Skip to content

Commit

Permalink
change startup-script to use all userDataVariables
Browse files Browse the repository at this point in the history
made minor changes to curl probe to make more readible and added
functionality to startup-script to add cacerts and export proxy
environment variables if specified
  • Loading branch information
eth1030 committed Aug 2, 2024
1 parent a74a70c commit 3611e8e
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 8 deletions.
2 changes: 1 addition & 1 deletion pkg/probes/curl/curl_json.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ func (clp Probe) GetMachineImageID(platformType string, cpuArch cpu.Architecture
// values *are* provided for variables that must be set to a certain value for the probe to
// function correctly (presetUserDataVariables) -- this function will fill-in those values for you.
func (clp Probe) GetExpandedUserData(userDataVariables map[string]string, userDataTemplate string) (string, error) {
// Extract required variables specified in template (if any) based off platformType
// Extract required variables specified in template (if any)
directivelessUserDataTemplate, requiredVariables := helpers.ExtractRequiredVariablesDirective(userDataTemplate)

// Ensure userDataVariables complies with requiredVariables and presetUserDataVariables. See
Expand Down
2 changes: 1 addition & 1 deletion pkg/probes/package_probes.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,6 @@ type Probe interface {
GetMachineImageID(platformType string, cpuArch cpu.Architecture, region string) (string, error)
GetStartingToken() string
GetEndingToken() string
GetExpandedUserData(map[string]string, string) (string, error)
GetExpandedUserData(userDataVariables map[string]string, userDataTemplate string) (string, error)
ParseProbeOutput(string, *output.Output)
}
7 changes: 2 additions & 5 deletions pkg/verifier/gcp/entry_point.go
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,6 @@ func (g *GcpVerifier) ValidateEgress(vei verifier.ValidateEgressInput) *output.O
// Expand replaces all ${var} (using empty string for unknown ones), adding the env variables used in startup-script.sh
// Must add fake userDatavariables to replace parts of startup-script.sh that are not env variables but start with $
userDataVariables := map[string]string{
"AWS_REGION": "us-east-2", // Not sure if this is the correct data
"TIMEOUT": vei.Timeout.String(),
"HTTP_PROXY": vei.Proxy.HttpProxy,
"HTTPS_PROXY": vei.Proxy.HttpsProxy,
Expand All @@ -110,8 +109,7 @@ func (g *GcpVerifier) ValidateEgress(vei verifier.ValidateEgressInput) *output.O
vei.CloudImageID = DEFAULT_CLOUDIMAGEID
}

// Create ComputeService instance
// Image list https://cloud.google.com/compute/docs/images/os-details#red_hat_enterprise_linux_rhel
//image list https://cloud.google.com/compute/docs/images/os-details#red_hat_enterprise_linux_rhel
instance, err := g.createComputeServiceInstance(createComputeServiceInstanceInput{
projectID: vei.GCP.ProjectID,
zone: vei.GCP.Zone,
Expand All @@ -131,9 +129,8 @@ func (g *GcpVerifier) ValidateEgress(vei verifier.ValidateEgressInput) *output.O
}

g.Logger.Debug(vei.Ctx, "Waiting for ComputeService instance %s to be running", instance.Name)

if instanceReadyErr := g.waitForComputeServiceInstanceCompletion(vei.GCP.ProjectID, vei.GCP.Zone, instance.Name); instanceReadyErr != nil {
// try to terminate instance if instance not running
// try to terminate instance if instance is not running
err = g.GcpClient.TerminateComputeServiceInstance(vei.GCP.ProjectID, vei.GCP.Zone, instance.Name)
if err != nil {
g.Output.AddError(err)
Expand Down
7 changes: 6 additions & 1 deletion pkg/verifier/gcp/startup-script.sh
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,12 @@ Unit=terminate.service
WantedBy=multi-user.target
EOF

# make script executable and start systemd services
# if cacert is provided, curl probe adds CURLOPT to use the provided cacert
echo "${CACERT}" | base64 > /proxy.pem
chmod 0755 /proxy.pem

# set proxy environment variables, make script executable and start systemd services
export http_proxy=${HTTP_PROXY} https_proxy=${HTTPS_PROXY}
chmod 777 /usr/bin/curl.sh /usr/bin/terminate.sh
systemctl daemon-reload
systemctl start silence
Expand Down

0 comments on commit 3611e8e

Please sign in to comment.