kairos/kairos-agent
1
0
Fork 0
mirror of https://github.com/kairos-io/kairos-agent.git synced 2025-08-18 16:27:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Centralize uki hooks for encryption reasons (#309)

Browse Source
This commit is contained in:
Itxaka 2024-04-24 14:42:51 +00:00 committed by GitHub
parent 0aec09099b
commit d1f65cd334
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
internal/agent/hooks/hook.go
View File

@ -33,8 +33,6 @@ var FirstBoot = []Interface{
// AfterUkiInstall sets which Hooks to run after uki runs the install action // AfterUkiInstall sets which Hooks to run after uki runs the install action
var AfterUkiInstall = []Interface{ var AfterUkiInstall = []Interface{
&BundlePostInstall{},
&CustomMounts{},
&Lifecycle{}, &Lifecycle{},
} }

41
internal/agent/hooks/kcrypt_uki.go
View File

@ -3,10 +3,8 @@ package hook
import ( import (
"fmt" "fmt"
"os" "os"
"path/filepath"
"strconv" "strconv"
"strings" "strings"
"syscall"
"time" "time"
"github.com/kairos-io/kairos-agent/v2/pkg/config" "github.com/kairos-io/kairos-agent/v2/pkg/config"
@ -21,7 +19,7 @@ import (
type KcryptUKI struct{} type KcryptUKI struct{}
func (k KcryptUKI) Run(c config.Config, _ v1.Spec) error { func (k KcryptUKI) Run(c config.Config, spec v1.Spec) error {
// pre-check for systemd version, we need something higher or equal to 252 // pre-check for systemd version, we need something higher or equal to 252
run, err := utils.SH("systemctl --version | head -1 | awk '{ print $2}'") run, err := utils.SH("systemctl --version | head -1 | awk '{ print $2}'")
systemdVersion := strings.TrimSpace(string(run)) systemdVersion := strings.TrimSpace(string(run))
@ -163,33 +161,16 @@ func (k KcryptUKI) Run(c config.Config, _ v1.Spec) error {
return err return err
} }
// Copy logs to persistent partition
c.Logger.Debug("Copying logs to persistent partition")
err = machine.Mount(constants.PersistentLabel, constants.PersistentDir)
if err != nil {
c.Logger.Errorf("could not mount persistent partition: %s", err)
return nil
}
varLog := filepath.Join(constants.PersistentDir, ".state", "var-log.bind")
// Create the directory on persistent
err = fsutils.MkdirAll(c.Fs, varLog, 0755)
if err != nil {
c.Logger.Errorf("could not create directory on persistent partition: %s", err)
return nil
}
// Copy all current logs to the persistent partition
err = internalutils.SyncData(c.Logger, c.Runner, c.Fs, "/var/log/", varLog, []string{}...)
if err != nil {
c.Logger.Errorf("could not copy logs to persistent partition: %s", err)
return nil
}
err = machine.Umount(constants.PersistentDir)
if err != nil {
c.Logger.Errorf("could not unmount persistent partition: %s", err)
return nil
}
syscall.Sync()
c.Logger.Debug("Logs copied to persistent partition")
c.Logger.Logger.Debug().Msg("Finish KcryptUKI hook") c.Logger.Logger.Debug().Msg("Finish KcryptUKI hook")
// We now have the partitions unlocked and ready, lets call the other hooks here instead of closing and reopening them each time
err = BundlePostInstall{}.Run(c, spec)
if err != nil {
return err
}
_ = CustomMounts{}.Run(c, spec)
err = CopyLogs{}.Run(c, spec)
if err != nil {
return err
}
return nil return nil
} }