Update uamlite.sh to handle empty user_sshkeys arrays
Previously _uamlite.sh.tpl would fail to render if any user data had an empty user_sshkeys array. This is because the template would check to see if the key existed, but not actually make sure that the array contained within that key had any elements. "first" would be called against the empty array, which would return nil, and then the outer eq function call would fail (as it can't be used to compare nil values). This patch set adds a default statement after the "first" function, so that if the array is empty and first returns nil, a default of "Unmanaged" will be returned, which will end up making the eq statement evaluate to false, and the code inside the if statement to not be run. Change-Id: I52713795284cd1d0961bd430858061f9df9c5f78
This commit is contained in:
parent
00cebd8b3b
commit
4c6ac4712d
|
@ -154,7 +154,7 @@ purge_expired_users={{ .Values.conf.uamlite.purge_expired_users | squote }}
|
|||
{{ $key }}={{ $value | squote }} \
|
||||
{{- end }}
|
||||
{{- if hasKey . "user_sshkeys" }}
|
||||
{{- if not (eq (first .user_sshkeys) "Unmanaged") }}
|
||||
{{- if not (eq (first .user_sshkeys | default "Unmanaged") "Unmanaged") }}
|
||||
add_sshkeys {{ range $ssh_key := .user_sshkeys }}{{ if not (or (regexMatch "ssh-dss .*" $ssh_key) (regexMatch "ecdsa-.*" $ssh_key) (regexMatch "ssh-ed25519 .*" $ssh_key) (regexMatch "ssh-rsa .*" $ssh_key)) }}{{ fail (print "BAD SSH KEY FOR '" $item.user_name "': One of the 'user_sshkeys' specified for '" $item.user_name "' does not pass regex checks: '" $ssh_key "'. Ensure that the supplied user SSH keys are supported/formatted per divingbell documentation at https://airship-divingbell.readthedocs.io/#uamlite") }}{{ else }}{{ $ssh_key | squote }}{{ end }} {{ end }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
|
|
Loading…
Reference in New Issue