LOL. I didn’t know this one, yet :)
On 21 Feb 2022, at 21:32, Peter Müller peter.mueller@ipfire.org wrote:
Ah, this must be enterprise cloud security: "Military-grade Base64 ..." m(
Anyway,
Reviewed-by: Peter Müller peter.mueller@ipfire.org
Terraform only supports sending any shell scripts encoded in base64 which is however not required by Oracle. Therefore we have to test if the script is encoded or not.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
src/initscripts/helper/oci-setup | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+)
diff --git a/src/initscripts/helper/oci-setup b/src/initscripts/helper/oci-setup index 0763a96e7..98b9858d6 100644 --- a/src/initscripts/helper/oci-setup +++ b/src/initscripts/helper/oci-setup @@ -15,6 +15,24 @@ get() { wget -qO - "http://169.254.169.254/opc/v1/$%7Bfile%7D" }
+try_base64_decode() {
- local input="${1}"
- local tmp="$(mktemp)"
- # Try to decode this and return output if successful
- if base64 -d <<< "${input}" > "${tmp}" 2>/dev/null; then
echo "$(<${tmp})"- # Otherwise just return the input
- else
echo "${input}"- fi
- # Cleanup
- unlink "${tmp}"
+}
to_address() { local n="${1}"
@@ -115,6 +133,9 @@ import_oci_configuration() { # Download a startup script local script="$(get instance/metadata/user_data)"
# Try to decode thisscript="$(try_base64_decode "${script}")"- # Execute the script if [ "${script:0:2}" = "#!" ]; then echo "${script}" > /tmp/user-data.script