test/api: split into smaller files

Each cloud now has its own file that's sourced on-demand by the main api.sh
script. The main goal of this commit is to reduce the amount of clutter in
api.sh. I, personally, find 1300 lines of bash overwhelming and I think that
this is a reasonable beginning to start cleaning things up.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>

test/cases/api/gcp.sh

@@ -0,0 +1,162 @@
+#!/usr/bin/bash
+
+source /usr/libexec/tests/osbuild-composer/api/common/common.sh
+
+# Check that needed variables are set to access GCP.
+function checkEnv() {
+  printenv GOOGLE_APPLICATION_CREDENTIALS GCP_BUCKET GCP_REGION GCP_API_TEST_SHARE_ACCOUNT > /dev/null
+}
+
+function cleanup() {
+  # since this function can be called at any time, ensure that we don't expand unbound variables
+  GCP_CMD="${GCP_CMD:-}"
+  GCP_IMAGE_NAME="${GCP_IMAGE_NAME:-}"
+  GCP_INSTANCE_NAME="${GCP_INSTANCE_NAME:-}"
+  GCP_ZONE="${GCP_ZONE:-}"
+
+  if [ -n "$GCP_CMD" ]; then
+    $GCP_CMD compute instances delete --zone="$GCP_ZONE" "$GCP_INSTANCE_NAME"
+    $GCP_CMD compute images delete "$GCP_IMAGE_NAME"
+  fi
+}
+
+
+function installClient() {
+  if ! hash gcloud; then
+    echo "Using 'gcloud' from a container"
+    sudo ${CONTAINER_RUNTIME} pull ${CONTAINER_IMAGE_CLOUD_TOOLS}
+
+    # directory mounted to the container, in which gcloud stores the credentials after logging in
+    GCP_CMD_CREDS_DIR="${WORKDIR}/gcloud_credentials"
+    mkdir "${GCP_CMD_CREDS_DIR}"
+
+    GCP_CMD="sudo ${CONTAINER_RUNTIME} run --rm \
+      -v ${GCP_CMD_CREDS_DIR}:/root/.config/gcloud:Z \
+      -v ${GOOGLE_APPLICATION_CREDENTIALS}:${GOOGLE_APPLICATION_CREDENTIALS}:Z \
+      -v ${WORKDIR}:${WORKDIR}:Z \
+      ${CONTAINER_IMAGE_CLOUD_TOOLS} gcloud --format=json"
+  else
+    echo "Using pre-installed 'gcloud' from the system"
+    GCP_CMD="gcloud --format=json --quiet"
+  fi
+  $GCP_CMD --version
+}
+
+
+function createReqFile() {
+  # constrains for GCP resource IDs:
+  # - max 62 characters
+  # - must be a match of regex '[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}'
+  #
+  # use sha224sum to get predictable 56 characters long testID without invalid characters
+  GCP_TEST_ID_HASH="$(echo -n "$TEST_ID" | sha224sum - | sed -E 's/([a-z0-9])\s+-/\1/')"
+
+  GCP_IMAGE_NAME="image-$GCP_TEST_ID_HASH"
+
+  cat > "$REQUEST_FILE" << EOF
+{
+  "distribution": "$DISTRO",
+  "customizations": {
+    "filesystem": [
+      {
+        "mountpoint": "/var",
+        "min_size": 262144000
+      }
+    ],
+    "payload_repositories": [
+      {
+        "baseurl": "$PAYLOAD_REPO_URL"
+      }
+    ],
+    "packages": [
+      "postgresql",
+      "dummy"
+    ]${SUBSCRIPTION_BLOCK}
+  },
+  "image_request": {
+    "architecture": "$ARCH",
+    "image_type": "${IMAGE_TYPE}",
+    "repositories": $(jq ".\"$ARCH\"" /usr/share/tests/osbuild-composer/repositories/"$DISTRO".json),
+    "upload_options": {
+      "bucket": "${GCP_BUCKET}",
+      "region": "${GCP_REGION}",
+      "image_name": "${GCP_IMAGE_NAME}",
