!93 KubeOS: add validation for non-empty strings in Vec fields

From: @weiy6 
Reviewed-by: @li-yuanrong 
Signed-off-by: @li-yuanrong

0001-fix-kbimg-add-return-statement-for-non-existent-disk.patch

@@ -0,0 +1,26 @@
+From dce6ad3578e0fef7d60e52d926db6835f6c437c0 Mon Sep 17 00:00:00 2001
+From: Yuhang Wei <weiyuhang3@huawei.com>
+Date: Wed, 11 Dec 2024 10:57:09 +0800
+Subject: [PATCH 1/3] fix(kbimg): add return statement for non-existent disk
+ handling
+
+Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>
+---
+ KubeOS-Rust/kbimg/src/values.rs | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/KubeOS-Rust/kbimg/src/values.rs b/KubeOS-Rust/kbimg/src/values.rs
+index 3986c13f..c36cacb9 100644
+--- a/KubeOS-Rust/kbimg/src/values.rs
++++ b/KubeOS-Rust/kbimg/src/values.rs
+@@ -508,6 +508,7 @@ function GetDisk() {
+             echo "${disk} exists, start partition"  | tee -a ${log}
+         else
+             echo "disk not exist, please choose correct disk"  | tee -a ${log}
++            return 1
+         fi
+     else
+         echo "no disk found" | tee -a ${log}
+-- 
+2.39.5 (Apple Git-154)
+

0002-fix-kbimg-incorrect-remove-chroot-script-path.patch

@@ -0,0 +1,30 @@
+From 44a3d151910e89c8e7337f32091b3581c84d6b32 Mon Sep 17 00:00:00 2001
+From: Yuhang Wei <weiyuhang3@huawei.com>
+Date: Wed, 11 Dec 2024 11:28:00 +0800
+Subject: [PATCH 2/3] fix(kbimg): incorrect remove chroot script path
+
+Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>
+---
+ KubeOS-Rust/kbimg/src/custom.rs | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/KubeOS-Rust/kbimg/src/custom.rs b/KubeOS-Rust/kbimg/src/custom.rs
+index 55071bfa..85d10023 100644
+--- a/KubeOS-Rust/kbimg/src/custom.rs
++++ b/KubeOS-Rust/kbimg/src/custom.rs
+@@ -78,7 +78,11 @@ impl ChrootScript {
+ "#,
+             absolute_path.as_path().to_str().unwrap(),
+             script_name.to_str().unwrap(),
+-            if self.rm.unwrap_or(false) { format!("rm -f /{}", script_name.to_str().unwrap()) } else { "".to_string() }
++            if self.rm.unwrap_or(false) {
++                format!("rm -f \"${{RPM_ROOT}}\"/{}", script_name.to_str().unwrap())
++            } else {
++                "".to_string()
++            }
+         )?;
+         Ok(())
+     }
+-- 
+2.39.5 (Apple Git-154)
+

0003-fix-admin-container-correct-path-for-copying-files-i.patch

@@ -0,0 +1,27 @@
+From 0c7c2b286556dcdbfac902e44a12c5f6a486a78c Mon Sep 17 00:00:00 2001
+From: Yuhang Wei <weiyuhang3@huawei.com>
+Date: Wed, 11 Dec 2024 12:02:46 +0800
+Subject: [PATCH 3/3] fix(admin-container): correct path for copying files in
+ dockerfile
+
+Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>
+---
+ KubeOS-Rust/kbimg/src/values.rs | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/KubeOS-Rust/kbimg/src/values.rs b/KubeOS-Rust/kbimg/src/values.rs
+index c36cacb9..7cf322e1 100644
+--- a/KubeOS-Rust/kbimg/src/values.rs
++++ b/KubeOS-Rust/kbimg/src/values.rs
+@@ -845,7 +845,7 @@ CMD ["/bin/sh"]"#;
+ 
+ pub const ADMIN_DOCKERFILE_CONTENT: &str = r#"FROM openeuler/openeuler:24.03-lts
+ RUN dnf upgrade -y && dnf -y install openssh-clients util-linux sysmaster
+-COPY ./set-ssh-pub-key.sh ./hostshell /usr/local/bin
++COPY ./set-ssh-pub-key.sh ./hostshell /usr/local/bin/
+ COPY ./set-ssh-pub-key.service /usr/lib/sysmaster/system
+ EXPOSE 22
+ RUN ln -s /usr/lib/sysmaster/system/set-ssh-pub-key.service /etc/sysmaster/system/multi-user.target.wants/set-ssh-pub-key.service
+-- 
+2.39.5 (Apple Git-154)
+

