Skip to content

Commit

Permalink
Fix cisProfile option with ignition format
Browse files Browse the repository at this point in the history 
Currently there are some stray tabs which break the rendered output,
replace these with spaces and add some unit test coverage.

Fixes: rancher#401
  • Loading branch information
@hardys
hardys committed Aug 12, 2024
1 parent 480a96d commit 17d5d28
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 3 deletions.
6 changes: 3 additions & 3 deletions bootstrap/internal/ignition/butane/butane.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,9 @@ storage:
{{ . | Indent 10 }}
{{- end }}
{{- if .CISEnabled }}
/opt/rke2-cis-script.sh
{{ end }}
{{- if .CISEnabled }}
/opt/rke2-cis-script.sh
{{ end }}
{{ range .DeployRKE2Commands }}
{{ . | Indent 10 }}
Expand Down
29 changes: 29 additions & 0 deletions bootstrap/internal/ignition/butane/butane_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ limitations under the License.
package butane

import (
"encoding/base64"
"strings"
"testing"

. "github.com/onsi/ginkgo/v2"
Expand Down Expand Up @@ -70,6 +72,7 @@ var _ = Describe("Render", func() {
"test",
},
RKE2Version: "v1.21.3+rke2r1",
CISEnabled: false,
WriteFiles: []bootstrapv1.File{
{
Path: "/test/file",
Expand Down Expand Up @@ -119,6 +122,13 @@ var _ = Describe("Render", func() {

Expect(ign.Systemd.Units).To(HaveLen(3))
Expect(ign.Systemd.Units[0].Name).To(Equal("rke2-install.service"))

// Check rke2-install.sh does not contain the call to rke2-cis-script.sh
scriptContentsEnc := strings.Split(*ign.Storage.Files[3].Contents.Source, ",")[1]
scriptContents, err := base64.StdEncoding.DecodeString(scriptContentsEnc)
Expect(err).ToNot(HaveOccurred())
Expect(scriptContents).ToNot(ContainSubstring("/opt/rke2-cis-script.sh"))

Expect(ign.Systemd.Units[0].Contents).To(Equal(pointer.String("[Unit]\nDescription=rke2-install\nWants=network-online.target\nAfter=network-online.target network.target\nConditionPathExists=!/etc/cluster-api/bootstrap-success.complete\n[Service]\nUser=root\n# To not restart the unit when it exits, as it is expected.\nType=oneshot\nExecStart=/etc/rke2-install.sh\n[Install]\nWantedBy=multi-user.target\n")))
Expect(ign.Systemd.Units[0].Enabled).To(Equal(pointer.Bool(true)))

Expand All @@ -130,6 +140,25 @@ var _ = Describe("Render", func() {
Expect(ign.Systemd.Units[2].Enabled).To(Equal(pointer.Bool(true)))
})

It("should render a valid ignition config with CISEnabled", func() {
input.CISEnabled = true
ignitionJson, err := Render(input, additionalConfig)
Expect(err).ToNot(HaveOccurred())

ign, reports, err := ignition.Parse(ignitionJson)
Expect(err).ToNot(HaveOccurred())
Expect(reports.IsFatal()).To(BeFalse())

Expect(ign.Storage.Files).To(HaveLen(5))
Expect(ign.Storage.Files[3].Path).To(Equal("/etc/rke2-install.sh"))

// Check rke2-install.sh contains the call to rke2-cis-script.sh
scriptContentsEnc := strings.Split(*ign.Storage.Files[3].Contents.Source, ",")[1]
scriptContents, err := base64.StdEncoding.DecodeString(scriptContentsEnc)
Expect(err).ToNot(HaveOccurred())
Expect(scriptContents).To(ContainSubstring("/opt/rke2-cis-script.sh"))
})

It("accepts empty additional config", func() {
additionalConfig = nil
_, err := Render(input, additionalConfig)
Expand Down

0 comments on commit 17d5d28

Please sign in to comment.