osbuild2: deduplicate userStageOptions()

Use single NewUsersStageOptions() from osbuild2 instead of implementing
in each distro.

internal/distro/rhel86/pipelines.go

@@ -415,29 +415,16 @@ func osPipeline(t *imageType,
 		p.AddStage(osbuild.NewGroupsStage(groupStageOptions(groups)))
 	}
 
-	if users := c.GetUsers(); len(users) > 0 {
+	if userOptions, err := osbuild.NewUsersStageOptions(c.GetUsers(), false); err != nil {
-		userOptions, err := userStageOptions(users)
-		if err != nil {
 		return nil, err
-		}
+	} else if userOptions != nil {
-
 		if t.rpmOstree {
 			// for ostree, writing the key during user creation is redundant
 			// and can cause issues so create users without keys and write them
 			// on first boot
-			userOptionsSansKeys := new(osbuild.UsersStageOptions)
+			userOptionsSansKeys, err := osbuild.NewUsersStageOptions(c.GetUsers(), true)
-			userOptionsSansKeys.Users = make(map[string]osbuild.UsersStageOptionsUser, len(userOptions.Users))
+			if err != nil {
-			for name, options := range userOptions.Users {
+				return nil, err
-				userOptionsSansKeys.Users[name] = osbuild.UsersStageOptionsUser{
-					UID:         options.UID,
-					GID:         options.GID,
-					Groups:      options.Groups,
-					Description: options.Description,
-					Home:        options.Home,
-					Shell:       options.Shell,
-					Password:    options.Password,
-					Key:         nil,
-				}
 			}
 			p.AddStage(osbuild.NewUsersStage(userOptionsSansKeys))
 			p.AddStage(osbuild.NewFirstBootStage(usersFirstBootOptions(userOptions)))

internal/distro/rhel86/stage_options.go

@@ -7,7 +7,6 @@ import (
 
 	"github.com/osbuild/osbuild-composer/internal/blueprint"
 	"github.com/osbuild/osbuild-composer/internal/common"
-	"github.com/osbuild/osbuild-composer/internal/crypt"
 	"github.com/osbuild/osbuild-composer/internal/distro"
 	osbuild "github.com/osbuild/osbuild-composer/internal/osbuild2"
 	"github.com/osbuild/osbuild-composer/internal/rpmmd"
@@ -47,39 +46,6 @@ func selinuxStageOptions(labelcp bool) *osbuild.SELinuxStageOptions {
 	return options
 }
 
-func userStageOptions(users []blueprint.UserCustomization) (*osbuild.UsersStageOptions, error) {
-	options := osbuild.UsersStageOptions{
-		Users: make(map[string]osbuild.UsersStageOptionsUser),
-	}
-
-	for _, c := range users {
-		if c.Password != nil && !crypt.PasswordIsCrypted(*c.Password) {
-			cryptedPassword, err := crypt.CryptSHA512(*c.Password)
-			if err != nil {
-				return nil, err
-			}
-
-			c.Password = &cryptedPassword
-		}
-
-		user := osbuild.UsersStageOptionsUser{
-			Groups:      c.Groups,
-			Description: c.Description,
-			Home:        c.Home,
-			Shell:       c.Shell,
-			Password:    c.Password,
-			Key:         c.Key,
-		}
-
-		user.UID = c.UID
-		user.GID = c.GID
-
-		options.Users[c.Name] = user
-	}
-
-	return &options, nil
-}
-
 func usersFirstBootOptions(usersStageOptions *osbuild.UsersStageOptions) *osbuild.FirstBootStageOptions {
 	cmds := make([]string, 0, 3*len(usersStageOptions.Users)+2)
 	// workaround for creating authorized_keys file for user

internal/distro/rhel90/pipelines.go

@@ -407,28 +407,16 @@ func osPipeline(t *imageType,
 		p.AddStage(osbuild.NewGroupsStage(groupStageOptions(groups)))
 	}
 