0004-fix-kbimg-add-info-log-for-successful-image-creation.patch

@@ -0,0 +1,52 @@
+From 72dd36b4cefee5a85145103771d9352585cc9388 Mon Sep 17 00:00:00 2001
+From: Yuhang Wei <weiyuhang3@huawei.com>
+Date: Fri, 13 Dec 2024 15:31:09 +0800
+Subject: [PATCH 1/2] fix(kbimg): add info log for successful image creation
+
+Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>
+---
+ KubeOS-Rust/kbimg/src/main.rs | 14 +++++---------
+ 1 file changed, 5 insertions(+), 9 deletions(-)
+
+diff --git a/KubeOS-Rust/kbimg/src/main.rs b/KubeOS-Rust/kbimg/src/main.rs
+index 43e9d422..0af7ff89 100644
+--- a/KubeOS-Rust/kbimg/src/main.rs
++++ b/KubeOS-Rust/kbimg/src/main.rs
+@@ -15,7 +15,7 @@ use std::{fs, path::PathBuf, process::exit};
+ use anyhow::Result;
+ use clap::Parser;
+ use env_logger::{Builder, Env, Target};
+-use log::{debug, error};
++use log::{debug, error, info};
+ 
+ mod admin_container;
+ mod commands;
+@@ -55,6 +55,7 @@ fn process(info: Box<dyn CreateImage>, mut config: Config, debug: bool) -> Resul
+     let path = info.generate_scripts(&config)?;
+     if !debug {
+         execute_scripts(path)?;
++        info!("Image created successfully");
+     } else {
+         debug!("Executed following command to generate KubeOS image: bash {:?}", path);
+     }
+@@ -129,14 +130,9 @@ fn main() {
+     }
+ 
+     if let Some(i) = info {
+-        match process(i, data, cli.debug) {
+-            Ok(_) => {
+-                println!("Image created successfully");
+-            },
+-            Err(e) => {
+-                error!("Failed to create image: {:?}", e);
+-                exit(1);
+-            },
++        if let Err(e) = process(i, data, cli.debug) {
++            error!("Failed to create image: {:?}", e);
++            exit(1);
+         }
+     }
+     exit(0);
+-- 
+2.39.5 (Apple Git-154)
+

