From 75796c19c2601f668c4777057265b32eb42dcbf7 Mon Sep 17 00:00:00 2001
From: Guillaume Bau <guillaume.bau@nomadic-labs.com>
Date: Fri, 18 Apr 2025 11:22:53 +0200
Subject: [PATCH] Tezt/Cloud: make explicit the use of an ssh public key

---
 tezt/lib_cloud/cloud.ml       | 11 ++++++++---
 tezt/lib_cloud/deployement.ml |  4 ++++
 tezt/lib_cloud/jobs.ml        | 18 +++---------------
 tezt/lib_cloud/jobs.mli       |  1 +
 tezt/lib_cloud/ssh.ml         | 13 +++++++++++++
 tezt/lib_cloud/ssh.mli        |  4 ++++
 tezt/lib_cloud/tezt_cloud.ml  |  8 ++++++--
 7 files changed, 39 insertions(+), 20 deletions(-)

diff --git a/tezt/lib_cloud/cloud.ml b/tezt/lib_cloud/cloud.ml
index 9a00dec0983b..b8924e8d8e12 100644
--- a/tezt/lib_cloud/cloud.ml
+++ b/tezt/lib_cloud/cloud.ml
@@ -592,6 +592,7 @@ let register ?proxy_files ?proxy_args ?vms ~__FILE__ ~title ~tags ?seed ?alerts
           deployement = None;
         }
   | Some configurations -> (
+      let* ssh_public_key = Ssh.public_key () in
       let sorted_names =
         configurations
         |> List.map (fun Agent.Configuration.{name; _} -> name)
@@ -635,14 +636,16 @@ let register ?proxy_files ?proxy_args ?vms ~__FILE__ ~title ~tags ?seed ?alerts
             orchestrator ?alerts ?tasks deployement f
         | `Localhost ->
             (* The scenario is executed locally and the VM are on the host machine. *)
-            let* () = Jobs.docker_build ~push:false () in
+            let* () = Jobs.docker_build ~push:false ~ssh_public_key () in
             let* deployement = Deployement.deploy ~configurations in
             let* () = ensure_ready deployement in
             orchestrator ?alerts ?tasks deployement f
         | `Cloud ->
             (* The scenario is executed locally and the VMs are on the cloud. *)
             let* () = Jobs.deploy_docker_registry () in
-            let* () = Jobs.docker_build ~push:Env.push_docker () in
+            let* () =
+              Jobs.docker_build ~push:Env.push_docker ~ssh_public_key ()
+            in
             let* deployement = Deployement.deploy ~configurations in
             let* () = ensure_ready deployement in
             orchestrator ?alerts ?tasks deployement f
@@ -651,7 +654,9 @@ let register ?proxy_files ?proxy_args ?vms ~__FILE__ ~title ~tags ?seed ?alerts
             let* proxy_running = try_reattach () in
             if not proxy_running then
               let* () = Jobs.deploy_docker_registry () in
-              let* () = Jobs.docker_build ~push:Env.push_docker () in
+              let* () =
+                Jobs.docker_build ~push:Env.push_docker ~ssh_public_key ()
+              in
               let* deployement = Deployement.deploy ~configurations in
               let* () = ensure_ready deployement in
               init_proxy ?proxy_files ?proxy_args deployement
diff --git a/tezt/lib_cloud/deployement.ml b/tezt/lib_cloud/deployement.ml
index bd3e323ab916..38484aee89fc 100644
--- a/tezt/lib_cloud/deployement.ml
+++ b/tezt/lib_cloud/deployement.ml
@@ -222,10 +222,12 @@ module Remote = struct
            (fun
              (workspace_name, (vm_configuration, configurations, number_of_vms))
            ->
+             let* ssh_public_key = Ssh.public_key () in
              let* () =
                Jobs.docker_build
                  ~docker_image:vm_configuration.Agent.Configuration.docker_image
                  ~push:Env.push_docker
+                 ~ssh_public_key
                  ()
              in
              let* () = Terraform.VM.Workspace.select workspace_name in
@@ -324,6 +326,7 @@ module Localhost = struct
         in
         Lwt.return docker_network
     in
+    let* ssh_public_key = Ssh.public_key () in
     let* processes =
       List.to_seq configurations
       |> Seq.mapi (fun i configuration ->
@@ -336,6 +339,7 @@ module Localhost = struct
                Jobs.docker_build
                  ~docker_image:configuration.Agent.Configuration.vm.docker_image
                  ~push:false
+                 ~ssh_public_key
                  ()
              in
              let* docker_image =
diff --git a/tezt/lib_cloud/jobs.ml b/tezt/lib_cloud/jobs.ml
index 12ce5194655d..77393257e0c3 100644
--- a/tezt/lib_cloud/jobs.ml
+++ b/tezt/lib_cloud/jobs.ml
@@ -14,25 +14,13 @@ let docker_build =
   let cache = Hashtbl.create 11 in
   fun ?(docker_image = Agent.Configuration.Gcp {alias = Env.dockerfile_alias})
       ~push
+      ~ssh_public_key
       () ->
     if Hashtbl.mem cache docker_image then (
       Log.info "Docker image is already built. Nothing to do" ;
       Lwt.return_unit)
-    else
-      let ssh_public_key_filename = Env.ssh_public_key_filename () in
+    else (
       Hashtbl.replace cache docker_image () ;
-      Log.info
-        "Checking the existence of ssh public key '%s'..."
-        ssh_public_key_filename ;
-      let* ssh_public_key =
-        let* () =
-          if not (Sys.file_exists ssh_public_key_filename) then (
-            Log.info "SSH public key not found, creating it..." ;
-            Ssh.generate_key ())
-          else Lwt.return_unit
-        in
-        Process.run_and_read_stdout ~name:"cat" "cat" [ssh_public_key_filename]
-      in
       let alias =
         match docker_image with
         | Gcp {alias} -> alias
@@ -92,7 +80,7 @@ let docker_build =
           Lwt.return_unit)
         else Lwt.return_unit
       in
-      unit
+      unit)
 
