openshift/v4.15: Remove GRUB password support

coreos · Feb 16, 2024 · cd75f80 · cd75f80
1 parent 3d5c911
commit cd75f80
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 115 deletions.
diff --git a/config/openshift/v4_15/translate.go b/config/openshift/v4_15/translate.go
@@ -117,7 +117,6 @@ func (c Config) ToMachineConfig4_15Unvalidated(options common.TranslateOptions)
 	if r.IsFatal() {
 		return result.MachineConfig{}, ts, r
 	}
-	ts = translateUserGrubCfg(&cfg, &ts)
 
 	// wrap
 	ts = ts.PrefixPaths(path.New("yaml"), path.New("json", "spec", "config"))
@@ -302,26 +301,3 @@ func validateMCOSupport(mc result.MachineConfig) report.Report {
 	}
 	return r
 }
-
-// fcos config generates a user.cfg file using append; however, OpenShift config
-// does not support append (since MCO does not support it). Let change the file to use contents
-func translateUserGrubCfg(config *types.Config, ts *translate.TranslationSet) translate.TranslationSet {
-	newMappings := translate.NewTranslationSet("json", "json")
-	for i, file := range config.Storage.Files {
-		if file.Path == "/boot/grub2/user.cfg" {
-			if len(file.Append) != 1 {
-				// The number of append objects was different from expected, this file
-				// was created by the user and not via butane GRUB sugar
-				return *ts
-			}
-			fromPath := path.New("json", "storage", "files", i, "append", 0)
-			translatedPath := path.New("json", "storage", "files", i, "contents")
-			config.Storage.Files[i].FileEmbedded1.Contents = file.Append[0]
-			config.Storage.Files[i].FileEmbedded1.Append = nil
-			newMappings.AddFromCommonObject(fromPath, translatedPath, config.Storage.Files[i].FileEmbedded1.Contents)
-
-			return ts.Map(newMappings)
-		}
-	}
-	return *ts
-}
diff --git a/config/openshift/v4_15/translate_test.go b/config/openshift/v4_15/translate_test.go
@@ -272,89 +272,6 @@ func TestTranslateConfig(t *testing.T) {
 				{From: path.New("yaml", "openshift", "fips"), To: path.New("json", "spec", "fips")},
 			},
 		},
-		// Test Grub config
-		{
-			Config{
-				Metadata: Metadata{
-					Name: "z",
-					Labels: map[string]string{
-						ROLE_LABEL_KEY: "z",
-					},
-				},
-				Config: fcos.Config{
-					Grub: fcos.Grub{
-						Users: []fcos.GrubUser{
-							{
-								Name:         "root",
-								PasswordHash: util.StrToPtr("grub.pbkdf2.sha512.10000.874A958E526409..."),
-							},
-						},
-					},
-				},
-			},
-			result.MachineConfig{
-				ApiVersion: result.MC_API_VERSION,
-				Kind:       result.MC_KIND,
-				Metadata: result.Metadata{
-					Name: "z",
-					Labels: map[string]string{
-						ROLE_LABEL_KEY: "z",
-					},
-				},
-				Spec: result.Spec{
-					Config: types.Config{
-						Ignition: types.Ignition{
-							Version: "3.4.0",
-						},
-						Storage: types.Storage{
-							Filesystems: []types.Filesystem{
-								{
-									Device: "/dev/disk/by-label/boot",
-									Format: util.StrToPtr("ext4"),
-									Path:   util.StrToPtr("/boot"),
-								},
-							},
-							Files: []types.File{
-								{
-									Node: types.Node{
-										Path: "/boot/grub2/user.cfg",
-									},
-									FileEmbedded1: types.FileEmbedded1{
-										Contents: types.Resource{
-											Source:      util.StrToPtr("data:,%23%20Generated%20by%20Butane%0A%0Aset%20superusers%3D%22root%22%0Apassword_pbkdf2%20root%20grub.pbkdf2.sha512.10000.874A958E526409...%0A"),
-											Compression: util.StrToPtr(""),
-										},
-									},
-								},
-							},
-						},
-					},
-				},
-			},
-			[]translate.Translation{
-				{From: path.New("yaml", "version"), To: path.New("json", "apiVersion")},
-				{From: path.New("yaml", "version"), To: path.New("json", "kind")},
-				{From: path.New("yaml", "version"), To: path.New("json", "spec")},
-				{From: path.New("yaml"), To: path.New("json", "spec", "config")},
-				{From: path.New("yaml", "ignition"), To: path.New("json", "spec", "config", "ignition")},
-				{From: path.New("yaml", "version"), To: path.New("json", "spec", "config", "ignition", "version")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0)},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "path")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "device")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "filesystems", 0, "format")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0)},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "path")},
-				// "append" field is a remnant of translations performed in fcos config
-				// TODO: add a delete function to translation.TranslationSet and delete "append" translation
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "append")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents", "source")},
-				{From: path.New("yaml", "grub", "users"), To: path.New("json", "spec", "config", "storage", "files", 0, "contents", "compression")},
-			},
-		},
 	}
 
