osbuild2: deduplicate userStageOptions()
Use single NewUsersStageOptions() from osbuild2 instead of implementing in each distro.
This commit is contained in:
Achilleas Koutsou
Ondřej Budai
parent
d022a23b8c
commit
ca8b371142
5 changed files with 52 additions and 105 deletions
|
|
@ -415,29 +415,16 @@ func osPipeline(t *imageType,
|
|||
p.AddStage(osbuild.NewGroupsStage(groupStageOptions(groups)))
|
||||
}
|
||||
|
||||
if users := c.GetUsers(); len(users) > 0 {
|
||||
userOptions, err := userStageOptions(users)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if userOptions, err := osbuild.NewUsersStageOptions(c.GetUsers(), false); err != nil {
|
||||
return nil, err
|
||||
} else if userOptions != nil {
|
||||
if t.rpmOstree {
|
||||
// for ostree, writing the key during user creation is redundant
|
||||
// and can cause issues so create users without keys and write them
|
||||
// on first boot
|
||||
userOptionsSansKeys := new(osbuild.UsersStageOptions)
|
||||
userOptionsSansKeys.Users = make(map[string]osbuild.UsersStageOptionsUser, len(userOptions.Users))
|
||||
for name, options := range userOptions.Users {
|
||||
userOptionsSansKeys.Users[name] = osbuild.UsersStageOptionsUser{
|
||||
UID: options.UID,
|
||||
GID: options.GID,
|
||||
Groups: options.Groups,
|
||||
Description: options.Description,
|
||||
Home: options.Home,
|
||||
Shell: options.Shell,
|
||||
Password: options.Password,
|
||||
Key: nil,
|
||||
}
|
||||
userOptionsSansKeys, err := osbuild.NewUsersStageOptions(c.GetUsers(), true)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
p.AddStage(osbuild.NewUsersStage(userOptionsSansKeys))
|
||||
p.AddStage(osbuild.NewFirstBootStage(usersFirstBootOptions(userOptions)))
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ import (
|
|||
|
||||
"github.com/osbuild/osbuild-composer/internal/blueprint"
|
||||
"github.com/osbuild/osbuild-composer/internal/common"
|
||||
"github.com/osbuild/osbuild-composer/internal/crypt"
|
||||
"github.com/osbuild/osbuild-composer/internal/distro"
|
||||
osbuild "github.com/osbuild/osbuild-composer/internal/osbuild2"
|
||||
"github.com/osbuild/osbuild-composer/internal/rpmmd"
|
||||
|
|
@ -47,39 +46,6 @@ func selinuxStageOptions(labelcp bool) *osbuild.SELinuxStageOptions {
|
|||
return options
|
||||
}
|
||||
|
||||
func userStageOptions(users []blueprint.UserCustomization) (*osbuild.UsersStageOptions, error) {
|
||||
options := osbuild.UsersStageOptions{
|
||||
Users: make(map[string]osbuild.UsersStageOptionsUser),
|
||||
}
|
||||
|
||||
for _, c := range users {
|
||||
if c.Password != nil && !crypt.PasswordIsCrypted(*c.Password) {
|
||||
cryptedPassword, err := crypt.CryptSHA512(*c.Password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
c.Password = &cryptedPassword
|
||||
}
|
||||
|
||||
user := osbuild.UsersStageOptionsUser{
|
||||
Groups: c.Groups,
|
||||
Description: c.Description,
|
||||
Home: c.Home,
|
||||
Shell: c.Shell,
|
||||
Password: c.Password,
|
||||
Key: c.Key,
|
||||
}
|
||||
|
||||
user.UID = c.UID
|
||||
user.GID = c.GID
|
||||
|
||||
options.Users[c.Name] = user
|
||||
}
|
||||
|
||||
return &options, nil
|
||||
}
|
||||
|
||||
func usersFirstBootOptions(usersStageOptions *osbuild.UsersStageOptions) *osbuild.FirstBootStageOptions {
|
||||
cmds := make([]string, 0, 3*len(usersStageOptions.Users)+2)
|
||||
// workaround for creating authorized_keys file for user
|
||||
|
|
|
|||
|
|
@ -407,28 +407,16 @@ func osPipeline(t *imageType,
|
|||
p.AddStage(osbuild.NewGroupsStage(groupStageOptions(groups)))
|
||||
}
|
||||
|
||||
if users := c.GetUsers(); len(users) > 0 {
|
||||
userOptions, err := userStageOptions(users)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if userOptions, err := osbuild.NewUsersStageOptions(c.GetUsers(), false); err != nil {
|
||||
return nil, err
|
||||
} else if userOptions != nil {
|
||||
if t.rpmOstree {
|
||||
// for ostree, writing the key during user creation is redundant
|
||||
// and can cause issues so create users without keys and write them