 let deploy_docker_registry () =
   Log.info "Tezt_Cloud found with value: %s" Env.tezt_cloud ;
diff --git a/tezt/lib_cloud/jobs.mli b/tezt/lib_cloud/jobs.mli
index 58934d7008b9..26186ed244cf 100644
--- a/tezt/lib_cloud/jobs.mli
+++ b/tezt/lib_cloud/jobs.mli
@@ -12,6 +12,7 @@ val deploy_docker_registry : unit -> unit Lwt.t
 val docker_build :
   ?docker_image:Agent.Configuration.docker_image ->
   push:bool ->
+  ssh_public_key:string ->
   unit ->
   unit Lwt.t
 
diff --git a/tezt/lib_cloud/ssh.ml b/tezt/lib_cloud/ssh.ml
index 86d7f429106d..bee0fabcc783 100644
--- a/tezt/lib_cloud/ssh.ml
+++ b/tezt/lib_cloud/ssh.ml
@@ -11,3 +11,16 @@ let generate_key () =
      -N is for the passphrase (no passphrase here)
   *)
   Process.run "ssh-keygen" ["-t"; "rsa"; "-f"; path; "-C"; path; "-N"; ""]
+
+let public_key () =
+  let ssh_public_key_filename = Env.ssh_public_key_filename () in
+  let* () =
+    if not (Sys.file_exists ssh_public_key_filename) then (
+      Log.info "SSH public key not found, creating it..." ;
+      generate_key ())
+    else Lwt.return_unit
+  in
+  let* content =
+    Process.run_and_read_stdout ~name:"cat" "cat" [ssh_public_key_filename]
+  in
+  Lwt.return content
diff --git a/tezt/lib_cloud/ssh.mli b/tezt/lib_cloud/ssh.mli
index c17679024736..594ceedc1146 100644
--- a/tezt/lib_cloud/ssh.mli
+++ b/tezt/lib_cloud/ssh.mli
@@ -8,3 +8,7 @@
 (** [generate_key ()] generates an ssh key based on the [Env.tezt_cloud]
      variable environment. *)
 val generate_key : unit -> unit Lwt.t
+
+(** [ssh_public_key()] returns the ssh public key associated to the generate_key
+    It calls [generate_key] if it does not exist *)
+val public_key : unit -> string Lwt.t
diff --git a/tezt/lib_cloud/tezt_cloud.ml b/tezt/lib_cloud/tezt_cloud.ml
index 2d6407247649..d1ded25c0ba3 100644
--- a/tezt/lib_cloud/tezt_cloud.ml
+++ b/tezt/lib_cloud/tezt_cloud.ml
@@ -42,7 +42,9 @@ let register_docker_push ~tags =
     ~__FILE__
     ~title:"Push the dockerfile to the GCP registry"
     ~tags:("docker" :: "push" :: tags)
-  @@ fun _cloud -> Jobs.docker_build ~push:true ()
+  @@ fun _cloud ->
+  let* ssh_public_key = Ssh.public_key () in
+  Jobs.docker_build ~push:true ~ssh_public_key ()
 
 let register_docker_build ~tags =
   Cloud.register
@@ -50,7 +52,9 @@ let register_docker_build ~tags =
     ~__FILE__
     ~title:"Build the dockerfile"
     ~tags:("docker" :: "build" :: tags)
-  @@ fun _cloud -> Jobs.docker_build ~push:false ()
+  @@ fun _cloud ->
+  let* ssh_public_key = Ssh.public_key () in
+  Jobs.docker_build ~push:false ~ssh_public_key ()
 
 let register_deploy_docker_registry ~tags =
   Cloud.register
-- 
GitLab