coreos-cloudinit: bump to v1.3.2

configdrive: correct network config reading and improve tests

.travis.yml

@@ -1,11 +1,17 @@
 language: go
-go:
+sudo: false
-  - 1.3
+matrix:
-  - 1.2
+  include:
+    - go: 1.4
+      env: TOOLS_CMD=golang.org/x/tools/cmd
+    - go: 1.3
+      env: TOOLS_CMD=code.google.com/p/go.tools/cmd
+    - go: 1.2
+      env: TOOLS_CMD=code.google.com/p/go.tools/cmd
 
 install:
- - go get code.google.com/p/go.tools/cmd/cover
+ - go get ${TOOLS_CMD}/cover
- - go get code.google.com/p/go.tools/cmd/vet
+ - go get ${TOOLS_CMD}/vet
 
 script:
  - ./test

Documentation/cloud-config.md

@@ -1,6 +1,8 @@
 # Using Cloud-Config
 
-CoreOS allows you to declaratively customize various OS-level items, such as network configuration, user accounts, and systemd units. This document describes the full list of items we can configure. The `coreos-cloudinit` program uses these files as it configures the OS after startup or during runtime. Your cloud-config is processed during each boot.
+CoreOS allows you to declaratively customize various OS-level items, such as network configuration, user accounts, and systemd units. This document describes the full list of items we can configure. The `coreos-cloudinit` program uses these files as it configures the OS after startup or during runtime.
+
+Your cloud-config is processed during each boot. Invalid cloud-config won't be processed but will be logged in the journal. You can validate your cloud-config with the [CoreOS validator]({{site.url}}/validate) or by running `coreos-cloudinit -validate`.
 
 ## Configuration File
 
@@ -16,7 +18,7 @@ We've designed our implementation to allow the same cloud-config file to work ac
 
 The cloud-config file uses the [YAML][yaml] file format, which uses whitespace and new-lines to delimit lists, associative arrays, and values.
 
-A cloud-config file should contain `#cloud-config`, followed by an associative array which has zero or more of the following keys:
+A cloud-config file must contain `#cloud-config`, followed by an associative array which has zero or more of the following keys:
 
 - `coreos`
 - `ssh_authorized_keys`
@@ -46,13 +48,13 @@ If the platform environment supports the templating feature of coreos-cloudinit
 #cloud-config
 
 coreos:
-    etcd:
+  etcd:
-        name: node001
+      name: node001
-	# generate a new token for each unique cluster from https://discovery.etcd.io/new
+      # generate a new token for each unique cluster from https://discovery.etcd.io/new
-        discovery: https://discovery.etcd.io/<token>
+      discovery: https://discovery.etcd.io/<token>
-	# multi-region and multi-cloud deployments need to use $public_ipv4
+      # multi-region and multi-cloud deployments need to use $public_ipv4
-        addr: $public_ipv4:4001
+      addr: $public_ipv4:4001
-        peer-addr: $private_ipv4:7001
+      peer-addr: $private_ipv4:7001
 ```
 
 ...will generate a systemd unit drop-in like this:
@@ -66,7 +68,6 @@ Environment="ETCD_PEER_ADDR=192.0.2.13:7001"
 ```
 
 For more information about the available configuration parameters, see the [etcd documentation][etcd-config].
-Note that hyphens in the coreos.etcd.* keys are mapped to underscores.
 
 _Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are only supported on Amazon EC2, Google Compute Engine, OpenStack, Rackspace, DigitalOcean, and Vagrant._
 
@@ -80,9 +81,9 @@ The `coreos.fleet.*` parameters work very similarly to `coreos.etcd.*`, and allo
 #cloud-config
 
 coreos:
-    fleet:
+  fleet:
-        public-ip: $public_ipv4
+      public-ip: $public_ipv4
-        metadata: region=us-west
+      metadata: region=us-west
 ```
 
 ...will generate a systemd unit drop-in like this:
@@ -97,6 +98,63 @@ For more information on fleet configuration, see the [fleet documentation][fleet
 
 [fleet-config]: https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md#configuration
 
+#### flannel
+
+The `coreos.flannel.*` parameters also work very similarly to `coreos.etcd.*`
+and `coreos.fleet.*`. They can be used to set environment variables for
+flanneld. For example, the following cloud-config...
+
+```yaml
+#cloud-config
+
+coreos:
+  flannel:
+      etcd_prefix: /coreos.com/network2
+```
+
+...will generate a systemd unit drop-in like so:
+
+```
+[Service]
+Environment="FLANNELD_ETCD_PREFIX=/coreos.com/network2"
+```
+
+List of flannel configuration parameters:
+- **etcd_endpoints**: Comma separated list of etcd endpoints
+- **etcd_cafile**: Path to CA file used for TLS communication with etcd
+- **etcd_certfile**: Path to certificate file used for TLS communication with etcd
+- **etcd_keyfile**: Path to private key file used for TLS communication with etcd
+- **etcd_prefix**: Etcd prefix path to be used for flannel keys
+- **ip_masq**: Install IP masquerade rules for traffic outside of flannel subnet
+- **subnet_file**: Path to flannel subnet file to write out
+- **interface**: Interface (name or IP) that should be used for inter-host communication
+
+[flannel-readme]: https://github.com/coreos/flannel/blob/master/README.md
+
+#### locksmith
+
+The `coreos.locksmith.*` parameters can be used to set environment variables
+for locksmith. For example, the following cloud-config...
+
+```yaml
+#cloud-config
+
+coreos:
+  locksmith:
+      endpoint: example.com:4001
+```
+
+...will generate a systemd unit drop-in like so:
+
+```
+[Service]
+Environment="LOCKSMITHD_ENDPOINT=example.com:4001"
+```
+
+For the complete list of locksmith configuration parameters, see the [locksmith documentation][locksmith-readme].
+
+[locksmith-readme]: https://github.com/coreos/locksmith/blob/master/README.md
+
 #### update
 
 The `coreos.update.*` parameters manipulate settings related to how CoreOS instances are updated.
@@ -109,9 +167,12 @@ The `reboot-strategy` parameter also affects the behaviour of [locksmith](https:
   - _etcd-lock_: Reboot after first taking a distributed lock in etcd, this guarantees that only one host will reboot concurrently and that the cluster will remain available during the update.
   - _best-effort_ - If etcd is running, "etcd-lock", otherwise simply "reboot".
   - _off_ - Disable rebooting after updates are applied (not recommended).
-- **server**: is the omaha endpoint URL which will be queried for updates.
+- **server**: The location of the [CoreUpdate][coreupdate] server which will be queried for updates. Also known as the [omaha][omaha-docs] server endpoint.
 - **group**:  signifies the channel which should be used for automatic updates.  This value defaults to the version of the image initially downloaded. (one of "master", "alpha", "beta", "stable")
 
+[coreupdate]: https://coreos.com/products/coreupdate
+[omaha-docs]: https://coreos.com/docs/coreupdate/custom-apps/coreupdate-protocol/
+
 *Note: cloudinit will only manipulate the locksmith unit file in the systemd runtime directory (`/run/systemd/system/locksmithd.service`). If any manual modifications are made to an overriding unit configuration file (e.g. `/etc/systemd/system/locksmithd.service`), cloudinit will no longer be able to control the locksmith service unit.*
 
 ##### Example
@@ -135,6 +196,10 @@ Each item is an object with the following fields:
 - **content**: Plaintext string representing entire unit file. If no value is provided, the unit is assumed to exist already.
 - **command**: Command to execute on unit: start, stop, reload, restart, try-restart, reload-or-restart, reload-or-try-restart. The default behavior is to not execute any commands.
 - **mask**: Whether to mask the unit file by symlinking it to `/dev/null` (analogous to `systemctl mask <name>`). Note that unlike `systemctl mask`, **this will destructively remove any existing unit file** located at `/etc/systemd/system/<unit>`, to ensure that the mask succeeds. The default value is false.
+- **drop-ins**: A list of unit drop-ins with the following fields:
+  - **name**: String representing unit's name. Required.
+  - **content**: Plaintext string representing entire file. Required.
+
 
 **NOTE:** The command field is ignored for all network, netdev, and link units. The systemd-networkd.service unit will be restarted in their place.
 
@@ -146,19 +211,34 @@ Write a unit to disk, automatically starting it.
 #cloud-config
 
 coreos:
-    units:
+  units:
-      - name: docker-redis.service
+    - name: docker-redis.service
-        command: start
+      command: start
-        content: |
+      content: |
-          [Unit]
+        [Unit]
-          Description=Redis container
+        Description=Redis container
-          Author=Me
+        Author=Me
-          After=docker.service
+        After=docker.service
 
-          [Service]
+        [Service]
-          Restart=always
+        Restart=always
-          ExecStart=/usr/bin/docker start -a redis_server
+        ExecStart=/usr/bin/docker start -a redis_server
-          ExecStop=/usr/bin/docker stop -t 2 redis_server
+        ExecStop=/usr/bin/docker stop -t 2 redis_server
+```
+
+Add the DOCKER_OPTS environment variable to docker.service.
+
+```yaml
+#cloud-config
+
+coreos:
+  units:
+    - name: docker.service
+      drop-ins:
+        - name: 50-insecure-registry.conf
+          content: |
+            [Service]
+            Environment=DOCKER_OPTS='--insecure-registry="10.0.1.0/24"'
 ```
 
 Start the built-in `etcd` and `fleet` services:
@@ -167,11 +247,11 @@ Start the built-in `etcd` and `fleet` services:
 #cloud-config
 
 coreos:
-    units:
+  units:
-      - name: etcd.service
+    - name: etcd.service
-        command: start
+      command: start
-      - name: fleet.service
+    - name: fleet.service
-        command: start
+      command: start
 ```
 
 ### ssh_authorized_keys
@@ -213,7 +293,8 @@ All but the `passwd` and `ssh-authorized-keys` fields will be ignored if the use
 - **groups**: Add user to these additional groups
 - **no-user-group**: Boolean. Skip default group creation.
 - **ssh-authorized-keys**: List of public SSH keys to authorize for this user
-- **coreos-ssh-import-github**: Authorize SSH keys from Github user
+- **coreos-ssh-import-github**: Authorize SSH keys from GitHub user
+- **coreos-ssh-import-github-users**: Authorize SSH keys from a list of GitHub users
 - **coreos-ssh-import-url**: Authorize SSH keys imported from a url endpoint.
 - **system**: Create the user as a system user. No home directory will be created.
 - **no-log-init**: Boolean. Skip initialization of lastlog and faillog databases.
@@ -303,11 +384,13 @@ Each item in the list may have the following keys:
 
 - **path**: Absolute location on disk where contents should be written
 - **content**: Data to write at the provided `path`
-- **permissions**: String representing file permissions in octal notation (i.e. '0644')
+- **permissions**: Integer representing file permissions, typically in octal notation (i.e. 0644)
 - **owner**: User and group that should own the file written to disk. This is equivalent to the `<user>:<group>` argument to `chown <user>:<group> <path>`.
+- **encoding**: Optional. The encoding of the data in content. If not specified this defaults to the yaml document encoding (usually utf-8). Supported encoding types are:
+    - **b64, base64**: Base64 encoded content
+    - **gz, gzip**: gzip encoded content, for use with the !!binary tag
+    - **gz+b64, gz+base64, gzip+b64, gzip+base64**: Base64 encoded gzip content
 
-Explicitly not implemented is the **encoding** attribute.
-The **content** field must represent exactly what should be written to disk.
 
