Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: support sle-micro for hal cluster #2150

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

yangchiu
Copy link
Member

@yangchiu yangchiu commented Oct 24, 2024

Which issue(s) this PR fixes:

Issue longhorn/longhorn#9691

What this PR does / why we need it:

support sle-micro for hal cluster

Special notes for your reviewer:

Additional documentation or context

Summary by CodeRabbit

  • New Features

    • Introduced a new Terraform configuration for managing a Rancher2 environment with Harvester integration.
    • Added several new variables for enhanced configuration and sensitive information handling in Terraform.
  • Bug Fixes

    • Simplified error messages related to unsupported operating systems in the setup scripts.
    • Streamlined conditional checks in the setup scripts to improve control flow.
  • Documentation

    • Enhanced variable descriptions in the Terraform configuration for better clarity.

@yangchiu yangchiu self-assigned this Oct 24, 2024
@yangchiu yangchiu requested a review from a team as a code owner October 24, 2024 05:44
Copy link

coderabbitai bot commented Oct 24, 2024

Warning

Rate limit exceeded

@yangchiu has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 14 minutes and 27 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Files that changed from the base of the PR and between 9e65e28 and 889d4ac.

Walkthrough

The changes in this pull request consist of modifications to the longhorn-setup.sh script for improved error messaging and control flow, specifically regarding supported operating systems. The error message has been simplified, and the conditions for executing the longhornctl_check function have been adjusted to exclude fewer distributions. Additionally, a new Terraform configuration for managing a Rancher2 environment with Harvester integration has been introduced, featuring new variable declarations and resource definitions.

Changes

File Change Summary
pipelines/e2e/scripts/longhorn-setup.sh Simplified error message; modified conditional checks to exclude only "eks" and "talos."
test_framework/scripts/longhorn-setup.sh Simplified error message; modified conditional checks to exclude only "talos."
test_framework/terraform/harvester/sle-micro/main.tf Introduced Terraform configuration for Rancher2 environment; defined resources and outputs.
test_framework/terraform/harvester/sle-micro/variables.tf Added new variable declarations for sensitive information and deployment parameters.

Assessment against linked issues

Objective Addressed Explanation
Support other OS distros for HAL cluster (#9691)
Support sle-micro as an OS distro (#9691)
Support talos as an OS distro (#9691) The changes do not explicitly add support for "talos."

Possibly related PRs

  • ci: support v2 data engine for hal cluster #2147: The changes in test_framework/scripts/longhorn-setup.sh regarding the longhornctl_check function and error handling are related to the modifications in the same script in the main PR, which also focuses on error messaging and control flow logic.

Suggested reviewers

  • khushboo-rancher

Poem

In the land of code where bunnies hop,
Changes made, we’ll never stop!
With messages clear and flow refined,
New paths for clusters, oh so kind!
Hopping through scripts, we dance with glee,
For every tweak brings joy to me! 🐰✨


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 7

🧹 Outside diff range and nitpick comments (2)
test_framework/terraform/harvester/sle-micro/variables.tf (1)

30-33: Consider future-proofing OS version constraints.

To maintain long-term maintainability as new SLE Micro versions are released, consider:

  1. Adding a list of supported versions in a local variable
  2. Documenting the version support policy
  3. Adding validation against supported versions

Example implementation:

locals {
  supported_sle_micro_versions = ["5.5", "6.0"]
}

variable "os_distro_version" {
  type        = string
  description = "SLE Micro OS version to be deployed (supported versions: ${join(", ", local.supported_sle_micro_versions)})"
  default     = "6.0"
  validation {
    condition     = contains(local.supported_sle_micro_versions, var.os_distro_version)
    error_message = "Unsupported SLE Micro version. Must be one of: ${join(", ", local.supported_sle_micro_versions)}"
  }
}
pipelines/e2e/scripts/longhorn-setup.sh (1)

57-60: Consider enhancing error handling for unsupported distributions.

The error message in the comment suggests improving the error handling for unsupported distributions.