0005-fix-kbimg-enforce-non-empty-strings-for-required-fie.patch

@@ -0,0 +1,167 @@
+From 9030b7f223e1fec1ab4c3612dbcc4b231743ad25 Mon Sep 17 00:00:00 2001
+From: Yuhang Wei <weiyuhang3@huawei.com>
+Date: Fri, 13 Dec 2024 15:31:22 +0800
+Subject: [PATCH 2/2] fix(kbimg): enforce non-empty strings for required fields
+ in deserialization
+
+Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>
+---
+ KubeOS-Rust/kbimg/src/commands.rs | 46 ++++++++++++++++++++++++++++++-
+ KubeOS-Rust/kbimg/src/main.rs     |  8 +++++-
+ KubeOS-Rust/kbimg/src/repo.rs     |  4 +--
+ 3 files changed, 54 insertions(+), 4 deletions(-)
+
+diff --git a/KubeOS-Rust/kbimg/src/commands.rs b/KubeOS-Rust/kbimg/src/commands.rs
+index c5bc3890..24fc1031 100644
+--- a/KubeOS-Rust/kbimg/src/commands.rs
++++ b/KubeOS-Rust/kbimg/src/commands.rs
+@@ -54,14 +54,17 @@ pub enum CreateType {
+ #[derive(Debug, Deserialize, Clone)]
+ pub struct RepoInfo {
+     /// Required: KubeOS version
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub version: String,
+     /// Required: Repo path for installing packages
+     pub repo_path: PathBuf,
+     /// Required: Path to the os-agent binary
+     pub agent_path: PathBuf,
+     /// Required: Encrypted password for root user
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub root_passwd: String,
+     /// Required for creating upgrade docker image
++    #[serde(default, deserialize_with = "reject_empty_option_string")]
+     pub upgrade_img: Option<String>,
+     /// Required: RPM packages
+     pub rpmlist: Vec<String>,
+@@ -84,6 +87,7 @@ pub struct DockerImgInfo {
+ #[derive(Debug, Deserialize, Clone)]
+ pub struct AdminContainerInfo {
+     /// Required: Name of the container image
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub img_name: String,
+     /// Required: Path to the hostshell binary
+     pub hostshell: PathBuf,
+@@ -107,21 +111,28 @@ pub struct Config {
+ 
+ #[derive(Deserialize, Debug, Clone)]
+ pub struct User {
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub name: String,
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub passwd: String,
++    #[serde(default, deserialize_with = "reject_empty_option_string")]
+     pub primary_group: Option<String>,
+     pub groups: Option<Vec<String>>,
+ }
+ 
+ #[derive(Deserialize, Debug, Clone)]
+ pub struct CopyFile {
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub src: String,
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub dst: String,
++    #[serde(default, deserialize_with = "reject_empty_option_string")]
+     pub create_dir: Option<String>,
+ }
+ 
+ #[derive(Deserialize, Debug, Clone)]
+ pub struct Grub {
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub passwd: String,
+ }
+ 
+@@ -149,19 +160,28 @@ pub struct PersistMkdir {
+ 
+ #[derive(Debug, Deserialize, Clone)]
+ pub struct PxeConfig {
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub rootfs_name: String,
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub disk: String,
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub server_ip: String,
+-    pub local_ip: Option<String>,
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub route_ip: String,
++    #[serde(default, deserialize_with = "reject_empty_option_string")]
++    pub local_ip: Option<String>,
++    #[serde(default, deserialize_with = "reject_empty_option_string")]
+     pub netmask: Option<String>,
++    #[serde(default, deserialize_with = "reject_empty_option_string")]
+     pub net_name: Option<String>,
+     pub dhcp: Option<bool>,
+ }
+ 
+ #[derive(Debug, Deserialize, Clone)]
+ pub struct DmVerity {
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub efi_key: String,
++    #[serde(deserialize_with = "reject_empty_string")]
+     pub grub_key: String,
+     pub keys_dir: Option<PathBuf>,
+ }
+@@ -196,3 +216,27 @@ impl From<&str> for ImageType {
+         }
+     }
+ }
++
++fn reject_empty_option_string<'de, D>(deserializer: D) -> Result<Option<String>, D::Error>
++where
++    D: serde::Deserializer<'de>,
++{
++    let opt = Option::<String>::deserialize(deserializer)?;
++    if let Some(ref value) = opt {
++        if value.trim().is_empty() {
++            return Err(serde::de::Error::custom("String in Option should not be an empty string if provided"));
++        }
++    }
++    Ok(opt)
++}
++
++fn reject_empty_string<'de, D>(deserializer: D) -> Result<String, D::Error>
++where
++    D: serde::Deserializer<'de>,
++{
++    let value: String = Deserialize::deserialize(deserializer)?;
++    if value.trim().is_empty() {
++        return Err(serde::de::Error::custom("String field should not be empty"));
++    }
++    Ok(value)
++}
+diff --git a/KubeOS-Rust/kbimg/src/main.rs b/KubeOS-Rust/kbimg/src/main.rs
+index 0af7ff89..878d41f4 100644
+--- a/KubeOS-Rust/kbimg/src/main.rs
++++ b/KubeOS-Rust/kbimg/src/main.rs
+@@ -74,7 +74,13 @@ fn main() {
+     };
+     debug!("Config file path: {:?}", config);
+     let content = fs::read_to_string(config).expect("Failed to read config file");
+-    let data: Config = toml::from_str(&content).expect("Failed to parse toml file");
++    let data: Config = match toml::from_str(&content) {
++        Ok(d) => d,
++        Err(e) => {
++            error!("Failed to parse config file: {}", e);
++            exit(1);
++        },
++    };
+     debug!("Config: {:?}", data);
+ 
+     let info;
+diff --git a/KubeOS-Rust/kbimg/src/repo.rs b/KubeOS-Rust/kbimg/src/repo.rs
+index 3f11d072..752ca403 100644
+--- a/KubeOS-Rust/kbimg/src/repo.rs
++++ b/KubeOS-Rust/kbimg/src/repo.rs
+@@ -287,8 +287,8 @@ impl RepoInfo {
+ // Check pxe config
+ fn check_pxe_conf_valid(config: &PxeConfig) -> anyhow::Result<()> {
+     if config.dhcp.unwrap_or(false) {
+-        if config.local_ip.is_some() || config.net_name.is_some() {
+-            bail!("dhcp and local_ip/net_name cannot be set at the same time");
++        if config.local_ip.is_some() || config.net_name.is_some() || config.netmask.is_some() {
++            bail!("dhcp and local_ip/net_name/netmask cannot be set at the same time");
+         }
+     } else {
+         let local_ip = config.local_ip.as_ref().ok_or_else(|| anyhow!("local_ip not found!"))?;
+-- 
+2.39.5 (Apple Git-154)
+