 ```yaml
 #cloud-config
@@ -322,6 +405,24 @@ write_files:
     owner: root
     content: |
       Good news, everyone!
+  - path: /tmp/like_this
+    permissions: 0644
+    owner: root
+    encoding: gzip
+    content: !!binary |
+      H4sIAKgdh1QAAwtITM5WyK1USMqvUCjPLMlQSMssS1VIya9KzVPIySwszS9SyCpNLwYARQFQ5CcAAAA=
+  - path: /tmp/or_like_this
+    permissions: 0644
+    owner: root
+    encoding: gzip+base64
+    content: |
+      H4sIAKgdh1QAAwtITM5WyK1USMqvUCjPLMlQSMssS1VIya9KzVPIySwszS9SyCpNLwYARQFQ5CcAAAA=
+  - path: /tmp/todolist
+    permissions: 0644
+    owner: root
+    encoding: base64
+    content: |
+      UGFjayBteSBib3ggd2l0aCBmaXZlIGRvemVuIGxpcXVvciBqdWdz
 ```
 
 ### manage_etc_hosts

Godeps/Godeps.json

@@ -1,6 +1,6 @@
 {
 	"ImportPath": "github.com/coreos/coreos-cloudinit",
-	"GoVersion": "go1.3.1",
+	"GoVersion": "go1.3.3",
 	"Packages": [
 		"./..."
 	],
@@ -13,6 +13,10 @@
 			"ImportPath": "github.com/coreos/go-systemd/dbus",
 			"Rev": "4fbc5060a317b142e6c7bfbedb65596d5f0ab99b"
 		},
+		{
+			"ImportPath": "github.com/coreos/yaml",
+			"Rev": "6b16a5714269b2f70720a45406b1babd947a17ef"
+		},
 		{
 			"ImportPath": "github.com/dotcloud/docker/pkg/netlink",
 			"Comment": "v0.11.1-359-g55d41c3e21e1",
@@ -25,10 +29,6 @@
 		{
 			"ImportPath": "github.com/tarm/goserial",
 			"Rev": "cdabc8d44e8e84f58f18074ae44337e1f2f375b9"
-		},
-		{
-			"ImportPath": "gopkg.in/yaml.v1",
-			"Rev": "feb4ca79644e8e7e39c06095246ee54b1282c118"
 		}
 	]
 }

Godeps/_workspace/src/github.com/coreos/yaml/LICENSE

@@ -1,3 +1,6 @@
+
+Copyright (c) 2011-2014 - Canonical Inc.
+
 This software is licensed under the LGPLv3, included below.
 
 As a special exception to the GNU Lesser General Public License version 3

Godeps/_workspace/src/github.com/coreos/yaml/README.md

@@ -1,3 +1,6 @@
+Note: This is a fork of https://github.com/go-yaml/yaml. The following README
+doesn't necessarily apply to this fork.
+
 # YAML support for the Go language
 
 Introduction
@@ -12,10 +15,10 @@ C library to parse and generate YAML data quickly and reliably.
 Compatibility
 -------------
 
-The yaml package is almost compatible with YAML 1.1, including support for
+The yaml package supports most of YAML 1.1 and 1.2, including support for
-anchors, tags, etc. There are still a few missing bits, such as document
+anchors, tags, map merging, etc. Multi-document unmarshalling is not yet
-merging, base-60 floats (huh?), and multi-document unmarshalling. These
+implemented, and base-60 floats from YAML 1.1 are purposefully not
-features are not hard to add, and will be introduced as necessary.
+supported since they're a poor design and are gone in YAML 1.2.
 
 Installation and usage
 ----------------------

Godeps/_workspace/src/github.com/coreos/yaml/decode.go

@@ -1,6 +1,8 @@
 package yaml
 
 import (
+	"encoding/base64"
+	"fmt"
 	"reflect"
 	"strconv"
 	"time"
@@ -28,13 +30,15 @@ type node struct {
 // Parser, produces a node tree out of a libyaml event stream.
 
 type parser struct {
-	parser yaml_parser_t
+	parser    yaml_parser_t
-	event  yaml_event_t
+	event     yaml_event_t
-	doc    *node
+	doc       *node
+	transform transformString
 }
 
-func newParser(b []byte) *parser {
+func newParser(b []byte, t transformString) *parser {
-	p := parser{}
+	p := parser{transform: t}
+
 	if !yaml_parser_initialize(&p.parser) {
 		panic("Failed to initialize YAML emitter")
 	}
@@ -63,7 +67,7 @@ func (p *parser) destroy() {
 func (p *parser) skip() {
 	if p.event.typ != yaml_NO_EVENT {
 		if p.event.typ == yaml_STREAM_END_EVENT {
-			panic("Attempted to go past the end of stream. Corrupted value?")
+			fail("Attempted to go past the end of stream. Corrupted value?")
 		}
 		yaml_event_delete(&p.event)
 	}
@@ -89,7 +93,7 @@ func (p *parser) fail() {
 	} else {
 		msg = "Unknown problem parsing YAML content"
 	}
-	panic(where + msg)
+	fail(where + msg)
 }
 
 func (p *parser) anchor(n *node, anchor []byte) {
@@ -114,10 +118,9 @@ func (p *parser) parse() *node {
 		// Happens when attempting to decode an empty buffer.
 		return nil
 	default:
-		panic("Attempted to parse unknown event: " +
+		panic("Attempted to parse unknown event: " + strconv.Itoa(int(p.event.typ)))
-			strconv.Itoa(int(p.event.typ)))
 	}
-	panic("Unreachable")
+	panic("unreachable")
 }
 
 func (p *parser) node(kind int) *node {
@@ -135,8 +138,7 @@ func (p *parser) document() *node {
 	p.skip()
 	n.children = append(n.children, p.parse())
 	if p.event.typ != yaml_DOCUMENT_END_EVENT {
-		panic("Expected end of document event but got " +
+		panic("Expected end of document event but got " + strconv.Itoa(int(p.event.typ)))
-			strconv.Itoa(int(p.event.typ)))
 	}
 	p.skip()
 	return n
@@ -175,7 +177,10 @@ func (p *parser) mapping() *node {
 	p.anchor(n, p.event.anchor)
 	p.skip()
 	for p.event.typ != yaml_MAPPING_END_EVENT {
-		n.children = append(n.children, p.parse(), p.parse())
+		key := p.parse()
+		key.value = p.transform(key.value)
+		value := p.parse()
+		n.children = append(n.children, key, value)
 	}
 	p.skip()
 	return n
@@ -218,7 +223,7 @@ func (d *decoder) setter(tag string, out *reflect.Value, good *bool) (set func()
 			var arg interface{}
 			*out = reflect.ValueOf(&arg).Elem()
 			return func() {
-				*good = setter.SetYAML(tag, arg)
+				*good = setter.SetYAML(shortTag(tag), arg)
 			}
 		}
 	}
@@ -226,7 +231,7 @@ func (d *decoder) setter(tag string, out *reflect.Value, good *bool) (set func()
 	for again {
 		again = false
 		setter, _ := (*out).Interface().(Setter)
-		if tag != "!!null" || setter != nil {
+		if tag != yaml_NULL_TAG || setter != nil {
 			if pv := (*out); pv.Kind() == reflect.Ptr {
 				if pv.IsNil() {
 					*out = reflect.New(pv.Type().Elem()).Elem()
@@ -242,7 +247,7 @@ func (d *decoder) setter(tag string, out *reflect.Value, good *bool) (set func()
 			var arg interface{}
 			*out = reflect.ValueOf(&arg).Elem()
 			return func() {
-				*good = setter.SetYAML(tag, arg)
+				*good = setter.SetYAML(shortTag(tag), arg)
 			}
 		}
 	}
@@ -279,10 +284,10 @@ func (d *decoder) document(n *node, out reflect.Value) (good bool) {
 func (d *decoder) alias(n *node, out reflect.Value) (good bool) {
 	an, ok := d.doc.anchors[n.value]
 	if !ok {
-		panic("Unknown anchor '" + n.value + "' referenced")
+		fail("Unknown anchor '" + n.value + "' referenced")
 	}
 	if d.aliases[n.value] {
-		panic("Anchor '" + n.value + "' value contains itself")
+		fail("Anchor '" + n.value + "' value contains itself")
 	}
 	d.aliases[n.value] = true
 	good = d.unmarshal(an, out)
@@ -290,23 +295,50 @@ func (d *decoder) alias(n *node, out reflect.Value) (good bool) {
 	return good
 }
 
+var zeroValue reflect.Value
+
+func resetMap(out reflect.Value) {
+	for _, k := range out.MapKeys() {
+		out.SetMapIndex(k, zeroValue)
+	}
+}
+
 var durationType = reflect.TypeOf(time.Duration(0))
 
 func (d *decoder) scalar(n *node, out reflect.Value) (good bool) {
 	var tag string
 	var resolved interface{}
 	if n.tag == "" && !n.implicit {
-		tag = "!!str"
+		tag = yaml_STR_TAG
 		resolved = n.value
 	} else {
 		tag, resolved = resolve(n.tag, n.value)
+		if tag == yaml_BINARY_TAG {
+			data, err := base64.StdEncoding.DecodeString(resolved.(string))
+			if err != nil {
+				fail("!!binary value contains invalid base64 data")
+			}
+			resolved = string(data)
+		}
 	}
 	if set := d.setter(tag, &out, &good); set != nil {
 		defer set()
 	}
+	if resolved == nil {
+		if out.Kind() == reflect.Map && !out.CanAddr() {
+			resetMap(out)
+		} else {
+			out.Set(reflect.Zero(out.Type()))
+		}
+		good = true
+		return
+	}
 	switch out.Kind() {
 	case reflect.String:
-		if resolved != nil {
+		if tag == yaml_BINARY_TAG {
+			out.SetString(resolved.(string))
+			good = true
+		} else if resolved != nil {
 			out.SetString(n.value)
 			good = true
 		}
@@ -380,17 +412,11 @@ func (d *decoder) scalar(n *node, out reflect.Value) (good bool) {
 			good = true
 		}
 	case reflect.Ptr:
-		switch resolved.(type) {
+		if out.Type().Elem() == reflect.TypeOf(resolved) {
-		case nil:
+			elem := reflect.New(out.Type().Elem())
-			out.Set(reflect.Zero(out.Type()))
+			elem.Elem().Set(reflect.ValueOf(resolved))
+			out.Set(elem)
 			good = true
-		default:
-			if out.Type().Elem() == reflect.TypeOf(resolved) {
-				elem := reflect.New(out.Type().Elem())
-				elem.Elem().Set(reflect.ValueOf(resolved))
-				out.Set(elem)
-				good = true
-			}
 		}
 	}
 	return good
@@ -404,7 +430,7 @@ func settableValueOf(i interface{}) reflect.Value {
 }
 
 func (d *decoder) sequence(n *node, out reflect.Value) (good bool) {
-	if set := d.setter("!!seq", &out, &good); set != nil {
+	if set := d.setter(yaml_SEQ_TAG, &out, &good); set != nil {
 		defer set()
 	}
 	var iface reflect.Value
@@ -433,7 +459,7 @@ func (d *decoder) sequence(n *node, out reflect.Value) (good bool) {
 }
 
 func (d *decoder) mapping(n *node, out reflect.Value) (good bool) {
-	if set := d.setter("!!map", &out, &good); set != nil {
+	if set := d.setter(yaml_MAP_TAG, &out, &good); set != nil {
 		defer set()
 	}
 	if out.Kind() == reflect.Struct {
@@ -465,6 +491,13 @@ func (d *decoder) mapping(n *node, out reflect.Value) (good bool) {
 		}
 		k := reflect.New(kt).Elem()
 		if d.unmarshal(n.children[i], k) {
+			kkind := k.Kind()
+			if kkind == reflect.Interface {
+				kkind = k.Elem().Kind()
+			}
+			if kkind == reflect.Map || kkind == reflect.Slice {
+				fail(fmt.Sprintf("invalid map key: %#v", k.Interface()))
+			}
 			e := reflect.New(et).Elem()
 			if d.unmarshal(n.children[i+1], e) {
 				out.SetMapIndex(k, e)
@@ -511,28 +544,28 @@ func (d *decoder) merge(n *node, out reflect.Value) {
 	case aliasNode:
 		an, ok := d.doc.anchors[n.value]
 		if ok && an.kind != mappingNode {
-			panic(wantMap)
+			fail(wantMap)
 		}
 		d.unmarshal(n, out)
 	case sequenceNode:
 		// Step backwards as earlier nodes take precedence.
-		for i := len(n.children)-1; i >= 0; i-- {
+		for i := len(n.children) - 1; i >= 0; i-- {
 			ni := n.children[i]
 			if ni.kind == aliasNode {
 				an, ok := d.doc.anchors[ni.value]
 				if ok && an.kind != mappingNode {
-					panic(wantMap)
+					fail(wantMap)
 				}
 			} else if ni.kind != mappingNode {
-				panic(wantMap)
+				fail(wantMap)
 			}
 			d.unmarshal(ni, out)
 		}
 	default:
-		panic(wantMap)
+		fail(wantMap)
 	}
 }
 
 func isMerge(n *node) bool {
-	return n.kind == scalarNode && n.value == "<<" && (n.implicit == true || n.tag == "!!merge" || n.tag == "tag:yaml.org,2002:merge")
+	return n.kind == scalarNode && n.value == "<<" && (n.implicit == true || n.tag == yaml_MERGE_TAG)
 }

Godeps/_workspace/src/github.com/coreos/yaml/decode_test.go

@@ -1,10 +1,11 @@
 package yaml_test
 
 import (
+	"github.com/coreos/yaml"
 	. "gopkg.in/check.v1"
-	"github.com/coreos/coreos-cloudinit/Godeps/_workspace/src/gopkg.in/yaml.v1"
 	"math"
 	"reflect"
+	"strings"
 	"time"
 )
 
@@ -316,7 +317,10 @@ var unmarshalTests = []struct {
 		map[string]*string{"foo": new(string)},
 	}, {
 		"foo: null",
-		map[string]string{},
+		map[string]string{"foo": ""},
+	}, {
+		"foo: null",
+		map[string]interface{}{"foo": nil},
 	},
 
 	// Ignored field
@@ -377,6 +381,24 @@ var unmarshalTests = []struct {
 		"a: <foo>",
 		map[string]string{"a": "<foo>"},
 	},
+
+	// Base 60 floats are obsolete and unsupported.
+	{
+		"a: 1:1\n",
+		map[string]string{"a": "1:1"},
+	},
+
+	// Binary data.
+	{
+		"a: !!binary gIGC\n",
+		map[string]string{"a": "\x80\x81\x82"},
+	}, {
+		"a: !!binary |\n  " + strings.Repeat("kJCQ", 17) + "kJ\n  CQ\n",
+		map[string]string{"a": strings.Repeat("\x90", 54)},
+	}, {
+		"a: !!binary |\n  " + strings.Repeat("A", 70) + "\n  ==\n",
+		map[string]string{"a": strings.Repeat("\x00", 52)},
+	},
 }
 
 type inlineB struct {
@@ -424,12 +446,15 @@ func (s *S) TestUnmarshalNaN(c *C) {
 var unmarshalErrorTests = []struct {
 	data, error string
 }{
-	{"v: !!float 'error'", "YAML error: Can't decode !!str 'error' as a !!float"},
+	{"v: !!float 'error'", "YAML error: cannot decode !!str `error` as a !!float"},
 	{"v: [A,", "YAML error: line 1: did not find expected node content"},
 	{"v:\n- [A,", "YAML error: line 2: did not find expected node content"},
 	{"a: *b\n", "YAML error: Unknown anchor 'b' referenced"},
 	{"a: &a\n  b: *a\n", "YAML error: Anchor 'a' value contains itself"},
 	{"value: -", "YAML error: block sequence entries are not allowed in this context"},
+	{"a: !!binary ==", "YAML error: !!binary value contains invalid base64 data"},
+	{"{[.]}", `YAML error: invalid map key: \[\]interface \{\}\{"\."\}`},
+	{"{{.}}", `YAML error: invalid map key: map\[interface\ \{\}\]interface \{\}\{".":interface \{\}\(nil\)\}`},
 }
 
 func (s *S) TestUnmarshalErrors(c *C) {
@@ -532,6 +557,23 @@ func (s *S) TestUnmarshalWithFalseSetterIgnoresValue(c *C) {
 	c.Assert(m["ghi"].value, Equals, 3)
 }
 
+func (s *S) TestUnmarshalWithTransform(c *C) {
+	data := `{a_b: 1, c-d: 2, e-f_g: 3, h_i-j: 4}`
+	expect := map[string]int{
+		"a_b":   1,
+		"c_d":   2,
+		"e_f_g": 3,
+		"h_i_j": 4,
+	}
+	m := map[string]int{}
+	yaml.UnmarshalMappingKeyTransform = func(i string) string {
+		return strings.Replace(i, "-", "_", -1)
+	}
+	err := yaml.Unmarshal([]byte(data), m)
+	c.Assert(err, IsNil)
+	c.Assert(m, DeepEquals, expect)
+}
+
 // From http://yaml.org/type/merge.html
 var mergeTests = `
 anchors:
@@ -624,6 +666,30 @@ func (s *S) TestMergeStruct(c *C) {
 	}
 }
 
+var unmarshalNullTests = []func() interface{}{
+	func() interface{} { var v interface{}; v = "v"; return &v },
+	func() interface{} { var s = "s"; return &s },
+	func() interface{} { var s = "s"; sptr := &s; return &sptr },
+	func() interface{} { var i = 1; return &i },
+	func() interface{} { var i = 1; iptr := &i; return &iptr },
+	func() interface{} { m := map[string]int{"s": 1}; return &m },
+	func() interface{} { m := map[string]int{"s": 1}; return m },
+}
+
+func (s *S) TestUnmarshalNull(c *C) {
+	for _, test := range unmarshalNullTests {
+		item := test()
+		zero := reflect.Zero(reflect.TypeOf(item).Elem()).Interface()
+		err := yaml.Unmarshal([]byte("null"), item)
+		c.Assert(err, IsNil)
+		if reflect.TypeOf(item).Kind() == reflect.Map {
+			c.Assert(reflect.ValueOf(item).Interface(), DeepEquals, reflect.MakeMap(reflect.TypeOf(item)).Interface())
+		} else {
+			c.Assert(reflect.ValueOf(item).Elem().Interface(), DeepEquals, zero)
+		}
+	}
+}
+
 //var data []byte
 //func init() {
 //	var err error

Godeps/_workspace/src/github.com/coreos/yaml/emitterc.go

@@ -973,8 +973,8 @@ func yaml_emitter_analyze_tag(emitter *yaml_emitter_t, tag []byte) bool {
 		if bytes.HasPrefix(tag, tag_directive.prefix) {
 			emitter.tag_data.handle = tag_directive.handle
 			emitter.tag_data.suffix = tag[len(tag_directive.prefix):]
+			return true
 		}
-		return true
 	}
 	emitter.tag_data.suffix = tag
 	return true
@@ -1279,6 +1279,9 @@ func yaml_emitter_write_tag_content(emitter *yaml_emitter_t, value []byte, need_
 			for k := 0; k < w; k++ {
 				octet := value[i]
 				i++
+				if !put(emitter, '%') {
+					return false
+				}
 
 				c := octet >> 4
 				if c < 10 {

Godeps/_workspace/src/github.com/coreos/yaml/encode.go

@@ -2,8 +2,10 @@ package yaml
 
 import (
 	"reflect"
+	"regexp"
 	"sort"
 	"strconv"
+	"strings"
 	"time"
 )
 
@@ -50,14 +52,19 @@ func (e *encoder) must(ok bool) {
 		if msg == "" {
 			msg = "Unknown problem generating YAML content"
 		}
-		panic(msg)
+		fail(msg)
 	}
 }
 
 func (e *encoder) marshal(tag string, in reflect.Value) {
+	if !in.IsValid() {
+		e.nilv()
+		return
+	}
 	var value interface{}
 	if getter, ok := in.Interface().(Getter); ok {
 		tag, value = getter.GetYAML()
+		tag = longTag(tag)
 		if value == nil {
 			e.nilv()
 			return
@@ -98,7 +105,7 @@ func (e *encoder) marshal(tag string, in reflect.Value) {
 	case reflect.Bool:
 		e.boolv(tag, in)
 	default:
-		panic("Can't marshal type yet: " + in.Type().String())
+		panic("Can't marshal type: " + in.Type().String())
 	}
 }
 
@@ -167,11 +174,46 @@ func (e *encoder) slicev(tag string, in reflect.Value) {
 	e.emit()
 }
 
+// isBase60 returns whether s is in base 60 notation as defined in YAML 1.1.
+//
+// The base 60 float notation in YAML 1.1 is a terrible idea and is unsupported
+// in YAML 1.2 and by this package, but these should be marshalled quoted for
+// the time being for compatibility with other parsers.
+func isBase60Float(s string) (result bool) {
+	// Fast path.
+	if s == "" {
+		return false
+	}
+	c := s[0]
+	if !(c == '+' || c == '-' || c >= '0' && c <= '9') || strings.IndexByte(s, ':') < 0 {
+		return false
+	}
+	// Do the full match.
+	return base60float.MatchString(s)
+}
+
+// From http://yaml.org/type/float.html, except the regular expression there
+// is bogus. In practice parsers do not enforce the "\.[0-9_]*" suffix.
+var base60float = regexp.MustCompile(`^[-+]?[0-9][0-9_]*(?::[0-5]?[0-9])+(?:\.[0-9_]*)?$`)
+
 func (e *encoder) stringv(tag string, in reflect.Value) {
 	var style yaml_scalar_style_t
 	s := in.String()
-	if rtag, _ := resolve("", s); rtag != "!!str" {
+	rtag, rs := resolve("", s)
+	if rtag == yaml_BINARY_TAG {
+		if tag == "" || tag == yaml_STR_TAG {
+			tag = rtag
+			s = rs.(string)
+		} else if tag == yaml_BINARY_TAG {
+			fail("explicitly tagged !!binary data must be base64-encoded")
+		} else {
+			fail("cannot marshal invalid UTF-8 data as " + shortTag(tag))
+		}
+	}
+	if tag == "" && (rtag != yaml_STR_TAG || isBase60Float(s)) {
 		style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+	} else if strings.Contains(s, "\n") {
+		style = yaml_LITERAL_SCALAR_STYLE
 	} else {
 		style = yaml_PLAIN_SCALAR_STYLE
 	}
@@ -218,9 +260,6 @@ func (e *encoder) nilv() {
 
 func (e *encoder) emitScalar(value, anchor, tag string, style yaml_scalar_style_t) {
 	implicit := tag == ""
-	if !implicit {
-		style = yaml_PLAIN_SCALAR_STYLE
-	}
 	e.must(yaml_scalar_event_initialize(&e.event, []byte(anchor), []byte(tag), []byte(value), implicit, implicit, style))
 	e.emit()
 }

Godeps/_workspace/src/github.com/coreos/yaml/encode_test.go

@@ -2,12 +2,13 @@ package yaml_test
 
 import (
 	"fmt"
-	"github.com/coreos/coreos-cloudinit/Godeps/_workspace/src/gopkg.in/yaml.v1"
-	. "gopkg.in/check.v1"
 	"math"
 	"strconv"
 	"strings"
 	"time"
+
+	"github.com/coreos/yaml"
+	. "gopkg.in/check.v1"
 )
 
 var marshalIntTest = 123
@@ -17,6 +18,9 @@ var marshalTests = []struct {
 	data  string
 }{
 	{
+		nil,
+		"null\n",
+	}, {
 		&struct{}{},
 		"{}\n",
 	}, {
@@ -87,7 +91,7 @@ var marshalTests = []struct {
 		"v:\n- A\n- B\n",
 	}, {
 		map[string][]string{"v": []string{"A", "B\nC"}},
-		"v:\n- A\n- 'B\n\n  C'\n",
+		"v:\n- A\n- |-\n  B\n  C\n",
 	}, {
 		map[string][]interface{}{"v": []interface{}{"A", 1, map[string][]int{"B": []int{2, 3}}}},
 		"v:\n- A\n- 1\n- B:\n  - 2\n  - 3\n",
@@ -220,11 +224,39 @@ var marshalTests = []struct {
 		"a: 3s\n",
 	},
 
-	// Issue #24.
+	// Issue #24: bug in map merging logic.
 	{
 		map[string]string{"a": "<foo>"},
 		"a: <foo>\n",
 	},
+
+	// Issue #34: marshal unsupported base 60 floats quoted for compatibility
+	// with old YAML 1.1 parsers.
+	{
+		map[string]string{"a": "1:1"},
+		"a: \"1:1\"\n",
+	},
+
+	// Binary data.
+	{
+		map[string]string{"a": "\x00"},
+		"a: \"\\0\"\n",
+	}, {
+		map[string]string{"a": "\x80\x81\x82"},
+		"a: !!binary gIGC\n",
+	}, {
+		map[string]string{"a": strings.Repeat("\x90", 54)},
+		"a: !!binary |\n  " + strings.Repeat("kJCQ", 17) + "kJ\n  CQ\n",
+	}, {
+		map[string]interface{}{"a": typeWithGetter{"!!str", "\x80\x81\x82"}},
+		"a: !!binary gIGC\n",
+	},
+
+	// Escaping of tags.
+	{
+		map[string]interface{}{"a": typeWithGetter{"foo!bar", 1}},
+		"a: !<foo%21bar> 1\n",
+	},
 }
 
 func (s *S) TestMarshal(c *C) {
@@ -238,20 +270,29 @@ func (s *S) TestMarshal(c *C) {
 var marshalErrorTests = []struct {
 	value interface{}
 	error string
-}{
+	panic string
-	{
+}{{
-		&struct {
+	value: &struct {
-			B       int
+		B       int
-			inlineB ",inline"
+		inlineB ",inline"
-		}{1, inlineB{2, inlineC{3}}},
+	}{1, inlineB{2, inlineC{3}}},
-		`Duplicated key 'b' in struct struct \{ B int; .*`,
+	panic: `Duplicated key 'b' in struct struct \{ B int; .*`,
-	},
+}, {
-}
+	value: typeWithGetter{"!!binary", "\x80"},
+	error: "YAML error: explicitly tagged !!binary data must be base64-encoded",
+}, {
+	value: typeWithGetter{"!!float", "\x80"},
+	error: `YAML error: cannot marshal invalid UTF-8 data as !!float`,
+}}
 
 func (s *S) TestMarshalErrors(c *C) {
 	for _, item := range marshalErrorTests {
-		_, err := yaml.Marshal(item.value)
+		if item.panic != "" {
-		c.Assert(err, ErrorMatches, item.error)
+			c.Assert(func() { yaml.Marshal(item.value) }, PanicMatches, item.panic)
+		} else {
+			_, err := yaml.Marshal(item.value)
+			c.Assert(err, ErrorMatches, item.error)
+		}
 	}
 }
 

Godeps/_workspace/src/github.com/coreos/yaml/resolve.go

@@ -0,0 +1,190 @@
+package yaml
+
+import (
+	"encoding/base64"
+	"fmt"
+	"math"
+	"strconv"
+	"strings"
+	"unicode/utf8"
+)
+
+// TODO: merge, timestamps, base 60 floats, omap.
+
+type resolveMapItem struct {
+	value interface{}
+	tag   string
+}
+
+var resolveTable = make([]byte, 256)
+var resolveMap = make(map[string]resolveMapItem)
+
+func init() {
+	t := resolveTable
+	t[int('+')] = 'S' // Sign
+	t[int('-')] = 'S'
+	for _, c := range "0123456789" {
+		t[int(c)] = 'D' // Digit
+	}
+	for _, c := range "yYnNtTfFoO~" {
+		t[int(c)] = 'M' // In map
+	}
+	t[int('.')] = '.' // Float (potentially in map)
+
+	var resolveMapList = []struct {
+		v   interface{}
+		tag string
+		l   []string
+	}{
+		{true, yaml_BOOL_TAG, []string{"y", "Y", "yes", "Yes", "YES"}},
+		{true, yaml_BOOL_TAG, []string{"true", "True", "TRUE"}},
+		{true, yaml_BOOL_TAG, []string{"on", "On", "ON"}},
+		{false, yaml_BOOL_TAG, []string{"n", "N", "no", "No", "NO"}},
+		{false, yaml_BOOL_TAG, []string{"false", "False", "FALSE"}},
+		{false, yaml_BOOL_TAG, []string{"off", "Off", "OFF"}},
+		{nil, yaml_NULL_TAG, []string{"", "~", "null", "Null", "NULL"}},
+		{math.NaN(), yaml_FLOAT_TAG, []string{".nan", ".NaN", ".NAN"}},
+		{math.Inf(+1), yaml_FLOAT_TAG, []string{".inf", ".Inf", ".INF"}},
+		{math.Inf(+1), yaml_FLOAT_TAG, []string{"+.inf", "+.Inf", "+.INF"}},
+		{math.Inf(-1), yaml_FLOAT_TAG, []string{"-.inf", "-.Inf", "-.INF"}},
+		{"<<", yaml_MERGE_TAG, []string{"<<"}},
+	}
+
+	m := resolveMap
+	for _, item := range resolveMapList {
+		for _, s := range item.l {
+			m[s] = resolveMapItem{item.v, item.tag}
+		}
+	}
+}
+
+const longTagPrefix = "tag:yaml.org,2002:"
+
+func shortTag(tag string) string {
+	// TODO This can easily be made faster and produce less garbage.
+	if strings.HasPrefix(tag, longTagPrefix) {
+		return "!!" + tag[len(longTagPrefix):]
+	}
+	return tag
+}
+
+func longTag(tag string) string {
+	if strings.HasPrefix(tag, "!!") {
+		return longTagPrefix + tag[2:]
+	}
+	return tag
+}
+
+func resolvableTag(tag string) bool {
+	switch tag {
+	case "", yaml_STR_TAG, yaml_BOOL_TAG, yaml_INT_TAG, yaml_FLOAT_TAG, yaml_NULL_TAG:
+		return true
+	}
+	return false
+}
+
+func resolve(tag string, in string) (rtag string, out interface{}) {
+	if !resolvableTag(tag) {
+		return tag, in
+	}
+
+	defer func() {
+		switch tag {
+		case "", rtag, yaml_STR_TAG, yaml_BINARY_TAG:
+			return
+		}
+		fail(fmt.Sprintf("cannot decode %s `%s` as a %s", shortTag(rtag), in, shortTag(tag)))
+	}()
+
+	// Any data is accepted as a !!str or !!binary.
+	// Otherwise, the prefix is enough of a hint about what it might be.
+	hint := byte('N')
+	if in != "" {
+		hint = resolveTable[in[0]]
+	}
+	if hint != 0 && tag != yaml_STR_TAG && tag != yaml_BINARY_TAG {
+		// Handle things we can lookup in a map.
+		if item, ok := resolveMap[in]; ok {
+			return item.tag, item.value
+		}
+
+		// Base 60 floats are a bad idea, were dropped in YAML 1.2, and
+		// are purposefully unsupported here. They're still quoted on
+		// the way out for compatibility with other parser, though.
+
+		switch hint {
+		case 'M':
+			// We've already checked the map above.
+
+		case '.':
+			// Not in the map, so maybe a normal float.
+			floatv, err := strconv.ParseFloat(in, 64)
+			if err == nil {
+				return yaml_FLOAT_TAG, floatv
+			}
+
+		case 'D', 'S':
+			// Int, float, or timestamp.
+			plain := strings.Replace(in, "_", "", -1)
+			intv, err := strconv.ParseInt(plain, 0, 64)
+			if err == nil {
+				if intv == int64(int(intv)) {
+					return yaml_INT_TAG, int(intv)
+				} else {
+					return yaml_INT_TAG, intv
+				}
+			}
+			floatv, err := strconv.ParseFloat(plain, 64)
+			if err == nil {
+				return yaml_FLOAT_TAG, floatv
+			}
+			if strings.HasPrefix(plain, "0b") {
+				intv, err := strconv.ParseInt(plain[2:], 2, 64)
+				if err == nil {
+					return yaml_INT_TAG, int(intv)
+				}
+			} else if strings.HasPrefix(plain, "-0b") {
+				intv, err := strconv.ParseInt(plain[3:], 2, 64)
+				if err == nil {
+					return yaml_INT_TAG, -int(intv)
+				}
+			}
+			// XXX Handle timestamps here.
+
+		default:
+			panic("resolveTable item not yet handled: " + string(rune(hint)) + " (with " + in + ")")
+		}
+	}
+	if tag == yaml_BINARY_TAG {
+		return yaml_BINARY_TAG, in
+	}
+	if utf8.ValidString(in) {
+		return yaml_STR_TAG, in
+	}
+	return yaml_BINARY_TAG, encodeBase64(in)
+}
+
+// encodeBase64 encodes s as base64 that is broken up into multiple lines
+// as appropriate for the resulting length.
+func encodeBase64(s string) string {
+	const lineLen = 70
+	encLen := base64.StdEncoding.EncodedLen(len(s))
+	lines := encLen/lineLen + 1
+	buf := make([]byte, encLen*2+lines)
+	in := buf[0:encLen]
+	out := buf[encLen:]
+	base64.StdEncoding.Encode(in, []byte(s))
+	k := 0
+	for i := 0; i < len(in); i += lineLen {
+		j := i + lineLen
+		if j > len(in) {
+			j = len(in)
+		}
+		k += copy(out[k:], in[i:j])
+		if lines > 1 {
+			out[k] = '\n'
+			k++
+		}
+	}
+	return string(out[:k])
+}

Godeps/_workspace/src/github.com/coreos/yaml/yaml.go

@@ -10,23 +10,20 @@ import (
 	"errors"
 	"fmt"
 	"reflect"
-	"runtime"
 	"strings"
 	"sync"
 )
 
+type yamlError string
+
+func fail(msg string) {
+	panic(yamlError(msg))
+}
+
 func handleErr(err *error) {
 	if r := recover(); r != nil {
-		if _, ok := r.(runtime.Error); ok {
+		if e, ok := r.(yamlError); ok {
-			panic(r)
+			*err = errors.New("YAML error: " + string(e))
-		} else if _, ok := r.(*reflect.ValueError); ok {
-			panic(r)
-		} else if _, ok := r.(externalPanic); ok {
-			panic(r)
-		} else if s, ok := r.(string); ok {
-			*err = errors.New("YAML error: " + s)
-		} else if e, ok := r.(error); ok {
-			*err = e
 		} else {
 			panic(r)
 		}
@@ -78,7 +75,7 @@ type Getter interface {
 //         F int `yaml:"a,omitempty"`
 //         B int
 //     }
-//     var T t
+//     var t T
 //     yaml.Unmarshal([]byte("a: 1\nb: 2"), &t)
 //
 // See the documentation of Marshal for the format of tags and a list of
@@ -87,11 +84,15 @@ type Getter interface {
 func Unmarshal(in []byte, out interface{}) (err error) {
 	defer handleErr(&err)
 	d := newDecoder()
-	p := newParser(in)
+	p := newParser(in, UnmarshalMappingKeyTransform)
 	defer p.destroy()
 	node := p.parse()
 	if node != nil {
-		d.unmarshal(node, reflect.ValueOf(out))
+		v := reflect.ValueOf(out)
+		if v.Kind() == reflect.Ptr && !v.IsNil() {
+			v = v.Elem()
+		}
+		d.unmarshal(node, v)
 	}
 	return nil
 }
@@ -145,6 +146,17 @@ func Marshal(in interface{}) (out []byte, err error) {
 	return
 }
 
+// UnmarshalMappingKeyTransform is a string transformation that is applied to
+// each mapping key in a YAML document before it is unmarshalled. By default,
+// UnmarshalMappingKeyTransform is an identity transform (no modification).
+var UnmarshalMappingKeyTransform transformString = identityTransform
+
+type transformString func(in string) (out string)
+
+func identityTransform(in string) (out string) {
+	return in
+}
+
 // --------------------------------------------------------------------------
 // Maintain a mapping of keys to structure field indexes
 
@@ -174,12 +186,6 @@ type fieldInfo struct {
 var structMap = make(map[reflect.Type]*structInfo)
 var fieldMapMutex sync.RWMutex
 
-type externalPanic string
-
-func (e externalPanic) String() string {
-	return string(e)
-}
-
 func getStructInfo(st reflect.Type) (*structInfo, error) {
 	fieldMapMutex.RLock()
 	sinfo, found := structMap[st]
@@ -220,8 +226,7 @@ func getStructInfo(st reflect.Type) (*structInfo, error) {
 				case "inline":
 					inline = true
 				default:
-					msg := fmt.Sprintf("Unsupported flag %q in tag %q of type %s", flag, tag, st)
+					return nil, errors.New(fmt.Sprintf("Unsupported flag %q in tag %q of type %s", flag, tag, st))
-					panic(externalPanic(msg))
 				}
 			}
 			tag = fields[0]
@@ -229,6 +234,7 @@ func getStructInfo(st reflect.Type) (*structInfo, error) {
 
 		if inline {
 			switch field.Type.Kind() {
+			// TODO: Implement support for inline maps.
 			//case reflect.Map:
 			//	if inlineMap >= 0 {
 			//		return nil, errors.New("Multiple ,inline maps in struct " + st.String())
@@ -256,8 +262,8 @@ func getStructInfo(st reflect.Type) (*structInfo, error) {
 					fieldsList = append(fieldsList, finfo)
 				}
 			default:
-				//panic("Option ,inline needs a struct value or map field")
+				//return nil, errors.New("Option ,inline needs a struct value or map field")
-				panic("Option ,inline needs a struct value field")
+				return nil, errors.New("Option ,inline needs a struct value field")
 			}
 			continue
 		}

Godeps/_workspace/src/github.com/coreos/yaml/yamlh.go

@@ -294,6 +294,10 @@ const (
 	yaml_SEQ_TAG = "tag:yaml.org,2002:seq" // The tag !!seq is used to denote sequences.
 	yaml_MAP_TAG = "tag:yaml.org,2002:map" // The tag !!map is used to denote mapping.
 
+	// Not in original libyaml.
+	yaml_BINARY_TAG = "tag:yaml.org,2002:binary"
+	yaml_MERGE_TAG = "tag:yaml.org,2002:merge"
+
 	yaml_DEFAULT_SCALAR_TAG   = yaml_STR_TAG // The default scalar tag is !!str.
 	yaml_DEFAULT_SEQUENCE_TAG = yaml_SEQ_TAG // The default sequence tag is !!seq.
 	yaml_DEFAULT_MAPPING_TAG  = yaml_MAP_TAG // The default mapping tag is !!map.

Godeps/_workspace/src/gopkg.in/yaml.v1/resolve.go

@@ -1,147 +0,0 @@
-package yaml
-
-import (
-	"math"
-	"strconv"
-	"strings"
-)
-
-// TODO: merge, timestamps, base 60 floats, omap.
-
-type resolveMapItem struct {
-	value interface{}
-	tag   string
-}
-
-var resolveTable = make([]byte, 256)
-var resolveMap = make(map[string]resolveMapItem)
-
-func init() {
-	t := resolveTable
-	t[int('+')] = 'S' // Sign
-	t[int('-')] = 'S'
-	for _, c := range "0123456789" {
-		t[int(c)] = 'D' // Digit
-	}
-	for _, c := range "yYnNtTfFoO~" {
-		t[int(c)] = 'M' // In map
-	}
-	t[int('.')] = '.' // Float (potentially in map)
-
-	var resolveMapList = []struct {
-		v   interface{}
-		tag string
-		l   []string
-	}{
-		{true, "!!bool", []string{"y", "Y", "yes", "Yes", "YES"}},
-		{true, "!!bool", []string{"true", "True", "TRUE"}},
-		{true, "!!bool", []string{"on", "On", "ON"}},
-		{false, "!!bool", []string{"n", "N", "no", "No", "NO"}},
-		{false, "!!bool", []string{"false", "False", "FALSE"}},
-		{false, "!!bool", []string{"off", "Off", "OFF"}},
-		{nil, "!!null", []string{"~", "null", "Null", "NULL"}},
-		{math.NaN(), "!!float", []string{".nan", ".NaN", ".NAN"}},
-		{math.Inf(+1), "!!float", []string{".inf", ".Inf", ".INF"}},
-		{math.Inf(+1), "!!float", []string{"+.inf", "+.Inf", "+.INF"}},
-		{math.Inf(-1), "!!float", []string{"-.inf", "-.Inf", "-.INF"}},
-		{"<<", "!!merge", []string{"<<"}},
-	}
-
-	m := resolveMap
-	for _, item := range resolveMapList {
-		for _, s := range item.l {
-			m[s] = resolveMapItem{item.v, item.tag}
-		}
-	}
-}
-
-const longTagPrefix = "tag:yaml.org,2002:"
-
-func shortTag(tag string) string {
-	if strings.HasPrefix(tag, longTagPrefix) {
-		return "!!" + tag[len(longTagPrefix):]
-	}
-	return tag
-}
-
-func resolvableTag(tag string) bool {
-	switch tag {
-	case "", "!!str", "!!bool", "!!int", "!!float", "!!null":
-		return true
-	}
-	return false
-}
-
-func resolve(tag string, in string) (rtag string, out interface{}) {
-	tag = shortTag(tag)
-	if !resolvableTag(tag) {
-		return tag, in
-	}
-
-	defer func() {
-		if tag != "" && tag != rtag {
-			panic("Can't decode " + rtag + " '" + in + "' as a " + tag)
-		}
-	}()
-
-	if in == "" {
-		return "!!null", nil
-	}
-
-	c := resolveTable[in[0]]
-	if c == 0 {
-		// It's a string for sure. Nothing to do.
-		return "!!str", in
-	}
-
-	// Handle things we can lookup in a map.
-	if item, ok := resolveMap[in]; ok {
-		return item.tag, item.value
-	}
-
-	switch c {
-	case 'M':
-		// We've already checked the map above.
-
-	case '.':
-		// Not in the map, so maybe a normal float.
-		floatv, err := strconv.ParseFloat(in, 64)
-		if err == nil {
-			return "!!float", floatv
-		}
-	// XXX Handle base 60 floats here (WTF!)
-
-	case 'D', 'S':
-		// Int, float, or timestamp.
-		plain := strings.Replace(in, "_", "", -1)
-		intv, err := strconv.ParseInt(plain, 0, 64)
-		if err == nil {
-			if intv == int64(int(intv)) {
-				return "!!int", int(intv)
-			} else {