+      "share_with_accounts": ["${GCP_API_TEST_SHARE_ACCOUNT}"]
+    }
+  }
+}
+EOF
+}
+
+
+function checkUploadStatusOptions() {
+  GCP_PROJECT=$(jq -r '.project_id' "$GOOGLE_APPLICATION_CREDENTIALS")
+
+  local IMAGE_NAME
+  IMAGE_NAME=$(echo "$UPLOAD_OPTIONS" | jq -r '.image_name')
+  local PROJECT_ID
+  PROJECT_ID=$(echo "$UPLOAD_OPTIONS" | jq -r '.project_id')
+
+  test "$IMAGE_NAME" = "$GCP_IMAGE_NAME"
+  test "$PROJECT_ID" = "$GCP_PROJECT"
+}
+
+
+# Verify image in Compute Engine on GCP
+function verify() {
+  # Authenticate
+  $GCP_CMD auth activate-service-account --key-file "$GOOGLE_APPLICATION_CREDENTIALS"
+  # Extract and set the default project to be used for commands
+  GCP_PROJECT=$(jq -r '.project_id' "$GOOGLE_APPLICATION_CREDENTIALS")
+  $GCP_CMD config set project "$GCP_PROJECT"
+
+  # Add "gitlab-ci-test" label to the image
+  $GCP_CMD compute images add-labels "$GCP_IMAGE_NAME" --labels=gitlab-ci-test=true
+
+  # Verify that the image was shared
+  SHARE_OK=1
+  $GCP_CMD compute images get-iam-policy "$GCP_IMAGE_NAME" > "$WORKDIR/image-iam-policy.json"
+  SHARED_ACCOUNT=$(jq -r '.bindings[0].members[0]' "$WORKDIR/image-iam-policy.json")
+  SHARED_ROLE=$(jq -r '.bindings[0].role' "$WORKDIR/image-iam-policy.json")
+  if [ "$SHARED_ACCOUNT" != "$GCP_API_TEST_SHARE_ACCOUNT" ] || [ "$SHARED_ROLE" != "roles/compute.imageUser" ]; then
+    SHARE_OK=0
+  fi
+
+  if [ "$SHARE_OK" != 1 ]; then
+    echo "GCP image wasn't shared with the GCP_API_TEST_SHARE_ACCOUNT. 😢"
+    exit 1
+  fi
+
+  # Verify that the image boots and have customizations applied
+  # Create SSH keys to use
+  GCP_SSH_KEY="$WORKDIR/id_google_compute_engine"
+  ssh-keygen -t rsa-sha2-512 -f "$GCP_SSH_KEY" -C "$SSH_USER" -N ""
+  GCP_SSH_METADATA_FILE="$WORKDIR/gcp-ssh-keys-metadata"
+
+  echo "${SSH_USER}:$(cat "$GCP_SSH_KEY".pub)" > "$GCP_SSH_METADATA_FILE"
+
+  # create the instance
+  # resource ID can have max 62 characters, the $GCP_TEST_ID_HASH contains 56 characters
+  GCP_INSTANCE_NAME="vm-$GCP_TEST_ID_HASH"
+
+  # Randomize the used GCP zone to prevent hitting "exhausted resources" error on each test re-run
+  # disable Shellcheck error as the suggested alternatives are less readable for this use case
+  # shellcheck disable=SC2207
+  local GCP_ZONES=($($GCP_CMD compute zones list --filter="region=$GCP_REGION" | jq '.[] | select(.status == "UP") | .name' | tr -d '"' | tr '\n' ' '))
+  GCP_ZONE=${GCP_ZONES[$((RANDOM % ${#GCP_ZONES[@]}))]}
+
+  $GCP_CMD compute instances create "$GCP_INSTANCE_NAME" \
+    --zone="$GCP_ZONE" \
+    --image-project="$GCP_PROJECT" \
+    --image="$GCP_IMAGE_NAME" \
+    --labels=gitlab-ci-test=true \
+    --metadata-from-file=ssh-keys="$GCP_SSH_METADATA_FILE"
+  HOST=$($GCP_CMD compute instances describe "$GCP_INSTANCE_NAME" --zone="$GCP_ZONE" --format='get(networkInterfaces[0].accessConfigs[0].natIP)')
+
+  echo "⏱ Waiting for GCP instance to respond to ssh"
+  _instanceWaitSSH "$HOST"
+
+  # Verify image
+  _ssh="ssh -oStrictHostKeyChecking=no -i $GCP_SSH_KEY $SSH_USER@$HOST"
+  _instanceCheck "$_ssh"
+}