Merge pull request #2266 from afbjorklund/cidata-cacerts

Fix cidata user-data ca_certs yaml content

Author: jandubois

pkg/cidata/cidata.TEMPLATE.d/user-data

@@ -66,13 +66,15 @@ resolv_conf:
 {{ with .CACerts }}
 ca_certs:
   remove_defaults: {{ .RemoveDefaults }}
+  {{- if .Trusted}}
   trusted:
   {{- range $cert := .Trusted }}
   - |
     {{- range $line := $cert.Lines }}
     {{ $line }}
     {{- end }}
   {{- end }}
+  {{- end }}
 {{- end }}
 
 {{- if .BootCmds }}

pkg/cidata/template.go

@@ -112,6 +112,9 @@ func ValidateTemplateArgs(args TemplateArgs) error {
 			return fmt.Errorf("field mounts[%d] must be absolute, got %q", i, f)
 		}
 	}
+	if args.CACerts.RemoveDefaults == nil {
+		return errors.New("field CACerts.RemoveDefaults must be set")
+	}
 	return nil
 }
 

pkg/cidata/template_test.go

@@ -8,6 +8,8 @@ import (
 	"gotest.tools/v3/assert"
 )
 
+var defaultRemoveDefaults = false
+
 func TestTemplate(t *testing.T) {
 	args := TemplateArgs{
 		Name: "default",
@@ -22,6 +24,10 @@ func TestTemplate(t *testing.T) {
 			{MountPoint: "/Users/dummy/lima"},
 		},
 		MountType: "reverse-sshfs",
+		CACerts: CACerts{
+			RemoveDefaults: &defaultRemoveDefaults,
+			Trusted:        []Cert{},
+		},
 	}
 	layout, err := ExecuteTemplate(args)
 	assert.NilError(t, err)
@@ -33,6 +39,8 @@ func TestTemplate(t *testing.T) {
 		if f.Path == "user-data" {
 			// mounted later
 			assert.Assert(t, !strings.Contains(string(b), "mounts:"))
+			// ca_certs:
+			assert.Assert(t, !strings.Contains(string(b), "trusted:"))
 		}
 	}
 }
@@ -51,6 +59,9 @@ func TestTemplate9p(t *testing.T) {
 			{Tag: "mount1", MountPoint: "/Users/dummy/lima", Type: "9p", Options: "rw,trans=virtio"},
 		},
 		MountType: "9p",
+		CACerts: CACerts{
+			RemoveDefaults: &defaultRemoveDefaults,
+		},
 	}
 	layout, err := ExecuteTemplate(args)
 	assert.NilError(t, err)