|
||||
// on first boot
|
||||
userOptionsSansKeys := new(osbuild.UsersStageOptions)
|
||||
userOptionsSansKeys.Users = make(map[string]osbuild.UsersStageOptionsUser, len(userOptions.Users))
|
||||
for name, options := range userOptions.Users {
|
||||
userOptionsSansKeys.Users[name] = osbuild.UsersStageOptionsUser{
|
||||
UID: options.UID,
|
||||
GID: options.GID,
|
||||
Groups: options.Groups,
|
||||
Description: options.Description,
|
||||
Home: options.Home,
|
||||
Shell: options.Shell,
|
||||
Password: options.Password,
|
||||
Key: nil,
|
||||
}
|
||||
userOptionsSansKeys, err := osbuild.NewUsersStageOptions(c.GetUsers(), true)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
p.AddStage(osbuild.NewUsersStage(userOptionsSansKeys))
|
||||
p.AddStage(osbuild.NewFirstBootStage(usersFirstBootOptions(userOptions)))
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ import (
|
|||
|
||||
"github.com/osbuild/osbuild-composer/internal/blueprint"
|
||||
"github.com/osbuild/osbuild-composer/internal/common"
|
||||
"github.com/osbuild/osbuild-composer/internal/crypt"
|
||||
"github.com/osbuild/osbuild-composer/internal/distro"
|
||||
osbuild "github.com/osbuild/osbuild-composer/internal/osbuild2"
|
||||
"github.com/osbuild/osbuild-composer/internal/rpmmd"
|
||||
|
|
@ -47,39 +46,6 @@ func selinuxStageOptions(labelcp bool) *osbuild.SELinuxStageOptions {
|
|||
return options
|
||||
}
|
||||
|
||||
func userStageOptions(users []blueprint.UserCustomization) (*osbuild.UsersStageOptions, error) {
|
||||
options := osbuild.UsersStageOptions{
|
||||
Users: make(map[string]osbuild.UsersStageOptionsUser),
|
||||
}
|
||||
|
||||
for _, c := range users {
|
||||
if c.Password != nil && !crypt.PasswordIsCrypted(*c.Password) {
|
||||
cryptedPassword, err := crypt.CryptSHA512(*c.Password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
c.Password = &cryptedPassword
|
||||
}
|
||||
|
||||
user := osbuild.UsersStageOptionsUser{
|
||||
Groups: c.Groups,
|
||||
Description: c.Description,
|
||||
Home: c.Home,
|
||||
Shell: c.Shell,
|
||||
Password: c.Password,
|
||||
Key: c.Key,
|
||||
}
|
||||
|
||||
user.UID = c.UID
|
||||
user.GID = c.GID
|
||||
|
||||
options.Users[c.Name] = user
|
||||
}
|
||||
|
||||
return &options, nil
|
||||
}
|
||||
|
||||
func usersFirstBootOptions(usersStageOptions *osbuild.UsersStageOptions) *osbuild.FirstBootStageOptions {
|
||||
cmds := make([]string, 0, 3*len(usersStageOptions.Users)+2)
|
||||
// workaround for creating authorized_keys file for user
|
||||
|
|
|
|||
|
|
@ -1,5 +1,10 @@
|
|||
package osbuild2
|
||||
|
||||
import (
|
||||
"github.com/osbuild/osbuild-composer/internal/blueprint"
|
||||
"github.com/osbuild/osbuild-composer/internal/crypt"
|
||||
)
|
||||
|
||||
type UsersStageOptions struct {
|
||||
Users map[string]UsersStageOptionsUser `json:"users"`
|
||||
}
|
||||
|
|
@ -23,3 +28,38 @@ func NewUsersStage(options *UsersStageOptions) *Stage {
|
|||
Options: options,
|
||||
}
|
||||
}
|
||||
|
||||
func NewUsersStageOptions(userCustomizations []blueprint.UserCustomization, omitKey bool) (*UsersStageOptions, error) {
|
||||
if len(userCustomizations) == 0 {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
users := make(map[string]UsersStageOptionsUser, len(userCustomizations))
|
||||
for _, uc := range userCustomizations {
|
||||
if uc.Password != nil && !crypt.PasswordIsCrypted(*uc.Password) {
|
||||
cryptedPassword, err := crypt.CryptSHA512(*uc.Password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
uc.Password = &cryptedPassword
|
||||
}
|
||||
|
||||
user := UsersStageOptionsUser{
|
||||
UID: uc.UID,
|
||||
GID: uc.GID,
|
||||
Groups: uc.Groups,
|
||||
Description: uc.Description,
|
||||
Home: uc.Home,
|
||||
Shell: uc.Shell,
|
||||
Password: uc.Password,
|
||||
Key: nil,
|
||||
}
|
||||
if !omitKey {
|
||||
user.Key = uc.Key
|
||||
}
|
||||
users[uc.Name] = user
|
||||
}
|
||||
|
||||
return &UsersStageOptions{Users: users}, nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue