/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_agent.sh.tpl @@ -19,3 +19,7 @@ until (curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="agent --token ${k3s_clus echo 'k3s agent did not install correctly' sleep 2 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_server.sh.tpl b/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_server.sh.tpl index 9fcdcb2c59..1e5ca030c2 100755 --- a/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_server.sh.tpl +++ b/test_framework/terraform/aws/oracle/user-data-scripts/provision_k3s_server.sh.tpl @@ -21,3 +21,6 @@ until (kubectl get pods -A | grep 'Running'); do sleep 5 done +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_agent.sh.tpl b/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_agent.sh.tpl index 2ee3532529..f4f8089780 100644 --- a/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_agent.sh.tpl +++ b/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_agent.sh.tpl @@ -33,4 +33,9 @@ EOF systemctl enable rke2-agent.service systemctl start rke2-agent.service + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi + exit $? diff --git a/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_server.sh.tpl b/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_server.sh.tpl index 742a31967d..d670a60be0 100644 --- a/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_server.sh.tpl +++ b/test_framework/terraform/aws/oracle/user-data-scripts/provision_rke2_server.sh.tpl @@ -29,3 +29,7 @@ until (KUBECONFIG=/etc/rancher/rke2/rke2.yaml /var/lib/rancher/rke2/bin/kubectl echo 'Waiting for rke2 startup' sleep 5 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/oracle/variables.tf b/test_framework/terraform/aws/oracle/variables.tf index 2c08e6ec0a..aa588e6f1d 100644 --- a/test_framework/terraform/aws/oracle/variables.tf +++ b/test_framework/terraform/aws/oracle/variables.tf @@ -114,3 +114,9 @@ variable "create_load_balancer" { type = bool default = false } + +variable "custom_ssh_public_key" { + type = string + default = "" + sensitive = true +} diff --git a/test_framework/terraform/aws/rhel/data.tf b/test_framework/terraform/aws/rhel/data.tf index a5e590adc8..c80ecb91d5 100644 --- a/test_framework/terraform/aws/rhel/data.tf +++ b/test_framework/terraform/aws/rhel/data.tf @@ -31,6 +31,7 @@ data "template_file" "provision_k3s_server" { k3s_version = var.k8s_distro_version selinux_mode = var.selinux_mode enable_selinux = var.selinux_mode == "permissive" ? "false" : "true" + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -43,6 +44,7 @@ data "template_file" "provision_k3s_agent" { k3s_version = var.k8s_distro_version selinux_mode = var.selinux_mode enable_selinux = var.selinux_mode == "permissive" ? "false" : "true" + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -54,6 +56,7 @@ data "template_file" "provision_rke2_server" { rke2_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip rke2_version = var.k8s_distro_version selinux_mode = var.selinux_mode + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -65,5 +68,6 @@ data "template_file" "provision_rke2_agent" { rke2_cluster_secret = random_password.cluster_secret.result rke2_version = var.k8s_distro_version selinux_mode = var.selinux_mode + custom_ssh_public_key = var.custom_ssh_public_key } } diff --git a/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_agent.sh.tpl b/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_agent.sh.tpl index 879ba574d4..5e2a5f9d0d 100755 --- a/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_agent.sh.tpl +++ b/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_agent.sh.tpl @@ -25,3 +25,7 @@ until (curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="agent --token ${k3s_clus echo 'k3s agent did not install correctly' sleep 2 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_server.sh.tpl b/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_server.sh.tpl index d767f41f5b..a874b9bb2d 100755 --- a/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_server.sh.tpl +++ b/test_framework/terraform/aws/rhel/user-data-scripts/provision_k3s_server.sh.tpl @@ -26,3 +26,7 @@ until (sudo /usr/local/bin/kubectl get pods -A | grep 'Running'); do echo 'Waiting for k3s startup' sleep 5 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_agent.sh.tpl b/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_agent.sh.tpl index fec3a2e169..4884b10f4e 100755 --- a/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_agent.sh.tpl +++ b/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_agent.sh.tpl @@ -39,4 +39,9 @@ EOF sudo systemctl enable rke2-agent.service sudo systemctl start rke2-agent.service -exit $? + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi + +exit $? \ No newline at end of file diff --git a/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_server.sh.tpl b/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_server.sh.tpl index 78392c43b2..69d800c7bb 100755 --- a/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_server.sh.tpl +++ b/test_framework/terraform/aws/rhel/user-data-scripts/provision_rke2_server.sh.tpl @@ -35,3 +35,7 @@ until (KUBECONFIG=/etc/rancher/rke2/rke2.yaml sudo /var/lib/rancher/rke2/bin/kub echo 'Waiting for rke2 startup' sleep 5 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/rhel/variables.tf