-				return "!!int", intv
-			}
-		}
-		floatv, err := strconv.ParseFloat(plain, 64)
-		if err == nil {
-			return "!!float", floatv
-		}
-		if strings.HasPrefix(plain, "0b") {
-			intv, err := strconv.ParseInt(plain[2:], 2, 64)
-			if err == nil {
-				return "!!int", int(intv)
-			}
-		} else if strings.HasPrefix(plain, "-0b") {
-			intv, err := strconv.ParseInt(plain[3:], 2, 64)
-			if err == nil {
-				return "!!int", -int(intv)
-			}
-		}
-	// XXX Handle timestamps here.
-
-	default:
-		panic("resolveTable item not yet handled: " +
-			string([]byte{c}) + " (with " + in + ")")
-	}
-	return "!!str", in
-}

config/config.go

@@ -0,0 +1,154 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+import (
+	"fmt"
+	"reflect"
+	"regexp"
+	"strings"
+
+	"github.com/coreos/coreos-cloudinit/Godeps/_workspace/src/github.com/coreos/yaml"
+)
+
+// CloudConfig encapsulates the entire cloud-config configuration file and maps
+// directly to YAML. Fields that cannot be set in the cloud-config (fields
+// used for internal use) have the YAML tag '-' so that they aren't marshalled.
+type CloudConfig struct {
+	SSHAuthorizedKeys []string `yaml:"ssh_authorized_keys"`
+	CoreOS            CoreOS   `yaml:"coreos"`
+	WriteFiles        []File   `yaml:"write_files"`
+	Hostname          string   `yaml:"hostname"`
+	Users             []User   `yaml:"users"`
+	ManageEtcHosts    EtcHosts `yaml:"manage_etc_hosts"`
+}
+
+type CoreOS struct {
+	Etcd      Etcd      `yaml:"etcd"`
+	Flannel   Flannel   `yaml:"flannel"`
+	Fleet     Fleet     `yaml:"fleet"`
+	Locksmith Locksmith `yaml:"locksmith"`
+	OEM       OEM       `yaml:"oem"`
+	Update    Update    `yaml:"update"`
+	Units     []Unit    `yaml:"units"`
+}
+
+func IsCloudConfig(userdata string) bool {
+	header := strings.SplitN(userdata, "\n", 2)[0]
+
+	// Explicitly trim the header so we can handle user-data from
+	// non-unix operating systems. The rest of the file is parsed
+	// by yaml, which correctly handles CRLF.
+	header = strings.TrimSuffix(header, "\r")
+
+	return (header == "#cloud-config")
+}
+
+// NewCloudConfig instantiates a new CloudConfig from the given contents (a
+// string of YAML), returning any error encountered. It will ignore unknown
+// fields but log encountering them.
+func NewCloudConfig(contents string) (*CloudConfig, error) {
+	yaml.UnmarshalMappingKeyTransform = func(nameIn string) (nameOut string) {
+		return strings.Replace(nameIn, "-", "_", -1)
+	}
+	var cfg CloudConfig
+	err := yaml.Unmarshal([]byte(contents), &cfg)
+	return &cfg, err
+}
+
+func (cc CloudConfig) String() string {
+	bytes, err := yaml.Marshal(cc)
+	if err != nil {
+		return ""
+	}
+
+	stringified := string(bytes)
+	stringified = fmt.Sprintf("#cloud-config\n%s", stringified)
+
+	return stringified
+}
+
+// IsZero returns whether or not the parameter is the zero value for its type.
+// If the parameter is a struct, only the exported fields are considered.
+func IsZero(c interface{}) bool {
+	return isZero(reflect.ValueOf(c))
+}
+
+type ErrorValid struct {
+	Value string
+	Valid string
+	Field string
+}
+
+func (e ErrorValid) Error() string {
+	return fmt.Sprintf("invalid value %q for option %q (valid options: %q)", e.Value, e.Field, e.Valid)
+}
+
+// AssertStructValid checks the fields in the structure and makes sure that
+// they contain valid values as specified by the 'valid' flag. Empty fields are
+// implicitly valid.
+func AssertStructValid(c interface{}) error {
+	ct := reflect.TypeOf(c)
+	cv := reflect.ValueOf(c)
+	for i := 0; i < ct.NumField(); i++ {
+		ft := ct.Field(i)
+		if !isFieldExported(ft) {
+			continue
+		}
+
+		if err := AssertValid(cv.Field(i), ft.Tag.Get("valid")); err != nil {
+			err.Field = ft.Name
+			return err
+		}
+	}
+	return nil
+}
+
+// AssertValid checks to make sure that the given value is in the list of
+// valid values. Zero values are implicitly valid.
+func AssertValid(value reflect.Value, valid string) *ErrorValid {
+	if valid == "" || isZero(value) {
+		return nil
+	}
+
+	vs := fmt.Sprintf("%v", value.Interface())
+	if m, _ := regexp.MatchString(valid, vs); m {
+		return nil
+	}
+
+	return &ErrorValid{
+		Value: vs,
+		Valid: valid,
+	}
+}
+
+func isZero(v reflect.Value) bool {
+	switch v.Kind() {
+	case reflect.Struct:
+		vt := v.Type()
+		for i := 0; i < v.NumField(); i++ {
+			if isFieldExported(vt.Field(i)) && !isZero(v.Field(i)) {
+				return false
+			}
+		}
+		return true
+	default:
+		return v.Interface() == reflect.Zero(v.Type()).Interface()
+	}
+}
+
+func isFieldExported(f reflect.StructField) bool {
+	return f.PkgPath == ""
+}

config/config_test.go

@@ -0,0 +1,497 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+import (
+	"reflect"
+	"regexp"
+	"strings"
+	"testing"
+)
+
+func TestNewCloudConfig(t *testing.T) {
+	tests := []struct {
+		contents string
+
+		config CloudConfig
+	}{
+		{},
+		{
+			contents: "#cloud-config\nwrite_files:\n  - path: underscore",
+			config:   CloudConfig{WriteFiles: []File{File{Path: "underscore"}}},
+		},
+		{
+			contents: "#cloud-config\nwrite-files:\n  - path: hyphen",
+			config:   CloudConfig{WriteFiles: []File{File{Path: "hyphen"}}},
+		},
+		{
+			contents: "#cloud-config\ncoreos:\n  update:\n    reboot-strategy: off",
+			config:   CloudConfig{CoreOS: CoreOS{Update: Update{RebootStrategy: "off"}}},
+		},
+		{
+			contents: "#cloud-config\ncoreos:\n  update:\n    reboot-strategy: false",
+			config:   CloudConfig{CoreOS: CoreOS{Update: Update{RebootStrategy: "false"}}},
+		},
+		{
+			contents: "#cloud-config\nwrite_files:\n  - permissions: 0744",
+			config:   CloudConfig{WriteFiles: []File{File{RawFilePermissions: "0744"}}},
+		},
+		{
+			contents: "#cloud-config\nwrite_files:\n  - permissions: 744",
+			config:   CloudConfig{WriteFiles: []File{File{RawFilePermissions: "744"}}},
+		},
+		{
+			contents: "#cloud-config\nwrite_files:\n  - permissions: '0744'",
+			config:   CloudConfig{WriteFiles: []File{File{RawFilePermissions: "0744"}}},
+		},
+		{
+			contents: "#cloud-config\nwrite_files:\n  - permissions: '744'",
+			config:   CloudConfig{WriteFiles: []File{File{RawFilePermissions: "744"}}},
+		},
+	}
+
+	for i, tt := range tests {
+		config, err := NewCloudConfig(tt.contents)
+		if err != nil {
+			t.Errorf("bad error (test case #%d): want %v, got %s", i, nil, err)
+		}
+		if !reflect.DeepEqual(&tt.config, config) {
+			t.Errorf("bad config (test case #%d): want %#v, got %#v", i, tt.config, config)
+		}
+	}
+}
+
+func TestIsZero(t *testing.T) {
+	tests := []struct {
+		c interface{}
+
+		empty bool
+	}{
+		{struct{}{}, true},
+		{struct{ a, b string }{}, true},
+		{struct{ A, b string }{}, true},
+		{struct{ A, B string }{}, true},
+		{struct{ A string }{A: "hello"}, false},
+		{struct{ A int }{}, true},
+		{struct{ A int }{A: 1}, false},
+	}
+
+	for _, tt := range tests {
+		if empty := IsZero(tt.c); tt.empty != empty {
+			t.Errorf("bad result (%q): want %t, got %t", tt.c, tt.empty, empty)
+		}
+	}
+}
+
+func TestAssertStructValid(t *testing.T) {
+	tests := []struct {
+		c interface{}
+
+		err error
+	}{
+		{struct{}{}, nil},
+		{struct {
+			A, b string `valid:"^1|2$"`
+		}{}, nil},
+		{struct {
+			A, b string `valid:"^1|2$"`
+		}{A: "1", b: "2"}, nil},
+		{struct {
+			A, b string `valid:"^1|2$"`
+		}{A: "1", b: "hello"}, nil},
+		{struct {
+			A, b string `valid:"^1|2$"`
+		}{A: "hello", b: "2"}, &ErrorValid{Value: "hello", Field: "A", Valid: "^1|2$"}},
+		{struct {
+			A, b int `valid:"^1|2$"`
+		}{}, nil},
+		{struct {
+			A, b int `valid:"^1|2$"`
+		}{A: 1, b: 2}, nil},
+		{struct {
+			A, b int `valid:"^1|2$"`
+		}{A: 1, b: 9}, nil},
+		{struct {
+			A, b int `valid:"^1|2$"`
+		}{A: 9, b: 2}, &ErrorValid{Value: "9", Field: "A", Valid: "^1|2$"}},
+	}
+
+	for _, tt := range tests {
+		if err := AssertStructValid(tt.c); !reflect.DeepEqual(tt.err, err) {
+			t.Errorf("bad result (%q): want %q, got %q", tt.c, tt.err, err)
+		}
+	}
+}
+
+func TestConfigCompile(t *testing.T) {
+	tests := []interface{}{
+		Etcd{},
+		File{},
+		Flannel{},
+		Fleet{},
+		Locksmith{},
+		OEM{},
+		Unit{},
+		Update{},
+	}
+
+	for _, tt := range tests {
+		ttt := reflect.TypeOf(tt)
+		for i := 0; i < ttt.NumField(); i++ {
+			ft := ttt.Field(i)
+			if !isFieldExported(ft) {
+				continue
+			}
+
+			if _, err := regexp.Compile(ft.Tag.Get("valid")); err != nil {
+				t.Errorf("bad regexp(%s.%s): want %v, got %s", ttt.Name(), ft.Name, nil, err)
+			}
+		}
+	}
+}
+
+func TestCloudConfigUnknownKeys(t *testing.T) {
+	contents := `
+coreos: 
+  etcd:
+    discovery: "https://discovery.etcd.io/827c73219eeb2fa5530027c37bf18877"
+  coreos_unknown:
+    foo: "bar"
+section_unknown:
+  dunno:
+    something
+bare_unknown:
+  bar
+write_files:
+  - content: fun
+    path: /var/party
+    file_unknown: nofun
+users:
+  - name: fry
+    passwd: somehash
+    user_unknown: philip
+hostname:
+  foo
+`
+	cfg, err := NewCloudConfig(contents)
+	if err != nil {
+		t.Fatalf("error instantiating CloudConfig with unknown keys: %v", err)
+	}
+	if cfg.Hostname != "foo" {
+		t.Fatalf("hostname not correctly set when invalid keys are present")
+	}
+	if cfg.CoreOS.Etcd.Discovery != "https://discovery.etcd.io/827c73219eeb2fa5530027c37bf18877" {
+		t.Fatalf("etcd section not correctly set when invalid keys are present")
+	}
+	if len(cfg.WriteFiles) < 1 || cfg.WriteFiles[0].Content != "fun" || cfg.WriteFiles[0].Path != "/var/party" {
+		t.Fatalf("write_files section not correctly set when invalid keys are present")
+	}
+	if len(cfg.Users) < 1 || cfg.Users[0].Name != "fry" || cfg.Users[0].PasswordHash != "somehash" {
+		t.Fatalf("users section not correctly set when invalid keys are present")
+	}
+}
+
+// Assert that the parsing of a cloud config file "generally works"
+func TestCloudConfigEmpty(t *testing.T) {
+	cfg, err := NewCloudConfig("")
+	if err != nil {
+		t.Fatalf("Encountered unexpected error :%v", err)
+	}
+
+	keys := cfg.SSHAuthorizedKeys
+	if len(keys) != 0 {
+		t.Error("Parsed incorrect number of SSH keys")
+	}
+
+	if len(cfg.WriteFiles) != 0 {
+		t.Error("Expected zero WriteFiles")
+	}
+
+	if cfg.Hostname != "" {
+		t.Errorf("Expected hostname to be empty, got '%s'", cfg.Hostname)
+	}
+}
+
+// Assert that the parsing of a cloud config file "generally works"
+func TestCloudConfig(t *testing.T) {
+	contents := `
+coreos: 
+  etcd:
+    discovery: "https://discovery.etcd.io/827c73219eeb2fa5530027c37bf18877"
+  update:
+    reboot_strategy: reboot
+  units:
+    - name: 50-eth0.network
+      runtime: yes
+      content: '[Match]
+ 
+    Name=eth47
+ 
+ 
+    [Network]
+ 
+    Address=10.209.171.177/19
+ 
+'
+  oem:
+    id: rackspace
+    name: Rackspace Cloud Servers
+    version_id: 168.0.0
+    home_url: https://www.rackspace.com/cloud/servers/
+    bug_report_url: https://github.com/coreos/coreos-overlay
+ssh_authorized_keys:
+  - foobar
+  - foobaz
+write_files:
+  - content: |
+      penny
+      elroy
+    path: /etc/dogepack.conf
+    permissions: '0644'
+    owner: root:dogepack
+hostname: trontastic
+`
+	cfg, err := NewCloudConfig(contents)
+	if err != nil {
+		t.Fatalf("Encountered unexpected error :%v", err)
+	}
+
+	keys := cfg.SSHAuthorizedKeys
+	if len(keys) != 2 {
+		t.Error("Parsed incorrect number of SSH keys")
+	} else if keys[0] != "foobar" {
+		t.Error("Expected first SSH key to be 'foobar'")
+	} else if keys[1] != "foobaz" {
+		t.Error("Expected first SSH key to be 'foobaz'")
+	}
+
+	if len(cfg.WriteFiles) != 1 {
+		t.Error("Failed to parse correct number of write_files")
+	} else {
+		wf := cfg.WriteFiles[0]
+		if wf.Content != "penny\nelroy\n" {
+			t.Errorf("WriteFile has incorrect contents '%s'", wf.Content)
+		}
+		if wf.Encoding != "" {
+			t.Errorf("WriteFile has incorrect encoding %s", wf.Encoding)
+		}
+		if wf.RawFilePermissions != "0644" {
+			t.Errorf("WriteFile has incorrect permissions %s", wf.RawFilePermissions)
+		}
+		if wf.Path != "/etc/dogepack.conf" {
+			t.Errorf("WriteFile has incorrect path %s", wf.Path)
+		}
+		if wf.Owner != "root:dogepack" {
+			t.Errorf("WriteFile has incorrect owner %s", wf.Owner)
+		}
+	}
+
+	if len(cfg.CoreOS.Units) != 1 {
+		t.Error("Failed to parse correct number of units")
+	} else {
+		u := cfg.CoreOS.Units[0]
+		expect := `[Match]
+Name=eth47
+
+[Network]
+Address=10.209.171.177/19
+`
+		if u.Content != expect {
+			t.Errorf("Unit has incorrect contents '%s'.\nExpected '%s'.", u.Content, expect)
+		}
+		if u.Runtime != true {
+			t.Errorf("Unit has incorrect runtime value")
+		}
+		if u.Name != "50-eth0.network" {
+			t.Errorf("Unit has incorrect name %s", u.Name)
+		}
+	}
+
+	if cfg.CoreOS.OEM.ID != "rackspace" {
+		t.Errorf("Failed parsing coreos.oem. Expected ID 'rackspace', got %q.", cfg.CoreOS.OEM.ID)
+	}
+
+	if cfg.Hostname != "trontastic" {
+		t.Errorf("Failed to parse hostname")
+	}
+	if cfg.CoreOS.Update.RebootStrategy != "reboot" {
+		t.Errorf("Failed to parse locksmith strategy")
+	}
+}
+
+// Assert that our interface conversion doesn't panic
+func TestCloudConfigKeysNotList(t *testing.T) {
+	contents := `
+ssh_authorized_keys:
+  - foo: bar
+`
+	cfg, err := NewCloudConfig(contents)
+	if err != nil {
+		t.Fatalf("Encountered unexpected error: %v", err)
+	}
+
+	keys := cfg.SSHAuthorizedKeys
+	if len(keys) != 0 {
+		t.Error("Parsed incorrect number of SSH keys")
+	}
+}
+
+func TestCloudConfigSerializationHeader(t *testing.T) {
+	cfg, _ := NewCloudConfig("")
+	contents := cfg.String()
+	header := strings.SplitN(contents, "\n", 2)[0]
+	if header != "#cloud-config" {
+		t.Fatalf("Serialized config did not have expected header")
+	}
+}
+
+func TestCloudConfigUsers(t *testing.T) {
+	contents := `
+users:
+  - name: elroy
+    passwd: somehash
+    ssh_authorized_keys:
+      - somekey
+    gecos: arbitrary comment
+    homedir: /home/place
+    no_create_home: yes
+    primary_group: things
+    groups:
+      - ping
+      - pong
+    no_user_group: true
+    system: y
+    no_log_init: True
+`
+	cfg, err := NewCloudConfig(contents)
+	if err != nil {
+		t.Fatalf("Encountered unexpected error: %v", err)
+	}
+
+	if len(cfg.Users) != 1 {
+		t.Fatalf("Parsed %d users, expected 1", len(cfg.Users))
+	}
+
+	user := cfg.Users[0]
+
+	if user.Name != "elroy" {
+		t.Errorf("User name is %q, expected 'elroy'", user.Name)
+	}
+
+	if user.PasswordHash != "somehash" {
+		t.Errorf("User passwd is %q, expected 'somehash'", user.PasswordHash)
+	}
+
+	if keys := user.SSHAuthorizedKeys; len(keys) != 1 {
+		t.Errorf("Parsed %d ssh keys, expected 1", len(keys))
+	} else {
+		key := user.SSHAuthorizedKeys[0]
+		if key != "somekey" {
+			t.Errorf("User SSH key is %q, expected 'somekey'", key)
+		}
+	}
+
+	if user.GECOS != "arbitrary comment" {
+		t.Errorf("Failed to parse gecos field, got %q", user.GECOS)
+	}
+
+	if user.Homedir != "/home/place" {
+		t.Errorf("Failed to parse homedir field, got %q", user.Homedir)
+	}
+
+	if !user.NoCreateHome {
+		t.Errorf("Failed to parse no_create_home field")
+	}
+
+	if user.PrimaryGroup != "things" {
+		t.Errorf("Failed to parse primary_group field, got %q", user.PrimaryGroup)
+	}
+
+	if len(user.Groups) != 2 {
+		t.Errorf("Failed to parse 2 goups, got %d", len(user.Groups))
+	} else {
+		if user.Groups[0] != "ping" {
+			t.Errorf("First group was %q, not expected value 'ping'", user.Groups[0])
+		}
+		if user.Groups[1] != "pong" {
+			t.Errorf("First group was %q, not expected value 'pong'", user.Groups[1])
+		}
+	}
+
+	if !user.NoUserGroup {
+		t.Errorf("Failed to parse no_user_group field")
+	}
+
+	if !user.System {
+		t.Errorf("Failed to parse system field")
+	}
+
+	if !user.NoLogInit {
+		t.Errorf("Failed to parse no_log_init field")
+	}
+}
+
+func TestCloudConfigUsersGithubUser(t *testing.T) {
+
+	contents := `
+users:
+  - name: elroy
+    coreos_ssh_import_github: bcwaldon
+`
+	cfg, err := NewCloudConfig(contents)
+	if err != nil {
+		t.Fatalf("Encountered unexpected error: %v", err)
+	}
+
+	if len(cfg.Users) != 1 {
+		t.Fatalf("Parsed %d users, expected 1", len(cfg.Users))
+	}
+
+	user := cfg.Users[0]
+
+	if user.Name != "elroy" {
+		t.Errorf("User name is %q, expected 'elroy'", user.Name)
+	}
+
+	if user.SSHImportGithubUser != "bcwaldon" {
+		t.Errorf("github user is %q, expected 'bcwaldon'", user.SSHImportGithubUser)
+	}
+}
+
+func TestCloudConfigUsersSSHImportURL(t *testing.T) {
+	contents := `
+users:
+  - name: elroy
+    coreos_ssh_import_url: https://token:x-auth-token@github.enterprise.com/api/v3/polvi/keys
+`
+	cfg, err := NewCloudConfig(contents)
+	if err != nil {
+		t.Fatalf("Encountered unexpected error: %v", err)
+	}
+
+	if len(cfg.Users) != 1 {
+		t.Fatalf("Parsed %d users, expected 1", len(cfg.Users))
+	}
+
+	user := cfg.Users[0]
+
+	if user.Name != "elroy" {
+		t.Errorf("User name is %q, expected 'elroy'", user.Name)
+	}
+
+	if user.SSHImportURL != "https://token:x-auth-token@github.enterprise.com/api/v3/polvi/keys" {
+		t.Errorf("ssh import url is %q, expected 'https://token:x-auth-token@github.enterprise.com/api/v3/polvi/keys'", user.SSHImportURL)
+	}
+}

config/decode.go

@@ -0,0 +1,56 @@
+package config
+
+import (
+	"bytes"
+	"compress/gzip"
+	"encoding/base64"
+	"fmt"
+)
+
+func DecodeBase64Content(content string) ([]byte, error) {
+	output, err := base64.StdEncoding.DecodeString(content)
+
+	if err != nil {
+		return nil, fmt.Errorf("Unable to decode base64: %q", err)
+	}
+
+	return output, nil
+}
+
+func DecodeGzipContent(content string) ([]byte, error) {
+	gzr, err := gzip.NewReader(bytes.NewReader([]byte(content)))
+
+	if err != nil {
+		return nil, fmt.Errorf("Unable to decode gzip: %q", err)
+	}
+	defer gzr.Close()
+
+	buf := new(bytes.Buffer)
+	buf.ReadFrom(gzr)
+
+	return buf.Bytes(), nil
+}
+
+func DecodeContent(content string, encoding string) ([]byte, error) {
+	switch encoding {
+	case "":
+		return []byte(content), nil
+
+	case "b64", "base64":
+		return DecodeBase64Content(content)
+
+	case "gz", "gzip":
+		return DecodeGzipContent(content)
+
+	case "gz+base64", "gzip+base64", "gz+b64", "gzip+b64":
+		gz, err := DecodeBase64Content(content)
+
+		if err != nil {
+			return nil, err
+		}
+
+		return DecodeGzipContent(string(gz))
+	}
+
+	return nil, fmt.Errorf("Unsupported encoding %q", encoding)
+}

config/etc_hosts.go

@@ -0,0 +1,17 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type EtcHosts string

config/etcd.go

@@ -0,0 +1,67 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type Etcd struct {
+	Addr                     string  `yaml:"addr"                          env:"ETCD_ADDR"`
+	AdvertiseClientURLs      string  `yaml:"advertise_client_urls"         env:"ETCD_ADVERTISE_CLIENT_URLS"`
+	BindAddr                 string  `yaml:"bind_addr"                     env:"ETCD_BIND_ADDR"`
+	CAFile                   string  `yaml:"ca_file"                       env:"ETCD_CA_FILE"`
+	CertFile                 string  `yaml:"cert_file"                     env:"ETCD_CERT_FILE"`
+	ClusterActiveSize        int     `yaml:"cluster_active_size"           env:"ETCD_CLUSTER_ACTIVE_SIZE"`
+	ClusterRemoveDelay       float64 `yaml:"cluster_remove_delay"          env:"ETCD_CLUSTER_REMOVE_DELAY"`
+	ClusterSyncInterval      float64 `yaml:"cluster_sync_interval"         env:"ETCD_CLUSTER_SYNC_INTERVAL"`
+	CorsOrigins              string  `yaml:"cors"                          env:"ETCD_CORS"`
+	DataDir                  string  `yaml:"data_dir"                      env:"ETCD_DATA_DIR"`
+	Discovery                string  `yaml:"discovery"                     env:"ETCD_DISCOVERY"`
+	DiscoveryFallback        string  `yaml:"discovery_fallback"            env:"ETCD_DISCOVERY_FALLBACK"`
+	DiscoverySRV             string  `yaml:"discovery_srv"                 env:"ETCD_DISCOVERY_SRV"`
+	DiscoveryProxy           string  `yaml:"discovery_proxy"               env:"ETCD_DISCOVERY_PROXY"`
+	ElectionTimeout          int     `yaml:"election_timeout"              env:"ETCD_ELECTION_TIMEOUT"`
+	ForceNewCluster          bool    `yaml:"force_new_cluster"             env:"ETCD_FORCE_NEW_CLUSTER"`
+	GraphiteHost             string  `yaml:"graphite_host"                 env:"ETCD_GRAPHITE_HOST"`
+	HeartbeatInterval        int     `yaml:"heartbeat_interval"            env:"ETCD_HEARTBEAT_INTERVAL"`
+	HTTPReadTimeout          float64 `yaml:"http_read_timeout"             env:"ETCD_HTTP_READ_TIMEOUT"`
+	HTTPWriteTimeout         float64 `yaml:"http_write_timeout"            env:"ETCD_HTTP_WRITE_TIMEOUT"`
+	InitialAdvertisePeerURLs string  `yaml:"initial_advertise_peer_urls"   env:"ETCD_INITIAL_ADVERTISE_PEER_URLS"`
+	InitialCluster           string  `yaml:"initial_cluster"               env:"ETCD_INITIAL_CLUSTER"`
+	InitialClusterState      string  `yaml:"initial_cluster_state"         env:"ETCD_INITIAL_CLUSTER_STATE"`
+	InitialClusterToken      string  `yaml:"initial_cluster_token"         env:"ETCD_INITIAL_CLUSTER_TOKEN"`
+	KeyFile                  string  `yaml:"key_file"                      env:"ETCD_KEY_FILE"`
+	ListenClientURLs         string  `yaml:"listen_client_urls"            env:"ETCD_LISTEN_CLIENT_URLS"`
+	ListenPeerURLs           string  `yaml:"listen_peer_urls"              env:"ETCD_LISTEN_PEER_URLS"`
+	MaxResultBuffer          int     `yaml:"max_result_buffer"             env:"ETCD_MAX_RESULT_BUFFER"`
+	MaxRetryAttempts         int     `yaml:"max_retry_attempts"            env:"ETCD_MAX_RETRY_ATTEMPTS"`
+	MaxSnapshots             int     `yaml:"max_snapshots"                 env:"ETCD_MAX_SNAPSHOTS"`
+	MaxWALs                  int     `yaml:"max_wals"                      env:"ETCD_MAX_WALS"`
+	Name                     string  `yaml:"name"                          env:"ETCD_NAME"`
+	PeerAddr                 string  `yaml:"peer_addr"                     env:"ETCD_PEER_ADDR"`
+	PeerBindAddr             string  `yaml:"peer_bind_addr"                env:"ETCD_PEER_BIND_ADDR"`
+	PeerCAFile               string  `yaml:"peer_ca_file"                  env:"ETCD_PEER_CA_FILE"`
+	PeerCertFile             string  `yaml:"peer_cert_file"                env:"ETCD_PEER_CERT_FILE"`
+	PeerElectionTimeout      int     `yaml:"peer_election_timeout"         env:"ETCD_PEER_ELECTION_TIMEOUT"`
+	PeerHeartbeatInterval    int     `yaml:"peer_heartbeat_interval"       env:"ETCD_PEER_HEARTBEAT_INTERVAL"`
+	PeerKeyFile              string  `yaml:"peer_key_file"                 env:"ETCD_PEER_KEY_FILE"`
+	Peers                    string  `yaml:"peers"                         env:"ETCD_PEERS"`
+	PeersFile                string  `yaml:"peers_file"                    env:"ETCD_PEERS_FILE"`
+	Proxy                    string  `yaml:"proxy"                         env:"ETCD_PROXY"`
+	RetryInterval            float64 `yaml:"retry_interval"                env:"ETCD_RETRY_INTERVAL"`
+	Snapshot                 bool    `yaml:"snapshot"                      env:"ETCD_SNAPSHOT"`
+	SnapshotCount            int     `yaml:"snapshot_count"                env:"ETCD_SNAPSHOTCOUNT"`
+	StrTrace                 string  `yaml:"trace"                         env:"ETCD_TRACE"`
+	Verbose                  bool    `yaml:"verbose"                       env:"ETCD_VERBOSE"`
+	VeryVerbose              bool    `yaml:"very_verbose"                  env:"ETCD_VERY_VERBOSE"`
+	VeryVeryVerbose          bool    `yaml:"very_very_verbose"             env:"ETCD_VERY_VERY_VERBOSE"`
+}

config/file.go

@@ -0,0 +1,23 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type File struct {
+	Encoding           string `yaml:"encoding" valid:"^(base64|b64|gz|gzip|gz\\+base64|gzip\\+base64|gz\\+b64|gzip\\+b64)$"`
+	Content            string `yaml:"content"`
+	Owner              string `yaml:"owner"`
+	Path               string `yaml:"path"`
+	RawFilePermissions string `yaml:"permissions" valid:"^0?[0-7]{3,4}$"`
+}

config/file_test.go

@@ -0,0 +1,71 @@
+/*
+   Copyright 2014 CoreOS, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package config
+
+import (
+	"testing"
+)
+
+func TestEncodingValid(t *testing.T) {
+	tests := []struct {
+		value string
+
+		isValid bool
+	}{
+		{value: "base64", isValid: true},
+		{value: "b64", isValid: true},
+		{value: "gz", isValid: true},
+		{value: "gzip", isValid: true},
+		{value: "gz+base64", isValid: true},
+		{value: "gzip+base64", isValid: true},
+		{value: "gz+b64", isValid: true},
+		{value: "gzip+b64", isValid: true},
+		{value: "gzzzzbase64", isValid: false},
+		{value: "gzipppbase64", isValid: false},
+		{value: "unknown", isValid: false},
+	}
+
+	for _, tt := range tests {
+		isValid := (nil == AssertStructValid(File{Encoding: tt.value}))
+		if tt.isValid != isValid {
+			t.Errorf("bad assert (%s): want %t, got %t", tt.value, tt.isValid, isValid)
+		}
+	}
+}
+
+func TestRawFilePermissionsValid(t *testing.T) {
+	tests := []struct {
+		value string
+
+		isValid bool
+	}{
+		{value: "744", isValid: true},
+		{value: "0744", isValid: true},
+		{value: "1744", isValid: true},
+		{value: "01744", isValid: true},
+		{value: "11744", isValid: false},
+		{value: "rwxr--r--", isValid: false},
+		{value: "800", isValid: false},
+	}
+
+	for _, tt := range tests {
+		isValid := (nil == AssertStructValid(File{RawFilePermissions: tt.value}))
+		if tt.isValid != isValid {
+			t.Errorf("bad assert (%s): want %t, got %t", tt.value, tt.isValid, isValid)
+		}
+	}
+}

config/flannel.go

@@ -0,0 +1,26 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type Flannel struct {
+	EtcdEndpoints string `yaml:"etcd_endpoints" env:"FLANNELD_ETCD_ENDPOINTS"`
+	EtcdCAFile    string `yaml:"etcd_cafile"    env:"FLANNELD_ETCD_CAFILE"`
+	EtcdCertFile  string `yaml:"etcd_certfile"  env:"FLANNELD_ETCD_CERTFILE"`
+	EtcdKeyFile   string `yaml:"etcd_keyfile"   env:"FLANNELD_ETCD_KEYFILE"`
+	EtcdPrefix    string `yaml:"etcd_prefix"    env:"FLANNELD_ETCD_PREFIX"`
+	IPMasq        string `yaml:"ip_masq"        env:"FLANNELD_IP_MASQ"`
+	SubnetFile    string `yaml:"subnet_file"    env:"FLANNELD_SUBNET_FILE"`
+	Iface         string `yaml:"interface"      env:"FLANNELD_IFACE"`
+}

config/fleet.go

@@ -0,0 +1,29 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type Fleet struct {
+	AgentTTL                string  `yaml:"agent_ttl"                 env:"FLEET_AGENT_TTL"`
+	EngineReconcileInterval float64 `yaml:"engine_reconcile_interval" env:"FLEET_ENGINE_RECONCILE_INTERVAL"`
+	EtcdCAFile              string  `yaml:"etcd_cafile"               env:"FLEET_ETCD_CAFILE"`
+	EtcdCertFile            string  `yaml:"etcd_certfile"             env:"FLEET_ETCD_CERTFILE"`
+	EtcdKeyFile             string  `yaml:"etcd_keyfile"              env:"FLEET_ETCD_KEYFILE"`
+	EtcdKeyPrefix           string  `yaml:"etcd_key_prefix"           env:"FLEET_ETCD_KEY_PREFIX"`
+	EtcdRequestTimeout      float64 `yaml:"etcd_request_timeout"      env:"FLEET_ETCD_REQUEST_TIMEOUT"`
+	EtcdServers             string  `yaml:"etcd_servers"              env:"FLEET_ETCD_SERVERS"`
+	Metadata                string  `yaml:"metadata"                  env:"FLEET_METADATA"`
+	PublicIP                string  `yaml:"public_ip"                 env:"FLEET_PUBLIC_IP"`
+	Verbosity               int     `yaml:"verbosity"                 env:"FLEET_VERBOSITY"`
+}

config/locksmith.go

@@ -0,0 +1,22 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type Locksmith struct {
+	Endpoint     string `yaml:"endpoint"      env:"LOCKSMITHD_ENDPOINT"`
+	EtcdCAFile   string `yaml:"etcd_cafile"   env:"LOCKSMITHD_ETCD_CAFILE"`
+	EtcdCertFile string `yaml:"etcd_certfile" env:"LOCKSMITHD_ETCD_CERTFILE"`
+	EtcdKeyFile  string `yaml:"etcd_keyfile"  env:"LOCKSMITHD_ETCD_KEYFILE"`
+}

config/oem.go

@@ -0,0 +1,23 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type OEM struct {
+	ID           string `yaml:"id"`
+	Name         string `yaml:"name"`
+	VersionID    string `yaml:"version_id"`
+	HomeURL      string `yaml:"home_url"`
+	BugReportURL string `yaml:"bug_report_url"`
+}

config/script.go

@@ -0,0 +1,31 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+import (
+	"strings"
+)
+
+type Script []byte
+
+func IsScript(userdata string) bool {
+	header := strings.SplitN(userdata, "\n", 2)[0]
+	return strings.HasPrefix(header, "#!")
+}
+
+func NewScript(userdata string) (*Script, error) {
+	s := Script(userdata)
+	return &s, nil
+}

config/unit.go

@@ -0,0 +1,30 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type Unit struct {
+	Name    string       `yaml:"name"`
+	Mask    bool         `yaml:"mask"`
+	Enable  bool         `yaml:"enable"`
+	Runtime bool         `yaml:"runtime"`
+	Content string       `yaml:"content"`
+	Command string       `yaml:"command" valid:"^(start|stop|restart|reload|try-restart|reload-or-restart|reload-or-try-restart)$"`
+	DropIns []UnitDropIn `yaml:"drop_ins"`
+}
+
+type UnitDropIn struct {
+	Name    string `yaml:"name"`
+	Content string `yaml:"content"`
+}

config/unit_test.go

@@ -0,0 +1,46 @@
+/*
+   Copyright 2014 CoreOS, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package config
+
+import (
+	"testing"
+)
+
+func TestCommandValid(t *testing.T) {
+	tests := []struct {
+		value string
+
+		isValid bool
+	}{
+		{value: "start", isValid: true},
+		{value: "stop", isValid: true},
+		{value: "restart", isValid: true},
+		{value: "reload", isValid: true},
+		{value: "try-restart", isValid: true},
+		{value: "reload-or-restart", isValid: true},
+		{value: "reload-or-try-restart", isValid: true},
+		{value: "tryrestart", isValid: false},
+		{value: "unknown", isValid: false},
+	}
+
+	for _, tt := range tests {
+		isValid := (nil == AssertStructValid(Unit{Command: tt.value}))
+		if tt.isValid != isValid {
+			t.Errorf("bad assert (%s): want %t, got %t", tt.value, tt.isValid, isValid)
+		}
+	}
+}

config/update.go

@@ -0,0 +1,21 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type Update struct {
+	RebootStrategy string `yaml:"reboot_strategy" env:"REBOOT_STRATEGY" valid:"^(best-effort|etcd-lock|reboot|off)$"`
+	Group          string `yaml:"group"           env:"GROUP"`
+	Server         string `yaml:"server"          env:"SERVER"`
+}

config/update_test.go

@@ -0,0 +1,43 @@
+/*
+   Copyright 2014 CoreOS, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package config
+
+import (
+	"testing"
+)
+
+func TestRebootStrategyValid(t *testing.T) {
+	tests := []struct {
+		value string
+
+		isValid bool
+	}{
+		{value: "best-effort", isValid: true},
+		{value: "etcd-lock", isValid: true},
+		{value: "reboot", isValid: true},
+		{value: "off", isValid: true},
+		{value: "besteffort", isValid: false},
+		{value: "unknown", isValid: false},
+	}
+
+	for _, tt := range tests {
+		isValid := (nil == AssertStructValid(Update{RebootStrategy: tt.value}))
+		if tt.isValid != isValid {
+			t.Errorf("bad assert (%s): want %t, got %t", tt.value, tt.isValid, isValid)
+		}
+	}
+}

config/user.go

@@ -0,0 +1,32 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+type User struct {
+	Name                 string   `yaml:"name"`
+	PasswordHash         string   `yaml:"passwd"`
+	SSHAuthorizedKeys    []string `yaml:"ssh_authorized_keys"`
+	SSHImportGithubUser  string   `yaml:"coreos_ssh_import_github"`
+	SSHImportGithubUsers []string `yaml:"coreos_ssh_import_github_users"`
+	SSHImportURL         string   `yaml:"coreos_ssh_import_url"`
+	GECOS                string   `yaml:"gecos"`
+	Homedir              string   `yaml:"homedir"`
+	NoCreateHome         bool     `yaml:"no_create_home"`
+	PrimaryGroup         string   `yaml:"primary_group"`
+	Groups               []string `yaml:"groups"`
+	NoUserGroup          bool     `yaml:"no_user_group"`
+	System               bool     `yaml:"system"`
+	NoLogInit            bool     `yaml:"no_log_init"`
+}

config/validate/context.go

@@ -0,0 +1,52 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"strings"
+)
+
+// context represents the current position within a newline-delimited string.
+// Each line is loaded, one by one, into currentLine (newline omitted) and
+// lineNumber keeps track of its position within the original string.
+type context struct {
+	currentLine    string
+	remainingLines string
+	lineNumber     int
+}
+
+// Increment moves the context to the next line (if available).
+func (c *context) Increment() {
+	if c.currentLine == "" && c.remainingLines == "" {
+		return
+	}
+
+	lines := strings.SplitN(c.remainingLines, "\n", 2)
+	c.currentLine = lines[0]
+	if len(lines) == 2 {
+		c.remainingLines = lines[1]
+	} else {
+		c.remainingLines = ""
+	}
+	c.lineNumber++
+}
+
+// NewContext creates a context from the provided data. It strips out all
+// carriage returns and moves to the first line (if available).
+func NewContext(content []byte) context {
+	c := context{remainingLines: strings.Replace(string(content), "\r", "", -1)}
+	c.Increment()
+	return c
+}

config/validate/context_test.go

@@ -0,0 +1,131 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestNewContext(t *testing.T) {
+	tests := []struct {
+		in string
+
+		out context
+	}{
+		{
+			out: context{
+				currentLine:    "",
+				remainingLines: "",