0006-fix-kbimg-add-validation-for-non-empty-strings-in-Ve.patch

@@ -0,0 +1,95 @@
+From 66582ff8ad70b7bef1f21e0491e5750cbe1ec7a6 Mon Sep 17 00:00:00 2001
+From: Yuhang Wei <weiyuhang3@huawei.com>
+Date: Mon, 16 Dec 2024 10:14:03 +0800
+Subject: [PATCH] fix(kbimg): add validation for non-empty strings in
+ Vec<String> fields
+
+Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>
+---
+ KubeOS-Rust/kbimg/src/commands.rs    | 37 ++++++++++++++++++++++++++++
+ KubeOS-Rust/kbimg/src/scripts_gen.rs |  3 +++
+ 2 files changed, 40 insertions(+)
+
+diff --git a/KubeOS-Rust/kbimg/src/commands.rs b/KubeOS-Rust/kbimg/src/commands.rs
+index 24fc1031..bcf9feb0 100644
+--- a/KubeOS-Rust/kbimg/src/commands.rs
++++ b/KubeOS-Rust/kbimg/src/commands.rs
+@@ -117,6 +117,7 @@ pub struct User {
+     pub passwd: String,
+     #[serde(default, deserialize_with = "reject_empty_option_string")]
+     pub primary_group: Option<String>,
++    #[serde(default, deserialize_with = "reject_empty_opt_vec_string")]
+     pub groups: Option<Vec<String>>,
+ }
+ 
+@@ -138,6 +139,7 @@ pub struct Grub {
+ 
+ #[derive(Deserialize, Debug, Clone)]
+ pub struct SystemdService {
++    #[serde(default, deserialize_with = "reject_empty_vec_string")]
+     pub name: Vec<String>,
+ }
+ 
+@@ -155,6 +157,7 @@ pub struct DiskPartition {
+ 
+ #[derive(Deserialize, Debug, Clone)]
+ pub struct PersistMkdir {
++    #[serde(default, deserialize_with = "reject_empty_vec_string")]
+     pub name: Vec<String>,
+ }
+ 
+@@ -240,3 +243,37 @@ where
+     }
+     Ok(value)
+ }
++
++fn reject_empty_opt_vec_string<'de, D>(deserializer: D) -> Result<Option<Vec<String>>, D::Error>
++where
++    D: serde::Deserializer<'de>,
++{
++    let value: Option<Vec<String>> = Deserialize::deserialize(deserializer)?;
++    if let Some(ref value) = value {
++        if value.is_empty() {
++            return Err(serde::de::Error::custom("Vec<String> field should not be empty"));
++        }
++        for v in value {
++            if v.trim().is_empty() {
++                return Err(serde::de::Error::custom("String in Vec<String> should not be an empty string"));
++            }
++        }
++    }
++    Ok(value)
++}
++
++fn reject_empty_vec_string<'de, D>(deserializer: D) -> Result<Vec<String>, D::Error>
++where
++    D: serde::Deserializer<'de>,
++{
++    let value: Vec<String> = Deserialize::deserialize(deserializer)?;
++    if value.is_empty() {
++        return Err(serde::de::Error::custom("Vec<String> field should not be empty"));
++    }
++    for v in &value {
++        if v.trim().is_empty() {
++            return Err(serde::de::Error::custom("String in Vec<String> should not be an empty string"));
++        }
++    }
++    Ok(value)
++}
+diff --git a/KubeOS-Rust/kbimg/src/scripts_gen.rs b/KubeOS-Rust/kbimg/src/scripts_gen.rs
+index 4f9abd24..9993af1c 100644
+--- a/KubeOS-Rust/kbimg/src/scripts_gen.rs
++++ b/KubeOS-Rust/kbimg/src/scripts_gen.rs
+@@ -261,6 +261,9 @@ pub(crate) fn gen_create_img(file: &mut dyn Write, legacy_bios: bool, config: &C
+     let mut mkdir_persist: String = String::new();
+     if let Some(persist_mkdir) = &config.persist_mkdir {
+         for name in &persist_mkdir.name {
++            if name.is_empty() {
++                continue;
++            }
+             mkdir_persist.push_str(&format!("    mkdir -p \"${{TMP_MOUNT_PATH}}\"/{}\n", name));
+         }
+     }
+-- 
+2.39.5 (Apple Git-154)
+