b/test_framework/terraform/aws/rhel/variables.tf index 3178442037..98f211e362 100644 --- a/test_framework/terraform/aws/rhel/variables.tf +++ b/test_framework/terraform/aws/rhel/variables.tf @@ -120,3 +120,9 @@ variable "create_load_balancer" { type = bool default = false } + +variable "custom_ssh_public_key" { + type = string + default = "" + sensitive = true +} diff --git a/test_framework/terraform/aws/rockylinux/data.tf b/test_framework/terraform/aws/rockylinux/data.tf index ead3e87e4b..5ed2a86f44 100644 --- a/test_framework/terraform/aws/rockylinux/data.tf +++ b/test_framework/terraform/aws/rockylinux/data.tf @@ -36,6 +36,7 @@ data "template_file" "provision_k3s_server" { k3s_version = var.k8s_distro_version selinux_mode = var.selinux_mode enable_selinux = var.selinux_mode == "permissive" ? "false" : "true" + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -48,6 +49,7 @@ data "template_file" "provision_k3s_agent" { k3s_version = var.k8s_distro_version selinux_mode = var.selinux_mode enable_selinux = var.selinux_mode == "permissive" ? "false" : "true" + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -59,6 +61,7 @@ data "template_file" "provision_rke2_server" { rke2_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip rke2_version = var.k8s_distro_version selinux_mode = var.selinux_mode + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -70,5 +73,6 @@ data "template_file" "provision_rke2_agent" { rke2_cluster_secret = random_password.cluster_secret.result rke2_version = var.k8s_distro_version selinux_mode = var.selinux_mode + custom_ssh_public_key = var.custom_ssh_public_key } } diff --git a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_agent.sh.tpl b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_agent.sh.tpl index 29760319ea..7dab190733 100755 --- a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_agent.sh.tpl +++ b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_agent.sh.tpl @@ -24,3 +24,7 @@ until (curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="agent --token ${k3s_clus echo 'k3s agent did not install correctly' sleep 2 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/rocky/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_server.sh.tpl b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_server.sh.tpl index 0e77a01a26..a87c270175 100755 --- a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_server.sh.tpl +++ b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_k3s_server.sh.tpl @@ -24,3 +24,6 @@ until (kubectl get pods -A | grep 'Running'); do sleep 5 done +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/rocky/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_agent.sh.tpl b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_agent.sh.tpl index 04133b229f..e2a67e95f4 100755 --- a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_agent.sh.tpl +++ b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_agent.sh.tpl @@ -38,4 +38,9 @@ EOF sudo systemctl enable rke2-agent.service sudo systemctl start rke2-agent.service + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/rocky/.ssh/authorized_keys +fi + exit $? diff --git a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_server.sh.tpl b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_server.sh.tpl index 6cab617458..c7686fc9b9 100755 --- a/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_server.sh.tpl +++ b/test_framework/terraform/aws/rockylinux/user-data-scripts/provision_rke2_server.sh.tpl @@ -34,3 +34,7 @@ until (KUBECONFIG=/etc/rancher/rke2/rke2.yaml /var/lib/rancher/rke2/bin/kubectl echo 'Waiting for rke2 startup' sleep 5 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/rocky/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/rockylinux/variables.tf b/test_framework/terraform/aws/rockylinux/variables.tf index 34ee882cf3..dfce28e0ae 100644 --- a/test_framework/terraform/aws/rockylinux/variables.tf +++ b/test_framework/terraform/aws/rockylinux/variables.tf @@ -119,4 +119,10 @@ variable "use_hdd" { variable "create_load_balancer" { type = bool default = false +} + +variable "custom_ssh_public_key" { + type = string + default = "" + sensitive = true } \ No newline at end of file diff --git a/test_framework/terraform/aws/sle-micro/data.tf b/test_framework/terraform/aws/sle-micro/data.tf index a5969891c2..472d0ca177 100644 --- a/test_framework/terraform/aws/sle-micro/data.tf +++ b/test_framework/terraform/aws/sle-micro/data.tf @@ -20,6 +20,7 @@ data "template_file" "provision_k3s_server" { k3s_cluster_secret = random_password.cluster_secret.result k3s_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -30,6 +31,7 @@ data "template_file" "provision_k3s_agent" { k3s_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:6443" k3s_cluster_secret = random_password.cluster_secret.result k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -40,6 +42,7 @@ data "template_file" "provision_rke2_server" { rke2_cluster_secret = random_password.cluster_secret.result rke2_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip rke2_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -50,5 +53,6 @@ data "template_file" "provision_rke2_agent" { rke2_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:9345" rke2_cluster_secret = random_password.cluster_secret.result