+				lineNumber:     0,
+			},
+		},
+		{
+			in: "this\r\nis\r\na\r\ntest",
+			out: context{
+				currentLine:    "this",
+				remainingLines: "is\na\ntest",
+				lineNumber:     1,
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		if out := NewContext([]byte(tt.in)); !reflect.DeepEqual(tt.out, out) {
+			t.Errorf("bad context (%q): want %#v, got %#v", tt.in, tt.out, out)
+		}
+	}
+}
+
+func TestIncrement(t *testing.T) {
+	tests := []struct {
+		init context
+		op   func(c *context)
+
+		res context
+	}{
+		{
+			init: context{
+				currentLine:    "",
+				remainingLines: "",
+				lineNumber:     0,
+			},
+			res: context{
+				currentLine:    "",
+				remainingLines: "",
+				lineNumber:     0,
+			},
+			op: func(c *context) {
+				c.Increment()
+			},
+		},
+		{
+			init: context{
+				currentLine:    "test",
+				remainingLines: "",
+				lineNumber:     1,
+			},
+			res: context{
+				currentLine:    "",
+				remainingLines: "",
+				lineNumber:     2,
+			},
+			op: func(c *context) {
+				c.Increment()
+				c.Increment()
+				c.Increment()
+			},
+		},
+		{
+			init: context{
+				currentLine:    "this",
+				remainingLines: "is\na\ntest",
+				lineNumber:     1,
+			},
+			res: context{
+				currentLine:    "is",
+				remainingLines: "a\ntest",
+				lineNumber:     2,
+			},
+			op: func(c *context) {
+				c.Increment()
+			},
+		},
+		{
+			init: context{
+				currentLine:    "this",
+				remainingLines: "is\na\ntest",
+				lineNumber:     1,
+			},
+			res: context{
+				currentLine:    "test",
+				remainingLines: "",
+				lineNumber:     4,
+			},
+			op: func(c *context) {
+				c.Increment()
+				c.Increment()
+				c.Increment()
+			},
+		},
+	}
+
+	for i, tt := range tests {
+		res := tt.init
+		if tt.op(&res); !reflect.DeepEqual(tt.res, res) {
+			t.Errorf("bad context (%d, %#v): want %#v, got %#v", i, tt.init, tt.res, res)
+		}
+	}
+}

config/validate/node.go

@@ -0,0 +1,157 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"fmt"
+	"reflect"
+	"regexp"
+)
+
+var (
+	yamlKey  = regexp.MustCompile(`^ *-? ?(?P<key>.*?):`)
+	yamlElem = regexp.MustCompile(`^ *-`)
+)
+
+type node struct {
+	name     string
+	line     int
+	children []node
+	field    reflect.StructField
+	reflect.Value
+}
+
+// Child attempts to find the child with the given name in the node's list of
+// children. If no such child is found, an invalid node is returned.
+func (n node) Child(name string) node {
+	for _, c := range n.children {
+		if c.name == name {
+			return c
+		}
+	}
+	return node{}
+}
+
+// HumanType returns the human-consumable string representation of the type of
+// the node.
+func (n node) HumanType() string {
+	switch k := n.Kind(); k {
+	case reflect.Slice:
+		c := n.Type().Elem()
+		return "[]" + node{Value: reflect.New(c).Elem()}.HumanType()
+	default:
+		return k.String()
+	}
+}
+
+// NewNode returns the node representation of the given value. The context
+// will be used in an attempt to determine line numbers for the given value.
+func NewNode(value interface{}, context context) node {
+	var n node
+	toNode(value, context, &n)
+	return n
+}
+
+// toNode converts the given value into a node and then recursively processes
+// each of the nodes components (e.g. fields, array elements, keys).
+func toNode(v interface{}, c context, n *node) {
+	vv := reflect.ValueOf(v)
+	if !vv.IsValid() {
+		return
+	}
+
+	n.Value = vv
+	switch vv.Kind() {
+	case reflect.Struct:
+		// Walk over each field in the structure, skipping unexported fields,
+		// and create a node for it.
+		for i := 0; i < vv.Type().NumField(); i++ {
+			ft := vv.Type().Field(i)
+			k := ft.Tag.Get("yaml")
+			if k == "-" || k == "" {
+				continue
+			}
+
+			cn := node{name: k, field: ft}
+			c, ok := findKey(cn.name, c)
+			if ok {
+				cn.line = c.lineNumber
+			}
+			toNode(vv.Field(i).Interface(), c, &cn)
+			n.children = append(n.children, cn)
+		}
+	case reflect.Map:
+		// Walk over each key in the map and create a node for it.
+		v := v.(map[interface{}]interface{})
+		for k, cv := range v {
+			cn := node{name: fmt.Sprintf("%s", k)}
+			c, ok := findKey(cn.name, c)
+			if ok {
+				cn.line = c.lineNumber
+			}
+			toNode(cv, c, &cn)
+			n.children = append(n.children, cn)
+		}
+	case reflect.Slice:
+		// Walk over each element in the slice and create a node for it.
+		// While iterating over the slice, preserve the context after it
+		// is modified. This allows the line numbers to reflect the current
+		// element instead of the first.
+		for i := 0; i < vv.Len(); i++ {
+			cn := node{
+				name:  fmt.Sprintf("%s[%d]", n.name, i),
+				field: n.field,
+			}
+			var ok bool
+			c, ok = findElem(c)
+			if ok {
+				cn.line = c.lineNumber
+			}
+			toNode(vv.Index(i).Interface(), c, &cn)
+			n.children = append(n.children, cn)
+			c.Increment()
+		}
+	case reflect.String, reflect.Int, reflect.Bool, reflect.Float64:
+	default:
+		panic(fmt.Sprintf("toNode(): unhandled kind %s", vv.Kind()))
+	}
+}
+
+// findKey attempts to find the requested key within the provided context.
+// A modified copy of the context is returned with every line up to the key
+// incremented past. A boolean, true if the key was found, is also returned.
+func findKey(key string, context context) (context, bool) {
+	return find(yamlKey, key, context)
+}
+
+// findElem attempts to find an array element within the provided context.
+// A modified copy of the context is returned with every line up to the array
+// element incremented past. A boolean, true if the key was found, is also
+// returned.
+func findElem(context context) (context, bool) {
+	return find(yamlElem, "", context)
+}
+
+func find(exp *regexp.Regexp, key string, context context) (context, bool) {
+	for len(context.currentLine) > 0 || len(context.remainingLines) > 0 {
+		matches := exp.FindStringSubmatch(context.currentLine)
+		if len(matches) > 0 && (key == "" || matches[1] == key) {
+			return context, true
+		}
+
+		context.Increment()
+	}
+	return context, false
+}

config/validate/node_test.go

@@ -0,0 +1,284 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestChild(t *testing.T) {
+	tests := []struct {
+		parent node
+		name   string
+
+		child node
+	}{
+		{},
+		{
+			name: "c1",
+		},
+		{
+			parent: node{
+				children: []node{
+					node{name: "c1"},
+					node{name: "c2"},
+					node{name: "c3"},
+				},
+			},
+		},
+		{
+			parent: node{
+				children: []node{
+					node{name: "c1"},
+					node{name: "c2"},
+					node{name: "c3"},
+				},
+			},
+			name:  "c2",
+			child: node{name: "c2"},
+		},
+	}
+
+	for _, tt := range tests {
+		if child := tt.parent.Child(tt.name); !reflect.DeepEqual(tt.child, child) {
+			t.Errorf("bad child (%q): want %#v, got %#v", tt.name, tt.child, child)
+		}
+	}
+}
+
+func TestHumanType(t *testing.T) {
+	tests := []struct {
+		node node
+
+		humanType string
+	}{
+		{
+			humanType: "invalid",
+		},
+		{
+			node:      node{Value: reflect.ValueOf("hello")},
+			humanType: "string",
+		},
+		{
+			node: node{
+				Value: reflect.ValueOf([]int{1, 2}),
+				children: []node{
+					node{Value: reflect.ValueOf(1)},
+					node{Value: reflect.ValueOf(2)},
+				}},
+			humanType: "[]int",
+		},
+	}
+
+	for _, tt := range tests {
+		if humanType := tt.node.HumanType(); tt.humanType != humanType {
+			t.Errorf("bad type (%q): want %q, got %q", tt.node, tt.humanType, humanType)
+		}
+	}
+}
+
+func TestToNode(t *testing.T) {
+	tests := []struct {
+		value   interface{}
+		context context
+
+		node node
+	}{
+		{},
+		{
+			value: struct{}{},
+			node:  node{Value: reflect.ValueOf(struct{}{})},
+		},
+		{
+			value: struct {
+				A int `yaml:"a"`
+			}{},
+			node: node{
+				children: []node{
+					node{
+						name: "a",
+						field: reflect.TypeOf(struct {
+							A int `yaml:"a"`
+						}{}).Field(0),
+					},
+				},
+			},
+		},
+		{
+			value: struct {
+				A []int `yaml:"a"`
+			}{},
+			node: node{
+				children: []node{
+					node{
+						name: "a",
+						field: reflect.TypeOf(struct {
+							A []int `yaml:"a"`
+						}{}).Field(0),
+					},
+				},
+			},
+		},
+		{
+			value: map[interface{}]interface{}{
+				"a": map[interface{}]interface{}{
+					"b": 2,
+				},
+			},
+			context: NewContext([]byte("a:\n  b: 2")),
+			node: node{
+				children: []node{
+					node{
+						line: 1,
+						name: "a",
+						children: []node{
+							node{name: "b", line: 2},
+						},
+					},
+				},
+			},
+		},
+		{
+			value: struct {
+				A struct {
+					Jon bool `yaml:"b"`
+				} `yaml:"a"`
+			}{},
+			node: node{
+				children: []node{
+					node{
+						name: "a",
+						children: []node{
+							node{
+								name: "b",
+								field: reflect.TypeOf(struct {
+									Jon bool `yaml:"b"`
+								}{}).Field(0),
+								Value: reflect.ValueOf(false),
+							},
+						},
+						field: reflect.TypeOf(struct {
+							A struct {
+								Jon bool `yaml:"b"`
+							} `yaml:"a"`
+						}{}).Field(0),
+						Value: reflect.ValueOf(struct {
+							Jon bool `yaml:"b"`
+						}{}),
+					},
+				},
+				Value: reflect.ValueOf(struct {
+					A struct {
+						Jon bool `yaml:"b"`
+					} `yaml:"a"`
+				}{}),
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		var node node
+		toNode(tt.value, tt.context, &node)
+		if !nodesEqual(tt.node, node) {
+			t.Errorf("bad node (%#v): want %#v, got %#v", tt.value, tt.node, node)
+		}
+	}
+}
+
+func TestFindKey(t *testing.T) {
+	tests := []struct {
+		key     string
+		context context
+
+		found bool
+	}{
+		{},
+		{
+			key:     "key1",
+			context: NewContext([]byte("key1: hi")),
+			found:   true,
+		},
+		{
+			key:     "key2",
+			context: NewContext([]byte("key1: hi")),
+			found:   false,
+		},
+		{
+			key:     "key3",
+			context: NewContext([]byte("key1:\n  key2:\n    key3: hi")),
+			found:   true,
+		},
+		{
+			key:     "key4",
+			context: NewContext([]byte("key1:\n  - key4: hi")),
+			found:   true,
+		},
+		{
+			key:     "key5",
+			context: NewContext([]byte("#key5")),
+			found:   false,
+		},
+	}
+
+	for _, tt := range tests {
+		if _, found := findKey(tt.key, tt.context); tt.found != found {
+			t.Errorf("bad find (%q): want %t, got %t", tt.key, tt.found, found)
+		}
+	}
+}
+
+func TestFindElem(t *testing.T) {
+	tests := []struct {
+		context context
+
+		found bool
+	}{
+		{},
+		{
+			context: NewContext([]byte("test: hi")),
+			found:   false,
+		},
+		{
+			context: NewContext([]byte("test:\n  - a\n  -b")),
+			found:   true,
+		},
+		{
+			context: NewContext([]byte("test:\n  -\n    a")),
+			found:   true,
+		},
+	}
+
+	for _, tt := range tests {
+		if _, found := findElem(tt.context); tt.found != found {
+			t.Errorf("bad find (%q): want %t, got %t", tt.context, tt.found, found)
+		}
+	}
+}
+
+func nodesEqual(a, b node) bool {
+	if a.name != b.name ||
+		a.line != b.line ||
+		!reflect.DeepEqual(a.field, b.field) ||
+		len(a.children) != len(b.children) {
+		return false
+	}
+	for i := 0; i < len(a.children); i++ {
+		if !nodesEqual(a.children[i], b.children[i]) {
+			return false
+		}
+	}
+	return true
+}

config/validate/report.go

@@ -0,0 +1,88 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"encoding/json"
+	"fmt"
+)
+
+// Report represents the list of entries resulting from validation.
+type Report struct {
+	entries []Entry
+}
+
+// Error adds an error entry to the report.
+func (r *Report) Error(line int, message string) {
+	r.entries = append(r.entries, Entry{entryError, message, line})
+}
+
+// Warning adds a warning entry to the report.
+func (r *Report) Warning(line int, message string) {
+	r.entries = append(r.entries, Entry{entryWarning, message, line})
+}
+
+// Info adds an info entry to the report.
+func (r *Report) Info(line int, message string) {
+	r.entries = append(r.entries, Entry{entryInfo, message, line})
+}
+
+// Entries returns the list of entries in the report.
+func (r *Report) Entries() []Entry {
+	return r.entries
+}
+
+// Entry represents a single generic item in the report.
+type Entry struct {
+	kind    entryKind
+	message string
+	line    int
+}
+
+// String returns a human-readable representation of the entry.
+func (e Entry) String() string {
+	return fmt.Sprintf("line %d: %s: %s", e.line, e.kind, e.message)
+}
+
+// MarshalJSON satisfies the json.Marshaler interface, returning the entry
+// encoded as a JSON object.
+func (e Entry) MarshalJSON() ([]byte, error) {
+	return json.Marshal(map[string]interface{}{
+		"kind":    e.kind.String(),
+		"message": e.message,
+		"line":    e.line,
+	})
+}
+
+type entryKind int
+
+const (
+	entryError entryKind = iota
+	entryWarning
+	entryInfo
+)
+
+func (k entryKind) String() string {
+	switch k {
+	case entryError:
+		return "error"
+	case entryWarning:
+		return "warning"
+	case entryInfo:
+		return "info"
+	default:
+		panic(fmt.Sprintf("invalid kind %d", k))
+	}
+}

config/validate/report_test.go

@@ -0,0 +1,96 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"bytes"
+	"reflect"
+	"testing"
+)
+
+func TestEntry(t *testing.T) {
+	tests := []struct {
+		entry Entry
+
+		str  string
+		json []byte
+	}{
+		{
+			Entry{entryInfo, "test info", 1},
+			"line 1: info: test info",
+			[]byte(`{"kind":"info","line":1,"message":"test info"}`),
+		},
+		{
+			Entry{entryWarning, "test warning", 1},
+			"line 1: warning: test warning",
+			[]byte(`{"kind":"warning","line":1,"message":"test warning"}`),
+		},
+		{
+			Entry{entryError, "test error", 2},
+			"line 2: error: test error",
+			[]byte(`{"kind":"error","line":2,"message":"test error"}`),
+		},
+	}
+
+	for _, tt := range tests {
+		if str := tt.entry.String(); tt.str != str {
+			t.Errorf("bad string (%q): want %q, got %q", tt.entry, tt.str, str)
+		}
+		json, err := tt.entry.MarshalJSON()
+		if err != nil {
+			t.Errorf("bad error (%q): want %v, got %q", tt.entry, nil, err)
+		}
+		if !bytes.Equal(tt.json, json) {
+			t.Errorf("bad JSON (%q): want %q, got %q", tt.entry, tt.json, json)
+		}
+	}
+}
+
+func TestReport(t *testing.T) {
+	type reportFunc struct {
+		fn      func(*Report, int, string)
+		line    int
+		message string
+	}
+
+	tests := []struct {
+		fs []reportFunc
+
+		es []Entry
+	}{
+		{
+			[]reportFunc{
+				{(*Report).Warning, 1, "test warning 1"},
+				{(*Report).Error, 2, "test error 2"},
+				{(*Report).Info, 10, "test info 10"},
+			},
+			[]Entry{
+				Entry{entryWarning, "test warning 1", 1},
+				Entry{entryError, "test error 2", 2},
+				Entry{entryInfo, "test info 10", 10},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		r := Report{}
+		for _, f := range tt.fs {
+			f.fn(&r, f.line, f.message)
+		}
+		if es := r.Entries(); !reflect.DeepEqual(tt.es, es) {
+			t.Errorf("bad entries (%v): want %#v, got %#v", tt.fs, tt.es, es)
+		}
+	}
+}

config/validate/rules.go

@@ -0,0 +1,177 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"fmt"
+	"net/url"
+	"path"
+	"reflect"
+	"strings"
+
+	"github.com/coreos/coreos-cloudinit/config"
+)
+
+type rule func(config node, report *Report)
+
+// Rules contains all of the validation rules.
+var Rules []rule = []rule{
+	checkDiscoveryUrl,
+	checkEncoding,
+	checkStructure,
+	checkValidity,
+	checkWriteFiles,
+	checkWriteFilesUnderCoreos,
+}
+
+// checkDiscoveryUrl verifies that the string is a valid url.
+func checkDiscoveryUrl(cfg node, report *Report) {
+	c := cfg.Child("coreos").Child("etcd").Child("discovery")
+	if !c.IsValid() {
+		return
+	}
+
+	if _, err := url.ParseRequestURI(c.String()); err != nil {
+		report.Warning(c.line, "discovery URL is not valid")
+	}
+}
+
+// checkEncoding validates that, for each file under 'write_files', the
+// content can be decoded given the specified encoding.
+func checkEncoding(cfg node, report *Report) {
+	for _, f := range cfg.Child("write_files").children {
+		e := f.Child("encoding")
+		if !e.IsValid() {
+			continue
+		}
+
+		c := f.Child("contents")
+		if _, err := config.DecodeContent(c.String(), e.String()); err != nil {
+			report.Error(c.line, fmt.Sprintf("contents cannot be decoded as %q", e.String()))
+		}
+	}
+}
+
+// checkStructure compares the provided config to the empty config.CloudConfig
+// structure. Each node is checked to make sure that it exists in the known
+// structure and that its type is compatible.
+func checkStructure(cfg node, report *Report) {
+	g := NewNode(config.CloudConfig{}, NewContext([]byte{}))
+	checkNodeStructure(cfg, g, report)
+}
+
+func checkNodeStructure(n, g node, r *Report) {
+	if !isCompatible(n.Kind(), g.Kind()) {
+		r.Warning(n.line, fmt.Sprintf("incorrect type for %q (want %s)", n.name, g.HumanType()))
+		return
+	}
+
+	switch g.Kind() {
+	case reflect.Struct:
+		for _, cn := range n.children {
+			if cg := g.Child(cn.name); cg.IsValid() {
+				checkNodeStructure(cn, cg, r)
+			} else {
+				r.Warning(cn.line, fmt.Sprintf("unrecognized key %q", cn.name))
+			}
+		}
+	case reflect.Slice:
+		for _, cn := range n.children {
+			var cg node
+			c := g.Type().Elem()
+			toNode(reflect.New(c).Elem().Interface(), context{}, &cg)
+			checkNodeStructure(cn, cg, r)
+		}
+	case reflect.String, reflect.Int, reflect.Float64, reflect.Bool:
+	default:
+		panic(fmt.Sprintf("checkNodeStructure(): unhandled kind %s", g.Kind()))
+	}
+}
+
+// isCompatible determines if the type of kind n can be converted to the type
+// of kind g in the context of YAML. This is not an exhaustive list, but its
+// enough for the purposes of cloud-config validation.
+func isCompatible(n, g reflect.Kind) bool {
+	switch g {
+	case reflect.String:
+		return n == reflect.String || n == reflect.Int || n == reflect.Float64 || n == reflect.Bool
+	case reflect.Struct:
+		return n == reflect.Struct || n == reflect.Map
+	case reflect.Float64:
+		return n == reflect.Float64 || n == reflect.Int
+	case reflect.Bool, reflect.Slice, reflect.Int:
+		return n == g
+	default:
+		panic(fmt.Sprintf("isCompatible(): unhandled kind %s", g))
+	}
+}
+
+// checkValidity checks the value of every node in the provided config by
+// running config.AssertValid() on it.
+func checkValidity(cfg node, report *Report) {
+	g := NewNode(config.CloudConfig{}, NewContext([]byte{}))
+	checkNodeValidity(cfg, g, report)
+}
+
+func checkNodeValidity(n, g node, r *Report) {
+	if err := config.AssertValid(n.Value, g.field.Tag.Get("valid")); err != nil {
+		r.Error(n.line, fmt.Sprintf("invalid value %v", n.Value.Interface()))
+	}
+	switch g.Kind() {
+	case reflect.Struct:
+		for _, cn := range n.children {
+			if cg := g.Child(cn.name); cg.IsValid() {
+				checkNodeValidity(cn, cg, r)
+			}
+		}
+	case reflect.Slice:
+		for _, cn := range n.children {
+			var cg node
+			c := g.Type().Elem()
+			toNode(reflect.New(c).Elem().Interface(), context{}, &cg)
+			checkNodeValidity(cn, cg, r)
+		}
+	case reflect.String, reflect.Int, reflect.Float64, reflect.Bool:
+	default:
+		panic(fmt.Sprintf("checkNodeValidity(): unhandled kind %s", g.Kind()))
+	}
+}
+
+// checkWriteFiles checks to make sure that the target file can actually be
+// written. Note that this check is approximate (it only checks to see if the file
+// is under /usr).
+func checkWriteFiles(cfg node, report *Report) {
+	for _, f := range cfg.Child("write_files").children {
+		c := f.Child("path")
+		if !c.IsValid() {
+			continue
+		}
+
+		d := path.Dir(c.String())
+		switch {
+		case strings.HasPrefix(d, "/usr"):
+			report.Error(c.line, "file cannot be written to a read-only filesystem")
+		}
+	}
+}
+
+// checkWriteFilesUnderCoreos checks to see if the 'write_files' node is a
+// child of 'coreos' (it shouldn't be).
+func checkWriteFilesUnderCoreos(cfg node, report *Report) {
+	c := cfg.Child("coreos").Child("write_files")
+	if c.IsValid() {
+		report.Info(c.line, "write_files doesn't belong under coreos")
+	}
+}

config/validate/rules_test.go

@@ -0,0 +1,399 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestCheckDiscoveryUrl(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		{},
+		{
+			config: "coreos:\n  etcd:\n    discovery: https://discovery.etcd.io/00000000000000000000000000000000",
+		},
+		{
+			config: "coreos:\n  etcd:\n    discovery: http://custom.domain/mytoken",
+		},
+		{
+			config:  "coreos:\n  etcd:\n    discovery: disco",
+			entries: []Entry{{entryWarning, "discovery URL is not valid", 3}},
+		},
+	}
+
+	for i, tt := range tests {
+		r := Report{}
+		n, err := parseCloudConfig([]byte(tt.config), &r)
+		if err != nil {
+			panic(err)
+		}
+		checkDiscoveryUrl(n, &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%d, %q): want %#v, got %#v", i, tt.config, tt.entries, e)
+		}
+	}
+}
+
+func TestCheckEncoding(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		{},
+		{
+			config: "write_files:\n  - encoding: base64\n    contents: aGVsbG8K",
+		},
+		{
+			config: "write_files:\n  - contents: !!binary aGVsbG8K",
+		},
+		{
+			config:  "write_files:\n  - encoding: base64\n    contents: !!binary aGVsbG8K",
+			entries: []Entry{{entryError, `contents cannot be decoded as "base64"`, 3}},
+		},
+		{
+			config: "write_files:\n  - encoding: base64\n    contents: !!binary YUdWc2JHOEsK",
+		},
+		{
+			config: "write_files:\n  - encoding: gzip\n    contents: !!binary H4sIAOC3tVQAA8tIzcnJ5wIAIDA6NgYAAAA=",
+		},
+		{
+			config: "write_files:\n  - encoding: gzip+base64\n    contents: H4sIAOC3tVQAA8tIzcnJ5wIAIDA6NgYAAAA=",
+		},
+		{
+			config:  "write_files:\n  - encoding: custom\n    contents: hello",
+			entries: []Entry{{entryError, `contents cannot be decoded as "custom"`, 3}},
+		},
+	}
+
+	for i, tt := range tests {
+		r := Report{}
+		n, err := parseCloudConfig([]byte(tt.config), &r)
+		if err != nil {
+			panic(err)
+		}
+		checkEncoding(n, &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%d, %q): want %#v, got %#v", i, tt.config, tt.entries, e)
+		}
+	}
+}
+
+func TestCheckStructure(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		{},
+
+		// Test for unrecognized keys
+		{
+			config:  "test:",
+			entries: []Entry{{entryWarning, "unrecognized key \"test\"", 1}},
+		},
+		{
+			config:  "coreos:\n  etcd:\n    bad:",
+			entries: []Entry{{entryWarning, "unrecognized key \"bad\"", 3}},
+		},
+		{
+			config: "coreos:\n  etcd:\n    discovery: good",
+		},
+
+		// Test for error on list of nodes
+		{
+			config: "coreos:\n  units:\n    - hello\n    - goodbye",
+			entries: []Entry{
+				{entryWarning, "incorrect type for \"units[0]\" (want struct)", 3},
+				{entryWarning, "incorrect type for \"units[1]\" (want struct)", 4},
+			},
+		},
+
+		// Test for incorrect types
+		// Want boolean
+		{
+			config: "coreos:\n  units:\n    - enable: true",
+		},
+		{
+			config:  "coreos:\n  units:\n    - enable: 4",
+			entries: []Entry{{entryWarning, "incorrect type for \"enable\" (want bool)", 3}},
+		},
+		{
+			config:  "coreos:\n  units:\n    - enable: bad",
+			entries: []Entry{{entryWarning, "incorrect type for \"enable\" (want bool)", 3}},
+		},
+		{
+			config:  "coreos:\n  units:\n    - enable:\n        bad:",
+			entries: []Entry{{entryWarning, "incorrect type for \"enable\" (want bool)", 3}},
+		},
+		{
+			config:  "coreos:\n  units:\n    - enable:\n      - bad",
+			entries: []Entry{{entryWarning, "incorrect type for \"enable\" (want bool)", 3}},
+		},
+		// Want string
+		{
+			config: "hostname: true",
+		},
+		{
+			config: "hostname: 4",
+		},
+		{
+			config: "hostname: host",
+		},
+		{
+			config:  "hostname:\n  name:",
+			entries: []Entry{{entryWarning, "incorrect type for \"hostname\" (want string)", 1}},
+		},
+		{
+			config:  "hostname:\n  - name",
+			entries: []Entry{{entryWarning, "incorrect type for \"hostname\" (want string)", 1}},
+		},
+		// Want struct
+		{
+			config:  "coreos: true",
+			entries: []Entry{{entryWarning, "incorrect type for \"coreos\" (want struct)", 1}},
+		},
+		{
+			config:  "coreos: 4",
+			entries: []Entry{{entryWarning, "incorrect type for \"coreos\" (want struct)", 1}},
+		},
+		{
+			config:  "coreos: hello",
+			entries: []Entry{{entryWarning, "incorrect type for \"coreos\" (want struct)", 1}},
+		},
+		{
+			config: "coreos:\n  etcd:\n    discovery: fire in the disco",
+		},
+		{
+			config:  "coreos:\n  - hello",
+			entries: []Entry{{entryWarning, "incorrect type for \"coreos\" (want struct)", 1}},
+		},
+		// Want []string
+		{
+			config:  "ssh_authorized_keys: true",
+			entries: []Entry{{entryWarning, "incorrect type for \"ssh_authorized_keys\" (want []string)", 1}},
+		},
+		{
+			config:  "ssh_authorized_keys: 4",
+			entries: []Entry{{entryWarning, "incorrect type for \"ssh_authorized_keys\" (want []string)", 1}},
+		},
+		{
+			config:  "ssh_authorized_keys: key",
+			entries: []Entry{{entryWarning, "incorrect type for \"ssh_authorized_keys\" (want []string)", 1}},
+		},
+		{
+			config:  "ssh_authorized_keys:\n  key: value",
+			entries: []Entry{{entryWarning, "incorrect type for \"ssh_authorized_keys\" (want []string)", 1}},
+		},
+		{
+			config: "ssh_authorized_keys:\n  - key",
+		},
+		{
+			config:  "ssh_authorized_keys:\n  - key: value",
+			entries: []Entry{{entryWarning, "incorrect type for \"ssh_authorized_keys[0]\" (want string)", 2}},
+		},
+		// Want []struct
+		{
+			config:  "users:\n  true",
+			entries: []Entry{{entryWarning, "incorrect type for \"users\" (want []struct)", 1}},
+		},
+		{
+			config:  "users:\n  4",
+			entries: []Entry{{entryWarning, "incorrect type for \"users\" (want []struct)", 1}},
+		},
+		{
+			config:  "users:\n  bad",
+			entries: []Entry{{entryWarning, "incorrect type for \"users\" (want []struct)", 1}},
+		},
+		{
+			config:  "users:\n  bad:",
+			entries: []Entry{{entryWarning, "incorrect type for \"users\" (want []struct)", 1}},
+		},
+		{
+			config: "users:\n  - name: good",
+		},
+		// Want struct within array
+		{
+			config:  "users:\n  - true",
+			entries: []Entry{{entryWarning, "incorrect type for \"users[0]\" (want struct)", 2}},
+		},
+		{
+			config:  "users:\n  - name: hi\n  - true",
+			entries: []Entry{{entryWarning, "incorrect type for \"users[1]\" (want struct)", 3}},
+		},
+		{
+			config:  "users:\n  - 4",
+			entries: []Entry{{entryWarning, "incorrect type for \"users[0]\" (want struct)", 2}},
+		},
+		{
+			config:  "users:\n  - bad",
+			entries: []Entry{{entryWarning, "incorrect type for \"users[0]\" (want struct)", 2}},
+		},
+		{
+			config:  "users:\n  - - bad",
+			entries: []Entry{{entryWarning, "incorrect type for \"users[0]\" (want struct)", 2}},
+		},
+	}
+
+	for i, tt := range tests {
+		r := Report{}
+		n, err := parseCloudConfig([]byte(tt.config), &r)
+		if err != nil {
+			panic(err)
+		}
+		checkStructure(n, &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%d, %q): want %#v, got %#v", i, tt.config, tt.entries, e)
+		}
+	}
+}
+
+func TestCheckValidity(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		// string
+		{
+			config: "hostname: test",
+		},
+
+		// int
+		{
+			config: "coreos:\n  fleet:\n    verbosity: 2",
+		},
+
+		// bool
+		{
+			config: "coreos:\n  units:\n    - enable: true",
+		},
+
+		// slice
+		{
+			config: "coreos:\n  units:\n    - command: start\n    - name: stop",
+		},
+		{
+			config:  "coreos:\n  units:\n    - command: lol",
+			entries: []Entry{{entryError, "invalid value lol", 3}},
+		},
+
+		// struct
+		{
+			config: "coreos:\n  update:\n    reboot_strategy: off",
+		},
+		{
+			config:  "coreos:\n  update:\n    reboot_strategy: always",
+			entries: []Entry{{entryError, "invalid value always", 3}},
+		},
+
+		// unknown
+		{
+			config: "unknown: hi",
+		},
+	}
+
+	for i, tt := range tests {
+		r := Report{}
+		n, err := parseCloudConfig([]byte(tt.config), &r)
+		if err != nil {
+			panic(err)
+		}
+		checkValidity(n, &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%d, %q): want %#v, got %#v", i, tt.config, tt.entries, e)
+		}
+	}
+}
+
+func TestCheckWriteFiles(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		{},
+		{
+			config: "write_files:\n  - path: /valid",
+		},
+		{
+			config: "write_files:\n  - path: /tmp/usr/valid",
+		},
+		{
+			config:  "write_files:\n  - path: /usr/invalid",
+			entries: []Entry{{entryError, "file cannot be written to a read-only filesystem", 2}},
+		},
+		{
+			config:  "write-files:\n  - path: /tmp/../usr/invalid",
+			entries: []Entry{{entryError, "file cannot be written to a read-only filesystem", 2}},
+		},
+	}
+
+	for i, tt := range tests {
+		r := Report{}
+		n, err := parseCloudConfig([]byte(tt.config), &r)
+		if err != nil {
+			panic(err)
+		}
+		checkWriteFiles(n, &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%d, %q): want %#v, got %#v", i, tt.config, tt.entries, e)
+		}
+	}
+}
+
+func TestCheckWriteFilesUnderCoreos(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		{},
+		{
+			config: "write_files:\n  - path: /hi",
+		},
+		{
+			config:  "coreos:\n  write_files:\n    - path: /hi",
+			entries: []Entry{{entryInfo, "write_files doesn't belong under coreos", 2}},
+		},
+		{
+			config:  "coreos:\n  write-files:\n    - path: /hyphen",
+			entries: []Entry{{entryInfo, "write_files doesn't belong under coreos", 2}},
+		},
+	}
+
+	for i, tt := range tests {
+		r := Report{}
+		n, err := parseCloudConfig([]byte(tt.config), &r)
+		if err != nil {
+			panic(err)
+		}
+		checkWriteFilesUnderCoreos(n, &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%d, %q): want %#v, got %#v", i, tt.config, tt.entries, e)
+		}
+	}
+}

config/validate/validate.go

@@ -0,0 +1,162 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"errors"
+	"fmt"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/coreos/coreos-cloudinit/config"
+
+	"github.com/coreos/coreos-cloudinit/Godeps/_workspace/src/github.com/coreos/yaml"
+)
+
+var (
+	yamlLineError = regexp.MustCompile(`^YAML error: line (?P<line>[[:digit:]]+): (?P<msg>.*)$`)
+	yamlError     = regexp.MustCompile(`^YAML error: (?P<msg>.*)$`)
+)
+
+// Validate runs a series of validation tests against the given userdata and
+// returns a report detailing all of the issues. Presently, only cloud-configs
+// can be validated.
+func Validate(userdataBytes []byte) (Report, error) {
+	switch {
+	case len(userdataBytes) == 0:
+		return Report{}, nil
+	case config.IsScript(string(userdataBytes)):
+		return Report{}, nil
+	case config.IsCloudConfig(string(userdataBytes)):
+		return validateCloudConfig(userdataBytes, Rules)
+	default:
+		return Report{entries: []Entry{
+			Entry{kind: entryError, message: `must be "#cloud-config" or begin with "#!"`, line: 1},
+		}}, nil
+	}
+}
+
+// validateCloudConfig runs all of the validation rules in Rules and returns
+// the resulting report and any errors encountered.
+func validateCloudConfig(config []byte, rules []rule) (report Report, err error) {
+	defer func() {
+		if r := recover(); r != nil {
+			err = fmt.Errorf("%v", r)
+		}
+	}()
+
+	c, err := parseCloudConfig(config, &report)
+	if err != nil {
+		return report, err
+	}
+
+	for _, r := range rules {
+		r(c, &report)
+	}
+	return report, nil
+}
+
+// parseCloudConfig parses the provided config into a node structure and logs
+// any parsing issues into the provided report. Unrecoverable errors are
+// returned as an error.
+func parseCloudConfig(cfg []byte, report *Report) (node, error) {
+	yaml.UnmarshalMappingKeyTransform = func(nameIn string) (nameOut string) {
+		return nameIn
+	}
+	// unmarshal the config into an implicitly-typed form. The yaml library
+	// will implicitly convert types into their normalized form
+	// (e.g. 0744 -> 484, off -> false).
+	var weak map[interface{}]interface{}
+	if err := yaml.Unmarshal(cfg, &weak); err != nil {
+		matches := yamlLineError.FindStringSubmatch(err.Error())
+		if len(matches) == 3 {
+			line, err := strconv.Atoi(matches[1])
+			if err != nil {
+				return node{}, err
+			}
+			msg := matches[2]
+			report.Error(line, msg)
+			return node{}, nil
+		}
+
+		matches = yamlError.FindStringSubmatch(err.Error())
+		if len(matches) == 2 {
+			report.Error(1, matches[1])
+			return node{}, nil
+		}
+
+		return node{}, errors.New("couldn't parse yaml error")
+	}
+	w := NewNode(weak, NewContext(cfg))
+	w = normalizeNodeNames(w, report)
+
+	// unmarshal the config into the explicitly-typed form.
+	yaml.UnmarshalMappingKeyTransform = func(nameIn string) (nameOut string) {
+		return strings.Replace(nameIn, "-", "_", -1)
+	}
+	var strong config.CloudConfig
+	if err := yaml.Unmarshal([]byte(cfg), &strong); err != nil {
+		return node{}, err
+	}
+	s := NewNode(strong, NewContext(cfg))
+
+	// coerceNodes weak nodes and strong nodes. strong nodes replace weak nodes
+	// if they are compatible types (this happens when the yaml library
+	// converts the input).
+	// (e.g. weak 484 is replaced by strong 0744, weak 4 is not replaced by
+	// strong false)
+	return coerceNodes(w, s), nil
+}
+
+// coerceNodes recursively evaluates two nodes, returning a new node containing
+// either the weak or strong node's value and its recursively processed
+// children. The strong node's value is used if the two nodes are leafs, are
