From 88d8db68b1e4d13287661d405ee0700726fdf2b2 Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Wed, 4 Dec 2024 11:31:05 +0100 Subject: [PATCH] distro/fedora: don't return early from FIPS check in checkOptions() When the check was first added [1] it was the last in the function and was written to immediately return. New checks were added after the check, without changing the early return, which means invalid configurations were not caught. Append to warnings instead of returning. [1] 665a128f049c62b14285498f753a8c5fdbaa646d --- pkg/distro/fedora/imagetype.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkg/distro/fedora/imagetype.go b/pkg/distro/fedora/imagetype.go index 85558315f8..b250af5e1d 100644 --- a/pkg/distro/fedora/imagetype.go +++ b/pkg/distro/fedora/imagetype.go @@ -290,6 +290,8 @@ func (t *imageType) Manifest(bp *blueprint.Blueprint, func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOptions) ([]string, error) { customizations := bp.Customizations + var warnings []string + if !t.rpmOstree && options.OSTree != nil { return nil, fmt.Errorf("OSTree is not supported for %q", t.Name()) } @@ -448,8 +450,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp } if customizations.GetFIPS() && !common.IsBuildHostFIPSEnabled() { - w := fmt.Sprintln(common.FIPSEnabledImageWarning) - return []string{w}, nil + warnings = append(warnings, fmt.Sprintln(common.FIPSEnabledImageWarning)) } instCust, err := customizations.GetInstaller() @@ -474,5 +475,5 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp } } - return nil, nil + return warnings, nil }