rke2_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } diff --git a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_agent.sh.tpl b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_agent.sh.tpl index b9cf4373b8..fb81b0214d 100755 --- a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_agent.sh.tpl +++ b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_agent.sh.tpl @@ -20,3 +20,7 @@ fi curl -sfL https://get.k3s.io | sudo INSTALL_K3S_EXEC="agent --token ${k3s_cluster_secret}" K3S_URL="${k3s_server_url}" INSTALL_K3S_VERSION="${k3s_version}" sh - sudo systemctl start k3s-agent + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/suse/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_server.sh.tpl b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_server.sh.tpl index 9bcc200570..7f254cda4b 100755 --- a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_server.sh.tpl +++ b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_k3s_server.sh.tpl @@ -2,3 +2,7 @@ curl -sfL https://get.k3s.io | sudo INSTALL_K3S_EXEC="server --node-taint "node-role.kubernetes.io/master=true:NoExecute" --node-taint "node-role.kubernetes.io/master=true:NoSchedule" --tls-san ${k3s_server_public_ip} --write-kubeconfig-mode 644 --token ${k3s_cluster_secret}" INSTALL_K3S_VERSION="${k3s_version}" sh - sudo systemctl start k3s + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/suse/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_agent.sh.tpl b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_agent.sh.tpl index 74d2dd67e6..6efbaab929 100755 --- a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_agent.sh.tpl +++ b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_agent.sh.tpl @@ -32,4 +32,9 @@ EOF sudo systemctl enable rke2-agent.service sudo systemctl start rke2-agent.service -exit $? + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/suse/.ssh/authorized_keys +fi + +exit $? \ No newline at end of file diff --git a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_server.sh.tpl b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_server.sh.tpl index 9fd79f05c4..1ec23d1df3 100755 --- a/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_server.sh.tpl +++ b/test_framework/terraform/aws/sle-micro/user-data-scripts/provision_rke2_server.sh.tpl @@ -15,4 +15,8 @@ EOF sudo systemctl enable rke2-server.service sudo systemctl start rke2-server.service -sudo ln -s /var/lib/rancher/rke2/bin/kubectl /usr/local/bin/kubectl \ No newline at end of file +sudo ln -s /var/lib/rancher/rke2/bin/kubectl /usr/local/bin/kubectl + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/suse/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/sle-micro/variables.tf b/test_framework/terraform/aws/sle-micro/variables.tf index f1b7afd7f6..b00745d94b 100644 --- a/test_framework/terraform/aws/sle-micro/variables.tf +++ b/test_framework/terraform/aws/sle-micro/variables.tf @@ -121,4 +121,10 @@ variable "create_load_balancer" { variable "registration_code" { type = string sensitive = true +} + +variable "custom_ssh_public_key" { + type = string + default = "" + sensitive = true } \ No newline at end of file diff --git a/test_framework/terraform/aws/sles/data.tf b/test_framework/terraform/aws/sles/data.tf index a71132950b..b8964a56dd 100644 --- a/test_framework/terraform/aws/sles/data.tf +++ b/test_framework/terraform/aws/sles/data.tf @@ -17,6 +17,7 @@ data "template_file" "provision_k3s_server" { k3s_cluster_secret = random_password.cluster_secret.result k3s_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -27,6 +28,7 @@ data "template_file" "provision_k3s_agent" { k3s_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:6443" k3s_cluster_secret = random_password.cluster_secret.result k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -38,6 +40,7 @@ data "template_file" "provision_rke2_server" { rke2_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip rke2_version = var.k8s_distro_version cis_hardening = var.cis_hardening + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -49,5 +52,6 @@ data "template_file" "provision_rke2_agent" { rke2_cluster_secret = random_password.cluster_secret.result rke2_version = var.k8s_distro_version cis_hardening = var.cis_hardening + custom_ssh_public_key = var.custom_ssh_public_key } } diff --git a/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_agent.sh.tpl b/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_agent.sh.tpl index af5faa1d4c..c799b47a07 100755 --- a/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_agent.sh.tpl +++ b/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_agent.sh.tpl @@ -34,3 +34,7 @@ until (curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="agent --token ${k3s_clus echo 'k3s agent did not install correctly' sleep 2 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi \ No newline at end of file diff --git a/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_server.sh.tpl b/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_server.sh.tpl index c04dd4cab8..2a2df03018 100755 --- a/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_server.sh.tpl +++ b/test_framework/terraform/aws/sles/user-data-scripts/provision_k3s_server.sh.tpl @@ -25,3 +25,6 @@ until (kubectl get pods -A | grep 'Running'); do