Extend the `luks` schema to support a new `cex` key. When enabled, the
volume key of the LUKS device uses a secure key generated using a CEX
card. The keyfile to unlock the volume is not considered confidential.
Closes: #1693
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
Expand schema for 3_4_exp with an advertisement field to allow for
Ignition to support Tang offline provisioning by passing the supplied
advertisement field during first boot's device bind. Fixes #1474
Fixes #1397, a common configuration error is to create a filesystem over
a whole-disk device rather than a partition. Add a warning for a
filesystem device matching the disk device.
Additionally, another configuration error was identified for a way to
recreate the filesystem on every provision, while the configuration to
do so is valid, it might be done unitionally. Add a warning when
wipeTable is true but wipeFilesystem is false.
Support S3 access point URLs in ARN format as a source.
This allows valid, opaque S3 URLs such as
`s3:arn:aws:s3:us-west-2:123456789012:accesspoint/test/object`
Being able to use this format will allow S3 URLs on different
partitions and lays the foundation to potentially support
multi-region access points in the future.
Fixes https://github.com/coreos/ignition/issues/1091
Signed-off-by: Zeleena Kearney <zeleenak@lyft.com>
Filesystem creation and mounting both ignore filesystems with format
unset, but if the user specified wipeFilesystem or mountOptions that's
clearly not their intent. Fail validation in this case.
The warning was originally added in 424f37b755 because Ignition spec 2
defaulted to mode 0000, which was certainly not what the user wanted.
However, spec 3 defaults to 0755 for dirs and 0644 for files, and is
documented as such. It's therefore reasonable for the user to omit those
fields, and by issuing the warnings we're encouraging the user to write
unnecessarily verbose Ignition configs (or FCCs).
Dedupe the "remote resource" type from the spec. This came up too during
review of the new HTTP headers. They all had more or less the same
fields in common ("source", "verification", "compression", and more
recently "httpHeaders").
One noticeable spec level change from this is that some places now
support compression where they didn't before. Might seem odd to support
compression for e.g. certificate authorities, though it does make the
spec more consistent throughout.
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
This commit adds an ability to use HTTP headers for config-reference,
ca-reference and file-contents structures. This can be useful when a
remote server requires authentication and we have to provide a token
in the header.
Hardlinks to directories are disallowed, so fail to validate if we know
that we're going to. We could even take this a step further and
blacklist /usr, /etc, /tmp etc but those might be symlinks, which would
be ok, so lets not.
Disallow setting storage.files.overwrite = true when
storage.files.contents.source is unspecified (nil). If a user wants to
force an file to be empty they should set source to empty string.
Filesystem entries should not use symlinks that are defined in the
config. These will fail or give the wrong results anyway.
Add unit tests for this.
Remove tests that used to fail that now fail at validation time.
Rework the schema to have all leaf fields be pointer except keys and all
interior nodes not be pointers.
This allows child configs to distinguish between an unspecified field
and a field specified as the go zero value.
This includes making storage.files.contents a normal (non pointer)
struct but making all of its members pointers. Similarly,
storage.files.{user,group} are no longer pointers but
storage.files.{user,group}.name are now pointers.
Finally, convert validation logic to use report.AddOnError() and friends
where appropriate.
- config package should have a Parse() function that accepts any
supported version of the config
- each version package (i.e. config/v3_0_experimental) should only
accept configs of that version
- In the future translation code should be its own subpackage to each
config version package (i.e. under config/vX_Y/translate)
- In the future the config package should handle calling the
translation code explicitly instead of each version package. This
removes the need to vendor more than 1 version if that's all you need.
Creates files and directories with default permissions 0644 and 0755
respectively, when "mode" is not specified in the Ignition config for
the file/directory. This also updates the warning message printed when
the default permissions are applied.
Closes: #582
- Remove filesystem names, make path be the mount path to use in the
initramfs
- Simplify symlink handling now that everything is under /sysroot
- Update unit tests
Drop the networkd section from spec 3.0. networkd is not as widespread
as systemd and everything done in this section can be accomplished in
the files section.
Fixes #638
Ignition should no longer support cloudinit. This is a niche enough use
case where if distros want to support both they can either patch
Ignition to add it back or implement the logic as a seperate piece of
the initramfs.
This change adds support for specifying an S3 Object version ID through
the `?versionId` query parameter, such as:
s3://my-bucket/some/path/my-key?versionId=v3rs10n
