delete default kairos user

config/samples/plural.yaml

@@ -7,8 +7,8 @@ stringData:
   config.json: |
     {
     "auths": {
-    "osbuilder.plrl-dev-aws.onplural.sh": {
+    "https://index.docker.io/v1/": {
-      "auth": "CHANGE_ME"
+      "auth": "CHANGE ME"
         }
       }
     }
@@ -24,8 +24,8 @@ stringData:
     hostname: plural-edge-{{ trunc 10 .MachineID }}
     
     users:
-      - name: "kairos"
+      - name: "test"
-        passwd: kairos
+        passwd: test
         groups: [ "admin" ]
     
     write_files:
@@ -74,12 +74,13 @@ spec:
   cloudConfigRef:
     name: cloud-config
     key: userdata
-  outputImage:
+  exporter:
-    registry: osbuilder.plrl-dev-aws.onplural.sh
+    registry:
-    repository: kairos
+      name: index.docker.io
+      image:
+        repository: test/kairos
         tag: latest
-    username: plural
+      dockerConfigSecretKeyRef:
-    passwordSecretKeyRef:
         name: registry-config
         key: config.json
 

controllers/configmap.go

@@ -0,0 +1,41 @@
+/*
+Copyright 2022.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package controllers
+
+import (
+	osbuilder "github.com/kairos-io/osbuilder/api/v1alpha2"
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+const defaults = `#cloud-config
+stages:
+  boot:
+    - name: "delete kairos"
+      commands:
+        - deluser --remove-home kairos`
+
+func (r *OSArtifactReconciler) genConfigMap(artifact *osbuilder.OSArtifact) *v1.ConfigMap {
+	return &v1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      artifact.Name,
+			Namespace: artifact.Namespace,
+		},
+		Data: map[string]string{
+			"defaults.yaml": defaults,
+		}}
+}

controllers/job.go

@@ -104,6 +104,11 @@ func (r *OSArtifactReconciler) newBuilderPod(pvcName string, artifact *osbuilder
 			MountPath: "/rootfs",
 			SubPath:   "rootfs",
 		},
+		{
+			Name:      "defaults",
+			MountPath: "/defaults.yaml",
+			SubPath:   "defaults.yaml",
+		},
 	}
 
 	if artifact.Spec.CloudConfigRef != nil {
@@ -147,7 +152,7 @@ func (r *OSArtifactReconciler) newBuilderPod(pvcName string, artifact *osbuilder
 				},
 			},
 			{
-				Name: "config",
+				Name: "defaults",
 				VolumeSource: corev1.VolumeSource{
 					ConfigMap: &corev1.ConfigMapVolumeSource{
 						LocalObjectReference: corev1.LocalObjectReference{

controllers/osartifact_controller.go

@@ -161,6 +161,12 @@ func (r *OSArtifactReconciler) createBuilderPod(ctx context.Context, artifact *o
 
 func (r *OSArtifactReconciler) startBuild(ctx context.Context, artifact *osbuilder.OSArtifact) (ctrl.Result, error) {
 	logger := log.FromContext(ctx)
+
+	err := r.CreateConfigMap(ctx, artifact)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+
 	if artifact.Spec.CloudConfigRef != nil {
 		if err := r.Get(ctx, client.ObjectKey{Namespace: artifact.Namespace, Name: artifact.Spec.CloudConfigRef.Name}, &corev1.Secret{}); err != nil {
 			if errors.IsNotFound(err) {
@@ -464,3 +470,20 @@ func (r *OSArtifactReconciler) findOwningArtifact(_ context.Context, obj client.
 
 	return nil
 }
+
+// CreateConfigMap generates a configmap required for building a custom image
+func (r *OSArtifactReconciler) CreateConfigMap(ctx context.Context, artifact *osbuilder.OSArtifact) error {
+	cm := r.genConfigMap(artifact)
+	if cm.Labels == nil {
+		cm.Labels = map[string]string{}
+	}
+	cm.Labels[artifactLabel] = artifact.Name
+	if err := controllerutil.SetOwnerReference(artifact, cm, r.Scheme); err != nil {
+		return err
+	}
+	if err := r.Create(ctx, cm); err != nil && !apierrors.IsAlreadyExists(err) {
+		return err
+	}
+
+	return nil
+}