Consider these improvements:

  1. Add explicit distribution validation at the start of the script
  2. Create a dedicated function for distribution checks
  3. Maintain a list of supported/unsupported distributions in a configuration file
  4. Provide more informative error messages with supported alternatives

Would you like me to propose an implementation for any of these improvements?

🧰 Tools
🪛 Shellcheck

[warning] 58-58: TF_VAR_k8s_distro_name is referenced but not assigned.

(SC2154)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between f78ae2c and 48f0dba.

📒 Files selected for processing (4)
  • pipelines/e2e/scripts/longhorn-setup.sh (1 hunks)
  • test_framework/scripts/longhorn-setup.sh (1 hunks)
  • test_framework/terraform/harvester/sle-micro/main.tf (1 hunks)
  • test_framework/terraform/harvester/sle-micro/variables.tf (1 hunks)
🧰 Additional context used
🪛 Shellcheck
pipelines/e2e/scripts/longhorn-setup.sh

[warning] 58-58: TF_VAR_k8s_distro_name is referenced but not assigned.

(SC2154)

🔇 Additional comments (2)
pipelines/e2e/scripts/longhorn-setup.sh (1)

57-60: Verify TF_VAR_k8s_distro_name variable initialization.

The changes correctly remove restrictions for SLE Micro while maintaining necessary exclusions. However, the TF_VAR_k8s_distro_name variable usage needs verification as it appears undefined.

Let's verify the variable initialization:

🧰 Tools
🪛 Shellcheck

[warning] 58-58: TF_VAR_k8s_distro_name is referenced but not assigned.

(SC2154)

test_framework/scripts/longhorn-setup.sh (1)

526-528: LGTM! Changes align with SLE Micro support objective.

The modification correctly updates the condition to support SLE Micro while maintaining the exclusion for EKS and Talos distributions. The error message update reflects this change in supported operating systems.

Let's verify the changes don't affect other OS distributions:

✅ Verification successful

Based on the search results, I can now generate a final response as I have sufficient information about OS-specific conditions across the codebase.

Changes are consistent with existing OS-specific handling patterns

The modification to support SLE Micro aligns well with the existing OS-specific handling patterns in the codebase:

  • The condition [[ "${TF_VAR_k8s_distro_name}" != "eks" ]] && [[ "${DISTRO}" != "talos" ]] maintains consistency with other OS-specific checks in the codebase
  • Other scripts in various pipelines (e2e, helm, fleet, etc.) show similar patterns for OS-specific handling, particularly for:
    • SELinux workarounds for RHEL, Rocky Linux, and Oracle
    • Special namespace handling for Talos
    • Specific installation methods for SLES

The changes don't introduce any inconsistencies with existing OS-specific logic and maintain the established pattern of explicitly handling different distributions.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any other OS-specific conditions in the codebase
# that might need to be updated for consistency

# Search for OS-specific conditions
rg -A 5 "DISTRO.*==" 
rg -A 5 "operating.*systems.*not.*supported"

Length of output: 9038

Comment on lines +51 to +54
variable "registration_code" {
type = string
sensitive = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add documentation and validation for registration code.

The registration code variable needs proper documentation and validation since it's crucial for SLE Micro subscription management.

Apply these improvements:

 variable "registration_code" {
   type        = string
   sensitive   = true
+  description = "SLE Micro subscription registration code"
+  validation {
+    condition     = length(var.registration_code) > 0
+    error_message = "Registration code cannot be empty"
+  }
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
variable "registration_code" {
type = string
sensitive = true
}
variable "registration_code" {
type = string
sensitive = true
description = "SLE Micro subscription registration code"
validation {
condition = length(var.registration_code) > 0
error_message = "Registration code cannot be empty"
}
}

Comment on lines +19 to +22
variable "ssh_public_key_file_path" {
type = string
default = "~/.ssh/id_rsa.pub"
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix SSH key path handling and add validation.