+// both valid, and are compatible types (defined by isCompatible()). The weak
+// node is returned in all other cases. coerceNodes is used to counteract the
+// effects of yaml's automatic type conversion. The weak node is the one
+// resulting from unmarshalling into an empty interface{} (the type is
+// inferred). The strong node is the one resulting from unmarshalling into a
+// struct. If the two nodes are of compatible types, the yaml library correctly
+// parsed the value into the strongly typed unmarshalling. In this case, we
+// prefer the strong node because its actually the type we are expecting.
+func coerceNodes(w, s node) node {
+	n := w
+	n.children = nil
+	if len(w.children) == 0 && len(s.children) == 0 &&
+		w.IsValid() && s.IsValid() &&
+		isCompatible(w.Kind(), s.Kind()) {
+		n.Value = s.Value
+	}
+
+	for _, cw := range w.children {
+		n.children = append(n.children, coerceNodes(cw, s.Child(cw.name)))
+	}
+	return n
+}
+
+// normalizeNodeNames replaces all occurences of '-' with '_' within key names
+// and makes a note of each replacement in the report.
+func normalizeNodeNames(node node, report *Report) node {
+	if strings.Contains(node.name, "-") {
+		// TODO(crawford): Enable this message once the new validator hits stable.
+		//report.Info(node.line, fmt.Sprintf("%q uses '-' instead of '_'", node.name))
+		node.name = strings.Replace(node.name, "-", "_", -1)
+	}
+	for i := range node.children {
+		node.children[i] = normalizeNodeNames(node.children[i], report)
+	}
+	return node
+}

config/validate/validate_test.go

@@ -0,0 +1,167 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package validate
+
+import (
+	"errors"
+	"reflect"
+	"testing"
+)
+
+func TestParseCloudConfig(t *testing.T) {
+	tests := []struct {
+		config string
+
+		entries []Entry
+	}{
+		{},
+		{
+			config: "	",
+			entries: []Entry{{entryError, "found character that cannot start any token", 1}},
+		},
+		{
+			config:  "a:\na",
+			entries: []Entry{{entryError, "could not find expected ':'", 2}},
+		},
+		{
+			config:  "#hello\na:\na",
+			entries: []Entry{{entryError, "could not find expected ':'", 3}},
+		},
+	}
+
+	for _, tt := range tests {
+		r := Report{}
+		parseCloudConfig([]byte(tt.config), &r)
+
+		if e := r.Entries(); !reflect.DeepEqual(tt.entries, e) {
+			t.Errorf("bad report (%s): want %#v, got %#v", tt.config, tt.entries, e)
+		}
+	}
+}
+
+func TestValidateCloudConfig(t *testing.T) {
+	tests := []struct {
+		config string
+		rules  []rule
+
+		report Report
+		err    error
+	}{
+		{
+			rules: []rule{func(_ node, _ *Report) { panic("something happened") }},
+			err:   errors.New("something happened"),
+		},
+		{
+			config: "write_files:\n  - permissions: 0744",
+			rules:  Rules,
+		},
+		{
+			config: "write_files:\n  - permissions: '0744'",
+			rules:  Rules,
+		},
+		{
+			config: "write_files:\n  - permissions: 744",
+			rules:  Rules,
+		},
+		{
+			config: "write_files:\n  - permissions: '744'",
+			rules:  Rules,
+		},
+		{
+			config: "coreos:\n  update:\n    reboot-strategy: off",
+			rules:  Rules,
+		},
+		{
+			config: "coreos:\n  update:\n    reboot-strategy: false",
+			rules:  Rules,
+			report: Report{entries: []Entry{{entryError, "invalid value false", 3}}},
+		},
+	}
+
+	for _, tt := range tests {
+		r, err := validateCloudConfig([]byte(tt.config), tt.rules)
+		if !reflect.DeepEqual(tt.err, err) {
+			t.Errorf("bad error (%s): want %v, got %v", tt.config, tt.err, err)
+		}
+		if !reflect.DeepEqual(tt.report, r) {
+			t.Errorf("bad report (%s): want %+v, got %+v", tt.config, tt.report, r)
+		}
+	}
+}
+
+func TestValidate(t *testing.T) {
+	tests := []struct {
+		config string
+
+		report Report
+	}{
+		{},
+		{
+			config: "#!/bin/bash\necho hey",
+		},
+	}
+
+	for i, tt := range tests {
+		r, err := Validate([]byte(tt.config))
+		if err != nil {
+			t.Errorf("bad error (case #%d): want %v, got %v", i, nil, err)
+		}
+		if !reflect.DeepEqual(tt.report, r) {
+			t.Errorf("bad report (case #%d): want %+v, got %+v", i, tt.report, r)
+		}
+	}
+}
+
+func BenchmarkValidate(b *testing.B) {
+	config := `#cloud-config
+hostname: test
+
+coreos:
+  etcd:
+    name:      node001
+    discovery: https://discovery.etcd.io/disco
+    addr:      $public_ipv4:4001
+    peer-addr: $private_ipv4:7001
+  fleet:
+    verbosity: 2
+    metadata:  "hi"
+  update:
+    reboot-strategy: off
+  units:
+    - name:    hi.service
+      command: start
+      enable:  true
+    - name:    bye.service
+      command: stop
+
+ssh_authorized_keys:
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h...
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h...
+
+users:
+  - name: me
+
+write_files:
+  - path: /etc/yes
+    content: "Hi"
+
+manage_etc_hosts: localhost`
+
+	for i := 0; i < b.N; i++ {
+		if _, err := Validate([]byte(config)); err != nil {
+			panic(err)
+		}
+	}
+}

coreos-cloudinit.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package main
 
@@ -23,6 +21,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/coreos/coreos-cloudinit/config"
+	"github.com/coreos/coreos-cloudinit/config/validate"
 	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/datasource/configdrive"
 	"github.com/coreos/coreos-cloudinit/datasource/file"
@@ -33,12 +33,13 @@ import (
 	"github.com/coreos/coreos-cloudinit/datasource/url"
 	"github.com/coreos/coreos-cloudinit/datasource/waagent"
 	"github.com/coreos/coreos-cloudinit/initialize"
+	"github.com/coreos/coreos-cloudinit/network"
 	"github.com/coreos/coreos-cloudinit/pkg"
 	"github.com/coreos/coreos-cloudinit/system"
 )
 
 const (
-	version               = "0.10.7"
+	version               = "1.3.2"
 	datasourceInterval    = 100 * time.Millisecond
 	datasourceMaxInterval = 30 * time.Second
 	datasourceTimeout     = 5 * time.Minute
@@ -63,6 +64,7 @@ var (
 		workspace      string
 		sshKeyName     string
 		oem            string
+		validate       bool
 	}{}
 )
 
@@ -82,6 +84,7 @@ func init() {
 	flag.StringVar(&flags.convertNetconf, "convert-netconf", "", "Read the network config provided in cloud-drive and translate it from the specified format into networkd unit files")
 	flag.StringVar(&flags.workspace, "workspace", "/var/lib/coreos-cloudinit", "Base directory coreos-cloudinit should use to store data")
 	flag.StringVar(&flags.sshKeyName, "ssh-key-name", initialize.DefaultSSHKeyName, "Add SSH keys to the system with the given name")
+	flag.BoolVar(&flags.validate, "validate", false, "[EXPERIMENTAL] Validate the user-data but do not apply it to the system")
 }
 
 type oemConfig map[string]string
@@ -103,6 +106,9 @@ var (
 		"azure": oemConfig{
 			"from-waagent": "/var/lib/waagent",
 		},
+		"cloudsigma": oemConfig{
+			"from-cloudsigma-metadata": "true",
+		},
 	}
 )
 
@@ -157,78 +163,72 @@ func main() {
 		failure = true
 	}
 
+	if report, err := validate.Validate(userdataBytes); err == nil {
+		ret := 0
+		for _, e := range report.Entries() {
+			fmt.Println(e)
+			ret = 1
+		}
+		if flags.validate {
+			os.Exit(ret)
+		}
+	} else {
+		fmt.Printf("Failed while validating user_data (%q)\n", err)
+		if flags.validate {
+			os.Exit(1)
+		}
+	}
+
 	fmt.Printf("Fetching meta-data from datasource of type %q\n", ds.Type())
-	metadataBytes, err := ds.FetchMetadata()
+	metadata, err := ds.FetchMetadata()
 	if err != nil {
 		fmt.Printf("Failed fetching meta-data from datasource: %v\n", err)
 		os.Exit(1)
 	}
 
-	// Extract IPv4 addresses from metadata if possible
-	var subs map[string]string
-	if len(metadataBytes) > 0 {
-		subs, err = initialize.ExtractIPsFromMetadata(metadataBytes)
-		if err != nil {
-			fmt.Printf("Failed extracting IPs from meta-data: %v\n", err)
-			os.Exit(1)
-		}
-	}
-
 	// Apply environment to user-data
-	env := initialize.NewEnvironment("/", ds.ConfigRoot(), flags.workspace, flags.convertNetconf, flags.sshKeyName, subs)
+	env := initialize.NewEnvironment("/", ds.ConfigRoot(), flags.workspace, flags.sshKeyName, metadata)
 	userdata := env.Apply(string(userdataBytes))
 
-	var ccm, ccu *initialize.CloudConfig
+	var ccu *config.CloudConfig
-	var script *system.Script
+	var script *config.Script
-	if ccm, err = initialize.ParseMetaData(string(metadataBytes)); err != nil {
-		fmt.Printf("Failed to parse meta-data: %v\n", err)
-		os.Exit(1)
-	}
-
-	if ccm != nil && flags.convertNetconf != "" {
-		fmt.Printf("Fetching network config from datasource of type %q\n", ds.Type())
-		netconfBytes, err := ds.FetchNetworkConfig(ccm.NetworkConfigPath)
-		if err != nil {
-			fmt.Printf("Failed fetching network config from datasource: %v\n", err)
-			os.Exit(1)
-		}
-		ccm.NetworkConfig = string(netconfBytes)
-	}
-
 	if ud, err := initialize.ParseUserData(userdata); err != nil {
 		fmt.Printf("Failed to parse user-data: %v\nContinuing...\n", err)
 		failure = true
 	} else {
 		switch t := ud.(type) {
-		case *initialize.CloudConfig:
+		case *config.CloudConfig:
 			ccu = t
-		case system.Script:
+		case *config.Script:
-			script = &t
+			script = t
 		}
 	}
 
-	var cc *initialize.CloudConfig
+	fmt.Println("Merging cloud-config from meta-data and user-data")
-	if ccm != nil && ccu != nil {
+	cc := mergeConfigs(ccu, metadata)
-		fmt.Println("Merging cloud-config from meta-data and user-data")
-		merged := mergeCloudConfig(*ccm, *ccu)
-		cc = &merged
-	} else if ccm != nil && ccu == nil {
-		fmt.Println("Processing cloud-config from meta-data")
-		cc = ccm
-	} else if ccm == nil && ccu != nil {
-		fmt.Println("Processing cloud-config from user-data")
-		cc = ccu
-	} else {
-		fmt.Println("No cloud-config data to handle.")
-	}
 
-	if cc != nil {
+	var ifaces []network.InterfaceGenerator
-		if err = initialize.Apply(*cc, env); err != nil {
+	if flags.convertNetconf != "" {
-			fmt.Printf("Failed to apply cloud-config: %v\n", err)
+		var err error
+		switch flags.convertNetconf {
+		case "debian":
+			ifaces, err = network.ProcessDebianNetconf(metadata.NetworkConfig)
+		case "digitalocean":
+			ifaces, err = network.ProcessDigitalOceanNetconf(metadata.NetworkConfig)
+		default:
+			err = fmt.Errorf("Unsupported network config format %q", flags.convertNetconf)
+		}
+		if err != nil {
+			fmt.Printf("Failed to generate interfaces: %v\n", err)
 			os.Exit(1)
 		}
 	}
 
+	if err = initialize.Apply(cc, ifaces, env); err != nil {
+		fmt.Printf("Failed to apply cloud-config: %v\n", err)
+		os.Exit(1)
+	}
+
 	if script != nil {
 		if err = runScript(*script, env); err != nil {
 			fmt.Printf("Failed to run script: %v\n", err)
@@ -241,38 +241,25 @@ func main() {
 	}
 }
 
-// mergeCloudConfig merges certain options from mdcc (a CloudConfig derived from
+// mergeConfigs merges certain options from md (meta-data from the datasource)
-// meta-data) onto udcc (a CloudConfig derived from user-data), if they are
+// onto cc (a CloudConfig derived from user-data), if they are not already set
-// not already set on udcc (i.e. user-data always takes precedence)
+// on cc (i.e. user-data always takes precedence)
-// NB: This needs to be kept in sync with ParseMetadata so that it tracks all
+func mergeConfigs(cc *config.CloudConfig, md datasource.Metadata) (out config.CloudConfig) {
-// elements of a CloudConfig which that function can populate.
+	if cc != nil {
-func mergeCloudConfig(mdcc, udcc initialize.CloudConfig) (cc initialize.CloudConfig) {
+		out = *cc
-	if mdcc.Hostname != "" {
+	}
-		if udcc.Hostname != "" {
-			fmt.Printf("Warning: user-data hostname (%s) overrides metadata hostname (%s)\n", udcc.Hostname, mdcc.Hostname)
-		} else {
-			udcc.Hostname = mdcc.Hostname
-		}
 
-	}
+	if md.Hostname != "" {
-	for _, key := range mdcc.SSHAuthorizedKeys {
+		if out.Hostname != "" {
-		udcc.SSHAuthorizedKeys = append(udcc.SSHAuthorizedKeys, key)
+			fmt.Printf("Warning: user-data hostname (%s) overrides metadata hostname (%s)\n", out.Hostname, md.Hostname)
-	}
-	if mdcc.NetworkConfigPath != "" {
-		if udcc.NetworkConfigPath != "" {
-			fmt.Printf("Warning: user-data NetworkConfigPath %s overrides metadata NetworkConfigPath %s\n", udcc.NetworkConfigPath, mdcc.NetworkConfigPath)
 		} else {
-			udcc.NetworkConfigPath = mdcc.NetworkConfigPath
+			out.Hostname = md.Hostname
 		}
 	}
-	if mdcc.NetworkConfig != "" {
+	for _, key := range md.SSHPublicKeys {
-		if udcc.NetworkConfig != "" {
+		out.SSHAuthorizedKeys = append(out.SSHAuthorizedKeys, key)
-			fmt.Printf("Warning: user-data NetworkConfig %s overrides metadata NetworkConfig %s\n", udcc.NetworkConfig, mdcc.NetworkConfig)
-		} else {
-			udcc.NetworkConfig = mdcc.NetworkConfig
-		}
 	}
-	return udcc
+	return
 }
 
 // getDatasources creates a slice of possible Datasources for cloudinit based
@@ -361,7 +348,7 @@ func selectDatasource(sources []datasource.Datasource) datasource.Datasource {
 }
 
 // TODO(jonboulle): this should probably be refactored and moved into a different module
-func runScript(script system.Script, env *initialize.Environment) error {
+func runScript(script config.Script, env *initialize.Environment) error {
 	err := initialize.PrepWorkspace(env.Workspace())
 	if err != nil {
 		fmt.Printf("Failed preparing workspace: %v\n", err)

coreos-cloudinit_test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package main
 
@@ -20,117 +18,72 @@ import (
 	"reflect"
 	"testing"
 
-	"github.com/coreos/coreos-cloudinit/initialize"
+	"github.com/coreos/coreos-cloudinit/config"
+	"github.com/coreos/coreos-cloudinit/datasource"
 )
 
-func TestMergeCloudConfig(t *testing.T) {
+func TestMergeConfigs(t *testing.T) {
-	simplecc := initialize.CloudConfig{
+	tests := []struct {
-		SSHAuthorizedKeys: []string{"abc", "def"},
+		cc *config.CloudConfig
-		Hostname:          "foobar",
+		md datasource.Metadata
-		NetworkConfigPath: "/path/somewhere",
+
-		NetworkConfig:     `{}`,
+		out config.CloudConfig
-	}
-	for i, tt := range []struct {
-		udcc initialize.CloudConfig
-		mdcc initialize.CloudConfig
-		want initialize.CloudConfig
 	}{
 		{
-			// If mdcc is empty, udcc should be returned unchanged
+			// If md is empty and cc is nil, result should be empty
-			simplecc,
+			out: config.CloudConfig{},
-			initialize.CloudConfig{},
-			simplecc,
 		},
 		{
-			// If udcc is empty, mdcc should be returned unchanged(overridden)
+			// If md and cc are empty, result should be empty
-			initialize.CloudConfig{},
+			cc:  &config.CloudConfig{},
-			simplecc,
+			out: config.CloudConfig{},
-			simplecc,
+		},
+		{
+			// If cc is empty, cc should be returned unchanged
+			cc:  &config.CloudConfig{SSHAuthorizedKeys: []string{"abc", "def"}, Hostname: "cc-host"},
+			out: config.CloudConfig{SSHAuthorizedKeys: []string{"abc", "def"}, Hostname: "cc-host"},
+		},
+		{
+			// If cc is empty, cc should be returned unchanged(overridden)
+			cc:  &config.CloudConfig{},
+			md:  datasource.Metadata{Hostname: "md-host", SSHPublicKeys: map[string]string{"key": "ghi"}},
+			out: config.CloudConfig{SSHAuthorizedKeys: []string{"ghi"}, Hostname: "md-host"},
+		},
+		{
+			// If cc is nil, cc should be returned unchanged(overridden)
+			md:  datasource.Metadata{Hostname: "md-host", SSHPublicKeys: map[string]string{"key": "ghi"}},
+			out: config.CloudConfig{SSHAuthorizedKeys: []string{"ghi"}, Hostname: "md-host"},
 		},
 		{
 			// user-data should override completely in the case of conflicts
-			simplecc,
+			cc:  &config.CloudConfig{SSHAuthorizedKeys: []string{"abc", "def"}, Hostname: "cc-host"},
-			initialize.CloudConfig{
+			md:  datasource.Metadata{Hostname: "md-host"},
-				Hostname:          "meta-hostname",
+			out: config.CloudConfig{SSHAuthorizedKeys: []string{"abc", "def"}, Hostname: "cc-host"},
-				NetworkConfigPath: "/path/meta",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
-			simplecc,
 		},
 		{
 			// Mixed merge should succeed
-			initialize.CloudConfig{
+			cc:  &config.CloudConfig{SSHAuthorizedKeys: []string{"abc", "def"}, Hostname: "cc-host"},
-				SSHAuthorizedKeys: []string{"abc", "def"},
+			md:  datasource.Metadata{Hostname: "md-host", SSHPublicKeys: map[string]string{"key": "ghi"}},
-				Hostname:          "user-hostname",
+			out: config.CloudConfig{SSHAuthorizedKeys: []string{"abc", "def", "ghi"}, Hostname: "cc-host"},
-				NetworkConfigPath: "/path/somewhere",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
-			initialize.CloudConfig{
-				SSHAuthorizedKeys: []string{"woof", "qux"},
-				Hostname:          "meta-hostname",
-			},
-			initialize.CloudConfig{
-				SSHAuthorizedKeys: []string{"abc", "def", "woof", "qux"},
-				Hostname:          "user-hostname",
-				NetworkConfigPath: "/path/somewhere",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
 		},
 		{
 			// Completely non-conflicting merge should be fine
-			initialize.CloudConfig{
+			cc:  &config.CloudConfig{Hostname: "cc-host"},
-				Hostname: "supercool",
+			md:  datasource.Metadata{SSHPublicKeys: map[string]string{"zaphod": "beeblebrox"}},
-			},
+			out: config.CloudConfig{Hostname: "cc-host", SSHAuthorizedKeys: []string{"beeblebrox"}},
-			initialize.CloudConfig{
-				SSHAuthorizedKeys: []string{"zaphod", "beeblebrox"},
-				NetworkConfigPath: "/dev/fun",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
-			initialize.CloudConfig{
-				Hostname:          "supercool",
-				SSHAuthorizedKeys: []string{"zaphod", "beeblebrox"},
-				NetworkConfigPath: "/dev/fun",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
 		},
 		{
 			// Non-mergeable settings in user-data should not be affected
-			initialize.CloudConfig{
+			cc:  &config.CloudConfig{Hostname: "cc-host", ManageEtcHosts: config.EtcHosts("lolz")},
-				Hostname:       "mememe",
+			md:  datasource.Metadata{Hostname: "md-host"},
-				ManageEtcHosts: initialize.EtcHosts("lolz"),
+			out: config.CloudConfig{Hostname: "cc-host", ManageEtcHosts: config.EtcHosts("lolz")},
-			},
-			initialize.CloudConfig{
-				Hostname:          "youyouyou",
-				NetworkConfigPath: "meta-meta-yo",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
-			initialize.CloudConfig{
-				Hostname:          "mememe",
-				ManageEtcHosts:    initialize.EtcHosts("lolz"),
-				NetworkConfigPath: "meta-meta-yo",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
 		},
-		{
+	}
-			// Non-mergeable (unexpected) settings in meta-data are ignored
+
-			initialize.CloudConfig{
+	for i, tt := range tests {
-				Hostname: "mememe",
+		out := mergeConfigs(tt.cc, tt.md)
-			},
+		if !reflect.DeepEqual(tt.out, out) {
-			initialize.CloudConfig{
+			t.Errorf("bad config (%d): want %#v, got %#v", i, tt.out, out)
-				ManageEtcHosts:    initialize.EtcHosts("lolz"),
-				NetworkConfigPath: "meta-meta-yo",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
-			initialize.CloudConfig{
-				Hostname:          "mememe",
-				NetworkConfigPath: "meta-meta-yo",
-				NetworkConfig:     `{"hostname":"test"}`,
-			},
-		},
-	} {
-		got := mergeCloudConfig(tt.mdcc, tt.udcc)
-		if !reflect.DeepEqual(got, tt.want) {
-			t.Errorf("case #%d: mergeCloudConfig mutated CloudConfig unexpectedly:\ngot:\n%s\nwant:\n%s", i, got, tt.want)
 		}
 	}
 }

datasource/configdrive/configdrive.go

@@ -1,26 +1,27 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package configdrive
 
 import (
+	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"os"
 	"path"
+
+	"github.com/coreos/coreos-cloudinit/datasource"
 )
 
 const (
@@ -49,21 +50,36 @@ func (cd *configDrive) ConfigRoot() string {
 	return cd.openstackRoot()
 }
 
-func (cd *configDrive) FetchMetadata() ([]byte, error) {
+func (cd *configDrive) FetchMetadata() (metadata datasource.Metadata, err error) {
-	return cd.tryReadFile(path.Join(cd.openstackVersionRoot(), "meta_data.json"))
+	var data []byte
+	var m struct {
+		SSHAuthorizedKeyMap map[string]string `json:"public_keys"`
+		Hostname            string            `json:"hostname"`
+		NetworkConfig       struct {
+			ContentPath string `json:"content_path"`
+		} `json:"network_config"`
+	}
+
+	if data, err = cd.tryReadFile(path.Join(cd.openstackVersionRoot(), "meta_data.json")); err != nil || len(data) == 0 {
+		return
+	}
+	if err = json.Unmarshal([]byte(data), &m); err != nil {
+		return
+	}
+
+	metadata.SSHPublicKeys = m.SSHAuthorizedKeyMap
+	metadata.Hostname = m.Hostname
+	if m.NetworkConfig.ContentPath != "" {
+		metadata.NetworkConfig, err = cd.tryReadFile(path.Join(cd.openstackRoot(), m.NetworkConfig.ContentPath))
+	}
+
+	return
 }
 
 func (cd *configDrive) FetchUserdata() ([]byte, error) {
 	return cd.tryReadFile(path.Join(cd.openstackVersionRoot(), "user_data"))
 }
 
-func (cd *configDrive) FetchNetworkConfig(filename string) ([]byte, error) {
-	if filename == "" {
-		return []byte{}, nil
-	}
-	return cd.tryReadFile(path.Join(cd.openstackRoot(), filename))
-}
-
 func (cd *configDrive) Type() string {
 	return "cloud-drive"
 }

datasource/configdrive/configdrive_test.go

@@ -1,99 +1,103 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package configdrive
 
 import (
-	"os"
+	"reflect"
 	"testing"
+
+	"github.com/coreos/coreos-cloudinit/datasource"
+	"github.com/coreos/coreos-cloudinit/datasource/test"
 )
 
-type mockFilesystem []string
-
-func (m mockFilesystem) readFile(filename string) ([]byte, error) {
-	for _, file := range m {
-		if file == filename {
-			return []byte(filename), nil
-		}
-	}
-	return nil, os.ErrNotExist
-}
-
 func TestFetchMetadata(t *testing.T) {
 	for _, tt := range []struct {
-		root     string
+		root  string
-		filename string
+		files test.MockFilesystem
-		files    mockFilesystem
+
+		metadata datasource.Metadata
 	}{
 		{
-			"/",
+			root:  "/",
-			"",
+			files: test.NewMockFilesystem(test.File{Path: "/openstack/latest/meta_data.json", Contents: ""}),
-			mockFilesystem{},
 		},
 		{
-			"/",
+			root:  "/",
-			"/openstack/latest/meta_data.json",
+			files: test.NewMockFilesystem(test.File{Path: "/openstack/latest/meta_data.json", Contents: `{"ignore": "me"}`}),
-			mockFilesystem([]string{"/openstack/latest/meta_data.json"}),
 		},
 		{
-			"/media/configdrive",
+			root:     "/",
-			"/media/configdrive/openstack/latest/meta_data.json",
+			files:    test.NewMockFilesystem(test.File{Path: "/openstack/latest/meta_data.json", Contents: `{"hostname": "host"}`}),
-			mockFilesystem([]string{"/media/configdrive/openstack/latest/meta_data.json"}),
+			metadata: datasource.Metadata{Hostname: "host"},
+		},
+		{
+			root: "/media/configdrive",
+			files: test.NewMockFilesystem(test.File{Path: "/media/configdrive/openstack/latest/meta_data.json", Contents: `{"hostname": "host", "network_config": {"content_path": "config_file.json"}, "public_keys":{"1": "key1", "2": "key2"}}`},
+				test.File{Path: "/media/configdrive/openstack/config_file.json", Contents: "make it work"},
+			),
+			metadata: datasource.Metadata{
+				Hostname:      "host",
+				NetworkConfig: []byte("make it work"),
+				SSHPublicKeys: map[string]string{
+					"1": "key1",
+					"2": "key2",
+				},
+			},
 		},
 	} {
-		cd := configDrive{tt.root, tt.files.readFile}
+		cd := configDrive{tt.root, tt.files.ReadFile}
-		filename, err := cd.FetchMetadata()
+		metadata, err := cd.FetchMetadata()
 		if err != nil {
-			t.Fatalf("bad error for %q: want %v, got %q", tt, nil, err)
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
 		}
-		if string(filename) != tt.filename {
+		if !reflect.DeepEqual(tt.metadata, metadata) {
-			t.Fatalf("bad path for %q: want %q, got %q", tt, tt.filename, filename)
+			t.Fatalf("bad metadata for %+v: want %#v, got %#v", tt, tt.metadata, metadata)
 		}
 	}
 }
 
 func TestFetchUserdata(t *testing.T) {
 	for _, tt := range []struct {
-		root     string
+		root  string
-		filename string
+		files test.MockFilesystem
-		files    mockFilesystem
+
+		userdata string
 	}{
 		{
 			"/",
+			test.NewMockFilesystem(),
 			"",
-			mockFilesystem{},
 		},
 		{
 			"/",
-			"/openstack/latest/user_data",
+			test.NewMockFilesystem(test.File{Path: "/openstack/latest/user_data", Contents: "userdata"}),
-			mockFilesystem([]string{"/openstack/latest/user_data"}),
+			"userdata",
 		},
 		{
 			"/media/configdrive",
-			"/media/configdrive/openstack/latest/user_data",
+			test.NewMockFilesystem(test.File{Path: "/media/configdrive/openstack/latest/user_data", Contents: "userdata"}),
-			mockFilesystem([]string{"/media/configdrive/openstack/latest/user_data"}),
+			"userdata",
 		},
 	} {
-		cd := configDrive{tt.root, tt.files.readFile}
+		cd := configDrive{tt.root, tt.files.ReadFile}
-		filename, err := cd.FetchUserdata()
+		userdata, err := cd.FetchUserdata()
 		if err != nil {
-			t.Fatalf("bad error for %q: want %v, got %q", tt, nil, err)
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
 		}
-		if string(filename) != tt.filename {
+		if string(userdata) != tt.userdata {
-			t.Fatalf("bad path for %q: want %q, got %q", tt, tt.filename, filename)
+			t.Fatalf("bad userdata for %+v: want %q, got %q", tt, tt.userdata, userdata)
 		}
 	}
 }

datasource/datasource.go

@@ -1,27 +1,38 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package datasource
 
+import (
+	"net"
+)
+
 type Datasource interface {
 	IsAvailable() bool
 	AvailabilityChanges() bool
 	ConfigRoot() string
-	FetchMetadata() ([]byte, error)
+	FetchMetadata() (Metadata, error)
 	FetchUserdata() ([]byte, error)
-	FetchNetworkConfig(string) ([]byte, error)
 	Type() string
 }
+
+type Metadata struct {
+	PublicIPv4    net.IP
+	PublicIPv6    net.IP
+	PrivateIPv4   net.IP
+	PrivateIPv6   net.IP
+	Hostname      string
+	SSHPublicKeys map[string]string
+	NetworkConfig []byte
+}

datasource/file/file.go

@@ -1,24 +1,24 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package file
 
 import (
 	"io/ioutil"
 	"os"
+
+	"github.com/coreos/coreos-cloudinit/datasource"
 )
 
 type localFile struct {
@@ -42,18 +42,14 @@ func (f *localFile) ConfigRoot() string {
 	return ""
 }
 
-func (f *localFile) FetchMetadata() ([]byte, error) {
+func (f *localFile) FetchMetadata() (datasource.Metadata, error) {
-	return []byte{}, nil
+	return datasource.Metadata{}, nil
 }
 
 func (f *localFile) FetchUserdata() ([]byte, error) {
 	return ioutil.ReadFile(f.path)
 }
 
-func (f *localFile) FetchNetworkConfig(filename string) ([]byte, error) {
-	return nil, nil
-}
-
 func (f *localFile) Type() string {
 	return "local-file"
 }

datasource/metadata/cloudsigma/server_context.go

@@ -1,27 +1,31 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package cloudsigma
 
 import (
+	"bytes"
 	"encoding/base64"
 	"encoding/json"
+	"errors"
+	"io/ioutil"
+	"net"
 	"os"
 	"strings"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
+
 	"github.com/coreos/coreos-cloudinit/Godeps/_workspace/src/github.com/cloudsigma/cepgo"
 )
 
@@ -51,7 +55,8 @@ func (_ *serverContextService) IsAvailable() bool {
 	}
 	productName := make([]byte, 10)
 	_, err = productNameFile.Read(productName)
-	return err == nil && string(productName) == "CloudSigma"
+
+	return err == nil && string(productName) == "CloudSigma" && hasDHCPLeases()
 }
 
 func (_ *serverContextService) AvailabilityChanges() bool {
@@ -66,62 +71,60 @@ func (_ *serverContextService) Type() string {
 	return "server-context"
 }
 
-func (scs *serverContextService) FetchMetadata() ([]byte, error) {
+func (scs *serverContextService) FetchMetadata() (metadata datasource.Metadata, err error) {
 	var (
 		inputMetadata struct {
 			Name string            `json:"name"`
 			UUID string            `json:"uuid"`
 			Meta map[string]string `json:"meta"`
 			Nics []struct {
-				Runtime struct {
+				Mac      string `json:"mac"`
+				IPv4Conf struct {
 					InterfaceType string `json:"interface_type"`
-					IPv4          struct {
+					IP            struct {
-						IP string `json:"uuid"`
+						UUID string `json:"uuid"`
-					} `json:"ip_v4"`
+					} `json:"ip"`
-				} `json:"runtime"`
+				} `json:"ip_v4_conf"`
+				VLAN struct {
+					UUID string `json:"uuid"`
+				} `json:"vlan"`
 			} `json:"nics"`
 		}
-		outputMetadata struct {
+		rawMetadata []byte
-			Hostname   string            `json:"name"`
-			PublicKeys map[string]string `json:"public_keys"`
-			LocalIPv4  string            `json:"local-ipv4"`
-			PublicIPv4 string            `json:"public-ipv4"`
-		}
 	)
 
-	rawMetadata, err := scs.client.FetchRaw("")
+	if rawMetadata, err = scs.client.FetchRaw(""); err != nil {
-	if err != nil {
+		return
-		return []byte{}, err
 	}
 
-	err = json.Unmarshal(rawMetadata, &inputMetadata)
+	if err = json.Unmarshal(rawMetadata, &inputMetadata); err != nil {
-	if err != nil {
+		return
-		return []byte{}, err
 	}
 
 	if inputMetadata.Name != "" {
-		outputMetadata.Hostname = inputMetadata.Name
+		metadata.Hostname = inputMetadata.Name
 	} else {
-		outputMetadata.Hostname = inputMetadata.UUID
+		metadata.Hostname = inputMetadata.UUID
 	}
 
+	metadata.SSHPublicKeys = map[string]string{}
 	if key, ok := inputMetadata.Meta["ssh_public_key"]; ok {
 		splitted := strings.Split(key, " ")
-		outputMetadata.PublicKeys = make(map[string]string)
+		metadata.SSHPublicKeys[splitted[len(splitted)-1]] = key
-		outputMetadata.PublicKeys[splitted[len(splitted)-1]] = key
 	}
 
 	for _, nic := range inputMetadata.Nics {
-		if nic.Runtime.IPv4.IP != "" {
+		if nic.IPv4Conf.IP.UUID != "" {
-			if nic.Runtime.InterfaceType == "public" {
+			metadata.PublicIPv4 = net.ParseIP(nic.IPv4Conf.IP.UUID)
-				outputMetadata.PublicIPv4 = nic.Runtime.IPv4.IP
+		}
-			} else {
+		if nic.VLAN.UUID != "" {
-				outputMetadata.LocalIPv4 = nic.Runtime.IPv4.IP
+			if localIP, err := scs.findLocalIP(nic.Mac); err == nil {
+				metadata.PrivateIPv4 = localIP
 			}
 		}
 	}
 
-	return json.Marshal(outputMetadata)
+	return
 }
 
 func (scs *serverContextService) FetchUserdata() ([]byte, error) {
@@ -142,8 +145,34 @@ func (scs *serverContextService) FetchUserdata() ([]byte, error) {
 	return []byte(userData), nil
 }
 
-func (scs *serverContextService) FetchNetworkConfig(a string) ([]byte, error) {
+func (scs *serverContextService) findLocalIP(mac string) (net.IP, error) {
-	return nil, nil
+	ifaces, err := net.Interfaces()
+	if err != nil {
+		return nil, err
+	}
+	ifaceMac, err := net.ParseMAC(mac)
+	if err != nil {
+		return nil, err
+	}
+	for _, iface := range ifaces {
+		if !bytes.Equal(iface.HardwareAddr, ifaceMac) {
+			continue
+		}
+		addrs, err := iface.Addrs()
+		if err != nil {
+			continue
+		}
+
+		for _, addr := range addrs {
+			switch ip := addr.(type) {
+			case *net.IPNet:
+				if ip.IP.To4() != nil {
+					return ip.IP.To4(), nil
+				}
+			}
+		}
+	}
+	return nil, errors.New("Local IP not found")
 }
 
 func isBase64Encoded(field string, userdata map[string]string) bool {
@@ -159,3 +188,8 @@ func isBase64Encoded(field string, userdata map[string]string) bool {
 	}
 	return false
 }
+
+func hasDHCPLeases() bool {
+	files, err := ioutil.ReadDir("/run/systemd/netif/leases/")
+	return err == nil && len(files) > 0
+}

datasource/metadata/cloudsigma/server_context_test.go

@@ -1,23 +1,21 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package cloudsigma
 
 import (
-	"encoding/json"
+	"net"
 	"reflect"
 	"testing"
 )
@@ -46,12 +44,6 @@ func (f *fakeCepgoClient) FetchRaw(key string) ([]byte, error) {
 }
 
 func TestServerContextFetchMetadata(t *testing.T) {
-	var metadata struct {
-		Hostname   string            `json:"name"`
-		PublicKeys map[string]string `json:"public_keys"`
-		LocalIPv4  string            `json:"local-ipv4"`
-		PublicIPv4 string            `json:"public-ipv4"`
-	}
 	client := new(fakeCepgoClient)
 	scs := NewServerContextService()
 	scs.client = client
@@ -74,14 +66,41 @@ func TestServerContextFetchMetadata(t *testing.T) {
 		"name": "coreos",
 		"nics": [
 			{
-				"runtime": {
+				"boot_order": null,
-					"interface_type": "public",
+				"ip_v4_conf": {
-					"ip_v4": {
+					"conf": "dhcp",
+					"ip": {
+						"gateway": "31.171.244.1",
+						"meta": {},
+						"nameservers": [
+							"178.22.66.167",
+							"178.22.71.56",
+							"8.8.8.8"
+						],
+						"netmask": 22,
+						"tags": [],
 						"uuid": "31.171.251.74"
-					},
+					}
-					"ip_v6": null
 				},
+				"ip_v6_conf": null,
+				"mac": "22:3d:09:6b:90:f3",
+				"model": "virtio",
 				"vlan": null
+			},
+			{
+				"boot_order": null,
+				"ip_v4_conf": null,
+				"ip_v6_conf": null,
+				"mac": "22:ae:4a:fb:8f:31",
+				"model": "virtio",
+				"vlan": {
+					"meta": {
+						"description": "",
+						"name": "CoreOS"
+					},
+					"tags": [],
+					"uuid": "5dec030e-25b8-4621-a5a4-a3302c9d9619"
+				}
 			}
 		],
 		"smp": 2,
@@ -89,29 +108,21 @@ func TestServerContextFetchMetadata(t *testing.T) {
 		"uuid": "20a0059b-041e-4d0c-bcc6-9b2852de48b3"
 	}`)
 
-	metadataBytes, err := scs.FetchMetadata()
+	metadata, err := scs.FetchMetadata()
 	if err != nil {
 		t.Error(err.Error())
 	}
 
-	if err := json.Unmarshal(metadataBytes, &metadata); err != nil {
-		t.Error(err.Error())
-	}
-
 	if metadata.Hostname != "coreos" {
 		t.Errorf("Hostname is not 'coreos' but %s instead", metadata.Hostname)
 	}
 
-	if metadata.PublicKeys["john@doe"] != "ssh-rsa AAAAB3NzaC1yc2E.../hQ5D5 john@doe" {
