diff --git a/pkg/compiler/artifact.go b/pkg/compiler/artifact.go index 6bd05df5..b56fed40 100644 --- a/pkg/compiler/artifact.go +++ b/pkg/compiler/artifact.go @@ -36,6 +36,7 @@ import ( . "github.com/mudler/luet/pkg/config" "github.com/mudler/luet/pkg/helpers" . "github.com/mudler/luet/pkg/logger" + pkg "github.com/mudler/luet/pkg/package" "github.com/mudler/luet/pkg/solver" "github.com/pkg/errors" yaml "gopkg.in/yaml.v2" @@ -343,6 +344,16 @@ func (a *PackageArtifact) GetProtectFiles() []string { } } + if a.CompileSpec.GetPackage().HasAnnotation(string(pkg.ConfigProtectAnnnotation)) { + dir, ok := a.CompileSpec.GetPackage().GetAnnotations()[string(pkg.ConfigProtectAnnnotation)] + if ok { + if strings.HasPrefix("/"+file, filepath.Clean(dir)) { + ans = append(ans, file) + goto nextFile + } + } + } + nextFile: } } diff --git a/pkg/package/annotations.go b/pkg/package/annotations.go new file mode 100644 index 00000000..583d4b93 --- /dev/null +++ b/pkg/package/annotations.go @@ -0,0 +1,23 @@ +// Copyright © 2019-2020 Ettore Di Giacinto +// Daniele Rondina +// +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; either version 2 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, see . + +package pkg + +type AnnotationKey string + +const ( + ConfigProtectAnnnotation AnnotationKey = "config_protect" +) diff --git a/tests/fixtures/config_protect_annotation/a/build.yaml b/tests/fixtures/config_protect_annotation/a/build.yaml new file mode 100644 index 00000000..5f3a7469 --- /dev/null +++ b/tests/fixtures/config_protect_annotation/a/build.yaml @@ -0,0 +1,9 @@ +image: "alpine" +prelude: + - echo foo > /test + - echo bar > /test2 +steps: + - echo c > /c + - echo c > /cd + - mkdir /opt/etc + - echo config > /opt/etc/conf diff --git a/tests/fixtures/config_protect_annotation/a/definition.yaml b/tests/fixtures/config_protect_annotation/a/definition.yaml new file mode 100644 index 00000000..573bbc5d --- /dev/null +++ b/tests/fixtures/config_protect_annotation/a/definition.yaml @@ -0,0 +1,5 @@ +category: "test" +name: "a" +version: "1.0" +annotations: + config_protect: "/opt/etc" diff --git a/tests/integration/13_config_protect_annotation.sh b/tests/integration/13_config_protect_annotation.sh new file mode 100755 index 00000000..c45dfb26 --- /dev/null +++ b/tests/integration/13_config_protect_annotation.sh @@ -0,0 +1,106 @@ +#!/bin/bash + +export LUET_NOLOCK=true + +oneTimeSetUp() { +export tmpdir="$(mktemp -d)" +} + + +oneTimeTearDown() { + rm -rf "$tmpdir" +} + +testBuild() { + mkdir $tmpdir/testbuild + luet build --tree "$ROOT_DIR/tests/fixtures/config_protect_annotation" --destination $tmpdir/testbuild --compression gzip test/a + buildst=$? + assertEquals 'builds successfully' "$buildst" "0" + assertTrue 'create package' "[ -e '$tmpdir/testbuild/a-test-1.0.package.tar.gz' ]" +} + +testRepo() { + assertTrue 'no repository' "[ ! -e '$tmpdir/testbuild/repository.yaml' ]" + luet create-repo --tree "$ROOT_DIR/tests/fixtures/config_protect_annotation" \ + --output $tmpdir/testbuild \ + --packages $tmpdir/testbuild \ + --name "test" \ + --descr "Test Repo" \ + --urls $tmpdir/testrootfs \ + --type disk > /dev/null + + createst=$? + assertEquals 'create repo successfully' "$createst" "0" + assertTrue 'create repository' "[ -e '$tmpdir/testbuild/repository.yaml' ]" +} + +testConfig() { + mkdir $tmpdir/testrootfs + + mkdir $tmpdir/config.protect.d + + cat < $tmpdir/config.protect.d/conf1.yml +name: "protect1" +dirs: +- /etc/ +EOF + + cat < $tmpdir/luet.yaml +general: + debug: true +system: + rootfs: $tmpdir/testrootfs + database_path: "/" + database_engine: "boltdb" +config_protect_confdir: + - $tmpdir/config.protect.d +repositories: + - name: "main" + type: "disk" + enable: true + urls: + - "$tmpdir/testbuild" +EOF + luet config --config $tmpdir/luet.yaml + res=$? + assertEquals 'config test successfully' "$res" "0" +} + + + +testInstall() { + # Simulate previous installation + mkdir $tmpdir/testrootfs/opt/etc -p + echo "fakeconf" > $tmpdir/testrootfs/opt/etc/conf + + luet install --config $tmpdir/luet.yaml test/a + installst=$? + assertEquals 'install test successfully' "$installst" "0" + + + # Simulate config protect + assertTrue 'package A installed' "[ -e '$tmpdir/testrootfs/c' ]" + assertTrue 'config protect created' "[ -e '$tmpdir/testrootfs/opt/etc/._cfg0001_conf' ]" +} + + +testUnInstall() { + luet uninstall --full --config $tmpdir/luet.yaml test/a + installst=$? + assertEquals 'uninstall test successfully' "$installst" "0" + assertTrue 'package uninstalled' "[ ! -e '$tmpdir/testrootfs/c' ]" + # TODO: we need remove it or not?? + assertTrue 'config protect created' "[ -e '$tmpdir/testrootfs/opt/etc/._cfg0001_conf' ]" +} + + +testCleanup() { + luet cleanup --config $tmpdir/luet.yaml + installst=$? + assertEquals 'install test successfully' "$installst" "0" + assertTrue 'package installed' "[ ! -e '$tmpdir/testrootfs/packages/a-test-1.0.package.tar.gz' ]" +} + +# Load shUnit2. +. "$ROOT_DIR/tests/integration/shunit2"/shunit2 +