test: fix user namespace test, TPM2 fixes

Make sure the test runs on a specific node, wait for swtpm to be up.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>

internal/integration/k8s/testdata/usernamespace.yaml

@@ -5,6 +5,7 @@ metadata:
   namespace: default
 spec:
   hostUsers: false
+  nodeName: $NODE$
   containers:
   - name: userns
     command: ["/bin/sh", "-c", "--"]

internal/integration/k8s/usernamespace.go

@@ -96,7 +96,13 @@ func (suite *UserNamespaceSuite) TestUserNamespace() {
 		}
 	}
 
-	usernamespacePodManifest := suite.ParseManifests(userNamespacePodSpec)
+	k8sNode, err := suite.GetK8sNodeByInternalIP(ctx, node)
+	suite.Require().NoError(err)
+
+	suite.T().Logf("testing k8s user namespace on node %q (%q)", node, k8sNode.Name)
+
+	// bind the pod to the node
+	usernamespacePodManifest := suite.ParseManifests(bytes.ReplaceAll(userNamespacePodSpec, []byte("$NODE$"), []byte(k8sNode.Name)))
 
 	suite.T().Cleanup(func() {
 		cleanUpCtx, cleanupCancel := context.WithTimeout(context.Background(), time.Minute)

pkg/provision/providers/qemu/launch.go

@@ -15,6 +15,7 @@ import (
 	"path/filepath"
 	"strconv"
 	"strings"
+	"time"
 
 	"github.com/alexflint/go-filemutex"
 	"github.com/containernetworking/cni/libcni"
@@ -428,6 +429,10 @@ func launchVM(config *LaunchConfig) error {
 			return err
 		}
 
+		if err := waitForFileToExist(tpm2SocketPath, 5*time.Second); err != nil {
+			return err
+		}
+
 		args = append(args,
 			config.ArchitectureData.TPMDeviceArgs(tpm2SocketPath)...,
 		)
@@ -565,3 +570,21 @@ func Launch() error {
 		}
 	})
 }
+
+func waitForFileToExist(path string, timeout time.Duration) error {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	for {
+		select {
+		case <-ctx.Done():
+			return ctx.Err()
+		default:
+			if _, err := os.Stat(path); err == nil {
+				return nil
+			}
+		}
+
+		time.Sleep(100 * time.Millisecond)
+	}
+}