+	if metadata.SSHPublicKeys["john@doe"] != "ssh-rsa AAAAB3NzaC1yc2E.../hQ5D5 john@doe" {
 		t.Error("Public SSH Keys are not being read properly")
 	}
 
-	if metadata.LocalIPv4 != "" {
+	if !metadata.PublicIPv4.Equal(net.ParseIP("31.171.251.74")) {
-		t.Errorf("Local IP is not empty but %s instead", metadata.LocalIPv4)
+		t.Errorf("Public IP is not 31.171.251.74 but %s instead", metadata.PublicIPv4)
-	}
-
-	if metadata.PublicIPv4 != "31.171.251.74" {
-		t.Errorf("Local IP is not 31.171.251.74 but %s instead", metadata.PublicIPv4)
 	}
 }
 

datasource/metadata/digitalocean/metadata.go

@@ -1,25 +1,25 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package digitalocean
 
 import (
 	"encoding/json"
+	"net"
 	"strconv"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/datasource/metadata"
 )
 
@@ -61,8 +61,6 @@ type Metadata struct {
 }
 
 type metadataService struct {
-	interfaces Interfaces
-	dns        DNS
 	metadata.MetadataService
 }
 
@@ -70,52 +68,41 @@ func NewDatasource(root string) *metadataService {
 	return &metadataService{MetadataService: metadata.NewDatasource(root, apiVersion, userdataUrl, metadataPath)}
 }
 
-func (ms *metadataService) FetchMetadata() ([]byte, error) {
+func (ms *metadataService) FetchMetadata() (metadata datasource.Metadata, err error) {
-	data, err := ms.FetchData(ms.MetadataUrl())
+	var data []byte
-	if err != nil || len(data) == 0 {
+	var m Metadata
-		return []byte{}, err
+
+	if data, err = ms.FetchData(ms.MetadataUrl()); err != nil || len(data) == 0 {
+		return
+	}
+	if err = json.Unmarshal(data, &m); err != nil {
+		return
 	}
 
-	var metadata Metadata
+	if len(m.Interfaces.Public) > 0 {
-	if err := json.Unmarshal(data, &metadata); err != nil {
+		if m.Interfaces.Public[0].IPv4 != nil {
-		return []byte{}, err
+			metadata.PublicIPv4 = net.ParseIP(m.Interfaces.Public[0].IPv4.IPAddress)
-	}
-
-	ms.interfaces = metadata.Interfaces
-	ms.dns = metadata.DNS
-
-	attrs := make(map[string]interface{})
-	if len(metadata.Interfaces.Public) > 0 {
-		if metadata.Interfaces.Public[0].IPv4 != nil {
-			attrs["public-ipv4"] = metadata.Interfaces.Public[0].IPv4.IPAddress
 		}
-		if metadata.Interfaces.Public[0].IPv6 != nil {
+		if m.Interfaces.Public[0].IPv6 != nil {
-			attrs["public-ipv6"] = metadata.Interfaces.Public[0].IPv6.IPAddress
+			metadata.PublicIPv6 = net.ParseIP(m.Interfaces.Public[0].IPv6.IPAddress)
 		}
 	}
-	if len(metadata.Interfaces.Private) > 0 {
+	if len(m.Interfaces.Private) > 0 {
-		if metadata.Interfaces.Private[0].IPv4 != nil {
+		if m.Interfaces.Private[0].IPv4 != nil {
-			attrs["local-ipv4"] = metadata.Interfaces.Private[0].IPv4.IPAddress
+			metadata.PrivateIPv4 = net.ParseIP(m.Interfaces.Private[0].IPv4.IPAddress)
 		}
-		if metadata.Interfaces.Private[0].IPv6 != nil {
+		if m.Interfaces.Private[0].IPv6 != nil {
-			attrs["local-ipv6"] = metadata.Interfaces.Private[0].IPv6.IPAddress
+			metadata.PrivateIPv6 = net.ParseIP(m.Interfaces.Private[0].IPv6.IPAddress)
 		}
 	}
-	attrs["hostname"] = metadata.Hostname
+	metadata.Hostname = m.Hostname
-	keys := make(map[string]string)
+	metadata.SSHPublicKeys = map[string]string{}
-	for i, key := range metadata.PublicKeys {
+	for i, key := range m.PublicKeys {
-		keys[strconv.Itoa(i)] = key
+		metadata.SSHPublicKeys[strconv.Itoa(i)] = key
 	}
-	attrs["public_keys"] = keys
+	metadata.NetworkConfig = data
 
-	return json.Marshal(attrs)
+	return
-}
-
-func (ms metadataService) FetchNetworkConfig(filename string) ([]byte, error) {
-	return json.Marshal(Metadata{
-		Interfaces: ms.interfaces,
-		DNS:        ms.dns,
-	})
 }
 
 func (ms metadataService) Type() string {

datasource/metadata/digitalocean/metadata_test.go

@@ -1,26 +1,26 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package digitalocean
 
 import (
-	"bytes"
 	"fmt"
+	"net"
+	"reflect"
 	"testing"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/datasource/metadata"
 	"github.com/coreos/coreos-cloudinit/datasource/metadata/test"
 	"github.com/coreos/coreos-cloudinit/pkg"
@@ -38,7 +38,7 @@ func TestFetchMetadata(t *testing.T) {
 		root         string
 		metadataPath string
 		resources    map[string]string
-		expect       []byte
+		expect       datasource.Metadata
 		clientErr    error
 		expectErr    error
 	}{
@@ -83,7 +83,42 @@ func TestFetchMetadata(t *testing.T) {
   }
 }`,
 			},
-			expect: []byte(`{"hostname":"","public-ipv4":"192.168.1.2","public-ipv6":"fe00::","public_keys":{"0":"publickey1","1":"publickey2"}}`),
+			expect: datasource.Metadata{
+				PublicIPv4: net.ParseIP("192.168.1.2"),
+				PublicIPv6: net.ParseIP("fe00::"),
+				SSHPublicKeys: map[string]string{
+					"0": "publickey1",
+					"1": "publickey2",
+				},
+				NetworkConfig: []byte(`{
+  "droplet_id": 1,
+  "user_data": "hello",
+  "vendor_data": "hello",
+  "public_keys": [
+    "publickey1",
+    "publickey2"
+  ],
+  "region": "nyc2",
+  "interfaces": {
+    "public": [
+      {
+        "ipv4": {
+          "ip_address": "192.168.1.2",
+          "netmask": "255.255.255.0",
+          "gateway": "192.168.1.1"
+        },
+        "ipv6": {
+          "ip_address": "fe00::",
+          "cidr": 126,
+          "gateway": "fe00::"
+        },
+        "mac": "ab:cd:ef:gh:ij",
+        "type": "public"
+      }
+    ]
+  }
+}`),
+			},
 		},
 		{
 			clientErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
@@ -101,8 +136,8 @@ func TestFetchMetadata(t *testing.T) {
 		if Error(err) != Error(tt.expectErr) {
 			t.Fatalf("bad error (%q): want %q, got %q", tt.resources, tt.expectErr, err)
 		}
-		if !bytes.Equal(metadata, tt.expect) {
+		if !reflect.DeepEqual(tt.expect, metadata) {
-			t.Fatalf("bad fetch (%q): want %q, got %q", tt.resources, tt.expect, metadata)
+			t.Fatalf("bad fetch (%q): want %#q, got %#q", tt.resources, tt.expect, metadata)
 		}
 	}
 }

datasource/metadata/ec2/metadata.go

@@ -1,28 +1,27 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package ec2
 
 import (
 	"bufio"
 	"bytes"
-	"encoding/json"
 	"fmt"
+	"net"
 	"strings"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/datasource/metadata"
 	"github.com/coreos/coreos-cloudinit/pkg"
 )
@@ -42,59 +41,51 @@ func NewDatasource(root string) *metadataService {
 	return &metadataService{metadata.NewDatasource(root, apiVersion, userdataPath, metadataPath)}
 }
 
-func (ms metadataService) FetchMetadata() ([]byte, error) {
+func (ms metadataService) FetchMetadata() (datasource.Metadata, error) {
-	attrs := make(map[string]interface{})
+	metadata := datasource.Metadata{}
+
 	if keynames, err := ms.fetchAttributes(fmt.Sprintf("%s/public-keys", ms.MetadataUrl())); err == nil {
 		keyIDs := make(map[string]string)
 		for _, keyname := range keynames {
 			tokens := strings.SplitN(keyname, "=", 2)
 			if len(tokens) != 2 {
-				return nil, fmt.Errorf("malformed public key: %q", keyname)
+				return metadata, fmt.Errorf("malformed public key: %q", keyname)
 			}
 			keyIDs[tokens[1]] = tokens[0]
 		}
 
-		keys := make(map[string]string)
+		metadata.SSHPublicKeys = map[string]string{}
 		for name, id := range keyIDs {
 			sshkey, err := ms.fetchAttribute(fmt.Sprintf("%s/public-keys/%s/openssh-key", ms.MetadataUrl(), id))
 			if err != nil {
-				return nil, err
+				return metadata, err
 			}
-			keys[name] = sshkey
+			metadata.SSHPublicKeys[name] = sshkey
 			fmt.Printf("Found SSH key for %q\n", name)
 		}
-		attrs["public_keys"] = keys
 	} else if _, ok := err.(pkg.ErrNotFound); !ok {
-		return nil, err
+		return metadata, err
 	}
 
 	if hostname, err := ms.fetchAttribute(fmt.Sprintf("%s/hostname", ms.MetadataUrl())); err == nil {
-		attrs["hostname"] = hostname
+		metadata.Hostname = strings.Split(hostname, " ")[0]
 	} else if _, ok := err.(pkg.ErrNotFound); !ok {
-		return nil, err
+		return metadata, err
 	}
 
 	if localAddr, err := ms.fetchAttribute(fmt.Sprintf("%s/local-ipv4", ms.MetadataUrl())); err == nil {
-		attrs["local-ipv4"] = localAddr
+		metadata.PrivateIPv4 = net.ParseIP(localAddr)
 	} else if _, ok := err.(pkg.ErrNotFound); !ok {
-		return nil, err
+		return metadata, err
 	}
 
 	if publicAddr, err := ms.fetchAttribute(fmt.Sprintf("%s/public-ipv4", ms.MetadataUrl())); err == nil {
-		attrs["public-ipv4"] = publicAddr
+		metadata.PublicIPv4 = net.ParseIP(publicAddr)
 	} else if _, ok := err.(pkg.ErrNotFound); !ok {
-		return nil, err
+		return metadata, err
 	}
 
-	if content_path, err := ms.fetchAttribute(fmt.Sprintf("%s/network_config/content_path", ms.MetadataUrl())); err == nil {
+	return metadata, nil
-		attrs["network_config"] = map[string]string{
-			"content_path": content_path,
-		}
-	} else if _, ok := err.(pkg.ErrNotFound); !ok {
-		return nil, err
-	}
-
-	return json.Marshal(attrs)
 }
 
 func (ms metadataService) Type() string {

datasource/metadata/ec2/metadata_test.go

@@ -1,27 +1,26 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package ec2
 
 import (
-	"bytes"
 	"fmt"
+	"net"
 	"reflect"
 	"testing"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/datasource/metadata"
 	"github.com/coreos/coreos-cloudinit/datasource/metadata/test"
 	"github.com/coreos/coreos-cloudinit/pkg"
@@ -147,7 +146,7 @@ func TestFetchMetadata(t *testing.T) {
 		root         string
 		metadataPath string
 		resources    map[string]string
-		expect       []byte
+		expect       datasource.Metadata
 		clientErr    error
 		expectErr    error
 	}{
@@ -163,15 +162,37 @@ func TestFetchMetadata(t *testing.T) {
 			root:         "/",
 			metadataPath: "2009-04-04/meta-data",
 			resources: map[string]string{
-				"/2009-04-04/meta-data/hostname":                    "host",
+				"/2009-04-04/meta-data/hostname":                  "host",
-				"/2009-04-04/meta-data/local-ipv4":                  "1.2.3.4",
+				"/2009-04-04/meta-data/local-ipv4":                "1.2.3.4",
-				"/2009-04-04/meta-data/public-ipv4":                 "5.6.7.8",
+				"/2009-04-04/meta-data/public-ipv4":               "5.6.7.8",
-				"/2009-04-04/meta-data/public-keys":                 "0=test1\n",
+				"/2009-04-04/meta-data/public-keys":               "0=test1\n",
-				"/2009-04-04/meta-data/public-keys/0":               "openssh-key",
+				"/2009-04-04/meta-data/public-keys/0":             "openssh-key",
-				"/2009-04-04/meta-data/public-keys/0/openssh-key":   "key",
+				"/2009-04-04/meta-data/public-keys/0/openssh-key": "key",
-				"/2009-04-04/meta-data/network_config/content_path": "path",
+			},
+			expect: datasource.Metadata{
+				Hostname:      "host",
+				PrivateIPv4:   net.ParseIP("1.2.3.4"),
+				PublicIPv4:    net.ParseIP("5.6.7.8"),
+				SSHPublicKeys: map[string]string{"test1": "key"},
+			},
+		},
+		{
+			root:         "/",
+			metadataPath: "2009-04-04/meta-data",
+			resources: map[string]string{
+				"/2009-04-04/meta-data/hostname":                  "host domain another_domain",
+				"/2009-04-04/meta-data/local-ipv4":                "1.2.3.4",
+				"/2009-04-04/meta-data/public-ipv4":               "5.6.7.8",
+				"/2009-04-04/meta-data/public-keys":               "0=test1\n",
+				"/2009-04-04/meta-data/public-keys/0":             "openssh-key",
+				"/2009-04-04/meta-data/public-keys/0/openssh-key": "key",
+			},
+			expect: datasource.Metadata{
+				Hostname:      "host",
+				PrivateIPv4:   net.ParseIP("1.2.3.4"),
+				PublicIPv4:    net.ParseIP("5.6.7.8"),
+				SSHPublicKeys: map[string]string{"test1": "key"},
 			},
-			expect: []byte(`{"hostname":"host","local-ipv4":"1.2.3.4","network_config":{"content_path":"path"},"public-ipv4":"5.6.7.8","public_keys":{"test1":"key"}}`),
 		},
 		{
 			clientErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
@@ -187,8 +208,8 @@ func TestFetchMetadata(t *testing.T) {
 		if Error(err) != Error(tt.expectErr) {
 			t.Fatalf("bad error (%q): want %q, got %q", tt.resources, tt.expectErr, err)
 		}
-		if !bytes.Equal(metadata, tt.expect) {
+		if !reflect.DeepEqual(tt.expect, metadata) {
-			t.Fatalf("bad fetch (%q): want %q, got %q", tt.resources, tt.expect, metadata)
+			t.Fatalf("bad fetch (%q): want %#v, got %#v", tt.resources, tt.expect, metadata)
 		}
 	}
 }

datasource/metadata/metadata.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package metadata
 
@@ -54,10 +52,6 @@ func (ms MetadataService) FetchUserdata() ([]byte, error) {
 	return ms.FetchData(ms.UserdataUrl())
 }
 
-func (ms MetadataService) FetchNetworkConfig(filename string) ([]byte, error) {
-	return nil, nil
-}
-
 func (ms MetadataService) FetchData(url string) ([]byte, error) {
 	if data, err := ms.Client.GetRetry(url); err == nil {
 		return data, err

datasource/metadata/metadata_test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package metadata
 

datasource/metadata/test/test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package test
 

datasource/proc_cmdline/proc_cmdline.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package proc_cmdline
 
@@ -22,6 +20,7 @@ import (
 	"log"
 	"strings"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/pkg"
 )
 
@@ -57,8 +56,8 @@ func (c *procCmdline) ConfigRoot() string {
 	return ""
 }
 
-func (c *procCmdline) FetchMetadata() ([]byte, error) {
+func (c *procCmdline) FetchMetadata() (datasource.Metadata, error) {
-	return []byte{}, nil
+	return datasource.Metadata{}, nil
 }
 
 func (c *procCmdline) FetchUserdata() ([]byte, error) {
@@ -82,10 +81,6 @@ func (c *procCmdline) FetchUserdata() ([]byte, error) {
 	return cfg, nil
 }
 
-func (c *procCmdline) FetchNetworkConfig(filename string) ([]byte, error) {
-	return nil, nil
-}
-
 func (c *procCmdline) Type() string {
 	return "proc-cmdline"
 }

datasource/proc_cmdline/proc_cmdline_test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package proc_cmdline
 

datasource/test/filesystem.go

@@ -0,0 +1,57 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test
+
+import (
+	"fmt"
+	"os"
+	"path"
+)
+
+type MockFilesystem map[string]File
+
+type File struct {
+	Path      string
+	Contents  string
+	Directory bool
+}
+
+func (m MockFilesystem) ReadFile(filename string) ([]byte, error) {
+	if f, ok := m[path.Clean(filename)]; ok {
+		if f.Directory {
+			return nil, fmt.Errorf("read %s: is a directory", filename)
+		}
+		return []byte(f.Contents), nil
+	}
+	return nil, os.ErrNotExist
+}
+
+func NewMockFilesystem(files ...File) MockFilesystem {
+	fs := MockFilesystem{}
+	for _, file := range files {
+		fs[file.Path] = file
+
+		// Create the directories leading up to the file
+		p := path.Dir(file.Path)
+		for p != "/" && p != "." {
+			if f, ok := fs[p]; ok && !f.Directory {
+				panic(fmt.Sprintf("%q already exists and is not a directory (%#v)", p, f))
+			}
+			fs[p] = File{Path: p, Directory: true}
+			p = path.Dir(p)
+		}
+	}
+	return fs
+}

datasource/test/filesystem_test.go

@@ -0,0 +1,115 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test
+
+import (
+	"errors"
+	"os"
+	"reflect"
+	"testing"
+)
+
+func TestReadFile(t *testing.T) {
+	tests := []struct {
+		filesystem MockFilesystem
+
+		filename string
+		contents string
+		err      error
+	}{
+		{
+			filename: "dne",
+			err:      os.ErrNotExist,
+		},
+		{
+			filesystem: MockFilesystem{
+				"exists": File{Contents: "hi"},
+			},
+			filename: "exists",
+			contents: "hi",
+		},
+		{
+			filesystem: MockFilesystem{
+				"dir": File{Directory: true},
+			},
+			filename: "dir",
+			err:      errors.New("read dir: is a directory"),
+		},
+	}
+
+	for i, tt := range tests {
+		contents, err := tt.filesystem.ReadFile(tt.filename)
+		if tt.contents != string(contents) {
+			t.Errorf("bad contents (test %d): want %q, got %q", i, tt.contents, string(contents))
+		}
+		if !reflect.DeepEqual(tt.err, err) {
+			t.Errorf("bad error (test %d): want %v, got %v", i, tt.err, err)
+		}
+	}
+}
+
+func TestNewMockFilesystem(t *testing.T) {
+	tests := []struct {
+		files []File
+
+		filesystem MockFilesystem
+	}{
+		{
+			filesystem: MockFilesystem{},
+		},
+		{
+			files: []File{File{Path: "file"}},
+			filesystem: MockFilesystem{
+				"file": File{Path: "file"},
+			},
+		},
+		{
+			files: []File{File{Path: "/file"}},
+			filesystem: MockFilesystem{
+				"/file": File{Path: "/file"},
+			},
+		},
+		{
+			files: []File{File{Path: "/dir/file"}},
+			filesystem: MockFilesystem{
+				"/dir":      File{Path: "/dir", Directory: true},
+				"/dir/file": File{Path: "/dir/file"},
+			},
+		},
+		{
+			files: []File{File{Path: "/dir/dir/file"}},
+			filesystem: MockFilesystem{
+				"/dir":          File{Path: "/dir", Directory: true},
+				"/dir/dir":      File{Path: "/dir/dir", Directory: true},
+				"/dir/dir/file": File{Path: "/dir/dir/file"},
+			},
+		},
+		{
+			files: []File{File{Path: "/dir/dir/dir", Directory: true}},
+			filesystem: MockFilesystem{
+				"/dir":         File{Path: "/dir", Directory: true},
+				"/dir/dir":     File{Path: "/dir/dir", Directory: true},
+				"/dir/dir/dir": File{Path: "/dir/dir/dir", Directory: true},
+			},
+		},
+	}
+
+	for i, tt := range tests {
+		filesystem := NewMockFilesystem(tt.files...)
+		if !reflect.DeepEqual(tt.filesystem, filesystem) {
+			t.Errorf("bad filesystem (test %d): want %#v, got %#v", i, tt.filesystem, filesystem)
+		}
+	}
+}

datasource/url/url.go

@@ -1,22 +1,21 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package url
 
 import (
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/pkg"
 )
 
@@ -42,8 +41,8 @@ func (f *remoteFile) ConfigRoot() string {
 	return ""
 }
 
-func (f *remoteFile) FetchMetadata() ([]byte, error) {
+func (f *remoteFile) FetchMetadata() (datasource.Metadata, error) {
-	return []byte{}, nil
+	return datasource.Metadata{}, nil
 }
 
 func (f *remoteFile) FetchUserdata() ([]byte, error) {
@@ -51,10 +50,6 @@ func (f *remoteFile) FetchUserdata() ([]byte, error) {
 	return client.GetRetry(f.url)
 }
 
-func (f *remoteFile) FetchNetworkConfig(filename string) ([]byte, error) {
-	return nil, nil
-}
-
 func (f *remoteFile) Type() string {
 	return "url"
 }

datasource/waagent/waagent.go

@@ -1,29 +1,28 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package waagent
 
 import (
-	"encoding/json"
 	"encoding/xml"
 	"fmt"
 	"io/ioutil"
 	"net"
 	"os"
 	"path"
+
+	"github.com/coreos/coreos-cloudinit/datasource"
 )
 
 type waagent struct {
@@ -48,13 +47,13 @@ func (a *waagent) ConfigRoot() string {
 	return a.root
 }
 
-func (a *waagent) FetchMetadata() ([]byte, error) {
+func (a *waagent) FetchMetadata() (metadata datasource.Metadata, err error) {
-	metadataBytes, err := a.tryReadFile(path.Join(a.root, "SharedConfig.xml"))
+	var metadataBytes []byte
-	if err != nil {
+	if metadataBytes, err = a.tryReadFile(path.Join(a.root, "SharedConfig.xml")); err != nil {
-		return nil, err
+		return
 	}
 	if len(metadataBytes) == 0 {
-		return metadataBytes, nil
+		return
 	}
 
 	type Instance struct {
@@ -76,40 +75,34 @@ func (a *waagent) FetchMetadata() ([]byte, error) {
 		}
 	}
 
-	var metadata SharedConfig
+	var m SharedConfig
-	if err := xml.Unmarshal(metadataBytes, &metadata); err != nil {
+	if err = xml.Unmarshal(metadataBytes, &m); err != nil {
-		return nil, err
+		return
 	}
 
 	var instance Instance
-	for _, i := range metadata.Instances.Instances {
+	for _, i := range m.Instances.Instances {
-		if i.Id == metadata.Incarnation.Instance {
+		if i.Id == m.Incarnation.Instance {
 			instance = i
 			break
 		}
 	}
 
-	attrs := map[string]string{
+	metadata.PrivateIPv4 = net.ParseIP(instance.Address)
-		"local-ipv4": instance.Address,
-	}
 	for _, e := range instance.InputEndpoints.Endpoints {
 		host, _, err := net.SplitHostPort(e.LoadBalancedPublicAddress)
 		if err == nil {
-			attrs["public-ipv4"] = host
+			metadata.PublicIPv4 = net.ParseIP(host)
 			break
 		}
 	}
-	return json.Marshal(attrs)
+	return
 }
 
 func (a *waagent) FetchUserdata() ([]byte, error) {
 	return a.tryReadFile(path.Join(a.root, "CustomData"))
 }
 
-func (a *waagent) FetchNetworkConfig(filename string) ([]byte, error) {
-	return nil, nil
-}
-
 func (a *waagent) Type() string {
 	return "waagent"
 }

datasource/waagent/waagent_test.go

@@ -1,61 +1,49 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package waagent
 
 import (
-	"encoding/json"
+	"net"
-	"os"
 	"reflect"
 	"testing"
+
+	"github.com/coreos/coreos-cloudinit/datasource"
+	"github.com/coreos/coreos-cloudinit/datasource/test"
 )
 
-type mockFilesystem map[string][]byte
-
-func (m mockFilesystem) readFile(filename string) ([]byte, error) {
-	if contents := m[filename]; contents != nil {
-		return contents, nil
-	}
-	return nil, os.ErrNotExist
-}
-
 func TestFetchMetadata(t *testing.T) {
 	for _, tt := range []struct {
 		root     string
-		files    mockFilesystem
+		files    test.MockFilesystem
-		metadata map[string]string
+		metadata datasource.Metadata
 	}{
 		{
-			"/",
+			root:  "/",
-			mockFilesystem{},
+			files: test.NewMockFilesystem(),
-			nil,
 		},
 		{
-			"/",
+			root:  "/",
-			mockFilesystem{"/SharedConfig.xml": []byte("")},
+			files: test.NewMockFilesystem(test.File{Path: "/SharedConfig.xml", Contents: ""}),
-			nil,
 		},
 		{
-			"/var/lib/waagent",
+			root:  "/var/lib/waagent",
-			mockFilesystem{"/var/lib/waagent/SharedConfig.xml": []byte("")},
+			files: test.NewMockFilesystem(test.File{Path: "/var/lib/waagent/SharedConfig.xml", Contents: ""}),
-			nil,
 		},
 		{
-			"/var/lib/waagent",
+			root: "/var/lib/waagent",
-			mockFilesystem{"/var/lib/waagent/SharedConfig.xml": []byte(`<?xml version="1.0" encoding="utf-8"?>
+			files: test.NewMockFilesystem(test.File{Path: "/var/lib/waagent/SharedConfig.xml", Contents: `<?xml version="1.0" encoding="utf-8"?>
 <SharedConfig version="1.0.0.0" goalStateIncarnation="1">
   <Deployment name="c8f9e4c9c18948e1bebf57c5685da756" guid="{1d10394f-c741-4a1a-a6bb-278f213c5a5e}" incarnation="0" isNonCancellableTopologyChangeEnabled="false">
     <Service name="core-test-1" guid="{00000000-0000-0000-0000-000000000000}" />
@@ -91,26 +79,20 @@ func TestFetchMetadata(t *testing.T) {
       </InputEndpoints>
     </Instance>
   </Instances>
-</SharedConfig>`)},
+</SharedConfig>`}),
-			map[string]string{
+			metadata: datasource.Metadata{
-				"local-ipv4":  "100.73.202.64",
+				PrivateIPv4: net.ParseIP("100.73.202.64"),
-				"public-ipv4": "191.239.39.77",
+				PublicIPv4:  net.ParseIP("191.239.39.77"),
 			},
 		},
 	} {
-		a := waagent{tt.root, tt.files.readFile}
+		a := waagent{tt.root, tt.files.ReadFile}
-		metadataBytes, err := a.FetchMetadata()
+		metadata, err := a.FetchMetadata()
 		if err != nil {
-			t.Fatalf("bad error for %q: want %v, got %q", tt, nil, err)
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
-		}
-		var metadata map[string]string
-		if len(metadataBytes) > 0 {
-			if err := json.Unmarshal(metadataBytes, &metadata); err != nil {
-				panic(err)
-			}
 		}
 		if !reflect.DeepEqual(tt.metadata, metadata) {
-			t.Fatalf("bad metadata for %q: want %q, got %q", tt, tt.metadata, metadata)
+			t.Fatalf("bad metadata for %+v: want %#v, got %#v", tt, tt.metadata, metadata)
 		}
 	}
 }
@@ -118,25 +100,25 @@ func TestFetchMetadata(t *testing.T) {
 func TestFetchUserdata(t *testing.T) {
 	for _, tt := range []struct {
 		root  string
-		files mockFilesystem
+		files test.MockFilesystem
 	}{
 		{
 			"/",
-			mockFilesystem{},
+			test.NewMockFilesystem(),
 		},
 		{
 			"/",
-			mockFilesystem{"/CustomData": []byte{}},
+			test.NewMockFilesystem(test.File{Path: "/CustomData", Contents: ""}),
 		},
 		{
 			"/var/lib/waagent/",
-			mockFilesystem{"/var/lib/waagent/CustomData": []byte{}},
+			test.NewMockFilesystem(test.File{Path: "/var/lib/waagent/CustomData", Contents: ""}),
 		},
 	} {
-		a := waagent{tt.root, tt.files.readFile}
+		a := waagent{tt.root, tt.files.ReadFile}
 		_, err := a.FetchUserdata()
 		if err != nil {
-			t.Fatalf("bad error for %q: want %v, got %q", tt, nil, err)
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
 		}
 	}
 }

initialize/config.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
@@ -22,8 +20,7 @@ import (
 	"log"
 	"path"
 
-	"github.com/coreos/coreos-cloudinit/Godeps/_workspace/src/gopkg.in/yaml.v1"
+	"github.com/coreos/coreos-cloudinit/config"
-
 	"github.com/coreos/coreos-cloudinit/network"
 	"github.com/coreos/coreos-cloudinit/system"
 )
@@ -33,146 +30,19 @@ import (
 type CloudConfigFile interface {
 	// File should either return (*system.File, error), or (nil, nil) if nothing
 	// needs to be done for this configuration option.
-	File(root string) (*system.File, error)
+	File() (*system.File, error)
 }
 
 // CloudConfigUnit represents a CoreOS specific configuration option that can generate
 // associated system.Units to be created/enabled appropriately
 type CloudConfigUnit interface {
-	Units(root string) ([]system.Unit, error)
+	Units() []system.Unit
-}
-
-// CloudConfig encapsulates the entire cloud-config configuration file and maps directly to YAML
-type CloudConfig struct {
-	SSHAuthorizedKeys []string `yaml:"ssh_authorized_keys"`
-	Coreos            struct {
-		Etcd   EtcdEnvironment
-		Fleet  FleetEnvironment
-		OEM    OEMRelease
-		Update UpdateConfig
-		Units  []system.Unit
-	}
-	WriteFiles        []system.File `yaml:"write_files"`
-	Hostname          string
-	Users             []system.User
-	ManageEtcHosts    EtcHosts `yaml:"manage_etc_hosts"`
-	NetworkConfigPath string
-	NetworkConfig     string
-}
-
-type warner func(format string, v ...interface{})
-
-// warnOnUnrecognizedKeys parses the contents of a cloud-config file and calls
-// warn(msg, key) for every unrecognized key (i.e. those not present in CloudConfig)
-func warnOnUnrecognizedKeys(contents string, warn warner) {
-	// Generate a map of all understood cloud config options
-	var cc map[string]interface{}
-	b, _ := yaml.Marshal(&CloudConfig{})
-	yaml.Unmarshal(b, &cc)
-
-	// Now unmarshal the entire provided contents
-	var c map[string]interface{}
-	yaml.Unmarshal([]byte(contents), &c)
-
-	// Check that every key in the contents exists in the cloud config
-	for k, _ := range c {
-		if _, ok := cc[k]; !ok {
-			warn("Warning: unrecognized key %q in provided cloud config - ignoring section", k)
-		}
-	}
-
-	// Check for unrecognized coreos options, if any are set
-	if coreos, ok := c["coreos"]; ok {
-		if set, ok := coreos.(map[interface{}]interface{}); ok {
-			known := cc["coreos"].(map[interface{}]interface{})
-			for k, _ := range set {
-				if key, ok := k.(string); ok {
-					if _, ok := known[key]; !ok {
-						warn("Warning: unrecognized key %q in coreos section of provided cloud config - ignoring", key)
-					}
-				} else {
-					warn("Warning: unrecognized key %q in coreos section of provided cloud config - ignoring", k)
-				}
-			}
-		}
-	}
-
-	// Check for any badly-specified users, if any are set
-	if users, ok := c["users"]; ok {
-		var known map[string]interface{}
-		b, _ := yaml.Marshal(&system.User{})
-		yaml.Unmarshal(b, &known)
-
-		if set, ok := users.([]interface{}); ok {
-			for _, u := range set {
-				if user, ok := u.(map[interface{}]interface{}); ok {
-					for k, _ := range user {
-						if key, ok := k.(string); ok {
-							if _, ok := known[key]; !ok {
-								warn("Warning: unrecognized key %q in user section of cloud config - ignoring", key)
-							}
-						} else {
-							warn("Warning: unrecognized key %q in user section of cloud config - ignoring", k)
-						}
-					}
-				}
-			}
-		}
-	}
-
-	// Check for any badly-specified files, if any are set
-	if files, ok := c["write_files"]; ok {
-		var known map[string]interface{}
-		b, _ := yaml.Marshal(&system.File{})
-		yaml.Unmarshal(b, &known)
-
-		if set, ok := files.([]interface{}); ok {
-			for _, f := range set {
-				if file, ok := f.(map[interface{}]interface{}); ok {
-					for k, _ := range file {
-						if key, ok := k.(string); ok {
-							if _, ok := known[key]; !ok {
-								warn("Warning: unrecognized key %q in file section of cloud config - ignoring", key)
-							}
-						} else {
-							warn("Warning: unrecognized key %q in file section of cloud config - ignoring", k)
-						}
-					}
-				}
-			}
-		}
-	}
-}
-
-// NewCloudConfig instantiates a new CloudConfig from the given contents (a
-// string of YAML), returning any error encountered. It will ignore unknown
-// fields but log encountering them.
-func NewCloudConfig(contents string) (*CloudConfig, error) {
-	var cfg CloudConfig
-	err := yaml.Unmarshal([]byte(contents), &cfg)
-	if err != nil {
-		return &cfg, err
-	}
-	warnOnUnrecognizedKeys(contents, log.Printf)
-	return &cfg, nil
-}
-
-func (cc CloudConfig) String() string {
-	bytes, err := yaml.Marshal(cc)
-	if err != nil {
-		return ""
-	}
-
-	stringified := string(bytes)
-	stringified = fmt.Sprintf("#cloud-config\n%s", stringified)
-
-	return stringified
 }
 
 // Apply renders a CloudConfig to an Environment. This can involve things like
 // configuring the hostname, adding new users, writing various configuration
 // files to disk, and manipulating systemd services.
-func Apply(cfg CloudConfig, env *Environment) error {
+func Apply(cfg config.CloudConfig, ifaces []network.InterfaceGenerator, env *Environment) error {
 	if cfg.Hostname != "" {
 		if err := system.SetHostname(cfg.Hostname); err != nil {
 			return err
@@ -215,6 +85,12 @@ func Apply(cfg CloudConfig, env *Environment) error {
 				return err
 			}
 		}
+		for _, u := range user.SSHImportGithubUsers {
+			log.Printf("Authorizing github user %s SSH keys for CoreOS user '%s'", u, user.Name)
+			if err := SSHImportGithubUser(user.Name, u); err != nil {
+				return err
+			}
+		}
 		if user.SSHImportURL != "" {
 			log.Printf("Authorizing SSH keys for CoreOS user '%s' from '%s'", user.Name, user.SSHImportURL)
 			if err := SSHImportKeysFromURL(user.Name, user.SSHImportURL); err != nil {
@@ -232,26 +108,42 @@ func Apply(cfg CloudConfig, env *Environment) error {
 		}
 	}
 
-	for _, ccf := range []CloudConfigFile{cfg.Coreos.OEM, cfg.Coreos.Update, cfg.ManageEtcHosts} {
+	var writeFiles []system.File
-		f, err := ccf.File(env.Root())
+	for _, file := range cfg.WriteFiles {
+		writeFiles = append(writeFiles, system.File{File: file})
+	}
+
+	for _, ccf := range []CloudConfigFile{
+		system.OEM{OEM: cfg.CoreOS.OEM},
+		system.Update{Update: cfg.CoreOS.Update, ReadConfig: system.DefaultReadConfig},
+		system.EtcHosts{EtcHosts: cfg.ManageEtcHosts},
+		system.Flannel{Flannel: cfg.CoreOS.Flannel},
+	} {
+		f, err := ccf.File()
 		if err != nil {
 			return err
 		}
 		if f != nil {
-			cfg.WriteFiles = append(cfg.WriteFiles, *f)
+			writeFiles = append(writeFiles, *f)
 		}
 	}
 
-	for _, ccu := range []CloudConfigUnit{cfg.Coreos.Etcd, cfg.Coreos.Fleet, cfg.Coreos.Update} {
+	var units []system.Unit
-		u, err := ccu.Units(env.Root())
+	for _, u := range cfg.CoreOS.Units {
-		if err != nil {
+		units = append(units, system.Unit{Unit: u})
-			return err
+	}
-		}
+
-		cfg.Coreos.Units = append(cfg.Coreos.Units, u...)
+	for _, ccu := range []CloudConfigUnit{
+		system.Etcd{Etcd: cfg.CoreOS.Etcd},
+		system.Fleet{Fleet: cfg.CoreOS.Fleet},
+		system.Locksmith{Locksmith: cfg.CoreOS.Locksmith},
+		system.Update{Update: cfg.CoreOS.Update, ReadConfig: system.DefaultReadConfig},
+	} {
+		units = append(units, ccu.Units()...)
 	}
 
 	wroteEnvironment := false
-	for _, file := range cfg.WriteFiles {
+	for _, file := range writeFiles {
 		fullPath, err := system.WriteFile(&file, env.Root())
 		if err != nil {
 			return err
@@ -273,33 +165,34 @@ func Apply(cfg CloudConfig, env *Environment) error {
 		}
 	}
 
-	if env.NetconfType() != "" {
+	if len(ifaces) > 0 {
-		var interfaces []network.InterfaceGenerator
+		units = append(units, createNetworkingUnits(ifaces)...)
-		var err error
+		if err := system.RestartNetwork(ifaces); err != nil {
-		switch env.NetconfType() {
-		case "debian":
-			interfaces, err = network.ProcessDebianNetconf(cfg.NetworkConfig)
-		case "digitalocean":
-			interfaces, err = network.ProcessDigitalOceanNetconf(cfg.NetworkConfig)
-		default:
-			return fmt.Errorf("Unsupported network config format %q", env.NetconfType())
-		}
-
-		if err != nil {
-			return err
-		}
-
-		if err := system.WriteNetworkdConfigs(interfaces); err != nil {
-			return err
-		}
-		if err := system.RestartNetwork(interfaces); err != nil {
 			return err
 		}
 	}
 
 	um := system.NewUnitManager(env.Root())
-	return processUnits(cfg.Coreos.Units, env.Root(), um)
+	return processUnits(units, env.Root(), um)
+}
 
+func createNetworkingUnits(interfaces []network.InterfaceGenerator) (units []system.Unit) {
+	appendNewUnit := func(units []system.Unit, name, content string) []system.Unit {
+		if content == "" {
+			return units
+		}
+		return append(units, system.Unit{Unit: config.Unit{
+			Name:    name,
+			Runtime: true,
+			Content: content,
+		}})
+	}
+	for _, i := range interfaces {
+		units = appendNewUnit(units, fmt.Sprintf("%s.netdev", i.Filename()), i.Netdev())
+		units = appendNewUnit(units, fmt.Sprintf("%s.link", i.Filename()), i.Link())
+		units = appendNewUnit(units, fmt.Sprintf("%s.network", i.Filename()), i.Network())
