From 0c9c8971a59fe5759aeb2d7465ffe678f2d3c01c Mon Sep 17 00:00:00 2001
From: James Cuzella <james.cuzella@lyraphase.com>
Date: Sat, 1 Feb 2025 17:09:18 -0700
Subject: [PATCH] Adding libvirt qemu+tls:// test-kitchen config

---
 .kitchen.libvirt.qemu-tls.yml              | 87 ++++++++++++++++++++++
 test/fixtures/Vagrantfile.libvirt-qemu-tls | 18 +++++
 2 files changed, 105 insertions(+)
 create mode 100644 .kitchen.libvirt.qemu-tls.yml
 create mode 100644 test/fixtures/Vagrantfile.libvirt-qemu-tls

diff --git a/.kitchen.libvirt.qemu-tls.yml b/.kitchen.libvirt.qemu-tls.yml
new file mode 100644
index 00000000..60c041ee
--- /dev/null
+++ b/.kitchen.libvirt.qemu-tls.yml
@@ -0,0 +1,87 @@
+<%
+# Hack to fix a bug in TK. TK supports using an SSH gateway in its SSH transport, but appears not to support configuring
+# separate keys for the gateway and the destination.
+require 'kitchen/transport/ssh'
+
+GATEWAY_KEYS = ["#{ENV['HOME']}/.ssh/identity.lyra"]
+
+class Kitchen::Transport::Ssh::Connection
+  # Replace this method in TK core with a version that uses the logged in user's key to access the SSH gateway.
+  def establish_connection_via_gateway(opts)
+    retry_connection(opts) do
+      Net::SSH::Gateway.new(ssh_gateway, ssh_gateway_username, options.merge(keys: GATEWAY_KEYS))
+        .ssh(hostname, username, options)
+    end
+  end
+end
+%>
+---
+driver:
+  name: vagrant
+  provider: libvirt
+  vagrantfiles:
+    - 'test/fixtures/Vagrantfile.libvirt-qemu-tls'
+  synced_folders:
+  - [".", "/tmp/kitchen/soloist", "disabled: false, type: 'rsync'"]
+  # TODO: Find & fix bugs in Vagrant where it checks for vagrant-host path... needs to support remote NFS & 9p libvirt mounts
+  # TODO: Fix mount: false setting for 9p
+  # TODO: Fix auto-mount capability for Darwin / macOS... needs mount_9p support (see man mount_9p)
+  #       Need to implement mount_9p_shared_folder capability for macOS / Darwin
+  #       https://github.com/vagrant-libvirt/vagrant-libvirt/search?q=mount_9p_shared_folder
+  # NOTE: For qemu+ssh remote libvirt VM, create a fake directory matching hostpath on the host running vagrant
+  #       In this use case, both hostpath & guestpath live on the same remote libvirt + qemu hypervisor host & VM (guest)
+  # - ["/opt/export/terabyte", "/System/Volumes/Data/terabyte", "hostpath: '/export/terabyte', guestpath: '/System/Volumes/Data/terabyte', disabled: false, type: '9p', mount: false, accessmode: 'squash', owner:'1000'"]
+  # - ["/export/terabyte", "/System/Volumes/Data/terabyte", "disabled: false, type: 'nfs', nfs_export: false, bsd__nfs_options: '-fstype=nfs,nolockd,resvport,hard,bg,intr,rw,tcp,nfc'"]
+#    ssh_gateway_username: trinitronx
+
+#  customize:
+#    memory: 1024
+
+transport:
+  ssh_gateway: saturn.internal
+  ssh_gateway_username: trinitronx
+#  username: vagrant
+
+provisioner:
+#  name: chef_zero
+  transport:
+    ssh_gateway: saturn.internal
+    ssh_gateway_username: trinitronx
+
+#  deprecations_as_errors: true
+  deprecations_as_errors: false
+#  multiple_converge: 2
+#  enforce_idempotency: true
+
+verifier:
+  name: inspec
+## Client error, can't connect to 'ssh' backend: Only one of proxy_command or bastion_host needs to be specified]
+## Apparently the transport ssh_gateway option is actually passed through to InSpec
+#  proxy_command: ssh saturn.local -q0 %h:%p
+
+platforms:
+  - name: ubuntu-20.04
+    driver:
+      box: generic/ubuntu2004
+    lifecycle:
+      pre_converge:
+      - remote: sudo addgroup --system admin
+      - remote: sudo usermod -a -G admin kitchen
+  - name: macos-12-1
+    driver:
+      box: lyraphase-runner/macos-monterey-base
+      box_url: http://saturn.local:8888/lyraphase-runner-macos-monterey-base.box
+      communicator: ssh
+      gui: true
+      customize:
+        memory: 4096
+#        cpus: 2
+
+suites:
+  - name: default
+    run_list:
+      - recipe[sprout-base::default]
+    attributes:
+      mysql_test:
+        version: '8.0'
+#    includes: [ubuntu-20.04, macos-latest]
diff --git a/test/fixtures/Vagrantfile.libvirt-qemu-tls b/test/fixtures/Vagrantfile.libvirt-qemu-tls
new file mode 100644
index 00000000..094594f7
--- /dev/null
+++ b/test/fixtures/Vagrantfile.libvirt-qemu-tls
@@ -0,0 +1,18 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt'
+
+Vagrant.configure("2") do |config|
+
+  #config.ssh.host = 'saturn.local'
+  #config.ssh.port = 2222
+  config.ssh.proxy_command = 'ssh -t -T saturn.internal exec nc -q0 %h %p'
+  config.vm.synced_folder ".", "/tmp/vagrant", disabled: true
+
+  config.vm.provider :libvirt do |libvirt|
+    libvirt.uri = 'qemu+tls://saturn.internal/system'
+    libvirt.system_uri = 'qemu+tls://saturn.internal/system'
+    #libvirt.forward_ssh_port = true
+  end
+end