The current SSH key path has two potential issues:

  1. Using tilde (~) for home directory might not work consistently in Terraform
  2. Missing validation for file existence

Apply this fix:

 variable "ssh_public_key_file_path" {
   type        = string
-  default     = "~/.ssh/id_rsa.pub"
+  default     = "/home/ubuntu/.ssh/id_rsa.pub"  # Update with appropriate default path
+  validation {
+    condition     = fileexists(var.ssh_public_key_file_path)
+    error_message = "SSH public key file does not exist at the specified path"
+  }
 }

Committable suggestion was skipped due to low confidence.

Comment on lines +24 to +33
variable "arch" {
type = string
description = "available values (amd64, arm64)"
default = "amd64"
}

variable "os_distro_version" {
type = string
default = "6.0"
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Enhance system configuration validation and documentation.

The system configuration variables need better validation and documentation, especially since this is for SLE Micro support.

Apply these improvements:

 variable "arch" {
   type        = string
   description = "available values (amd64, arm64)"
   default     = "amd64"
+  validation {
+    condition     = contains(["amd64", "arm64"], var.arch)
+    error_message = "Architecture must be one of: amd64, arm64"
+  }
 }

 variable "os_distro_version" {
   type        = string
+  description = "SLE Micro OS version to be deployed"
   default     = "6.0"
+  validation {
+    condition     = can(regex("^\\d+\\.\\d+$", var.os_distro_version))
+    error_message = "OS version must be in format X.Y (e.g., 6.0)"
+  }
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
variable "arch" {
type = string
description = "available values (amd64, arm64)"
default = "amd64"
}
variable "os_distro_version" {
type = string
default = "6.0"
}
variable "arch" {
type = string
description = "available values (amd64, arm64)"
default = "amd64"
validation {
condition = contains(["amd64", "arm64"], var.arch)
error_message = "Architecture must be one of: amd64, arm64"
}
}
variable "os_distro_version" {
type = string
description = "SLE Micro OS version to be deployed"
default = "6.0"
validation {
condition = can(regex("^\\d+\\.\\d+$", var.os_distro_version))
error_message = "OS version must be in format X.Y (e.g., 6.0)"
}
}

Comment on lines +1 to +17
variable "lab_url" {
type = string
description = "LAB URL"
sensitive = true
}

variable "lab_access_key" {
type = string
description = "LAB ACCESS_KEY"
sensitive = true
}

variable "lab_secret_key" {
type = string
description = "LAB SECRET_KEY"
sensitive = true
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation blocks for lab credentials.

The lab credential variables should include validation to ensure proper formatting and prevent configuration errors.

Add validation blocks:

 variable "lab_url" {
   type        = string
   description = "LAB URL"
   sensitive   = true
+  validation {
+    condition     = can(regex("^https?://", var.lab_url))
+    error_message = "Lab URL must start with http:// or https://"
+  }
 }

 variable "lab_access_key" {
   type        = string
   description = "LAB ACCESS_KEY"
   sensitive   = true
+  validation {
+    condition     = length(var.lab_access_key) > 0
+    error_message = "Lab access key cannot be empty"
+  }
 }

 variable "lab_secret_key" {
   type        = string
   description = "LAB SECRET_KEY"
   sensitive   = true
+  validation {
+    condition     = length(var.lab_secret_key) > 0
+    error_message = "Lab secret key cannot be empty"
+  }
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
variable "lab_url" {
type = string
description = "LAB URL"
sensitive = true
}
variable "lab_access_key" {
type = string
description = "LAB ACCESS_KEY"
sensitive = true
}
variable "lab_secret_key" {
type = string
description = "LAB SECRET_KEY"
sensitive = true
}
variable "lab_url" {
type = string
description = "LAB URL"
sensitive = true
validation {
condition = can(regex("^https?://", var.lab_url))
error_message = "Lab URL must start with http:// or https://"
}
}
variable "lab_access_key" {
type = string
description = "LAB ACCESS_KEY"
sensitive = true
validation {
condition = length(var.lab_access_key) > 0
error_message = "Lab access key cannot be empty"
}
}
variable "lab_secret_key" {
type = string
description = "LAB SECRET_KEY"
sensitive = true
validation {
condition = length(var.lab_secret_key) > 0
error_message = "Lab secret key cannot be empty"
}
}