+	}
+	return units
 }
 
 // processUnits takes a set of Units and applies them to the given root using
@@ -308,66 +201,92 @@ func Apply(cfg CloudConfig, env *Environment) error {
 // commands against units. It returns any error encountered.
 func processUnits(units []system.Unit, root string, um system.UnitManager) error {
 	type action struct {
-		unit    string
+		unit    system.Unit
 		command string
 	}
 	actions := make([]action, 0, len(units))
 	reload := false
+	restartNetworkd := false
 	for _, unit := range units {
-		dst := unit.Destination(root)
+		if unit.Name == "" {
+			log.Printf("Skipping unit without name")
+			continue
+		}
+
 		if unit.Content != "" {
-			log.Printf("Writing unit %s to filesystem at path %s", unit.Name, dst)
+			log.Printf("Writing unit %q to filesystem", unit.Name)
-			if err := um.PlaceUnit(&unit, dst); err != nil {
+			if err := um.PlaceUnit(unit); err != nil {
 				return err
 			}
-			log.Printf("Placed unit %s at %s", unit.Name, dst)
+			log.Printf("Wrote unit %q", unit.Name)
 			reload = true
 		}
 
+		for _, dropin := range unit.DropIns {
+			if dropin.Name != "" && dropin.Content != "" {
+				log.Printf("Writing drop-in unit %q to filesystem", dropin.Name)
+				if err := um.PlaceUnitDropIn(unit, dropin); err != nil {
+					return err
+				}
+				log.Printf("Wrote drop-in unit %q", dropin.Name)
+				reload = true
+			}
+		}
+
 		if unit.Mask {
-			log.Printf("Masking unit file %s", unit.Name)
+			log.Printf("Masking unit file %q", unit.Name)
-			if err := um.MaskUnit(&unit); err != nil {
+			if err := um.MaskUnit(unit); err != nil {
 				return err
 			}
 		} else if unit.Runtime {
-			log.Printf("Ensuring runtime unit file %s is unmasked", unit.Name)
+			log.Printf("Ensuring runtime unit file %q is unmasked", unit.Name)
-			if err := um.UnmaskUnit(&unit); err != nil {
+			if err := um.UnmaskUnit(unit); err != nil {
 				return err
 			}
 		}
 
 		if unit.Enable {
 			if unit.Group() != "network" {
-				log.Printf("Enabling unit file %s", unit.Name)
+				log.Printf("Enabling unit file %q", unit.Name)
-				if err := um.EnableUnitFile(unit.Name, unit.Runtime); err != nil {
+				if err := um.EnableUnitFile(unit); err != nil {
 					return err
 				}
-				log.Printf("Enabled unit %s", unit.Name)
+				log.Printf("Enabled unit %q", unit.Name)
 			} else {
-				log.Printf("Skipping enable for network-like unit %s", unit.Name)
+				log.Printf("Skipping enable for network-like unit %q", unit.Name)
 			}
 		}
 
 		if unit.Group() == "network" {
-			actions = append(actions, action{"systemd-networkd.service", "restart"})
+			restartNetworkd = true
 		} else if unit.Command != "" {
-			actions = append(actions, action{unit.Name, unit.Command})
+			actions = append(actions, action{unit, unit.Command})
 		}
 	}
 
 	if reload {
 		if err := um.DaemonReload(); err != nil {
-			return errors.New(fmt.Sprintf("failed systemd daemon-reload: %v", err))
+			return errors.New(fmt.Sprintf("failed systemd daemon-reload: %s", err))
 		}
 	}
 
-	for _, action := range actions {
+	if restartNetworkd {
-		log.Printf("Calling unit command '%s %s'", action.command, action.unit)
+		log.Printf("Restarting systemd-networkd")
-		res, err := um.RunUnitCommand(action.command, action.unit)
+		networkd := system.Unit{Unit: config.Unit{Name: "systemd-networkd.service"}}
+		res, err := um.RunUnitCommand(networkd, "restart")
 		if err != nil {
 			return err
 		}
-		log.Printf("Result of '%s %s': %s", action.command, action.unit, res)
+		log.Printf("Restarted systemd-networkd (%s)", res)
+	}
+
+	for _, action := range actions {
+		log.Printf("Calling unit command %q on %q'", action.command, action.unit.Name)
+		res, err := um.RunUnitCommand(action.unit, action.command)
+		if err != nil {
+			return err
+		}
+		log.Printf("Result of %q on %q: %s", action.command, action.unit.Name, res)
 	}
 
 	return nil

initialize/config_test.go

@@ -1,486 +1,299 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
 import (
-	"fmt"
+	"reflect"
-	"strings"
 	"testing"
 
+	"github.com/coreos/coreos-cloudinit/config"
+	"github.com/coreos/coreos-cloudinit/network"
 	"github.com/coreos/coreos-cloudinit/system"
 )
 
-func TestCloudConfigInvalidKeys(t *testing.T) {
-	defer func() {
-		if r := recover(); r != nil {
-			t.Fatalf("panic while instantiating CloudConfig with nil keys: %v", r)
-		}
-	}()
-
-	for _, tt := range []struct {
-		contents string
-	}{
-		{"coreos:"},
-		{"ssh_authorized_keys:"},
-		{"ssh_authorized_keys:\n  -"},
-		{"ssh_authorized_keys:\n  - 0:"},
-		{"write_files:"},
-		{"write_files:\n  -"},
-		{"write_files:\n  - 0:"},
-		{"users:"},
-		{"users:\n  -"},
-		{"users:\n  - 0:"},
-	} {
-		_, err := NewCloudConfig(tt.contents)
-		if err != nil {
-			t.Fatalf("error instantiating CloudConfig with invalid keys: %v", err)
-		}
-	}
-}
-
-func TestCloudConfigUnknownKeys(t *testing.T) {
-	contents := `
-coreos: 
-  etcd:
-    discovery: "https://discovery.etcd.io/827c73219eeb2fa5530027c37bf18877"
-  coreos_unknown:
-    foo: "bar"
-section_unknown:
-  dunno:
-    something
-bare_unknown:
-  bar
-write_files:
-  - content: fun
-    path: /var/party
-    file_unknown: nofun
-users:
-  - name: fry
-    passwd: somehash
-    user_unknown: philip
-hostname:
-  foo
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("error instantiating CloudConfig with unknown keys: %v", err)
-	}
-	if cfg.Hostname != "foo" {
-		t.Fatalf("hostname not correctly set when invalid keys are present")
-	}
-	if len(cfg.Coreos.Etcd) < 1 {
-		t.Fatalf("etcd section not correctly set when invalid keys are present")
-	}
-	if len(cfg.WriteFiles) < 1 || cfg.WriteFiles[0].Content != "fun" || cfg.WriteFiles[0].Path != "/var/party" {
-		t.Fatalf("write_files section not correctly set when invalid keys are present")
-	}
-	if len(cfg.Users) < 1 || cfg.Users[0].Name != "fry" || cfg.Users[0].PasswordHash != "somehash" {
-		t.Fatalf("users section not correctly set when invalid keys are present")
-	}
-
-	var warnings string
-	catchWarn := func(f string, v ...interface{}) {
-		warnings += fmt.Sprintf(f, v...)
-	}
-
-	warnOnUnrecognizedKeys(contents, catchWarn)
-
-	if !strings.Contains(warnings, "coreos_unknown") {
-		t.Errorf("warnings did not catch unrecognized coreos option coreos_unknown")
-	}
-	if !strings.Contains(warnings, "bare_unknown") {
-		t.Errorf("warnings did not catch unrecognized key bare_unknown")
-	}
-	if !strings.Contains(warnings, "section_unknown") {
-		t.Errorf("warnings did not catch unrecognized key section_unknown")
-	}
-	if !strings.Contains(warnings, "user_unknown") {
-		t.Errorf("warnings did not catch unrecognized user key user_unknown")
-	}
-	if !strings.Contains(warnings, "file_unknown") {
-		t.Errorf("warnings did not catch unrecognized file key file_unknown")
-	}
-}
-
-// Assert that the parsing of a cloud config file "generally works"
-func TestCloudConfigEmpty(t *testing.T) {
-	cfg, err := NewCloudConfig("")
-	if err != nil {
-		t.Fatalf("Encountered unexpected error :%v", err)
-	}
-
-	keys := cfg.SSHAuthorizedKeys
-	if len(keys) != 0 {
-		t.Error("Parsed incorrect number of SSH keys")
-	}
-
-	if len(cfg.WriteFiles) != 0 {
-		t.Error("Expected zero WriteFiles")
-	}
-
-	if cfg.Hostname != "" {
-		t.Errorf("Expected hostname to be empty, got '%s'", cfg.Hostname)
-	}
-}
-
-// Assert that the parsing of a cloud config file "generally works"
-func TestCloudConfig(t *testing.T) {
-	contents := `
-coreos: 
-  etcd:
-    discovery: "https://discovery.etcd.io/827c73219eeb2fa5530027c37bf18877"
-  update:
-    reboot-strategy: reboot
-  units:
-    - name: 50-eth0.network
-      runtime: yes
-      content: '[Match]
- 
-    Name=eth47
- 
- 
-    [Network]
- 
-    Address=10.209.171.177/19
- 
-'
-  oem:
-    id: rackspace
-    name: Rackspace Cloud Servers
-    version-id: 168.0.0
-    home-url: https://www.rackspace.com/cloud/servers/
-    bug-report-url: https://github.com/coreos/coreos-overlay
-ssh_authorized_keys:
-  - foobar
-  - foobaz
-write_files:
-  - content: |
-      penny
-      elroy
-    path: /etc/dogepack.conf
-    permissions: '0644'
-    owner: root:dogepack
-hostname: trontastic
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("Encountered unexpected error :%v", err)
-	}
-
-	keys := cfg.SSHAuthorizedKeys
-	if len(keys) != 2 {
-		t.Error("Parsed incorrect number of SSH keys")
-	} else if keys[0] != "foobar" {
-		t.Error("Expected first SSH key to be 'foobar'")
-	} else if keys[1] != "foobaz" {
-		t.Error("Expected first SSH key to be 'foobaz'")
-	}
-
-	if len(cfg.WriteFiles) != 1 {
-		t.Error("Failed to parse correct number of write_files")
-	} else {
-		wf := cfg.WriteFiles[0]
-		if wf.Content != "penny\nelroy\n" {
-			t.Errorf("WriteFile has incorrect contents '%s'", wf.Content)
-		}
-		if wf.Encoding != "" {
-			t.Errorf("WriteFile has incorrect encoding %s", wf.Encoding)
-		}
-		if perm, _ := wf.Permissions(); perm != 0644 {
-			t.Errorf("WriteFile has incorrect permissions %s", perm)
-		}
-		if wf.Path != "/etc/dogepack.conf" {
-			t.Errorf("WriteFile has incorrect path %s", wf.Path)
-		}
-		if wf.Owner != "root:dogepack" {
-			t.Errorf("WriteFile has incorrect owner %s", wf.Owner)
-		}
-	}
-
-	if len(cfg.Coreos.Units) != 1 {
-		t.Error("Failed to parse correct number of units")
-	} else {
-		u := cfg.Coreos.Units[0]
-		expect := `[Match]
-Name=eth47
-
-[Network]
-Address=10.209.171.177/19
-`
-		if u.Content != expect {
-			t.Errorf("Unit has incorrect contents '%s'.\nExpected '%s'.", u.Content, expect)
-		}
-		if u.Runtime != true {
-			t.Errorf("Unit has incorrect runtime value")
-		}
-		if u.Name != "50-eth0.network" {
-			t.Errorf("Unit has incorrect name %s", u.Name)
-		}
-		if u.Type() != "network" {
-			t.Errorf("Unit has incorrect type '%s'", u.Type())
-		}
-	}
-
-	if cfg.Coreos.OEM.ID != "rackspace" {
-		t.Errorf("Failed parsing coreos.oem. Expected ID 'rackspace', got %q.", cfg.Coreos.OEM.ID)
-	}
-
-	if cfg.Hostname != "trontastic" {
-		t.Errorf("Failed to parse hostname")
-	}
-	if cfg.Coreos.Update["reboot-strategy"] != "reboot" {
-		t.Errorf("Failed to parse locksmith strategy")
-	}
-}
-
-// Assert that our interface conversion doesn't panic
-func TestCloudConfigKeysNotList(t *testing.T) {
-	contents := `
-ssh_authorized_keys:
-  - foo: bar
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("Encountered unexpected error: %v", err)
-	}
-
-	keys := cfg.SSHAuthorizedKeys
-	if len(keys) != 0 {
-		t.Error("Parsed incorrect number of SSH keys")
-	}
-}
-
-func TestCloudConfigSerializationHeader(t *testing.T) {
-	cfg, _ := NewCloudConfig("")
-	contents := cfg.String()
-	header := strings.SplitN(contents, "\n", 2)[0]
-	if header != "#cloud-config" {
-		t.Fatalf("Serialized config did not have expected header")
-	}
-}
-
-// TestDropInIgnored asserts that users are unable to set DropIn=True on units
-func TestDropInIgnored(t *testing.T) {
-	contents := `
-coreos:
-  units:
-    - name: test
-      dropin: true
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil || len(cfg.Coreos.Units) != 1 {
-		t.Fatalf("Encountered unexpected error: %v", err)
-	}
-	if len(cfg.Coreos.Units) != 1 || cfg.Coreos.Units[0].Name != "test" {
-		t.Fatalf("Expected 1 unit, but got %d: %v", len(cfg.Coreos.Units), cfg.Coreos.Units)
-	}
-	if cfg.Coreos.Units[0].DropIn {
-		t.Errorf("dropin option on unit in cloud-config was not ignored!")
-	}
-}
-
-func TestCloudConfigUsers(t *testing.T) {
-	contents := `
-users:
-  - name: elroy
-    passwd: somehash
-    ssh-authorized-keys:
-      - somekey
-    gecos: arbitrary comment
-    homedir: /home/place
-    no-create-home: yes
-    primary-group: things
-    groups:
-      - ping
-      - pong
-    no-user-group: true
-    system: y
-    no-log-init: True
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("Encountered unexpected error: %v", err)
-	}
-
-	if len(cfg.Users) != 1 {
-		t.Fatalf("Parsed %d users, expected 1", len(cfg.Users))
-	}
-
-	user := cfg.Users[0]
-
-	if user.Name != "elroy" {
-		t.Errorf("User name is %q, expected 'elroy'", user.Name)
-	}
-
-	if user.PasswordHash != "somehash" {
-		t.Errorf("User passwd is %q, expected 'somehash'", user.PasswordHash)
-	}
-
-	if keys := user.SSHAuthorizedKeys; len(keys) != 1 {
-		t.Errorf("Parsed %d ssh keys, expected 1", len(keys))
-	} else {
-		key := user.SSHAuthorizedKeys[0]
-		if key != "somekey" {
-			t.Errorf("User SSH key is %q, expected 'somekey'", key)
-		}
-	}
-
-	if user.GECOS != "arbitrary comment" {
-		t.Errorf("Failed to parse gecos field, got %q", user.GECOS)
-	}
-
-	if user.Homedir != "/home/place" {
-		t.Errorf("Failed to parse homedir field, got %q", user.Homedir)
-	}
-
-	if !user.NoCreateHome {
-		t.Errorf("Failed to parse no-create-home field")
-	}
-
-	if user.PrimaryGroup != "things" {
-		t.Errorf("Failed to parse primary-group field, got %q", user.PrimaryGroup)
-	}
-
-	if len(user.Groups) != 2 {
-		t.Errorf("Failed to parse 2 goups, got %d", len(user.Groups))
-	} else {
-		if user.Groups[0] != "ping" {
-			t.Errorf("First group was %q, not expected value 'ping'", user.Groups[0])
-		}
-		if user.Groups[1] != "pong" {
-			t.Errorf("First group was %q, not expected value 'pong'", user.Groups[1])
-		}
-	}
-
-	if !user.NoUserGroup {
-		t.Errorf("Failed to parse no-user-group field")
-	}
-
-	if !user.System {
-		t.Errorf("Failed to parse system field")
-	}
-
-	if !user.NoLogInit {
-		t.Errorf("Failed to parse no-log-init field")
-	}
-}
-
 type TestUnitManager struct {
 	placed   []string
 	enabled  []string
 	masked   []string
 	unmasked []string
-	commands map[string]string
+	commands []UnitAction
 	reload   bool
 }
 
-func (tum *TestUnitManager) PlaceUnit(unit *system.Unit, dst string) error {
+type UnitAction struct {
-	tum.placed = append(tum.placed, unit.Name)
+	unit    string
+	command string
+}
+
+func (tum *TestUnitManager) PlaceUnit(u system.Unit) error {
+	tum.placed = append(tum.placed, u.Name)
 	return nil
 }
-func (tum *TestUnitManager) EnableUnitFile(unit string, runtime bool) error {
+func (tum *TestUnitManager) PlaceUnitDropIn(u system.Unit, d config.UnitDropIn) error {
-	tum.enabled = append(tum.enabled, unit)
+	tum.placed = append(tum.placed, u.Name+".d/"+d.Name)
 	return nil
 }
-func (tum *TestUnitManager) RunUnitCommand(command, unit string) (string, error) {
+func (tum *TestUnitManager) EnableUnitFile(u system.Unit) error {
-	tum.commands = make(map[string]string)
+	tum.enabled = append(tum.enabled, u.Name)
-	tum.commands[unit] = command
+	return nil
+}
+func (tum *TestUnitManager) RunUnitCommand(u system.Unit, c string) (string, error) {
+	tum.commands = append(tum.commands, UnitAction{u.Name, c})
 	return "", nil
 }
 func (tum *TestUnitManager) DaemonReload() error {
 	tum.reload = true
 	return nil
 }
-func (tum *TestUnitManager) MaskUnit(unit *system.Unit) error {
+func (tum *TestUnitManager) MaskUnit(u system.Unit) error {
-	tum.masked = append(tum.masked, unit.Name)
+	tum.masked = append(tum.masked, u.Name)
 	return nil
 }
-func (tum *TestUnitManager) UnmaskUnit(unit *system.Unit) error {
+func (tum *TestUnitManager) UnmaskUnit(u system.Unit) error {
-	tum.unmasked = append(tum.unmasked, unit.Name)
+	tum.unmasked = append(tum.unmasked, u.Name)
 	return nil
 }
 
+type mockInterface struct {
+	name           string
+	filename       string
+	netdev         string
+	link           string
+	network        string
+	kind           string
+	modprobeParams string
+}
+
+func (i mockInterface) Name() string {
+	return i.name
+}
+
+func (i mockInterface) Filename() string {
+	return i.filename
+}
+
+func (i mockInterface) Netdev() string {
+	return i.netdev
+}
+
+func (i mockInterface) Link() string {
+	return i.link
+}
+
+func (i mockInterface) Network() string {
+	return i.network
+}
+
+func (i mockInterface) Type() string {
+	return i.kind
+}
+
+func (i mockInterface) ModprobeParams() string {
+	return i.modprobeParams
+}
+
+func TestCreateNetworkingUnits(t *testing.T) {
+	for _, tt := range []struct {
+		interfaces []network.InterfaceGenerator
+		expect     []system.Unit
+	}{
+		{nil, nil},
+		{
+			[]network.InterfaceGenerator{
+				network.InterfaceGenerator(mockInterface{filename: "test"}),
+			},
+			nil,
+		},
+		{
+			[]network.InterfaceGenerator{
+				network.InterfaceGenerator(mockInterface{filename: "test1", netdev: "test netdev"}),
+				network.InterfaceGenerator(mockInterface{filename: "test2", link: "test link"}),
+				network.InterfaceGenerator(mockInterface{filename: "test3", network: "test network"}),
+			},
+			[]system.Unit{
+				system.Unit{Unit: config.Unit{Name: "test1.netdev", Runtime: true, Content: "test netdev"}},
+				system.Unit{Unit: config.Unit{Name: "test2.link", Runtime: true, Content: "test link"}},
+				system.Unit{Unit: config.Unit{Name: "test3.network", Runtime: true, Content: "test network"}},
+			},
+		},
+		{
+			[]network.InterfaceGenerator{
+				network.InterfaceGenerator(mockInterface{filename: "test", netdev: "test netdev", link: "test link", network: "test network"}),
+			},
+			[]system.Unit{
+				system.Unit{Unit: config.Unit{Name: "test.netdev", Runtime: true, Content: "test netdev"}},
+				system.Unit{Unit: config.Unit{Name: "test.link", Runtime: true, Content: "test link"}},
+				system.Unit{Unit: config.Unit{Name: "test.network", Runtime: true, Content: "test network"}},
+			},
+		},
+	} {
+		units := createNetworkingUnits(tt.interfaces)
+		if !reflect.DeepEqual(tt.expect, units) {
+			t.Errorf("bad units (%+v): want %#v, got %#v", tt.interfaces, tt.expect, units)
+		}
+	}
+}
+
 func TestProcessUnits(t *testing.T) {
-	tum := &TestUnitManager{}
+	tests := []struct {
-	units := []system.Unit{
+		units []system.Unit
-		system.Unit{
+
-			Name: "foo",
+		result TestUnitManager
-			Mask: true,
+	}{
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name: "foo",
+					Mask: true,
+				}},
+			},
+			result: TestUnitManager{
+				masked: []string{"foo"},
+			},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name:    "baz.service",
+					Content: "[Service]\nExecStart=/bin/baz",
+					Command: "start",
+				}},
+				system.Unit{Unit: config.Unit{
+					Name:    "foo.network",
+					Content: "[Network]\nFoo=true",
+				}},
+				system.Unit{Unit: config.Unit{
+					Name:    "bar.network",
+					Content: "[Network]\nBar=true",
+				}},
+			},
+			result: TestUnitManager{
+				placed: []string{"baz.service", "foo.network", "bar.network"},
+				commands: []UnitAction{
+					UnitAction{"systemd-networkd.service", "restart"},
+					UnitAction{"baz.service", "start"},
+				},
+				reload: true,
+			},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name:    "baz.service",
+					Content: "[Service]\nExecStart=/bin/true",
+				}},
+			},
+			result: TestUnitManager{
+				placed: []string{"baz.service"},
+				reload: true,
+			},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name:    "locksmithd.service",
+					Runtime: true,
+				}},
+			},
+			result: TestUnitManager{
+				unmasked: []string{"locksmithd.service"},
+			},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name:   "woof",
+					Enable: true,
+				}},
+			},
+			result: TestUnitManager{
+				enabled: []string{"woof"},
+			},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name:    "hi.service",
+					Runtime: true,
+					Content: "[Service]\nExecStart=/bin/echo hi",
+					DropIns: []config.UnitDropIn{
+						{
+							Name:    "lo.conf",
+							Content: "[Service]\nExecStart=/bin/echo lo",
+						},
+						{
+							Name:    "bye.conf",
+							Content: "[Service]\nExecStart=/bin/echo bye",
+						},
+					},
+				}},
+			},
+			result: TestUnitManager{
+				placed:   []string{"hi.service", "hi.service.d/lo.conf", "hi.service.d/bye.conf"},
+				unmasked: []string{"hi.service"},
+				reload:   true,
+			},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					DropIns: []config.UnitDropIn{
+						{
+							Name:    "lo.conf",
+							Content: "[Service]\nExecStart=/bin/echo lo",
+						},
+					},
+				}},
+			},
+			result: TestUnitManager{},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name: "hi.service",
+					DropIns: []config.UnitDropIn{
+						{
+							Content: "[Service]\nExecStart=/bin/echo lo",
+						},
+					},
+				}},
+			},
+			result: TestUnitManager{},
+		},
+		{
+			units: []system.Unit{
+				system.Unit{Unit: config.Unit{
+					Name: "hi.service",
+					DropIns: []config.UnitDropIn{
+						{
+							Name: "lo.conf",
+						},
+					},
+				}},
+			},
+			result: TestUnitManager{},
 		},
-	}
-	if err := processUnits(units, "", tum); err != nil {
-		t.Fatalf("unexpected error calling processUnits: %v", err)
-	}
-	if len(tum.masked) != 1 || tum.masked[0] != "foo" {
-		t.Errorf("expected foo to be masked, but found %v", tum.masked)
 	}
 
-	tum = &TestUnitManager{}
+	for _, tt := range tests {
-	units = []system.Unit{
+		tum := &TestUnitManager{}
-		system.Unit{
+		if err := processUnits(tt.units, "", tum); err != nil {
-			Name: "bar.network",
+			t.Errorf("bad error (%+v): want nil, got %s", tt.units, err)
-		},
+		}
-	}
+		if !reflect.DeepEqual(tt.result, *tum) {
-	if err := processUnits(units, "", tum); err != nil {
+			t.Errorf("bad result (%+v): want %+v, got %+v", tt.units, tt.result, tum)
-		t.Fatalf("unexpected error calling processUnits: %v", err)
+		}
-	}
-	if _, ok := tum.commands["systemd-networkd.service"]; !ok {
-		t.Errorf("expected systemd-networkd.service to be reloaded!")
-	}
-
-	tum = &TestUnitManager{}
-	units = []system.Unit{
-		system.Unit{
-			Name:    "baz.service",
-			Content: "[Service]\nExecStart=/bin/true",
-		},
-	}
-	if err := processUnits(units, "", tum); err != nil {
-		t.Fatalf("unexpected error calling processUnits: %v", err)
-	}
-	if len(tum.placed) != 1 || tum.placed[0] != "baz.service" {
-		t.Fatalf("expected baz.service to be written, but got %v", tum.placed)
-	}
-
-	tum = &TestUnitManager{}
-	units = []system.Unit{
-		system.Unit{
-			Name:    "locksmithd.service",
-			Runtime: true,
-		},
-	}
-	if err := processUnits(units, "", tum); err != nil {
-		t.Fatalf("unexpected error calling processUnits: %v", err)
-	}
-	if len(tum.unmasked) != 1 || tum.unmasked[0] != "locksmithd.service" {
-		t.Fatalf("expected locksmithd.service to be unmasked, but got %v", tum.unmasked)
-	}
-
-	tum = &TestUnitManager{}
-	units = []system.Unit{
-		system.Unit{
-			Name:   "woof",
-			Enable: true,
-		},
-	}
-	if err := processUnits(units, "", tum); err != nil {
-		t.Fatalf("unexpected error calling processUnits: %v", err)
-	}
-	if len(tum.enabled) != 1 || tum.enabled[0] != "woof" {
-		t.Fatalf("expected woof to be enabled, but got %v", tum.enabled)
 	}
 }

initialize/env.go

@@ -1,27 +1,28 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
 import (
+	"net"
 	"os"
 	"path"
 	"regexp"
 	"strings"
 
+	"github.com/coreos/coreos-cloudinit/config"
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/system"
 )
 
@@ -31,28 +32,25 @@ type Environment struct {
 	root          string
 	configRoot    string
 	workspace     string
-	netconfType   string
 	sshKeyName    string
 	substitutions map[string]string
 }
 
 // TODO(jonboulle): this is getting unwieldy, should be able to simplify the interface somehow
-func NewEnvironment(root, configRoot, workspace, netconfType, sshKeyName string, substitutions map[string]string) *Environment {
+func NewEnvironment(root, configRoot, workspace, sshKeyName string, metadata datasource.Metadata) *Environment {
-	if substitutions == nil {
+	firstNonNull := func(ip net.IP, env string) string {
-		substitutions = make(map[string]string)
+		if ip == nil {
-	}
+			return env
-	// If certain values are not in the supplied substitution, fall back to retrieving them from the environment
-	for k, v := range map[string]string{
-		"$public_ipv4":  os.Getenv("COREOS_PUBLIC_IPV4"),
-		"$private_ipv4": os.Getenv("COREOS_PRIVATE_IPV4"),
-		"$public_ipv6":  os.Getenv("COREOS_PUBLIC_IPV6"),
-		"$private_ipv6": os.Getenv("COREOS_PRIVATE_IPV6"),
-	} {
-		if _, ok := substitutions[k]; !ok {
-			substitutions[k] = v
 		}
+		return ip.String()
 	}
-	return &Environment{root, configRoot, workspace, netconfType, sshKeyName, substitutions}
+	substitutions := map[string]string{
+		"$public_ipv4":  firstNonNull(metadata.PublicIPv4, os.Getenv("COREOS_PUBLIC_IPV4")),
+		"$private_ipv4": firstNonNull(metadata.PrivateIPv4, os.Getenv("COREOS_PRIVATE_IPV4")),
+		"$public_ipv6":  firstNonNull(metadata.PublicIPv6, os.Getenv("COREOS_PUBLIC_IPV6")),
+		"$private_ipv6": firstNonNull(metadata.PrivateIPv6, os.Getenv("COREOS_PRIVATE_IPV6")),
+	}
+	return &Environment{root, configRoot, workspace, sshKeyName, substitutions}
 }
 
 func (e *Environment) Workspace() string {
@@ -67,10 +65,6 @@ func (e *Environment) ConfigRoot() string {
 	return e.configRoot
 }
 
-func (e *Environment) NetconfType() string {
-	return e.netconfType
-}
-
 func (e *Environment) SSHKeyName() string {
 	return e.sshKeyName
 }
@@ -97,9 +91,9 @@ func (e *Environment) Apply(data string) string {
 
 func (e *Environment) DefaultEnvironmentFile() *system.EnvFile {
 	ef := system.EnvFile{
-		File: &system.File{
+		File: &system.File{File: config.File{
 			Path: "/etc/environment",
-		},
+		}},
 		Vars: map[string]string{},
 	}
 	if ip, ok := e.substitutions["$public_ipv4"]; ok && len(ip) > 0 {
@@ -120,16 +114,3 @@ func (e *Environment) DefaultEnvironmentFile() *system.EnvFile {
 		return &ef
 	}
 }
-
-// normalizeSvcEnv standardizes the keys of the map (environment variables for a service)
-// by replacing any dashes with underscores and ensuring they are entirely upper case.
-// For example, "some-env" --> "SOME_ENV"
-func normalizeSvcEnv(m map[string]string) map[string]string {
-	out := make(map[string]string, len(m))
-	for key, val := range m {
-		key = strings.ToUpper(key)
-		key = strings.Replace(key, "-", "_", -1)
-		out[key] = val
-	}
-	return out
-}

initialize/env_test.go

@@ -1,27 +1,27 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
 import (
 	"io/ioutil"
+	"net"
 	"os"
 	"path"
 	"testing"
 
+	"github.com/coreos/coreos-cloudinit/datasource"
 	"github.com/coreos/coreos-cloudinit/system"
 )
 
@@ -31,18 +31,18 @@ func TestEnvironmentApply(t *testing.T) {
 	os.Setenv("COREOS_PUBLIC_IPV6", "1234::")
 	os.Setenv("COREOS_PRIVATE_IPV6", "5678::")
 	for _, tt := range []struct {
-		subs  map[string]string
+		metadata datasource.Metadata
-		input string
+		input    string
-		out   string
+		out      string
 	}{
 		{
 			// Substituting both values directly should always take precedence
 			// over environment variables
-			map[string]string{
+			datasource.Metadata{
-				"$public_ipv4":  "192.0.2.3",
+				PublicIPv4:  net.ParseIP("192.0.2.3"),
-				"$private_ipv4": "192.0.2.203",
+				PrivateIPv4: net.ParseIP("192.0.2.203"),
-				"$public_ipv6":  "fe00:1234::",
+				PublicIPv6:  net.ParseIP("fe00:1234::"),
-				"$private_ipv6": "fe00:5678::",
+				PrivateIPv6: net.ParseIP("fe00:5678::"),
 			},
 			`[Service]
 ExecStart=/usr/bin/echo "$public_ipv4 $public_ipv6"
@@ -55,25 +55,29 @@ ExecStop=/usr/bin/echo $unknown`,
 		},
 		{
 			// Substituting one value directly while falling back with the other
-			map[string]string{"$private_ipv4": "127.0.0.1"},
+			datasource.Metadata{
+				PrivateIPv4: net.ParseIP("127.0.0.1"),
+			},
 			"$private_ipv4\n$public_ipv4",
 			"127.0.0.1\n1.2.3.4",
 		},
 		{
 			// Falling back to environment variables for both values
-			map[string]string{"foo": "bar"},
+			datasource.Metadata{},
 			"$private_ipv4\n$public_ipv4",
 			"5.6.7.8\n1.2.3.4",
 		},
 		{
 			// No substitutions
-			nil,
+			datasource.Metadata{},
 			"$private_ipv4\nfoobar",
 			"5.6.7.8\nfoobar",
 		},
 		{
 			// Escaping substitutions
-			map[string]string{"$private_ipv4": "127.0.0.1"},
+			datasource.Metadata{
+				PrivateIPv4: net.ParseIP("127.0.0.1"),
+			},
 			`\$private_ipv4
 $private_ipv4
 addr: \$private_ipv4
@@ -85,13 +89,13 @@ addr: $private_ipv4
 		},
 		{
 			// No substitutions with escaping
-			nil,
+			datasource.Metadata{},
 			"\\$test\n$test",
 			"\\$test\n$test",
 		},
 	} {
 
-		env := NewEnvironment("./", "./", "./", "", "", tt.subs)
+		env := NewEnvironment("./", "./", "./", "", tt.metadata)
 		got := env.Apply(tt.input)
 		if got != tt.out {
 			t.Fatalf("Environment incorrectly applied.\ngot:\n%s\nwant:\n%s", got, tt.out)
@@ -100,11 +104,11 @@ addr: $private_ipv4
 }
 
 func TestEnvironmentFile(t *testing.T) {
-	subs := map[string]string{
+	metadata := datasource.Metadata{
-		"$public_ipv4":  "1.2.3.4",
+		PublicIPv4:  net.ParseIP("1.2.3.4"),
-		"$private_ipv4": "5.6.7.8",
+		PrivateIPv4: net.ParseIP("5.6.7.8"),
-		"$public_ipv6":  "1234::",
+		PublicIPv6:  net.ParseIP("1234::"),
-		"$private_ipv6": "5678::",
+		PrivateIPv6: net.ParseIP("5678::"),
 	}
 	expect := "COREOS_PRIVATE_IPV4=5.6.7.8\nCOREOS_PRIVATE_IPV6=5678::\nCOREOS_PUBLIC_IPV4=1.2.3.4\nCOREOS_PUBLIC_IPV6=1234::\n"
 
@@ -114,7 +118,7 @@ func TestEnvironmentFile(t *testing.T) {
 	}
 	defer os.RemoveAll(dir)
 
-	env := NewEnvironment("./", "./", "./", "", "", subs)
+	env := NewEnvironment("./", "./", "./", "", metadata)
 	ef := env.DefaultEnvironmentFile()
 	err = system.WriteEnvFile(ef, dir)
 	if err != nil {
@@ -133,14 +137,10 @@ func TestEnvironmentFile(t *testing.T) {
 }
 
 func TestEnvironmentFileNil(t *testing.T) {
-	subs := map[string]string{
+	os.Clearenv()
-		"$public_ipv4":  "",
+	metadata := datasource.Metadata{}
-		"$private_ipv4": "",
-		"$public_ipv6":  "",
-		"$private_ipv6": "",
-	}
 
-	env := NewEnvironment("./", "./", "./", "", "", subs)
+	env := NewEnvironment("./", "./", "./", "", metadata)
 	ef := env.DefaultEnvironmentFile()
 	if ef != nil {
 		t.Fatalf("Environment file not nil: %v", ef)

initialize/etcd.go

@@ -1,63 +0,0 @@
-package initialize
-
-import (
-	"errors"
-	"fmt"
-	"sort"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-type EtcdEnvironment map[string]string
-
-func (ee EtcdEnvironment) String() (out string) {
-	norm := normalizeSvcEnv(ee)
-
-	if val, ok := norm["DISCOVERY_URL"]; ok {
-		delete(norm, "DISCOVERY_URL")
-		if _, ok := norm["DISCOVERY"]; !ok {
-			norm["DISCOVERY"] = val
-		}
-	}
-
-	var sorted sort.StringSlice
-	for k, _ := range norm {
-		sorted = append(sorted, k)
-	}
-	sorted.Sort()
-
-	out += "[Service]\n"
-
-	for _, key := range sorted {
-		val := norm[key]
-		out += fmt.Sprintf("Environment=\"ETCD_%s=%s\"\n", key, val)
-	}
-
-	return
-}
-
-// Units creates a Unit file drop-in for etcd, using any configured
-// options and adding a default MachineID if unset.
-func (ee EtcdEnvironment) Units(root string) ([]system.Unit, error) {
-	if len(ee) < 1 {
-		return nil, nil
-	}
-
-	if _, ok := ee["name"]; !ok {
-		if machineID := system.MachineID(root); machineID != "" {
-			ee["name"] = machineID
-		} else if hostname, err := system.Hostname(); err == nil {
-			ee["name"] = hostname
-		} else {
-			return nil, errors.New("Unable to determine default etcd name")
-		}
-	}
-
-	etcd := system.Unit{
-		Name:    "etcd.service",
-		Runtime: true,
-		DropIn:  true,
-		Content: ee.String(),
-	}
-	return []system.Unit{etcd}, nil
-}

initialize/etcd_test.go

@@ -1,184 +0,0 @@
-package initialize
-
-import (
-	"io/ioutil"
-	"os"
-	"path"
-	"testing"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-func TestEtcdEnvironment(t *testing.T) {
-	cfg := make(EtcdEnvironment, 0)
-	cfg["discovery"] = "http://disco.example.com/foobar"
-	cfg["peer-bind-addr"] = "127.0.0.1:7002"
-
-	env := cfg.String()
-	expect := `[Service]
-Environment="ETCD_DISCOVERY=http://disco.example.com/foobar"
-Environment="ETCD_PEER_BIND_ADDR=127.0.0.1:7002"
-`
-
-	if env != expect {
-		t.Errorf("Generated environment:\n%s\nExpected environment:\n%s", env, expect)
-	}
-}
-
-func TestEtcdEnvironmentDiscoveryURLTranslated(t *testing.T) {
-	cfg := make(EtcdEnvironment, 0)
-	cfg["discovery_url"] = "http://disco.example.com/foobar"
-	cfg["peer-bind-addr"] = "127.0.0.1:7002"
-
-	env := cfg.String()
-	expect := `[Service]
-Environment="ETCD_DISCOVERY=http://disco.example.com/foobar"
-Environment="ETCD_PEER_BIND_ADDR=127.0.0.1:7002"
-`
-
-	if env != expect {
-		t.Errorf("Generated environment:\n%s\nExpected environment:\n%s", env, expect)
-	}
-}
-
-func TestEtcdEnvironmentDiscoveryOverridesDiscoveryURL(t *testing.T) {
-	cfg := make(EtcdEnvironment, 0)
-	cfg["discovery_url"] = "ping"
-	cfg["discovery"] = "pong"
-	cfg["peer-bind-addr"] = "127.0.0.1:7002"
-
-	env := cfg.String()
-	expect := `[Service]
-Environment="ETCD_DISCOVERY=pong"
-Environment="ETCD_PEER_BIND_ADDR=127.0.0.1:7002"
-`
-
-	if env != expect {
-		t.Errorf("Generated environment:\n%s\nExpected environment:\n%s", env, expect)
-	}
-}
-
-func TestEtcdEnvironmentWrittenToDisk(t *testing.T) {
-	ee := EtcdEnvironment{
-		"name":           "node001",
-		"discovery":      "http://disco.example.com/foobar",
-		"peer-bind-addr": "127.0.0.1:7002",
-	}
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("Unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-
-	sd := system.NewUnitManager(dir)
-
-	uu, err := ee.Units(dir)
-	if err != nil {
-		t.Fatalf("Generating etcd unit failed: %v", err)
-	}
-	if len(uu) != 1 {
-		t.Fatalf("Expected 1 unit to be returned, got %d", len(uu))
-	}
-	u := uu[0]
-
-	dst := u.Destination(dir)
-	os.Stderr.WriteString("writing to " + dir + "\n")
-	if err := sd.PlaceUnit(&u, dst); err != nil {
-		t.Fatalf("Writing of EtcdEnvironment failed: %v", err)
-	}
-
-	fullPath := path.Join(dir, "run", "systemd", "system", "etcd.service.d", "20-cloudinit.conf")
-
-	fi, err := os.Stat(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to stat file: %v", err)
-	}
-
-	if fi.Mode() != os.FileMode(0644) {
-		t.Errorf("File has incorrect mode: %v", fi.Mode())
-	}
-
-	contents, err := ioutil.ReadFile(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to read expected file: %v", err)
-	}
-
-	expect := `[Service]
-Environment="ETCD_DISCOVERY=http://disco.example.com/foobar"
-Environment="ETCD_NAME=node001"
-Environment="ETCD_PEER_BIND_ADDR=127.0.0.1:7002"
-`
-	if string(contents) != expect {
-		t.Fatalf("File has incorrect contents")
-	}
-}
-
-func TestEtcdEnvironmentEmptyNoOp(t *testing.T) {
-	ee := EtcdEnvironment{}
-	uu, err := ee.Units("")
-	if err != nil {
-		t.Fatalf("Unexpected error: %v", err)
-	}
-	if len(uu) > 0 {
-		t.Fatalf("Generated etcd units unexpectedly: %v", uu)
-	}
-}
-
-func TestEtcdEnvironmentWrittenToDiskDefaultToMachineID(t *testing.T) {
-	ee := EtcdEnvironment{"foo": "bar"}
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("Unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-
-	sd := system.NewUnitManager(dir)
-
-	os.Mkdir(path.Join(dir, "etc"), os.FileMode(0755))
-	err = ioutil.WriteFile(path.Join(dir, "etc", "machine-id"), []byte("node007"), os.FileMode(0444))
-	if err != nil {
-		t.Fatalf("Failed writing out /etc/machine-id: %v", err)
-	}
-
-	uu, err := ee.Units(dir)
-	if err != nil {
-		t.Fatalf("Generating etcd unit failed: %v", err)
-	}
-	if len(uu) == 0 {
-		t.Fatalf("Returned empty etcd units unexpectedly")
-	}
-	u := uu[0]
-
-	dst := u.Destination(dir)
-	os.Stderr.WriteString("writing to " + dir + "\n")
-	if err := sd.PlaceUnit(&u, dst); err != nil {
-		t.Fatalf("Writing of EtcdEnvironment failed: %v", err)
-	}
-
-	fullPath := path.Join(dir, "run", "systemd", "system", "etcd.service.d", "20-cloudinit.conf")
-
-	contents, err := ioutil.ReadFile(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to read expected file: %v", err)
-	}
-
-	expect := `[Service]
-Environment="ETCD_FOO=bar"
-Environment="ETCD_NAME=node007"
-`
-	if string(contents) != expect {
-		t.Fatalf("File has incorrect contents")
-	}
-}
-
-func TestEtcdEnvironmentWhenNil(t *testing.T) {
-	// EtcdEnvironment will be a nil map if it wasn't in the yaml
-	var ee EtcdEnvironment
-	if ee != nil {
-		t.Fatalf("EtcdEnvironment is not nil")
-	}
-	uu, err := ee.Units("")
-	if len(uu) != 0 || err != nil {
-		t.Fatalf("Units returned value for nil input")
-	}
-}

initialize/fleet.go

@@ -1,35 +0,0 @@
-package initialize
-
-import (
-	"fmt"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-type FleetEnvironment map[string]string
-
-func (fe FleetEnvironment) String() (out string) {
-	norm := normalizeSvcEnv(fe)
-	out += "[Service]\n"
-
-	for key, val := range norm {
-		out += fmt.Sprintf("Environment=\"FLEET_%s=%s\"\n", key, val)
-	}
-
-	return
-}
-
-// Units generates a Unit file drop-in for fleet, if any fleet options were
-// configured in cloud-config
-func (fe FleetEnvironment) Units(root string) ([]system.Unit, error) {
-	if len(fe) < 1 {
-		return nil, nil
-	}
-	fleet := system.Unit{
-		Name:    "fleet.service",
-		Runtime: true,
-		DropIn:  true,
-		Content: fe.String(),
-	}
-	return []system.Unit{fleet}, nil
-}

initialize/fleet_test.go

@@ -1,43 +0,0 @@
-package initialize
-
-import "testing"
-
-func TestFleetEnvironment(t *testing.T) {
-	cfg := make(FleetEnvironment, 0)
-	cfg["public-ip"] = "12.34.56.78"
-
-	env := cfg.String()
-
-	expect := `[Service]
-Environment="FLEET_PUBLIC_IP=12.34.56.78"
-`
-
-	if env != expect {
-		t.Errorf("Generated environment:\n%s\nExpected environment:\n%s", env, expect)
-	}
-}
-
-func TestFleetUnit(t *testing.T) {
-	cfg := make(FleetEnvironment, 0)
-	uu, err := cfg.Units("/")
-	if len(uu) != 0 {
-		t.Errorf("unexpectedly generated unit with empty FleetEnvironment")
-	}
-
-	cfg["public-ip"] = "12.34.56.78"
-
-	uu, err = cfg.Units("/")
-	if err != nil {
-		t.Errorf("error generating fleet unit: %v", err)
-	}
-	if len(uu) != 1 {
-		t.Fatalf("expected 1 unit generated, got %d", len(uu))
-	}
-	u := uu[0]
-	if !u.Runtime {
-		t.Errorf("bad Runtime for generated fleet unit!")
-	}
-	if !u.DropIn {
-		t.Errorf("bad DropIn for generated fleet unit!")
-	}
-}

initialize/github.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 

initialize/github_test.go

@@ -1,32 +0,0 @@
-package initialize
-
-import (
-	"testing"
-)
-
-func TestCloudConfigUsersGithubUser(t *testing.T) {
-
-	contents := `
-users:
-  - name: elroy
-    coreos-ssh-import-github: bcwaldon
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("Encountered unexpected error: %v", err)
-	}
-
-	if len(cfg.Users) != 1 {
-		t.Fatalf("Parsed %d users, expected 1", len(cfg.Users))
-	}
-
-	user := cfg.Users[0]
-
-	if user.Name != "elroy" {
-		t.Errorf("User name is %q, expected 'elroy'", user.Name)
-	}
-
-	if user.SSHImportGithubUser != "bcwaldon" {
-		t.Errorf("github user is %q, expected 'bcwaldon'", user.SSHImportGithubUser)
-	}
-}

initialize/manage_etc_hosts.go

@@ -1,62 +0,0 @@
-/*
-   Copyright 2014 CoreOS, Inc.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package initialize
-
-import (
-	"errors"
-	"fmt"
-	"os"
-	"path"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-const DefaultIpv4Address = "127.0.0.1"
-
-type EtcHosts string
-
-func (eh EtcHosts) generateEtcHosts() (out string, err error) {
-	if eh != "localhost" {
-		return "", errors.New("Invalid option to manage_etc_hosts")
-	}
-
-	// use the operating system hostname
-	hostname, err := os.Hostname()
-	if err != nil {
-		return "", err
-	}
-
-	return fmt.Sprintf("%s %s\n", DefaultIpv4Address, hostname), nil
-
-}
-
-func (eh EtcHosts) File(root string) (*system.File, error) {
-	if eh == "" {
-		return nil, nil
-	}
-
-	etcHosts, err := eh.generateEtcHosts()
-	if err != nil {
-		return nil, err
-	}
-
-	return &system.File{
-		Path:               path.Join("etc", "hosts"),
-		RawFilePermissions: "0644",
-		Content:            etcHosts,
-	}, nil
-}

initialize/manage_etc_hosts_test.go

@@ -1,83 +0,0 @@
-package initialize
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path"
-	"testing"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-func TestCloudConfigManageEtcHosts(t *testing.T) {
-	contents := `
-manage_etc_hosts: localhost
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("Encountered unexpected error: %v", err)
-	}
-
-	manageEtcHosts := cfg.ManageEtcHosts
-
-	if manageEtcHosts != "localhost" {
-		t.Errorf("ManageEtcHosts value is %q, expected 'localhost'", manageEtcHosts)
-	}
-}
-
-func TestManageEtcHostsInvalidValue(t *testing.T) {
-	eh := EtcHosts("invalid")
-	if f, err := eh.File(""); err == nil || f != nil {
-		t.Fatalf("EtcHosts File succeeded with invalid value!")
-	}
-}
-
-func TestEtcHostsWrittenToDisk(t *testing.T) {
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("Unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-
-	eh := EtcHosts("localhost")
-
-	f, err := eh.File(dir)
-	if err != nil {
-		t.Fatalf("Error calling File on EtcHosts: %v", err)
-	}
-	if f == nil {
-		t.Fatalf("manageEtcHosts returned nil file unexpectedly")
-	}
-
-	if _, err := system.WriteFile(f, dir); err != nil {
-		t.Fatalf("Error writing EtcHosts: %v", err)
-	}
-
-	fullPath := path.Join(dir, "etc", "hosts")
-
-	fi, err := os.Stat(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to stat file: %v", err)
-	}
-
-	if fi.Mode() != os.FileMode(0644) {
-		t.Errorf("File has incorrect mode: %v", fi.Mode())
-	}
-
-	contents, err := ioutil.ReadFile(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to read expected file: %v", err)
-	}
-
-	hostname, err := os.Hostname()
-	if err != nil {
-		t.Fatalf("Unable to read OS hostname: %v", err)
-	}
-
-	expect := fmt.Sprintf("%s %s\n", DefaultIpv4Address, hostname)
-
-	if string(contents) != expect {
-		t.Fatalf("File has incorrect contents")
-	}
-}

initialize/meta_data.go

@@ -1,88 +0,0 @@
-/*
-   Copyright 2014 CoreOS, Inc.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package initialize
-
-import (
-	"encoding/json"
-	"sort"
-)
-
-// ParseMetaData parses a JSON blob in the OpenStack metadata service format,
-// and converts it to a partially hydrated CloudConfig.
-func ParseMetaData(contents string) (*CloudConfig, error) {
-	if len(contents) == 0 {
-		return nil, nil
-	}
-	var metadata struct {
-		SSHAuthorizedKeyMap map[string]string `json:"public_keys"`
-		Hostname            string            `json:"hostname"`
-		NetworkConfig       struct {
-			ContentPath string `json:"content_path"`
-		} `json:"network_config"`
-	}
-	if err := json.Unmarshal([]byte(contents), &metadata); err != nil {
-		return nil, err
-	}
-
-	var cfg CloudConfig
-	if len(metadata.SSHAuthorizedKeyMap) > 0 {
-		cfg.SSHAuthorizedKeys = make([]string, 0, len(metadata.SSHAuthorizedKeyMap))
-		for _, name := range sortedKeys(metadata.SSHAuthorizedKeyMap) {
-			cfg.SSHAuthorizedKeys = append(cfg.SSHAuthorizedKeys, metadata.SSHAuthorizedKeyMap[name])
-		}
-	}
-	cfg.Hostname = metadata.Hostname
-	cfg.NetworkConfigPath = metadata.NetworkConfig.ContentPath
-	return &cfg, nil
-}
-
-// ExtractIPsFromMetaData parses a JSON blob in the OpenStack metadata service
-// format and returns a substitution map possibly containing private_ipv4,
-// public_ipv4, private_ipv6, and public_ipv6 addresses.
-func ExtractIPsFromMetadata(contents []byte) (map[string]string, error) {
-	var ips struct {
-		PublicIPv4  string `json:"public-ipv4"`
-		PrivateIPv4 string `json:"local-ipv4"`
-		PublicIPv6  string `json:"public-ipv6"`
-		PrivateIPv6 string `json:"local-ipv6"`
-	}
-	if err := json.Unmarshal(contents, &ips); err != nil {
-		return nil, err
-	}
-	m := make(map[string]string)
-	if ips.PrivateIPv4 != "" {
-		m["$private_ipv4"] = ips.PrivateIPv4
-	}
-	if ips.PublicIPv4 != "" {
-		m["$public_ipv4"] = ips.PublicIPv4
-	}
-	if ips.PrivateIPv6 != "" {
-		m["$private_ipv6"] = ips.PrivateIPv6
-	}
-	if ips.PublicIPv6 != "" {
-		m["$public_ipv6"] = ips.PublicIPv6
-	}
-	return m, nil
-}
-
-func sortedKeys(m map[string]string) (keys []string) {
-	for key := range m {
-		keys = append(keys, key)
-	}
-	sort.Strings(keys)
-	return
-}

initialize/meta_data_test.go

@@ -1,85 +0,0 @@
-/*
-   Copyright 2014 CoreOS, Inc.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package initialize
-
-import "reflect"
-import "testing"
-
-func TestParseMetadata(t *testing.T) {
-	for i, tt := range []struct {
-		in   string
-		want *CloudConfig
-		err  bool
-	}{
-		{"", nil, false},
-		{`garbage, invalid json`, nil, true},
-		{`{"foo": "bar"}`, &CloudConfig{}, false},
-		{`{"network_config": {"content_path": "asdf"}}`, &CloudConfig{NetworkConfigPath: "asdf"}, false},
-		{`{"hostname": "turkleton"}`, &CloudConfig{Hostname: "turkleton"}, false},
-		{`{"public_keys": {"jack": "jill", "bob": "alice"}}`, &CloudConfig{SSHAuthorizedKeys: []string{"alice", "jill"}}, false},
-		{`{"unknown": "thing", "hostname": "my_host", "public_keys": {"do": "re", "mi": "fa"}, "network_config": {"content_path": "/root", "blah": "zzz"}}`, &CloudConfig{SSHAuthorizedKeys: []string{"re", "fa"}, Hostname: "my_host", NetworkConfigPath: "/root"}, false},
-	} {
-		got, err := ParseMetaData(tt.in)
-		if tt.err != (err != nil) {
-			t.Errorf("case #%d: bad error state: got %t, want %t (err=%v)", i, (err != nil), tt.err, err)
-		}
-		if got == nil {
-			if tt.want != nil {
-				t.Errorf("case #%d: unexpected nil output", i)
-			}
-		} else if tt.want == nil {
-			t.Errorf("case #%d: unexpected non-nil output", i)
-		} else {
-			if !reflect.DeepEqual(*got, *tt.want) {
-				t.Errorf("case #%d: bad output:\ngot\n%v\nwant\n%v", i, *got, *tt.want)
-			}
-		}
-	}
-
-}
-
-func TestExtractIPsFromMetadata(t *testing.T) {
-	for i, tt := range []struct {
-		in  []byte
-		err bool
-		out map[string]string
-	}{
-		{
-			[]byte(`{"public-ipv4": "12.34.56.78", "local-ipv4": "1.2.3.4", "public-ipv6": "1234::", "local-ipv6": "5678::"}`),
-			false,
-			map[string]string{"$public_ipv4": "12.34.56.78", "$private_ipv4": "1.2.3.4", "$public_ipv6": "1234::", "$private_ipv6": "5678::"},
-		},
-		{
-			[]byte(`{"local-ipv4": "127.0.0.1", "something_else": "don't care"}`),
-			false,
-			map[string]string{"$private_ipv4": "127.0.0.1"},
-		},
-		{
-			[]byte(`garbage`),
-			true,
-			nil,
-		},
-	} {
-		got, err := ExtractIPsFromMetadata(tt.in)
-		if (err != nil) != tt.err {
-			t.Errorf("bad error state (got %t, want %t)", err != nil, tt.err)
-		}
-		if !reflect.DeepEqual(got, tt.out) {
-			t.Errorf("case %d: got %s, want %s", i, got, tt.out)
-		}
-	}
-}

initialize/oem.go

@@ -1,41 +0,0 @@
-package initialize
-
-import (
-	"fmt"
-	"path"
-	"strings"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-type OEMRelease struct {
-	ID           string `yaml:"id"`
-	Name         string `yaml:"name"`
-	VersionID    string `yaml:"version-id"`
-	HomeURL      string `yaml:"home-url"`
-	BugReportURL string `yaml:"bug-report-url"`
-}
-
-func (oem OEMRelease) String() string {
-	fields := []string{
-		fmt.Sprintf("ID=%s", oem.ID),
-		fmt.Sprintf("VERSION_ID=%s", oem.VersionID),
-		fmt.Sprintf("NAME=%q", oem.Name),
-		fmt.Sprintf("HOME_URL=%q", oem.HomeURL),
-		fmt.Sprintf("BUG_REPORT_URL=%q", oem.BugReportURL),
-	}
-
-	return strings.Join(fields, "\n") + "\n"
-}
-
-func (oem OEMRelease) File(root string) (*system.File, error) {
-	if oem.ID == "" {
-		return nil, nil
-	}
-
-	return &system.File{
-		Path:               path.Join("etc", "oem-release"),
-		RawFilePermissions: "0644",
-		Content:            oem.String(),
-	}, nil
-}

initialize/oem_test.go

@@ -1,63 +0,0 @@
-package initialize
-
-import (
-	"io/ioutil"
-	"os"
-	"path"
-	"testing"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-func TestOEMReleaseWrittenToDisk(t *testing.T) {
-	oem := OEMRelease{
-		ID:           "rackspace",
-		Name:         "Rackspace Cloud Servers",
-		VersionID:    "168.0.0",
-		HomeURL:      "https://www.rackspace.com/cloud/servers/",
-		BugReportURL: "https://github.com/coreos/coreos-overlay",
-	}
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("Unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-
-	f, err := oem.File(dir)
-	if err != nil {
-		t.Fatalf("Processing of OEMRelease failed: %v", err)
-	}
-	if f == nil {
-		t.Fatalf("OEMRelease returned nil file unexpectedly")
-	}
-
-	if _, err := system.WriteFile(f, dir); err != nil {
-		t.Fatalf("Writing of OEMRelease failed: %v", err)
-	}
-
-	fullPath := path.Join(dir, "etc", "oem-release")
-
-	fi, err := os.Stat(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to stat file: %v", err)
-	}
-
-	if fi.Mode() != os.FileMode(0644) {
-		t.Errorf("File has incorrect mode: %v", fi.Mode())
-	}
-
-	contents, err := ioutil.ReadFile(fullPath)
-	if err != nil {
-		t.Fatalf("Unable to read expected file: %v", err)
-	}
-
-	expect := `ID=rackspace
-VERSION_ID=168.0.0
-NAME="Rackspace Cloud Servers"
-HOME_URL="https://www.rackspace.com/cloud/servers/"
-BUG_REPORT_URL="https://github.com/coreos/coreos-overlay"
-`
-	if string(contents) != expect {
-		t.Fatalf("File has incorrect contents")
-	}
-}

initialize/ssh_keys.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 

initialize/ssh_keys_test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
@@ -55,31 +53,4 @@ func TestCloudConfigUsersUrlMarshal(t *testing.T) {
 	if keys[2] != expected {
 		t.Fatalf("expected %s, got %s", expected, keys[2])
 	}
-
-}
-func TestCloudConfigUsersSSHImportURL(t *testing.T) {
-
-	contents := `
-users:
-  - name: elroy
-    coreos-ssh-import-url: https://token:x-auth-token@github.enterprise.com/api/v3/polvi/keys
-`
-	cfg, err := NewCloudConfig(contents)
-	if err != nil {
-		t.Fatalf("Encountered unexpected error: %v", err)
-	}
-
-	if len(cfg.Users) != 1 {
-		t.Fatalf("Parsed %d users, expected 1", len(cfg.Users))
-	}
-
-	user := cfg.Users[0]
-
-	if user.Name != "elroy" {
-		t.Errorf("User name is %q, expected 'elroy'", user.Name)
-	}
-
-	if user.SSHImportURL != "https://token:x-auth-token@github.enterprise.com/api/v3/polvi/keys" {
-		t.Errorf("ssh import url is %q, expected 'https://token:x-auth-token@github.enterprise.com/api/v3/polvi/keys'", user.SSHImportURL)
-	}
 }

initialize/update.go

@@ -1,165 +0,0 @@
-package initialize
-
-import (
-	"bufio"
-	"errors"
-	"fmt"
-	"os"
-	"path"
-	"strings"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-const (
-	locksmithUnit    = "locksmithd.service"
-	updateEngineUnit = "update-engine.service"
-)
-
-// updateOption represents a configurable update option, which, if set, will be
-// written into update.conf, replacing any existing value for the option
-type updateOption struct {
-	key    string   // key used to configure this option in cloud-config
-	valid  []string // valid values for the option
-	prefix string   // prefix for the option in the update.conf file
-	value  string   // used to store the new value in update.conf (including prefix)
-	seen   bool     // whether the option has been seen in any existing update.conf
-}
-
-// updateOptions defines the update options understood by cloud-config.
-// The keys represent the string used in cloud-config to configure the option.
-var updateOptions = []*updateOption{
-	&updateOption{
-		key:    "reboot-strategy",
-		prefix: "REBOOT_STRATEGY=",
-		valid:  []string{"best-effort", "etcd-lock", "reboot", "off"},
-	},
-	&updateOption{
-		key:    "group",
-		prefix: "GROUP=",
-	},
-	&updateOption{
-		key:    "server",
-		prefix: "SERVER=",
-	},
-}
-
-// isValid checks whether a supplied value is valid for this option
-func (uo updateOption) isValid(val string) bool {
-	if len(uo.valid) == 0 {
-		return true
-	}
-	for _, v := range uo.valid {
-		if val == v {
-			return true
-		}
-	}
-	return false
-}
-
-type UpdateConfig map[string]string
-
-// File generates an `/etc/coreos/update.conf` file (if any update
-// configuration options are set in cloud-config) by either rewriting the
-// existing file on disk, or starting from `/usr/share/coreos/update.conf`
-func (uc UpdateConfig) File(root string) (*system.File, error) {
-	if len(uc) < 1 {
-		return nil, nil
-	}
-
-	var out string
-
-	// Generate the list of possible substitutions to be performed based on the options that are configured
-	subs := make([]*updateOption, 0)
-	for _, uo := range updateOptions {
-		val, ok := uc[uo.key]
-		if !ok {
-			continue
-		}
-		if !uo.isValid(val) {
-			return nil, errors.New(fmt.Sprintf("invalid value %v for option %v (valid options: %v)", val, uo.key, uo.valid))
-		}
-		uo.value = uo.prefix + val
-		subs = append(subs, uo)
-	}
-
-	etcUpdate := path.Join(root, "etc", "coreos", "update.conf")
-	usrUpdate := path.Join(root, "usr", "share", "coreos", "update.conf")
-
-	conf, err := os.Open(etcUpdate)
-	if os.IsNotExist(err) {
-		conf, err = os.Open(usrUpdate)
-	}
-	if err != nil {
-		return nil, err
-	}
-
-	scanner := bufio.NewScanner(conf)
-
-	for scanner.Scan() {
-		line := scanner.Text()
-		for _, s := range subs {
-			if strings.HasPrefix(line, s.prefix) {
-				line = s.value
-				s.seen = true
-				break
-			}
-		}
-		out += line
-		out += "\n"
-		if err := scanner.Err(); err != nil {
-			return nil, err
-		}
-	}
-
-	for _, s := range subs {
-		if !s.seen {
-			out += s.value
-			out += "\n"
-		}
-	}
-
-	return &system.File{
-		Path:               path.Join("etc", "coreos", "update.conf"),
-		RawFilePermissions: "0644",
-		Content:            out,
-	}, nil
-}
-
-// Units generates units for the cloud-init initializer to act on:
-// - a locksmith system.Unit, if "reboot-strategy" was set in cloud-config
-// - an update_engine system.Unit, if "group" was set in cloud-config
-func (uc UpdateConfig) Units(root string) ([]system.Unit, error) {
-	var units []system.Unit
-	if strategy, ok := uc["reboot-strategy"]; ok {
-		ls := &system.Unit{
-			Name:    locksmithUnit,
-			Command: "restart",
-			Mask:    false,
-			Runtime: true,
-		}
-
-		if strategy == "off" {
-			ls.Command = "stop"
-			ls.Mask = true
-		}
-		units = append(units, *ls)
-	}
-
-	rue := false
-	if _, ok := uc["group"]; ok {
-		rue = true
-	}
-	if _, ok := uc["server"]; ok {
-		rue = true
-	}
-	if rue {
-		ue := system.Unit{
-			Name:    updateEngineUnit,
-			Command: "restart",
-		}
-		units = append(units, ue)
-	}
-
-	return units, nil
-}

initialize/update_test.go

@@ -1,232 +0,0 @@
-package initialize
-
-import (
-	"io/ioutil"
-	"os"
-	"path"
-	"sort"
-	"strings"
-	"testing"
-
-	"github.com/coreos/coreos-cloudinit/system"
-)
-
-const (
-	base = `SERVER=https://example.com
-GROUP=thegroupc`
-	configured = base + `
-REBOOT_STRATEGY=awesome
-`
-	expected = base + `
-REBOOT_STRATEGY=etcd-lock
-`
-)
-
-func setupFixtures(dir string) {
-	os.MkdirAll(path.Join(dir, "usr", "share", "coreos"), 0755)
-	os.MkdirAll(path.Join(dir, "run", "systemd", "system"), 0755)
-
-	ioutil.WriteFile(path.Join(dir, "usr", "share", "coreos", "update.conf"), []byte(base), 0644)
-}
-
-func TestEmptyUpdateConfig(t *testing.T) {
-	uc := &UpdateConfig{}
-	f, err := uc.File("")
-	if err != nil {
-		t.Error("unexpected error getting file from empty UpdateConfig")
-	}
-	if f != nil {
-		t.Errorf("getting file from empty UpdateConfig should have returned nil, got %v", f)
-	}
-	uu, err := uc.Units("")
-	if err != nil {
-		t.Error("unexpected error getting unit from empty UpdateConfig")
-	}
-	if len(uu) != 0 {
-		t.Errorf("getting unit from empty UpdateConfig should have returned zero units, got %d", len(uu))
-	}
-}
-
-func TestInvalidUpdateOptions(t *testing.T) {
-	uon := &updateOption{
-		key:    "numbers",
-		prefix: "numero_",
-		valid:  []string{"one", "two"},
-	}
-	uoa := &updateOption{
-		key:    "any_will_do",
-		prefix: "any_",
-	}
-
-	if !uon.isValid("one") {
-		t.Error("update option did not accept valid option \"one\"")
-	}
-	if uon.isValid("three") {
-		t.Error("update option accepted invalid option \"three\"")
-	}
-	for _, s := range []string{"one", "asdf", "foobarbaz"} {
-		if !uoa.isValid(s) {
-			t.Errorf("update option with no \"valid\" field did not accept %q", s)
-		}
-	}
-
-	uc := &UpdateConfig{"reboot-strategy": "wizzlewazzle"}
-	f, err := uc.File("")
-	if err == nil {
-		t.Errorf("File did not give an error on invalid UpdateOption")
-	}
-	if f != nil {
-		t.Errorf("File did not return a nil file on invalid UpdateOption")
-	}
-}
-
-func TestServerGroupOptions(t *testing.T) {
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-	setupFixtures(dir)
-	u := &UpdateConfig{"group": "master", "server": "http://foo.com"}
-
-	want := `
-GROUP=master
-SERVER=http://foo.com`
-
-	f, err := u.File(dir)
-	if err != nil {
-		t.Errorf("unexpected error getting file from UpdateConfig: %v", err)
-	} else if f == nil {
-		t.Error("unexpectedly got empty file from UpdateConfig")
-	} else {
-		out := strings.Split(f.Content, "\n")
-		sort.Strings(out)
-		got := strings.Join(out, "\n")
-		if got != want {
-			t.Errorf("File has incorrect contents, got %v, want %v", got, want)
-		}
-	}
-
-	uu, err := u.Units(dir)
-	if err != nil {
-		t.Errorf("unexpected error getting units from UpdateConfig: %v", err)
-	} else if len(uu) != 1 {
-		t.Errorf("unexpected number of files returned from UpdateConfig: want 1, got %d", len(uu))
-	} else {
-		unit := uu[0]
-		if unit.Name != "update-engine.service" {
-			t.Errorf("bad name for generated unit: want update-engine.service, got %s", unit.Name)
-		}
-		if unit.Command != "restart" {
-			t.Errorf("bad command for generated unit: want restart, got %s", unit.Command)
-		}
-	}
-}
-
-func TestRebootStrategies(t *testing.T) {
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("Unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-	setupFixtures(dir)
-	strategies := []struct {
-		name     string
-		line     string
-		uMask    bool
-		uCommand string
-	}{
-		{"best-effort", "REBOOT_STRATEGY=best-effort", false, "restart"},
-		{"etcd-lock", "REBOOT_STRATEGY=etcd-lock", false, "restart"},
-		{"reboot", "REBOOT_STRATEGY=reboot", false, "restart"},
-		{"off", "REBOOT_STRATEGY=off", true, "stop"},
-	}
-	for _, s := range strategies {
-		uc := &UpdateConfig{"reboot-strategy": s.name}
-		f, err := uc.File(dir)
-		if err != nil {
-			t.Errorf("update failed to generate file for reboot-strategy=%v: %v", s.name, err)
-		} else if f == nil {
-			t.Errorf("generated empty file for reboot-strategy=%v", s.name)
-		} else {
-			seen := false
-			for _, line := range strings.Split(f.Content, "\n") {
-				if line == s.line {
-					seen = true
-					break
-				}
-			}
-			if !seen {
-				t.Errorf("couldn't find expected line %v for reboot-strategy=%v", s.line, s.name)
-			}
-		}
-		uu, err := uc.Units(dir)
-		if err != nil {
-			t.Errorf("failed to generate unit for reboot-strategy=%v!", s.name)
-		} else if len(uu) != 1 {
-			t.Errorf("unexpected number of units for reboot-strategy=%v: %d", s.name, len(uu))
-		} else {
-			u := uu[0]
-			if u.Name != locksmithUnit {
-				t.Errorf("unit generated for reboot strategy=%v had bad name: %v", s.name, u.Name)
-			}
-			if u.Mask != s.uMask {
-				t.Errorf("unit generated for reboot strategy=%v had bad mask: %t", s.name, u.Mask)
-			}
-			if u.Command != s.uCommand {
-				t.Errorf("unit generated for reboot strategy=%v had bad command: %v", s.name, u.Command)
-			}
-		}
-	}
-
-}
-
-func TestUpdateConfWrittenToDisk(t *testing.T) {
-	dir, err := ioutil.TempDir(os.TempDir(), "coreos-cloudinit-")
-	if err != nil {
-		t.Fatalf("Unable to create tempdir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-	setupFixtures(dir)
-
-	for i := 0; i < 2; i++ {
-		if i == 1 {
-			err = ioutil.WriteFile(path.Join(dir, "etc", "coreos", "update.conf"), []byte(configured), 0644)
-			if err != nil {
-				t.Fatal(err)
-			}
-		}
-		uc := &UpdateConfig{"reboot-strategy": "etcd-lock"}
-
-		f, err := uc.File(dir)
-		if err != nil {
-			t.Fatalf("Processing UpdateConfig failed: %v", err)
-		} else if f == nil {
-			t.Fatal("Unexpectedly got nil updateconfig file")
-		}
-
-		if _, err := system.WriteFile(f, dir); err != nil {
-			t.Fatalf("Error writing update config: %v", err)
-		}
-
-		fullPath := path.Join(dir, "etc", "coreos", "update.conf")
-
-		fi, err := os.Stat(fullPath)
-		if err != nil {
-			t.Fatalf("Unable to stat file: %v", err)
-		}
-
-		if fi.Mode() != os.FileMode(0644) {
-			t.Errorf("File has incorrect mode: %v", fi.Mode())
-		}
-
-		contents, err := ioutil.ReadFile(fullPath)
-		if err != nil {
-			t.Fatalf("Unable to read expected file: %v", err)
-		}
-
-		if string(contents) != expected {
-			t.Fatalf("File has incorrect contents, got %v, wanted %v", string(contents), expected)
-		}
-	}
-}

initialize/user_data.go

@@ -1,47 +1,39 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
 import (
-	"fmt"
+	"errors"
 	"log"
-	"strings"
 
-	"github.com/coreos/coreos-cloudinit/system"
+	"github.com/coreos/coreos-cloudinit/config"
 )
 
 func ParseUserData(contents string) (interface{}, error) {
 	if len(contents) == 0 {
 		return nil, nil
 	}
-	header := strings.SplitN(contents, "\n", 2)[0]
 
-	// Explicitly trim the header so we can handle user-data from
+	switch {
-	// non-unix operating systems. The rest of the file is parsed
+	case config.IsScript(contents):
-	// by yaml, which correctly handles CRLF.
-	header = strings.TrimSpace(header)
-
-	if strings.HasPrefix(header, "#!") {
 		log.Printf("Parsing user-data as script")
-		return system.Script(contents), nil
+		return config.NewScript(contents)
-	} else if header == "#cloud-config" {
+	case config.IsCloudConfig(contents):
 		log.Printf("Parsing user-data as cloud-config")
-		return NewCloudConfig(contents)
+		return config.NewCloudConfig(contents)
-	} else {
+	default:
-		return nil, fmt.Errorf("Unrecognized user-data header: %s", header)
+		return nil, errors.New("Unrecognized user-data format")
 	}
 }

initialize/user_data_test.go

@@ -1,23 +1,23 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
 import (
 	"testing"
+
+	"github.com/coreos/coreos-cloudinit/config"
 )
 
 func TestParseHeaderCRLF(t *testing.T) {
@@ -53,7 +53,7 @@ func TestParseConfigCRLF(t *testing.T) {
 		t.Fatalf("Failed parsing config: %v", err)
 	}
 
-	cfg := ud.(*CloudConfig)
+	cfg := ud.(*config.CloudConfig)
 
 	if cfg.Hostname != "foo" {
 		t.Error("Failed parsing hostname from config")

initialize/workspace.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package initialize
 
@@ -21,6 +19,7 @@ import (
 	"path"
 	"strings"
 
+	"github.com/coreos/coreos-cloudinit/config"
 	"github.com/coreos/coreos-cloudinit/system"
 )
 
@@ -37,7 +36,7 @@ func PrepWorkspace(workspace string) error {
 	return nil
 }
 
-func PersistScriptInWorkspace(script system.Script, workspace string) (string, error) {
+func PersistScriptInWorkspace(script config.Script, workspace string) (string, error) {
 	scriptsPath := path.Join(workspace, "scripts")
 	tmp, err := ioutil.TempFile(scriptsPath, "")
 	if err != nil {
@@ -47,21 +46,21 @@ func PersistScriptInWorkspace(script system.Script, workspace string) (string, e
 
 	relpath := strings.TrimPrefix(tmp.Name(), workspace)
 
-	file := system.File{
+	file := system.File{File: config.File{
 		Path:               relpath,
 		RawFilePermissions: "0744",
 		Content:            string(script),
-	}
+	}}
 
 	return system.WriteFile(&file, workspace)
 }
 
 func PersistUnitNameInWorkspace(name string, workspace string) error {
-	file := system.File{
+	file := system.File{File: config.File{
 		Path:               path.Join("scripts", "unit-name"),
 		RawFilePermissions: "0644",
 		Content:            name,
-	}
+	}}
 	_, err := system.WriteFile(&file, workspace)
 	return err
 }

network/debian.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package network
 
@@ -21,9 +19,9 @@ import (
 	"strings"
 )
 
-func ProcessDebianNetconf(config string) ([]InterfaceGenerator, error) {
+func ProcessDebianNetconf(config []byte) ([]InterfaceGenerator, error) {
 	log.Println("Processing Debian network config")
-	lines := formatConfig(config)
+	lines := formatConfig(string(config))
 	stanzas, err := parseStanzas(lines)
 	if err != nil {
 		return nil, err

network/debian_test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package network
 
@@ -46,7 +44,7 @@ func TestProcessDebianNetconf(t *testing.T) {
 		{"auto eth1\nauto eth2", false, 0},
 		{"iface eth1 inet manual", false, 1},
 	} {
-		interfaces, err := ProcessDebianNetconf(tt.in)
+		interfaces, err := ProcessDebianNetconf([]byte(tt.in))
 		failed := err != nil
 		if tt.fail != failed {
 			t.Fatalf("bad failure state for %q: got %t, want %t", tt.in, failed, tt.fail)

network/digitalocean.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package network
 
@@ -25,14 +23,14 @@ import (
 	"github.com/coreos/coreos-cloudinit/datasource/metadata/digitalocean"
 )
 
-func ProcessDigitalOceanNetconf(config string) ([]InterfaceGenerator, error) {
+func ProcessDigitalOceanNetconf(config []byte) ([]InterfaceGenerator, error) {
 	log.Println("Processing DigitalOcean network config")
-	if config == "" {
+	if len(config) == 0 {
 		return nil, nil
 	}
 
 	var cfg digitalocean.Metadata
-	if err := json.Unmarshal([]byte(config), &cfg); err != nil {
+	if err := json.Unmarshal(config, &cfg); err != nil {
 		return nil, err
 	}
 

network/digitalocean_test.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package network
 
@@ -380,7 +378,7 @@ func TestProcessDigitalOceanNetconf(t *testing.T) {
 			ifaces: []InterfaceGenerator{},
 		},
 	} {
-		ifaces, err := ProcessDigitalOceanNetconf(tt.cfg)
+		ifaces, err := ProcessDigitalOceanNetconf([]byte(tt.cfg))
 		if !errorsEqual(tt.err, err) {
 			t.Fatalf("bad error (%q): want %q, got %q", tt.cfg, tt.err, err)
 		}

network/interface.go

@@ -1,18 +1,16 @@
-/*
+// Copyright 2015 CoreOS, Inc.
-   Copyright 2014 CoreOS, Inc.
+//
-
+// Licensed under the Apache License, Version 2.0 (the "License");
-   Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
-   you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
-   You may obtain a copy of the License at
+//
-
+//     http://www.apache.org/licenses/LICENSE-2.0
-       http://www.apache.org/licenses/LICENSE-2.0
+//
-
+// Unless required by applicable law or agreed to in writing, software
-   Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
-   distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
-   See the License for the specific language governing permissions and
+// limitations under the License.
-   limitations under the License.
-*/
 
 package network