Merge pull request #17682 from pdostal/sev

PC: Do not define cpu_options when not needed
os-autoinst · Aug 31, 2023 · 3d7784b · 3d7784b
2 parents 7b213fb + 2160567
commit 3d7784b
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/data/publiccloud/terraform/ec2.tf b/data/publiccloud/terraform/ec2.tf
@@ -120,8 +120,11 @@ resource "aws_instance" "openqa" {
         create = var.vm_create_timeout
     }
 
-    cpu_options {
-        amd_sev_snp = var.enable_confidential_vm
+    dynamic "cpu_options" {
+        for_each = var.enable_confidential_vm == "disabled" ? [] : [1]
+        content {
+            amd_sev_snp = var.enable_confidential_vm
+        }
     }
 }
 

diff --git a/lib/publiccloud/ec2.pm b/lib/publiccloud/ec2.pm
@@ -168,6 +168,12 @@ sub upload_img {
     record_info('INFO', "AMI: $ami");    # Show the ami-* number, could be useful
 }
 
+sub terraform_apply {
+    my ($self, %args) = @_;
+    $args{confidential_compute} = get_var("PUBLIC_CLOUD_CONFIDENTIAL_VM", 0);
+    return $self->SUPER::terraform_apply(%args);
+}
+
 sub img_proof {
     my ($self, %args) = @_;