From 519ec0ec61d069c78cb8903740fdb313a069f3e2 Mon Sep 17 00:00:00 2001 From: Adrian Dombeck Date: Thu, 5 Feb 2026 21:14:51 +0100 Subject: [PATCH 1/2] e2e-tests/vm: Fix usage message of ssh.sh --- e2e-tests/vm/ssh.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/e2e-tests/vm/ssh.sh b/e2e-tests/vm/ssh.sh index 679ed0d285..0e7429f103 100755 --- a/e2e-tests/vm/ssh.sh +++ b/e2e-tests/vm/ssh.sh @@ -4,20 +4,19 @@ set -euo pipefail usage(){ cat << EOF +Usage: $0 --release [ssh options] - Usage: $0 --release [ssh options] +SSH into the e2e-test VM for the specified Ubuntu release. - SSH into the e2e-test VM for the specified Ubuntu release. - - Example: - $0 --release questing +Example: + $0 --release questing EOF } while [[ $# -gt 0 ]]; do case $1 in -h|--help) - print_usage + usage exit 0 ;; --release|-r) From eb2283939b2e2888a9c7b826e19c37b672d6bfda Mon Sep 17 00:00:00 2001 From: Adrian Dombeck Date: Thu, 5 Feb 2026 21:19:02 +0100 Subject: [PATCH 2/2] e2e-tests: Connect to VM without SSH key The SSH public key setup made things complex and caused the tests to fail on Dependabot PRs because the CI secrets are not available there. Let's simplify things and just allow SSH connections to the VM without an SSH key or password. --- e2e-tests/vm/cloud-init-template-noble.yaml | 9 ++++++--- e2e-tests/vm/cloud-init-template-questing.yaml | 4 +--- e2e-tests/vm/config.sh.template | 1 - e2e-tests/vm/provision-ubuntu.sh | 15 ++------------- 4 files changed, 9 insertions(+), 20 deletions(-) diff --git a/e2e-tests/vm/cloud-init-template-noble.yaml b/e2e-tests/vm/cloud-init-template-noble.yaml index 76e811f300..bd47a53c91 100644 --- a/e2e-tests/vm/cloud-init-template-noble.yaml +++ b/e2e-tests/vm/cloud-init-template-noble.yaml @@ -9,12 +9,10 @@ users: groups: sudo homedir: /home/ubuntu shell: /bin/bash - ssh_authorized_keys: - - ${SSH_PUBLIC_KEY} chpasswd: expire: false users: - - {name: ubuntu, password: ubuntu, type: text} + - {name: ubuntu, password: '', type: text} package_update: true package_upgrade: true @@ -68,6 +66,11 @@ write_files: Match User *@* KbdInteractiveAuthentication yes + - path: /etc/ssh/sshd_config.d/password-auth.conf + content: | + PermitEmptyPasswords yes + PasswordAuthentication yes + # Bind sshd to VSOCK socket - path: /etc/systemd/system/sshd-vsock.service content: | diff --git a/e2e-tests/vm/cloud-init-template-questing.yaml b/e2e-tests/vm/cloud-init-template-questing.yaml index 3a1eb731b1..b441a0c98b 100644 --- a/e2e-tests/vm/cloud-init-template-questing.yaml +++ b/e2e-tests/vm/cloud-init-template-questing.yaml @@ -9,12 +9,10 @@ users: groups: sudo homedir: /home/ubuntu shell: /bin/bash - ssh_authorized_keys: - - ${SSH_PUBLIC_KEY} chpasswd: expire: false users: - - {name: ubuntu, password: ubuntu, type: text} + - {name: ubuntu, password: '', type: text} package_update: true package_upgrade: true diff --git a/e2e-tests/vm/config.sh.template b/e2e-tests/vm/config.sh.template index 3f624408bc..2e8d7e9fbf 100644 --- a/e2e-tests/vm/config.sh.template +++ b/e2e-tests/vm/config.sh.template @@ -1,7 +1,6 @@ # Provisioning configuration file for authd end-to-end tests # Copy this template to config.sh and customize the values for your environment. -export SSH_PUBLIC_KEY_FILE="${HOME}/.ssh/id_rsa.pub" export VM_NAME_BASE=e2e-runner export RELEASE=questing export BROKERS=authd-msentraid,authd-google diff --git a/e2e-tests/vm/provision-ubuntu.sh b/e2e-tests/vm/provision-ubuntu.sh index dddf32d723..1321d3c8e4 100755 --- a/e2e-tests/vm/provision-ubuntu.sh +++ b/e2e-tests/vm/provision-ubuntu.sh @@ -71,18 +71,7 @@ fi # shellcheck source=lib/libprovision.sh source "${LIB_DIR}/libprovision.sh" -assert_env_vars RELEASE VM_NAME_BASE SSH_PUBLIC_KEY_FILE - -# Validate SSH public key file -if [ ! -f "${SSH_PUBLIC_KEY_FILE}" ]; then - echo "SSH public key file not found: ${SSH_PUBLIC_KEY_FILE}" - exit 1 -fi - -if [[ "${SSH_PUBLIC_KEY_FILE}" != *.pub ]]; then - echo "SSH public key file must have a .pub extension" - exit 1 -fi +assert_env_vars RELEASE VM_NAME_BASE # Cache sudo password early sudo -v @@ -163,7 +152,7 @@ if [ ! -f "${CLOUD_INIT_ISO}" ]; then SOCAT_ADDRESS="TCP-LISTEN:55000,bind=0.0.0.0,reuseaddr" fi - SSH_PUBLIC_KEY=$(cat "${SSH_PUBLIC_KEY_FILE}") \ + env \ SOCAT_ADDRESS="${SOCAT_ADDRESS}" \ envsubst < "${CLOUD_INIT_TEMPLATE}" > "${CLOUD_INIT_DIR}/user-data"