-	if users := c.GetUsers(); len(users) > 0 {
+	if userOptions, err := osbuild.NewUsersStageOptions(c.GetUsers(), false); err != nil {
-		userOptions, err := userStageOptions(users)
-		if err != nil {
 		return nil, err
-		}
+	} else if userOptions != nil {
 		if t.rpmOstree {
 			// for ostree, writing the key during user creation is redundant
 			// and can cause issues so create users without keys and write them
 			// on first boot
-			userOptionsSansKeys := new(osbuild.UsersStageOptions)
+			userOptionsSansKeys, err := osbuild.NewUsersStageOptions(c.GetUsers(), true)
-			userOptionsSansKeys.Users = make(map[string]osbuild.UsersStageOptionsUser, len(userOptions.Users))
+			if err != nil {
-			for name, options := range userOptions.Users {
+				return nil, err
-				userOptionsSansKeys.Users[name] = osbuild.UsersStageOptionsUser{
-					UID:         options.UID,
-					GID:         options.GID,
-					Groups:      options.Groups,
-					Description: options.Description,
-					Home:        options.Home,
-					Shell:       options.Shell,
-					Password:    options.Password,
-					Key:         nil,
-				}
 			}
 			p.AddStage(osbuild.NewUsersStage(userOptionsSansKeys))
 			p.AddStage(osbuild.NewFirstBootStage(usersFirstBootOptions(userOptions)))

internal/distro/rhel90/stage_options.go

@@ -7,7 +7,6 @@ import (
 
 	"github.com/osbuild/osbuild-composer/internal/blueprint"
 	"github.com/osbuild/osbuild-composer/internal/common"
-	"github.com/osbuild/osbuild-composer/internal/crypt"
 	"github.com/osbuild/osbuild-composer/internal/distro"
 	osbuild "github.com/osbuild/osbuild-composer/internal/osbuild2"
 	"github.com/osbuild/osbuild-composer/internal/rpmmd"
@@ -47,39 +46,6 @@ func selinuxStageOptions(labelcp bool) *osbuild.SELinuxStageOptions {
 	return options
 }
 
-func userStageOptions(users []blueprint.UserCustomization) (*osbuild.UsersStageOptions, error) {
-	options := osbuild.UsersStageOptions{
-		Users: make(map[string]osbuild.UsersStageOptionsUser),
-	}
-
-	for _, c := range users {
-		if c.Password != nil && !crypt.PasswordIsCrypted(*c.Password) {
-			cryptedPassword, err := crypt.CryptSHA512(*c.Password)
-			if err != nil {
-				return nil, err
-			}
-
-			c.Password = &cryptedPassword
-		}
-
-		user := osbuild.UsersStageOptionsUser{
-			Groups:      c.Groups,
-			Description: c.Description,
-			Home:        c.Home,
-			Shell:       c.Shell,
-			Password:    c.Password,
-			Key:         c.Key,
-		}
-
-		user.UID = c.UID
-		user.GID = c.GID
-
-		options.Users[c.Name] = user
-	}
-
-	return &options, nil
-}
-
 func usersFirstBootOptions(usersStageOptions *osbuild.UsersStageOptions) *osbuild.FirstBootStageOptions {
 	cmds := make([]string, 0, 3*len(usersStageOptions.Users)+2)
 	// workaround for creating authorized_keys file for user

internal/osbuild2/users_stage.go

@@ -1,5 +1,10 @@
 package osbuild2
 
+import (
+	"github.com/osbuild/osbuild-composer/internal/blueprint"
+	"github.com/osbuild/osbuild-composer/internal/crypt"
+)
+
 type UsersStageOptions struct {
 	Users map[string]UsersStageOptionsUser `json:"users"`
 }
@@ -23,3 +28,38 @@ func NewUsersStage(options *UsersStageOptions) *Stage {
 		Options: options,
 	}
 }
+
+func NewUsersStageOptions(userCustomizations []blueprint.UserCustomization, omitKey bool) (*UsersStageOptions, error) {
+	if len(userCustomizations) == 0 {
+		return nil, nil
+	}
+
+	users := make(map[string]UsersStageOptionsUser, len(userCustomizations))
+	for _, uc := range userCustomizations {
+		if uc.Password != nil && !crypt.PasswordIsCrypted(*uc.Password) {
+			cryptedPassword, err := crypt.CryptSHA512(*uc.Password)
+			if err != nil {
+				return nil, err
+			}
+
+			uc.Password = &cryptedPassword
+		}
+
+		user := UsersStageOptionsUser{
+			UID:         uc.UID,
+			GID:         uc.GID,
+			Groups:      uc.Groups,
+			Description: uc.Description,
+			Home:        uc.Home,
+			Shell:       uc.Shell,
+			Password:    uc.Password,
+			Key:         nil,
+		}
+		if !omitKey {
+			user.Key = uc.Key
+		}
+		users[uc.Name] = user
+	}
+
+	return &UsersStageOptions{Users: users}, nil
+}