KubeOS.spec

@@ -1,11 +1,17 @@
 # Copyright (c) Huawei Technologies Co., Ltd. 2021. All rights reserved.
 
 Name:           KubeOS
-Version:        1.0.7
-Release:        1
+Version:        1.0.8
+Release:        4
 Summary:        O&M platform used to update the whole OS as an entirety
 License:        Mulan PSL v2
 Source0:        https://gitee.com/openeuler/KubeOS/repository/archive/v%{version}.tar.gz
+Patch1:         0001-fix-kbimg-add-return-statement-for-non-existent-disk.patch
+Patch2:         0002-fix-kbimg-incorrect-remove-chroot-script-path.patch
+Patch3:         0003-fix-admin-container-correct-path-for-copying-files-i.patch
+Patch4:         0004-fix-kbimg-add-info-log-for-successful-image-creation.patch
+Patch5:         0005-fix-kbimg-enforce-non-empty-strings-for-required-fie.patch
+Patch6:         0006-fix-kbimg-add-validation-for-non-empty-strings-in-Ve.patch
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  make rust cargo openssl-devel
@@ -70,6 +76,36 @@ install -p -m 0600 ./KubeOS-Rust/kbimg/kbimg.toml %{buildroot}/opt/kubeOS/script
 rm -rfv %{buildroot}
 
 %changelog
+* Mon Dec 16 2024 Yuhang Wei<weiyuhang3@huawei.com> - 1.0.8-4
+- Type:requirement
+- CVE:NA
+- SUG:restart
+- DESC:enforce non-empty vec strings for required fields
+
+* Fri Dec 13 2024 Yuhang Wei<weiyuhang3@huawei.com> - 1.0.8-3
+- Type:requirement
+- CVE:NA
+- SUG:restart
+- DESC:enforce non-empty strings for required fields
+
+* Wed Dec 11 2024 Yuhang Wei<weiyuhang3@huawei.com> - 1.0.8-2
+- Type:requirement
+- CVE:NA
+- SUG:restart
+- DESC:bugs fix of pxe and admin-container
+
+* Tue Dec 10 2024 Yuhang Wei<weiyuhang3@huawei.com> - 1.0.8-1
+- Type:requirement
+- CVE:NA
+- SUG:restart
+- DESC:update version to 1.0.8
+
+* Tue Dec 03 2024 Yuhang Wei<weiyuhang3@huawei.com> - 1.0.7-2
+- Type:requirement
+- CVE:NA
+- SUG:restart
+- DESC:sync from upstream
+
 * Tue Nov 26 2024 Yuhang Wei<weiyuhang3@huawei.com> - 1.0.7-1
 - Type:requirement
 - CVE:NA