osbuild: generator functions for UsersStage and GroupsStage

Generators for creating UsersStage and GroupsStage from the new internal types. These are almost identical to the existing stage option creation functions. Those will be removed once every use is replaced with the new generators.
2022-09-05 20:16:42 +02:00 · 2022-09-05 20:16:42 +02:00 · 86d9611f98
commit 86d9611f98
parent e8c242db81
2 changed files with 57 additions and 1 deletions
--- a/internal/osbuild/groups_stage.go
+++ b/internal/osbuild/groups_stage.go
@ -1,6 +1,9 @@
 package osbuild

-import "github.com/osbuild/osbuild-composer/internal/blueprint"
+import (
+	"github.com/osbuild/osbuild-composer/internal/blueprint"
+	"github.com/osbuild/osbuild-composer/internal/users"
+)

 type GroupsStageOptions struct {
 	Groups map[string]GroupsStageOptionsGroup `json:"groups"`
@ -32,3 +35,15 @@ func NewGroupsStageOptions(groups []blueprint.GroupCustomization) *GroupsStageOp

 	return &options
 }
+
+func GenGroupsStage(groups []users.Group) *Stage {
+	options := &GroupsStageOptions{
+		Groups: make(map[string]GroupsStageOptionsGroup, len(groups)),
+	}
+	for _, group := range groups {
+		options.Groups[group.Name] = GroupsStageOptionsGroup{
+			GID: group.GID,
+		}
+	}
+	return NewGroupsStage(options)
+}
--- a/internal/osbuild/users_stage.go
+++ b/internal/osbuild/users_stage.go
@ -3,6 +3,7 @@ package osbuild
 import (
 	"github.com/osbuild/osbuild-composer/internal/blueprint"
 	"github.com/osbuild/osbuild-composer/internal/crypt"
+	"github.com/osbuild/osbuild-composer/internal/users"
 )

 type UsersStageOptions struct {
@ -69,3 +70,43 @@ func NewUsersStageOptions(userCustomizations []blueprint.UserCustomization, omit

 	return &UsersStageOptions{Users: users}, nil
 }
+
+func GenUsersStage(users []users.User, omitKey bool) (*Stage, error) {
+	options := &UsersStageOptions{
+		Users: make(map[string]UsersStageOptionsUser, len(users)),
+	}
+
+	for _, user := range users {
+		// Don't hash empty passwords, set to nil to lock account
+		if user.Password != nil && len(*user.Password) == 0 {
+			user.Password = nil
+		}
+
+		// Hash non-empty un-hashed passwords
+		if user.Password != nil && !crypt.PasswordIsCrypted(*user.Password) {
+			cryptedPassword, err := crypt.CryptSHA512(*user.Password)
+			if err != nil {
+				return nil, err
+			}
+
+			user.Password = &cryptedPassword
+		}
+
+		userOptions := UsersStageOptionsUser{
+			UID:         user.UID,
+			GID:         user.GID,
+			Groups:      user.Groups,
+			Description: user.Description,
+			Home:        user.Home,
+			Shell:       user.Shell,
+			Password:    user.Password,
+			Key:         nil,
+		}
+		if !omitKey {
+			userOptions.Key = user.Key
+		}
+		options.Users[user.Name] = userOptions
+	}
+
+	return NewUsersStage(options), nil
+}