From da07300f380c8b3022099c2b82b3784ae54c7645 Mon Sep 17 00:00:00 2001
From: Dusty Mabe <dusty@dustymabe.com>
Date: Mon, 23 Oct 2023 13:17:57 -0400
Subject: [PATCH] stages/ostree.deploy: create ostree_commit_deploy function

This drains some of the logic out of `main()` into a
`ostree_commit_deploy()` function. Doing this will make it easier
to diff this stage with the recently added `ostree.deploy.container`
stage.

This commit also changes the `ref` in the schema to be optional,
which is a fixup for 3cc733d. We need to make the ref optional because
the ref could come from the user in the toplevel schema or it could
come from input commit in the schema.
---
 stages/org.osbuild.ostree.deploy              | 56 +++++++++++--------
 test/data/manifests/fedora-ostree-image.json  |  1 -
 .../manifests/fedora-ostree-image.mpp.yaml    |  1 -
 3 files changed, 33 insertions(+), 25 deletions(-)

diff --git a/stages/org.osbuild.ostree.deploy b/stages/org.osbuild.ostree.deploy
index 1ee25aea..0b49dad3 100755
--- a/stages/org.osbuild.ostree.deploy
+++ b/stages/org.osbuild.ostree.deploy
@@ -31,7 +31,7 @@ CAPABILITIES = ["CAP_MAC_ADMIN"]
 SCHEMA_2 = """
 "options": {
   "additionalProperties": false,
-  "required": ["osname", "ref"],
+  "required": ["osname"],
   "properties": {
     "mounts": {
       "description": "Mount points of the final file system",
@@ -84,8 +84,8 @@ SCHEMA_2 = """
 },
 "inputs": {
   "type": "object",
-  "required": ["commits"],
   "additionalProperties": false,
+  "required": ["commits"],
   "properties": {
     "commits": {
       "type": "object",
@@ -105,33 +105,46 @@ def make_fs_identifier(desc):
     raise ValueError("unknown rootfs type")
 
 
+def ostree_commit_deploy(tree, inputs, osname, remote, ref, kopts):
+    if len(inputs) == 0:
+        if not ref:
+            raise ValueError("ref should be specified in options")
+    elif len(inputs) == 1:
+        if ref:
+            raise ValueError("Should not specify ref if input was specified")
+
+        # If we have an input then we need to pull_local() from the input
+        # first before we deploy.
+        source_repo, commits = ostree.parse_input_commits(inputs["commits"])
+        target_repo = f"{tree}/ostree/repo"
+        for commit, data in commits.items():
+            ref = data.get("ref", commit)
+            ostree.pull_local(source_repo, target_repo, remote, ref)
+
+    if remote:
+        ref = f"{remote}:{ref}"
+
+    kargs = [f'--karg-append={v}' for v in kopts]
+    ostree.cli("admin", "deploy", ref,
+               *kargs, sysroot=tree, os=osname)
+
+
 def main(tree, inputs, options):
     osname = options["osname"]
     rootfs = options.get("rootfs")
     mounts = options.get("mounts", [])
     kopts = options.get("kernel_opts", [])
-    ref = options["ref"]
+    ref = options.get("ref", "")
     remote = options.get("remote")
 
-    # If provided an input then do the pull into the tree
-    if len(inputs) != 0:
-        source_repo, commits = ostree.parse_input_commits(inputs["commits"])
-        target_repo = f"{tree}/ostree/repo"
-        for commit, data in commits.items():
-            loopref = data.get("ref", commit)
-            ostree.pull_local(source_repo, target_repo, remote, loopref)
-
-    if remote:
-        ref = f"{remote}:{ref}"
-
-    kargs = []
+    # schema should catch the case in which there are more
+    # than one input but this adds a second layer of security
+    if len(inputs) > 1:
+        raise ValueError("Only one input accepted")
 
     if rootfs:
         rootfs_id = make_fs_identifier(rootfs)
-        kargs += [f"--karg=root={rootfs_id}"]
-
-    for opt in kopts:
-        kargs += [f"--karg-append={opt}"]
+        kopts += [f"root={rootfs_id}"]
 
     with MountGuard() as mounter:
         for mount in mounts:
@@ -139,10 +152,7 @@ def main(tree, inputs, options):
             path = os.path.join(tree, path)
             mounter.mount(path, path)
 
-        ostree.cli("admin", "deploy", ref,
-                   *kargs,
-                   sysroot=tree,
-                   os=osname)
+        ostree_commit_deploy(tree, inputs, osname, remote, ref, kopts)
 
 
 if __name__ == '__main__':
diff --git a/test/data/manifests/fedora-ostree-image.json b/test/data/manifests/fedora-ostree-image.json
index 24f12714..1c3944de 100644
--- a/test/data/manifests/fedora-ostree-image.json
+++ b/test/data/manifests/fedora-ostree-image.json
@@ -1071,7 +1071,6 @@
           "type": "org.osbuild.ostree.deploy",
           "options": {
             "osname": "fedora",
-            "ref": "fedora/x86_64/osbuild",
             "remote": "osbuild",
             "mounts": [
               "/boot",
diff --git a/test/data/manifests/fedora-ostree-image.mpp.yaml b/test/data/manifests/fedora-ostree-image.mpp.yaml
index 4ac2180a..734e196c 100644
--- a/test/data/manifests/fedora-ostree-image.mpp.yaml
+++ b/test/data/manifests/fedora-ostree-image.mpp.yaml
@@ -58,7 +58,6 @@ pipelines:
       - type: org.osbuild.ostree.deploy
         options:
           osname: fedora
-          ref: fedora/x86_64/osbuild
           remote: osbuild
           mounts:
             - /boot