RETRY=$((RETRY+1)) done +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_agent.sh.tpl b/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_agent.sh.tpl index e74b801290..04a9e1959c 100755 --- a/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_agent.sh.tpl +++ b/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_agent.sh.tpl @@ -60,4 +60,9 @@ EOF fi systemctl start rke2-agent.service + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi + exit $? diff --git a/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_server.sh.tpl b/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_server.sh.tpl index 9f5add5c49..6bf855bc44 100755 --- a/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_server.sh.tpl +++ b/test_framework/terraform/aws/sles/user-data-scripts/provision_rke2_server.sh.tpl @@ -53,3 +53,7 @@ until (KUBECONFIG=/etc/rancher/rke2/rke2.yaml /var/lib/rancher/rke2/bin/kubectl fi RETRY=$((RETRY+1)) done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ec2-user/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/sles/variables.tf b/test_framework/terraform/aws/sles/variables.tf index 6e683a7d55..684bb5af8a 100644 --- a/test_framework/terraform/aws/sles/variables.tf +++ b/test_framework/terraform/aws/sles/variables.tf @@ -126,4 +126,10 @@ variable "cis_hardening" { variable "resources_owner" { type = string default = "longhorn-infra" +} + +variable "custom_ssh_public_key" { + type = string + default = "" + sensitive = true } \ No newline at end of file diff --git a/test_framework/terraform/aws/ubuntu/data.tf b/test_framework/terraform/aws/ubuntu/data.tf index 374a3069b4..9edd0495f2 100644 --- a/test_framework/terraform/aws/ubuntu/data.tf +++ b/test_framework/terraform/aws/ubuntu/data.tf @@ -16,6 +16,7 @@ data "template_file" "provision_k3s_server" { k3s_cluster_secret = random_password.cluster_secret.result k3s_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -26,6 +27,7 @@ data "template_file" "provision_k3s_agent" { k3s_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:6443" k3s_cluster_secret = random_password.cluster_secret.result k3s_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -37,6 +39,7 @@ data "template_file" "provision_rke2_server" { rke2_cluster_secret = random_password.cluster_secret.result rke2_server_public_ip = aws_eip.lh_aws_eip_controlplane[0].public_ip rke2_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } @@ -47,6 +50,7 @@ data "template_file" "provision_rke2_agent" { rke2_server_url = "https://${aws_eip.lh_aws_eip_controlplane[0].public_ip}:9345" rke2_cluster_secret = random_password.cluster_secret.result rke2_version = var.k8s_distro_version + custom_ssh_public_key = var.custom_ssh_public_key } } diff --git a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_agent.sh.tpl b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_agent.sh.tpl index 38112a8aa6..c7b825fc63 100755 --- a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_agent.sh.tpl +++ b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_agent.sh.tpl @@ -13,3 +13,7 @@ until (curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="agent --token ${k3s_clus echo 'k3s agent did not install correctly' sleep 2 done + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ubuntu/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_server.sh.tpl b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_server.sh.tpl index d0a2ae2fcd..2ac9c835fe 100755 --- a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_server.sh.tpl +++ b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_k3s_server.sh.tpl @@ -15,3 +15,6 @@ until (kubectl get pods -A | grep 'Running'); do sleep 5 done +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ubuntu/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_agent.sh.tpl b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_agent.sh.tpl index 09804ab903..b2d58b4ed9 100755 --- a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_agent.sh.tpl +++ b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_agent.sh.tpl @@ -28,4 +28,9 @@ EOF systemctl enable rke2-agent.service systemctl start rke2-agent.service -exit $? + +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ubuntu/.ssh/authorized_keys +fi + +exit $? \ No newline at end of file diff --git a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_server.sh.tpl b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_server.sh.tpl index 6543e059c7..ee3358398b 100755 --- a/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_server.sh.tpl +++ b/test_framework/terraform/aws/ubuntu/user-data-scripts/provision_rke2_server.sh.tpl @@ -26,3 +26,6 @@ until (KUBECONFIG=/etc/rancher/rke2/rke2.yaml /var/lib/rancher/rke2/bin/kubectl sleep 5 done +if [[ -n "${custom_ssh_public_key}" ]]; then + echo "${custom_ssh_public_key}" >> /home/ubuntu/.ssh/authorized_keys +fi diff --git a/test_framework/terraform/aws/ubuntu/variables.tf b/test_framework/terraform/aws/ubuntu/variables.tf index b6c53dd1b8..468a06b00e 100644 --- a/test_framework/terraform/aws/ubuntu/variables.tf +++ b/test_framework/terraform/aws/ubuntu/variables.tf @@ -115,3 +115,9 @@ variable "create_load_balancer" { type = bool default = false } + +variable "custom_ssh_public_key" { + type = string + default = "" + sensitive = true +} \ No newline at end of file