 	for i, test := range tests {

diff --git a/docs/config-openshift-v4_15.md b/docs/config-openshift-v4_15.md
@@ -167,10 +167,10 @@ The OpenShift configuration is a YAML document conforming to the following speci
     * **_discard_** (boolean): whether to issue discard commands to the underlying block device when blocks are freed. Enabling this improves performance and device longevity on SSDs and space utilization on thinly provisioned SAN devices, but leaks information about which disk blocks contain data. If omitted, it defaults to false.
   * **_mirror_** (object): describes mirroring of the boot disk for fault tolerance.
     * **_devices_** (list of strings): the list of whole-disk devices (not partitions) to include in the disk array, referenced by their absolute path. At least two devices must be specified.
-* **_grub_** (object): describes the desired GRUB bootloader configuration.
-  * **_users_** (list of objects): the list of GRUB superusers.
-    * **name** (string): the user name.
-    * **password_hash** (string): the PBKDF2 password hash, generated with `grub2-mkpasswd-pbkdf2`.
+* **_grub_** (object): Unsupported
+  * **_users_** (list of objects): Unsupported
+    * **name** (string): Unsupported
+    * **password_hash** (string): Unsupported
 * **_openshift_** (object): describes miscellaneous OpenShift configuration. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config.
   * **_kernel_type_** (string): which kernel to use on the node. Must be `default` or `realtime`.
   * **_kernel_arguments_** (list of strings): arguments to be added to the kernel command line.

diff --git a/internal/doc/butane.yaml b/internal/doc/butane.yaml
@@ -357,7 +357,7 @@ root:
           replacement: "Unsupported"
           if:
             - variant: openshift
-              max: 4.14.0
+              max: 4.15.0
       children:
         - name: users
           desc: the list of GRUB superusers.
@@ -366,7 +366,7 @@ root:
               replacement: "Unsupported"
               if:
                 - variant: openshift
-                  max: 4.14.0
+                  max: 4.15.0
           children:
             - name: name
               desc: the user name.
@@ -375,7 +375,7 @@ root:
                   replacement: "Unsupported"
                   if:
                     - variant: openshift
-                      max: 4.14.0
+                      max: 4.15.0
             - name: password_hash
               desc: the PBKDF2 password hash, generated with `grub2-mkpasswd-pbkdf2`.
               # required by validation
@@ -385,7 +385,7 @@ root:
                   replacement: "Unsupported"
                   if:
                     - variant: openshift
-                      max: 4.14.0
+                      max: 4.15.0
     - name: openshift
       after: $
       desc: describes miscellaneous OpenShift configuration. Respected when rendering to a MachineConfig, ignored when rendering directly to an Ignition config.