Remove empty ca_certs from cloud-config.yaml

afbjorklund · afbjorklund · commit d73926c77286 · 2024-10-14T09:30:05.000+02:00
Since it is a pointer, it is always true (non-nil).

And structs are always true, so they can't be tested.

Signed-off-by: Anders F Björklund &lt;anders.f.bjorklund@gmail.com&gt;
diff --git a/pkg/cidata/cidata.TEMPLATE.d/user-data b/pkg/cidata/cidata.TEMPLATE.d/user-data
@@ -66,16 +66,20 @@ resolv_conf:
   {{- end }}
 {{- end }}
 
+{{- if or .CACerts.RemoveDefaults .CACerts.Trusted }}
 {{ with .CACerts }}
 ca_certs:
+  {{- if .RemoveDefaults }}
   remove_defaults: {{ .RemoveDefaults }}
+  {{- end }}
   {{- if .Trusted}}
   trusted:
   {{- range $cert := .Trusted }}
   - |
     {{- range $line := $cert.Lines }}
     {{ $line }}
     {{- end }}
+    {{- end }}
   {{- end }}
   {{- end }}
 {{- end }}
diff --git a/pkg/cidata/cidata.go b/pkg/cidata/cidata.go
@@ -311,6 +311,12 @@ func templateArgs(instDir, name string, instConfig *limayaml.LimaYAML, udpDNSLoc
 		args.CACerts.Trusted = append(args.CACerts.Trusted, cert)
 	}
 
+	// Remove empty caCerts (default values) from configuration yaml
+	if !*args.CACerts.RemoveDefaults && len(args.CACerts.Trusted) == 0 {
+		args.CACerts.RemoveDefaults = nil
+		args.CACerts.Trusted = nil
+	}
+
 	args.BootCmds = getBootCmds(instConfig.Provision)
 
 	for _, f := range instConfig.Provision {
diff --git a/pkg/cidata/cloud-config.yaml b/pkg/cidata/cloud-config.yaml
@@ -37,6 +37,7 @@ users:
 # resolv_conf is not included here
 {{- end }}
 
+{{- if .CACerts.RemoveDefaults }}
 {{ with .CACerts }}
 ca_certs:
   remove_defaults: {{ .RemoveDefaults }}
@@ -50,6 +51,7 @@ ca_certs:
   {{- end }}
   {{- end }}
 {{- end }}
+{{- end }}
 
 {{- if .BootCmds }}
 bootcmd:
diff --git a/pkg/cidata/template.go b/pkg/cidata/template.go
@@ -117,9 +117,6 @@ func ValidateTemplateArgs(args *TemplateArgs) error {
 			return fmt.Errorf("field mounts[%d] must be absolute, got %q", i, f)
 		}
 	}
-	if args.CACerts.RemoveDefaults == nil {
-		return errors.New("field CACerts.RemoveDefaults must be set")
-	}
 	return nil
 }
 
diff --git a/pkg/cidata/template_test.go b/pkg/cidata/template_test.go
@@ -11,6 +11,23 @@ import (
 var defaultRemoveDefaults = false
 
 func TestConfig(t *testing.T) {
+	args := &TemplateArgs{
+		Name: "default",
+		User: "foo",
+		UID:  501,
+		Home: "/home/foo.linux",
+		SSHPubKeys: []string{
+			"ssh-rsa dummy foo@example.com",
+		},
+		MountType: "reverse-sshfs",
+	}
+	config, err := ExecuteTemplateCloudConfig(args)
+	assert.NilError(t, err)
+	t.Log(string(config))
+	assert.Assert(t, !strings.Contains(string(config), "ca_certs:"))
+}
+
+func TestConfigCACerts(t *testing.T) {
 	args := &TemplateArgs{
 		Name: "default",
 		User: "foo",
@@ -27,6 +44,7 @@ func TestConfig(t *testing.T) {
 	config, err := ExecuteTemplateCloudConfig(args)
 	assert.NilError(t, err)
 	t.Log(string(config))
+	assert.Assert(t, strings.Contains(string(config), "ca_certs:"))
 }
 
 func TestTemplate(t *testing.T) {

Original file line number	Diff line number	Diff line change
`@@ -117,9 +117,6 @@ func ValidateTemplateArgs(args *TemplateArgs) error {`
`117`	`117`	`return fmt.Errorf("field mounts[%d] must be absolute, got %q", i, f)`
`118`	`118`	`}`
`119`	`119`	`}`
`120`		`- if args.CACerts.RemoveDefaults == nil {`
`121`		`- return errors.New("field CACerts.RemoveDefaults must be set")`
`122`		`- }`
`123`	`120`	`return nil`
`124`	`121`	`}`
`125`	`122`