e2e/openssl: fill in missing manifest values for baremetal SNP

e2e/openssl/openssl_test.go

@@ -61,6 +61,8 @@ func TestOpenSSL(t *testing.T) {
 	ct.Init(t, resources)
 	require.True(t, t.Run("generate", ct.Generate), "contrast generate needs to succeed for subsequent tests")
 
+	patchReferenceValues(t, platform, ct)
+
 	require.True(t, t.Run("apply", ct.Apply), "Kubernetes resources need to be applied for subsequent tests")
 
 	require.True(t, t.Run("set", ct.Set), "contrast set needs to succeed for subsequent tests")
@@ -258,3 +260,31 @@ func opensslConnectCmd(addr, caCert string) string {
 		`openssl s_client -connect %s -verify_return_error -x509_strict -CAfile /tls-config/%s -cert /tls-config/certChain.pem -key /tls-config/key.pem </dev/null`,
 		addr, caCert)
 }
+
+func toPtr[T any](t T) *T {
+	return &t
+}
+
+func patchReferenceValues(t *testing.T, platform platforms.Platform, ct *contrasttest.ContrastTest) {
+	if platform == platforms.K3sQEMUSNP {
+		// The generate command doesn't fill in all required fields when
+		// generating a manifest for baremetal SNP. Do that now.
+
+		manifestBytes, err := os.ReadFile(ct.WorkDir + "/manifest.json")
+		require.NoError(t, err)
+		var m manifest.Manifest
+		require.NoError(t, json.Unmarshal(manifestBytes, &m))
+
+		for i, snp := range m.ReferenceValues.SNP {
+			snp.MinimumTCB.BootloaderVersion = toPtr(manifest.SVN(0))
+			snp.MinimumTCB.TEEVersion = toPtr(manifest.SVN(0))
+			snp.MinimumTCB.SNPVersion = toPtr(manifest.SVN(0))
+			snp.MinimumTCB.MicrocodeVersion = toPtr(manifest.SVN(0))
+			m.ReferenceValues.SNP[i] = snp
+		}
+
+		manifestBytes, err = json.Marshal(m)
+		require.NoError(t, err)
+		require.NoError(t, os.WriteFile(ct.WorkDir+"/manifest.json", manifestBytes, 0o644))
+	}
+}