From 17d5d28ae6f2e794f219e3b9698aad308255ef0b Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Mon, 12 Aug 2024 11:31:44 +0100 Subject: [PATCH] Fix cisProfile option with ignition format Currently there are some stray tabs which break the rendered output, replace these with spaces and add some unit test coverage. Fixes: #401 --- bootstrap/internal/ignition/butane/butane.go | 6 ++-- .../internal/ignition/butane/butane_test.go | 29 +++++++++++++++++++ 2 files changed, 32 insertions(+), 3 deletions(-) diff --git a/bootstrap/internal/ignition/butane/butane.go b/bootstrap/internal/ignition/butane/butane.go index cd81310c..4470bf9d 100644 --- a/bootstrap/internal/ignition/butane/butane.go +++ b/bootstrap/internal/ignition/butane/butane.go @@ -114,9 +114,9 @@ storage: {{ . | Indent 10 }} {{- end }} - {{- if .CISEnabled }} - /opt/rke2-cis-script.sh - {{ end }} + {{- if .CISEnabled }} + /opt/rke2-cis-script.sh + {{ end }} {{ range .DeployRKE2Commands }} {{ . | Indent 10 }} diff --git a/bootstrap/internal/ignition/butane/butane_test.go b/bootstrap/internal/ignition/butane/butane_test.go index b64c1061..25757435 100644 --- a/bootstrap/internal/ignition/butane/butane_test.go +++ b/bootstrap/internal/ignition/butane/butane_test.go @@ -18,6 +18,8 @@ limitations under the License. package butane import ( + "encoding/base64" + "strings" "testing" . "github.com/onsi/ginkgo/v2" @@ -70,6 +72,7 @@ var _ = Describe("Render", func() { "test", }, RKE2Version: "v1.21.3+rke2r1", + CISEnabled: false, WriteFiles: []bootstrapv1.File{ { Path: "/test/file", @@ -119,6 +122,13 @@ var _ = Describe("Render", func() { Expect(ign.Systemd.Units).To(HaveLen(3)) Expect(ign.Systemd.Units[0].Name).To(Equal("rke2-install.service")) + + // Check rke2-install.sh does not contain the call to rke2-cis-script.sh + scriptContentsEnc := strings.Split(*ign.Storage.Files[3].Contents.Source, ",")[1] + scriptContents, err := base64.StdEncoding.DecodeString(scriptContentsEnc) + Expect(err).ToNot(HaveOccurred()) + Expect(scriptContents).ToNot(ContainSubstring("/opt/rke2-cis-script.sh")) + Expect(ign.Systemd.Units[0].Contents).To(Equal(pointer.String("[Unit]\nDescription=rke2-install\nWants=network-online.target\nAfter=network-online.target network.target\nConditionPathExists=!/etc/cluster-api/bootstrap-success.complete\n[Service]\nUser=root\n# To not restart the unit when it exits, as it is expected.\nType=oneshot\nExecStart=/etc/rke2-install.sh\n[Install]\nWantedBy=multi-user.target\n"))) Expect(ign.Systemd.Units[0].Enabled).To(Equal(pointer.Bool(true))) @@ -130,6 +140,25 @@ var _ = Describe("Render", func() { Expect(ign.Systemd.Units[2].Enabled).To(Equal(pointer.Bool(true))) }) + It("should render a valid ignition config with CISEnabled", func() { + input.CISEnabled = true + ignitionJson, err := Render(input, additionalConfig) + Expect(err).ToNot(HaveOccurred()) + + ign, reports, err := ignition.Parse(ignitionJson) + Expect(err).ToNot(HaveOccurred()) + Expect(reports.IsFatal()).To(BeFalse()) + + Expect(ign.Storage.Files).To(HaveLen(5)) + Expect(ign.Storage.Files[3].Path).To(Equal("/etc/rke2-install.sh")) + + // Check rke2-install.sh contains the call to rke2-cis-script.sh + scriptContentsEnc := strings.Split(*ign.Storage.Files[3].Contents.Source, ",")[1] + scriptContents, err := base64.StdEncoding.DecodeString(scriptContentsEnc) + Expect(err).ToNot(HaveOccurred()) + Expect(scriptContents).To(ContainSubstring("/opt/rke2-cis-script.sh")) + }) + It("accepts empty additional config", func() { additionalConfig = nil _, err := Render(input, additionalConfig)