From cac525059e0d7cc8a2c7e6822b6d75dc8c64f807 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fabiano.fidencio@intel.com>
Date: Mon, 3 Jun 2024 16:28:38 +0200
Subject: [PATCH] ci: kbs: tdx: Use the hostname ip instead of localhost for
 the PCCS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We must ensure we use the host ip to connect to the PCCS running on the
host side, instead of using localhost (which has a different meaning
from inside the KBS pod).

The reason we're using `hostname -i` isntead of the helper functions, is
because the helper functions need the coco-kbs deployed for them to
work, and what we do is before the deployment.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
---
 tests/integration/kubernetes/confidential_kbs.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/integration/kubernetes/confidential_kbs.sh b/tests/integration/kubernetes/confidential_kbs.sh
index 640de6f196..b674c18cfb 100644
--- a/tests/integration/kubernetes/confidential_kbs.sh
+++ b/tests/integration/kubernetes/confidential_kbs.sh
@@ -251,7 +251,7 @@ function kbs_k8s_deploy() {
 		echo "Setting up custom PCCS for TDX"
 		cat <<- EOF > "${COCO_KBS_DIR}/config/kubernetes/custom_pccs/sgx_default_qcnl.conf"
 {
- "pccs_url": "https://localhost:8081/sgx/certification/v4/",
+ "pccs_url": "https://$(hostname -i):8081/sgx/certification/v4/",
 
  // To accept insecure HTTPS certificate, set this option to false
  "use_secure_cert": false