Comment on lines 35 to 49
variable "k8s_distro_name" {
type = string
default = "rke2"
description = "kubernetes distro version to install [rke, k3s] (default: rke2)"
}

variable "k8s_distro_version" {
type = string
default = "v1.27.13+rke2r1"
description = <<-EOT
kubernetes version that will be deployed
k3s: (default: v1.27.13+k3s1)
rke2: (default: v1.27.13+rke2r1)
EOT
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix Kubernetes configuration inconsistencies and add validation.

There are several issues with the Kubernetes configuration variables:

  1. The k8s_distro_name description doesn't match the default value
  2. Missing version string validation
  3. The description could be more structured

Apply these fixes:

 variable "k8s_distro_name" {
   type        = string
   default     = "rke2"
-  description = "kubernetes distro version to install [rke, k3s]  (default: rke2)"
+  description = "kubernetes distro version to install [rke2, k3s] (default: rke2)"
+  validation {
+    condition     = contains(["rke2", "k3s"], var.k8s_distro_name)
+    error_message = "Kubernetes distribution must be one of: rke2, k3s"
+  }
 }

 variable "k8s_distro_version" {
   type        = string
   default     = "v1.27.13+rke2r1"
   description = <<-EOT
     kubernetes version that will be deployed
-    k3s: (default: v1.27.13+k3s1)
-    rke2: (default: v1.27.13+rke2r1)
+    Supported formats:
+      - k3s:  v<major>.<minor>.<patch>+k3s1  (e.g., v1.27.13+k3s1)
+      - rke2: v<major>.<minor>.<patch>+rke2r1 (e.g., v1.27.13+rke2r1)
   EOT
+  validation {
+    condition     = can(regex("^v\\d+\\.\\d+\\.\\d+\\+(rke2r1|k3s1)$", var.k8s_distro_version))
+    error_message = "Invalid Kubernetes version format. Must match v1.27.13+rke2r1 or v1.27.13+k3s1 pattern"
+  }
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
variable "k8s_distro_name" {
type = string
default = "rke2"
description = "kubernetes distro version to install [rke, k3s] (default: rke2)"
}
variable "k8s_distro_version" {
type = string
default = "v1.27.13+rke2r1"
description = <<-EOT
kubernetes version that will be deployed
k3s: (default: v1.27.13+k3s1)
rke2: (default: v1.27.13+rke2r1)
EOT
}
variable "k8s_distro_name" {
type = string
default = "rke2"
description = "kubernetes distro version to install [rke2, k3s] (default: rke2)"
validation {
condition = contains(["rke2", "k3s"], var.k8s_distro_name)
error_message = "Kubernetes distribution must be one of: rke2, k3s"
}
}
variable "k8s_distro_version" {
type = string
default = "v1.27.13+rke2r1"
description = <<-EOT
kubernetes version that will be deployed
Supported formats:
- k3s: v<major>.<minor>.<patch>+k3s1 (e.g., v1.27.13+k3s1)
- rke2: v<major>.<minor>.<patch>+rke2r1 (e.g., v1.27.13+rke2r1)
EOT
validation {
condition = can(regex("^v\\d+\\.\\d+\\.\\d+\\+(rke2r1|k3s1)$", var.k8s_distro_version))
error_message = "Invalid Kubernetes version format. Must match v1.27.13+rke2r1 or v1.27.13+k3s1 pattern"
}
}

Comment on lines +45 to +46
cpu_count = "4"
memory_size = "8"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Use numeric values for cpu_count and memory_size

The cpu_count and memory_size should be specified as numbers, not strings. Remove the quotes to ensure they are interpreted as integers.

