terraform: only fetch image for non-marketplace images

edgelesssys · Nov 28, 2023 · b64ee05 · b64ee05
1 parent a24f23c
commit b64ee05
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 10 deletions.
diff --git a/cli/internal/cloudcmd/apply.go b/cli/internal/cloudcmd/apply.go
@@ -127,14 +127,18 @@ func (a *Applier) WorkingDirIsEmpty() (bool, error) {
 }
 
 func (a *Applier) terraformApplyVars(ctx context.Context, conf *config.Config) (terraform.Variables, error) {
-	imageRef, err := a.imageFetcher.FetchReference(
-		ctx,
-		conf.GetProvider(),
-		conf.GetAttestationConfig().GetVariant(),
-		conf.Image, conf.GetRegion(),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("fetching image reference: %w", err)
+	var imageRef string
+	var err error
+	if !conf.UseMarketplaceImage() {
+		imageRef, err = a.imageFetcher.FetchReference(
+			ctx,
+			conf.GetProvider(),
+			conf.GetAttestationConfig().GetVariant(),
+			conf.Image, conf.GetRegion(),
+		)
+		if err != nil {
+			return nil, fmt.Errorf("fetching image reference: %w", err)
+		}
 	}
 
 	switch conf.GetProvider() {

diff --git a/cli/internal/cloudcmd/tfvars.go b/cli/internal/cloudcmd/tfvars.go
@@ -148,7 +148,6 @@ func azureTerraformVars(conf *config.Config, imageRef string) (*terraform.AzureC
 		Name:                 conf.Name,
 		NodeGroups:           nodeGroups,
 		Location:             conf.Provider.Azure.Location,
-		ImageID:              imageRef,
 		CreateMAA:            toPtr(conf.GetAttestationConfig().GetVariant().Equal(variant.AzureSEVSNP{})),
 		Debug:                toPtr(conf.IsDebugCluster()),
 		ConfidentialVM:       toPtr(conf.GetAttestationConfig().GetVariant().Equal(variant.AzureSEVSNP{})),
@@ -159,7 +158,8 @@ func azureTerraformVars(conf *config.Config, imageRef string) (*terraform.AzureC
 		InternalLoadBalancer: conf.InternalLoadBalancer,
 	}
 
-	if conf.Provider.Azure.UseMarketplaceImage != nil {
+	if conf.UseMarketplaceImage() {
+		// If a marketplace image is used, only the marketplace reference is required.
 		imageVersion, err := semver.New(conf.Image)
 		if err != nil {
 			return nil, fmt.Errorf("parsing image version: %w. %s does not look like a valid release image", err, conf.Image)
@@ -171,6 +171,9 @@ func azureTerraformVars(conf *config.Config, imageRef string) (*terraform.AzureC
 			Name:      constants.AzureMarketplaceImagePlan,
 			Version:   imageVersion.StringWithoutPrefix(),
 		}
+	} else {
+		// If not, we need to specify the exact CommunityGalleries/.. image reference.
+		vars.ImageID = imageRef
 	}
 
 	vars = normalizeAzureURIs(vars)

diff --git a/internal/config/config.go b/internal/config/config.go
@@ -692,6 +692,11 @@ func (c *Config) DeployYawolLoadBalancer() bool {
 	return c.Provider.OpenStack != nil && c.Provider.OpenStack.DeployYawolLoadBalancer != nil && *c.Provider.OpenStack.DeployYawolLoadBalancer
 }
 
+// UseMarketplaceImage returns whether a marketplace image should be used.
+func (c *Config) UseMarketplaceImage() bool {
+	return c.Provider.Azure != nil && c.Provider.Azure.UseMarketplaceImage != nil && *c.Provider.Azure.UseMarketplaceImage
+}
+
 // Validate checks the config values and returns validation errors.
 func (c *Config) Validate(force bool) error {
 	trans := ut.New(en.New()).GetFallback()