distro/fedora: don't return early from FIPS check in checkOptions()

When the check was first added [1] it was the last in the function and was written to immediately return. New checks were added after the check, without changing the early return, which means invalid configurations were not caught. Append to warnings instead of returning. [1] 665a128
osbuild · Dec 5, 2024 · 88d8db6 · 88d8db6
1 parent 5ecf4b5
commit 88d8db6
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/pkg/distro/fedora/imagetype.go b/pkg/distro/fedora/imagetype.go
@@ -290,6 +290,8 @@ func (t *imageType) Manifest(bp *blueprint.Blueprint,
 func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOptions) ([]string, error) {
 	customizations := bp.Customizations
 
+	var warnings []string
+
 	if !t.rpmOstree && options.OSTree != nil {
 		return nil, fmt.Errorf("OSTree is not supported for %q", t.Name())
 	}
@@ -448,8 +450,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
 	}
 
 	if customizations.GetFIPS() && !common.IsBuildHostFIPSEnabled() {
-		w := fmt.Sprintln(common.FIPSEnabledImageWarning)
-		return []string{w}, nil
+		warnings = append(warnings, fmt.Sprintln(common.FIPSEnabledImageWarning))
 	}
 
 	instCust, err := customizations.GetInstaller()
@@ -474,5 +475,5 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
 		}
 	}
 
-	return nil, nil
+	return warnings, nil
 }