Apply this diff to fix the values:

-    cpu_count = "4"
-    memory_size = "8"
+    cpu_count = 4
+    memory_size = 8

Also applies to: 90-91


output "kube_config" {
value = rancher2_cluster_v2.e2e-cluster.kube_config
sensitive = "true"
Copy link

@coderabbitai coderabbitai bot Oct 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix the syntax error: Set sensitive attribute to boolean

In the output block for kube_config, the sensitive attribute should be a boolean value, not a string. Remove the quotes around true.

Apply this diff to fix the syntax:

-  sensitive = "true"
+  sensitive = true
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
sensitive = "true"
sensitive = true

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@yangchiu Looks like a reasonable review comment.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Refined.

Copy link
Collaborator

@khushboo-rancher khushboo-rancher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM except one comment from coderabbit looks legit.


output "kube_config" {
value = rancher2_cluster_v2.e2e-cluster.kube_config
sensitive = "true"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@yangchiu Looks like a reasonable review comment.

Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 48f0dba and 9e65e28.

📒 Files selected for processing (4)
  • pipelines/e2e/scripts/longhorn-setup.sh (1 hunks)
  • test_framework/scripts/longhorn-setup.sh (1 hunks)
  • test_framework/terraform/harvester/sle-micro/main.tf (1 hunks)
  • test_framework/terraform/harvester/sle-micro/variables.tf (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
  • test_framework/scripts/longhorn-setup.sh
  • test_framework/terraform/harvester/sle-micro/variables.tf
🧰 Additional context used
🪛 Shellcheck
pipelines/e2e/scripts/longhorn-setup.sh

[warning] 58-58: TF_VAR_k8s_distro_name is referenced but not assigned.

(SC2154)

🔇 Additional comments (3)
pipelines/e2e/scripts/longhorn-setup.sh (2)

57-60: LGTM: Successfully adds SLE Micro support

The changes correctly implement SLE Micro support by removing it from the exclusion list, allowing the longhornctl_check to run on SLE Micro systems. This aligns with the PR objective of adding SLE Micro support for HAL cluster.

🧰 Tools
🪛 Shellcheck

[warning] 58-58: TF_VAR_k8s_distro_name is referenced but not assigned.

(SC2154)


58-58: ⚠️ Potential issue

Fix: TF_VAR_k8s_distro_name variable is undefined

The script uses TF_VAR_k8s_distro_name in conditions but this variable is not assigned anywhere in the script. This could lead to unexpected behavior if the variable is not set in the environment.

Consider one of these solutions:

  1. Add a default value:
+ : "${TF_VAR_k8s_distro_name:=}"
  1. Add validation:
+ if [ -z "${TF_VAR_k8s_distro_name+x}" ]; then
+   echo "Error: TF_VAR_k8s_distro_name is not set"
+   exit 1
+ fi

Let's verify if this variable is defined elsewhere:

🧰 Tools
🪛 Shellcheck

[warning] 58-58: TF_VAR_k8s_distro_name is referenced but not assigned.

(SC2154)

test_framework/terraform/harvester/sle-micro/main.tf (1)

124-124: Ensure 'registration_code' variable is defined and marked as sensitive

The variable ${var.registration_code} used in the cloud-init script may contain sensitive information. Please verify that registration_code is properly defined in variables.tf and marked as sensitive to prevent accidental exposure of confidential data.

Comment on lines 143 to 147
- touch /usr/local/bin/cron-reboot.sh
- chmod +x /usr/local/bin/cron-reboot.sh
- echo systemctl enable iscsid >> /usr/local/bin/cron-reboot.sh
- echo systemctl start iscsid >> /usr/local/bin/cron-reboot.sh
- echo "@reboot root /usr/local/bin/cron-reboot.sh" >> /etc/crontab
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Use cloud-init modules to manage scripts and cron jobs

Directly echoing commands to files and appending to /etc/crontab can lead to syntax errors or unintended behavior. Consider using cloud-init's write_files module to create the /usr/local/bin/cron-reboot.sh script and the runcmd or bootcmd module to set up the cron job more reliably.

Signed-off-by: Yang Chiu <yang.chiu@suse.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants