refactor: move the cloud init Python script to a separate file

This required adding a build.rs to generate a Rust source from the
Python file.

Sponsored-by: author

3 files changed, 102 insertions, 92 deletions

diff --git a/build.rs b/build.rs
new file mode 100644
index 0000000..278a7c6
--- /dev/null
+++ b/build.rs
@@ -0,0 +1,11 @@
+use std::fs::{read, write};
+use std::path::PathBuf;
+
+fn main() {
+    let py = read("cloud-init.py").unwrap();
+    let py = String::from_utf8_lossy(&py).to_string();
+
+    let mut path: PathBuf = std::env::var("OUT_DIR").unwrap().into();
+    path.push("cloud-init.rs");
+    write(&path, &format!("r#\"{}\"#\n", py)).unwrap();
+}
diff --git a/cloud-init.py b/cloud-init.py
new file mode 100644
index 0000000..814a5b7
--- /dev/null
+++ b/cloud-init.py
@@ -0,0 +1,90 @@
+import os
+import yaml
+
+
+def log(msg):
+    logfile.write(msg)
+    logfile.write("\n")
+    logfile.flush()
+
+
+logfile = open("/tmp/vmadm.script", "w")
+log("vmadm cloud-init script starting")
+
+if os.environ.get("VMADM_TESTING"):
+    filename = "smoke/user-data"
+    etc = "x"
+else:
+    filename = "/var/lib/cloud/instance/user-data.txt"
+    etc = "/etc/ssh"
+
+key_types = ("rsa", "dsa", "ecdsa", "ed25519")
+
+log(f"loading user-data from {filename}")
+obj = yaml.safe_load(open(filename))
+
+ssh_keys = obj.get("ssh_keys", {})
+user_ca_pubkey = obj.get("user_ca_pubkey", {})
+allow_authorized_keys = obj.get("allow_authorized_keys", True)
+
+keys = []
+certs = []
+
+for key_type in key_types:
+    filename = os.path.join(etc, f"ssh_host_{key_type}_key.pub")
+    if os.path.exists(filename):
+        log(f"removing {filename}")
+        os.remove(filename)
+    else:
+        log(f"file {filename} does not exist")
+
+for key_type in key_types:
+    key = ssh_keys.get(f"{key_type}_private")
+    cert = ssh_keys.get(f"{key_type}_certificate")
+    log(f"key {key_type} {key}")
+    log(f"cert {key_type} {cert }")
+
+    if key:
+        filename = os.path.join(etc, f"ssh_host_{key_type}_key")
+        log(f"writing key {filename}")
+        keys.append(filename)
+        with open(filename, "w") as f:
+            f.write(key)
+
+    if cert:
+        filename = os.path.join(etc, f"ssh_host_{key_type}_key-cert.pub")
+        log(f"writing cert {filename}")
+        certs.append(filename)
+        with open(filename, "w") as f:
+            f.write(cert)
+
+user_ca_filename = os.path.join(etc, "user-ca-keys")
+if user_ca_pubkey:
+    with open(user_ca_filename, "w") as f:
+        f.write(user_ca_pubkey)
+
+config = os.path.join(etc, "sshd_config")
+data = ""
+if os.path.exists(config):
+    data = open(config).read()
+
+log(f"configuring sshd {config}")
+log(f"keys {keys}")
+log(f"certs {certs}")
+
+with open(config, "w") as f:
+    for filename in keys:
+        log(f"hostkey {filename}")
+        f.write(f"hostkey {filename}\n")
+    for filename in certs:
+        log(f"hostcert {filename}")
+        f.write(f"hostcertificate {filename}\n")
+    if user_ca_pubkey:
+        log(f"trustedusercakeys {user_ca_filename}")
+        f.write(f"trustedusercakeys {user_ca_filename}\n")
+    if not allow_authorized_keys:
+        f.write("authorizedkeysfile none\n")
+    f.write(data)
+
+log("vmadm cloud-init script ending")
+logfile.close()
diff --git a/src/cloudinit.rs b/src/cloudinit.rs
index ad32f2a..6057966 100644
--- a/src/cloudinit.rs
+++ b/src/cloudinit.rs
@@ -17,98 +17,7 @@ use std::path::{Path, PathBuf};
 use std::process::Command;
 use tempfile::tempdir;
 
-const SCRIPT: &str = r#"
-import os
-import yaml
-
-
-def log(msg):
-    logfile.write(msg)
-    logfile.write("\n")
-    logfile.flush()
-
-
-logfile = open("/tmp/vmadm.script", "w")
-log("vmadm cloud-init script starting")
-
-if os.environ.get("VMADM_TESTING"):
-    filename = "smoke/user-data"
-    etc = "x"
-else:
-    filename = "/var/lib/cloud/instance/user-data.txt"
-    etc = "/etc/ssh"
-
-key_types = ("rsa", "dsa", "ecdsa", "ed25519")
-
-log(f"loading user-data from {filename}")
-obj = yaml.safe_load(open(filename))
-
-ssh_keys = obj.get("ssh_keys", {})
-user_ca_pubkey = obj.get("user_ca_pubkey", {})
-allow_authorized_keys = obj.get("allow_authorized_keys", True)
-
-keys = []
-certs = []
-
-for key_type in key_types:
-    filename = os.path.join(etc, f"ssh_host_{key_type}_key.pub")
-    if os.path.exists(filename):
-        log(f"removing {filename}")
-        os.remove(filename)
-    else:
-        log(f"file {filename} does not exist")
-
-for key_type in key_types:
-    key = ssh_keys.get(f"{key_type}_private")
-    cert = ssh_keys.get(f"{key_type}_certificate")
-    log(f"key {key_type} {key}")
-    log(f"cert {key_type} {cert }")
-
-    if key:
-        filename = os.path.join(etc, f"ssh_host_{key_type}_key")
-        log(f"writing key {filename}")
-        keys.append(filename)
-        with open(filename, "w") as f:
-            f.write(key)
-
-    if cert:
-        filename = os.path.join(etc, f"ssh_host_{key_type}_key-cert.pub")
-        log(f"writing cert {filename}")
-        certs.append(filename)
-        with open(filename, "w") as f:
-            f.write(cert)
-
-user_ca_filename = os.path.join(etc, "user-ca-keys")
-if user_ca_pubkey:
-    with open(user_ca_filename, "w") as f:
-        f.write(user_ca_pubkey)
-
-config = os.path.join(etc, "sshd_config")
-data = ""
-if os.path.exists(config):
-    data = open(config).read()
-
-log(f"configuring sshd {config}")
-log(f"keys {keys}")
-log(f"certs {certs}")
-
-with open(config, "w") as f:
-    for filename in keys:
-        log(f"hostkey {filename}")
-        f.write(f"hostkey {filename}\n")
-    for filename in certs:
-        log(f"hostcert {filename}")
-        f.write(f"hostcertificate {filename}\n")
-    if user_ca_pubkey:
-        log(f"trustedusercakeys {user_ca_filename}")
-        f.write(f"trustedusercakeys {user_ca_filename}\n")
-    if not allow_authorized_keys:
-        f.write("authorizedkeysfile none\n")
-    f.write(data)
-
-log("vmadm cloud-init script ending")
-logfile.close()
-"#;
+const SCRIPT: &str = include!(concat!(env!("OUT_DIR"), "/cloud-init.rs"));
 
 /// Errors from this module.
 #[derive(Debug, thiserror::Error)]