Config Validation and Units for config validation

hashicorp · Apr 21, 2023 · f839fe0 · f839fe0
1 parent fc2d64b
commit f839fe0
Show file tree

Hide file tree

Showing 4 changed files with 98 additions and 3 deletions.
diff --git a/builder/azure/arm/config.go b/builder/azure/arm/config.go
@@ -1075,8 +1075,13 @@ func assertRequiredParametersSet(c *Config, errs *packersdk.MultiError) {
 		errs = packersdk.MultiErrorAppend(errs, fmt.Errorf("A managed image must be created from a managed image, it cannot be created from a VHD."))
 	}
 
-	if (c.SecureBootEnabled || c.VTpmEnabled) && (c.ManagedImageName != "" || c.ManagedImageResourceGroupName != "") {
-		errs = packersdk.MultiErrorAppend(errs, fmt.Errorf("A managed image (managed_image_name, managed_image_resource_group_name) can not set SecureBoot or VTpm, these features are only supported when directly publishing to a Shared Image Gallery"))
+	if c.ManagedImageName != "" || c.ManagedImageResourceGroupName != "" {
+		if c.SecureBootEnabled || c.VTpmEnabled {
+			errs = packersdk.MultiErrorAppend(errs, fmt.Errorf("A managed image (managed_image_name, managed_image_resource_group_name) can not set SecureBoot or VTpm, these features are only supported when directly publishing to a Shared Image Gallery"))
+		}
+		if c.SharedGalleryDestination.SigDestinationSkipGeneralization {
+			errs = packersdk.MultiErrorAppend(errs, fmt.Errorf("A managed image (managed_image_name, managed_image_resource_group_name) can not be Specialized (shared_image_gallery_destination.skip_generalization can not be set), Specialized images are only supported when directly publishing to a Shared Image Gallery"))
+		}
 	}
 
 	if (c.CaptureContainerName != "" || c.CaptureNamePrefix != "" || c.ManagedImageName != "") && c.DiskEncryptionSetId != "" {

diff --git a/builder/azure/arm/config_test.go b/builder/azure/arm/config_test.go
@@ -1380,6 +1380,36 @@ func TestConfigShouldRejectVTPMWhenPublishingToAManagedImage(t *testing.T) {
 	}
 }
 
+func TestConfigShouldRejectSkipGeneralizeMWhenPublishingToAManagedImage(t *testing.T) {
+	expectedErrorMessage := "A managed image (managed_image_name, managed_image_resource_group_name) can not be Specialized (shared_image_gallery_destination.skip_generalization can not be set), Specialized images are only supported when directly publishing to a Shared Image Gallery"
+	config := map[string]interface{}{
+		"image_offer":                       "ignore",
+		"image_publisher":                   "ignore",
+		"image_sku":                         "ignore",
+		"location":                          "ignore",
+		"subscription_id":                   "ignore",
+		"communicator":                      "none",
+		"managed_image_resource_group_name": "ignore",
+		"managed_image_name":                "ignore",
+		"shared_image_gallery_destination": map[string]interface{}{
+			"resource_group":      "ignore",
+			"gallery_name":        "ignore",
+			"image_name":          "ignore",
+			"image_version":       "1.0.0",
+			"skip_generalization": "true",
+		},
+		// Does not matter for this test case, just pick one.
+		"os_type": constants.Target_Linux,
+	}
+
+	var c Config
+	_, err := c.Prepare(config, getPackerConfiguration())
+	if err == nil {
+		t.Fatal("expected config to reject managed image with secure boot, secure boot is only allowed when direct publishing to SIG")
+	} else if !strings.Contains(err.Error(), expectedErrorMessage) {
+		t.Fatalf("unexpected rejection reason, expected %s to contain %s", err.Error(), expectedErrorMessage)
+	}
+}
 func TestConfigShouldAcceptPlatformManagedImageBuild(t *testing.T) {
 	config := map[string]interface{}{
 		"image_offer":                       "ignore",

diff --git a/builder/azure/arm/step_capture_image.go b/builder/azure/arm/step_capture_image.go
@@ -84,7 +84,7 @@ func (s *StepCaptureImage) Run(ctx context.Context, state multistep.StateBag) mu
 	s.say(fmt.Sprintf(" -> Compute Location          : '%s'", location))
 
 	var err error
-	if skipGeneralization && !isManagedImage && isSIGImage {
+	if skipGeneralization {
 		s.say("Skipping generalization of Compute Gallery Image")
 	} else {
 		s.say("Generalizing machine ...")

diff --git a/builder/azure/arm/step_capture_image_test.go b/builder/azure/arm/step_capture_image_test.go
@@ -65,6 +65,66 @@ func TestStepCaptureImageShouldPassIfCapturePasses(t *testing.T) {
 	}
 }
 
+func TestStepCaptureImageShouldCallGeneralizeIfSkipGeneralizationIsFalse(t *testing.T) {
+	generalizeCount := 0
+	var testSubject = &StepCaptureImage{
+		captureVhd: func(context.Context, string, string, *compute.VirtualMachineCaptureParameters) error { return nil },
+		generalizeVM: func(string, string) error {
+			generalizeCount++
+			return nil
+		},
+		get: func(client *AzureClient) *CaptureTemplate {
+			return nil
+		},
+		say:   func(message string) {},
+		error: func(e error) {},
+	}
+
+	stateBag := createTestStateBagStepCaptureImage()
+	stateBag.Put(constants.ArmSharedImageGalleryDestinationSkipGeneralization, false)
+	var result = testSubject.Run(context.Background(), stateBag)
+	if result != multistep.ActionContinue {
+		t.Fatalf("Expected the step to return 'ActionContinue', but got '%d'.", result)
+	}
+
+	if _, ok := stateBag.GetOk(constants.Error); ok == true {
+		t.Fatalf("Expected the step to not set stateBag['%s'], but it was.", constants.Error)
+	}
+	if generalizeCount != 1 {
+		t.Fatalf("Expected generalize to be called 1, was called %d times", generalizeCount)
+	}
+}
+
+func TestStepCaptureImageShouldNotCallGeneralizeIfSkipGeneralizationIsTrue(t *testing.T) {
+	generalizeCount := 0
+	var testSubject = &StepCaptureImage{
+		captureVhd: func(context.Context, string, string, *compute.VirtualMachineCaptureParameters) error { return nil },
+		generalizeVM: func(string, string) error {
+			generalizeCount++
+			return nil
+		},
+		get: func(client *AzureClient) *CaptureTemplate {
+			return nil
+		},
+		say:   func(message string) {},
+		error: func(e error) {},
+	}
+
+	stateBag := createTestStateBagStepCaptureImage()
+	stateBag.Put(constants.ArmSharedImageGalleryDestinationSkipGeneralization, true)
+	var result = testSubject.Run(context.Background(), stateBag)
+	if result != multistep.ActionContinue {
+		t.Fatalf("Expected the step to return 'ActionContinue', but got '%d'.", result)
+	}
+
+	if _, ok := stateBag.GetOk(constants.Error); ok == true {
+		t.Fatalf("Expected the step to not set stateBag['%s'], but it was.", constants.Error)
+	}
+	if generalizeCount != 0 {
+		t.Fatalf("Expected generalize to not be called, was called %d times", generalizeCount)
+	}
+}
+
 func TestStepCaptureImageShouldTakeStepArgumentsFromStateBag(t *testing.T) {
 	cancelCh := make(chan<- struct{})
 	defer close(cancelCh)