feat(web): re-introduce the storage encryption settings

rust/agama-lib/share/examples/storage/model.json

@@ -1,4 +1,8 @@
 {
+  "encryption": {
+    "method": "luks1",
+    "password": "12345"
+  },
   "boot": {
     "configure": true,
     "device": {

rust/agama-lib/share/storage.model.schema.json

@@ -5,6 +5,7 @@
   "additionalProperties": false,
   "properties": {
     "boot": { "$ref": "#/$defs/boot" },
+    "encryption": { "$ref": "#/$defs/encryption" },
     "drives": {
       "type": "array",
       "items": { "$ref": "#/$defs/drive" }
@@ -29,6 +30,22 @@
         "name": { "type": "string" }
       }
     },
+    "encryption": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["method"],
+      "properties": {
+        "method": { "$ref": "#/$defs/encryptionMethod" },
+        "password": { "type": "string" }
+      }
+    },
+    "encryptionMethod": {
+      "enum": [
+        "luks1",
+        "luks2",
+        "tpmFde"
+      ]
+    },
     "drive": {
       "type": "object",
       "additionalProperties": false,

rust/package/agama.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Fri Feb 21 14:00:47 UTC 2025 - José Iván López González <jlopez@suse.com>
+
+- Extend storage model schema to support global encryption
+  (gh#agama-project/agama#2031).
+
 -------------------------------------------------------------------
 Thu Feb 20 12:58:09 UTC 2025 - Ancor Gonzalez Sosa <ancor@suse.com>
 

service/lib/agama/storage/config_conversions/from_model_conversions.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright (c) [2024] SUSE LLC
+# Copyright (c) [2024-2025] SUSE LLC
 #
 # All Rights Reserved.
 #
@@ -23,6 +23,7 @@
 require "agama/storage/config_conversions/from_model_conversions/boot_device"
 require "agama/storage/config_conversions/from_model_conversions/config"
 require "agama/storage/config_conversions/from_model_conversions/drive"
+require "agama/storage/config_conversions/from_model_conversions/encryption"
 require "agama/storage/config_conversions/from_model_conversions/filesystem"
 require "agama/storage/config_conversions/from_model_conversions/filesystem_type"
 require "agama/storage/config_conversions/from_model_conversions/partition"

service/lib/agama/storage/config_conversions/from_model_conversions/config.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright (c) [2024] SUSE LLC
+# Copyright (c) [2024-2025] SUSE LLC
 #
 # All Rights Reserved.
 #
@@ -79,7 +79,6 @@ def convert_boot
             FromModelConversions::Boot.new(boot_model).convert
           end
 
-          # @return [Array<Configs::Drive>, nil]
           def convert_drives
             return unless drive_models
 
@@ -89,7 +88,9 @@ def convert_drives
           # @param drive_model [Hash]
           # @return [Configs::Drive]
           def convert_drive(drive_model)
-            FromModelConversions::Drive.new(drive_model, product_config).convert
+            FromModelConversions::Drive
+              .new(drive_model, product_config, model_json[:encryption])
+              .convert
           end
 
           # Conversion for the boot device alias.

service/lib/agama/storage/config_conversions/from_model_conversions/drive.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright (c) [2024] SUSE LLC
+# Copyright (c) [2024-2025] SUSE LLC
 #
 # All Rights Reserved.
 #
@@ -39,17 +39,22 @@ class Drive < Base
 
           # @param model_json [Hash]
           # @param product_config [Agama::Config]
-          def initialize(model_json, product_config)
+          # @param encryption_model [Hash, nil]
+          def initialize(model_json, product_config, encryption_model = nil)
             super(model_json)
             @product_config = product_config
+            @encryption_model = encryption_model
           end
 
         private
 
+          alias_method :drive_model, :model_json
+
           # @return [Agama::Config]
           attr_reader :product_config
 
-          alias_method :drive_model, :model_json
+          # @return [Hash, nil]
+          attr_reader :encryption_model
 
           # @see Base
           # @return [Configs::Drive]
@@ -65,7 +70,7 @@ def conversions
               alias:       drive_model[:alias],
               filesystem:  convert_filesystem,
               ptable_type: convert_ptable_type,
-              partitions:  convert_partitions
+              partitions:  convert_partitions(encryption_model)
             }
           end
         end

service/lib/agama/storage/config_conversions/from_model_conversions/encryption.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+# Copyright (c) [2025] SUSE LLC
+#
+# All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of version 2 of the GNU General Public License as published
+# by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, contact SUSE LLC.
+#
+# To contact SUSE LLC about this file by physical or electronic mail, you may
+# find current contact information at www.suse.com.
+
+require "agama/storage/config_conversions/from_model_conversions/base"
+require "y2storage/encryption_method"
+
+module Agama
+  module Storage
+    module ConfigConversions
+      module FromModelConversions
+        # Encryption conversion from model according to the JSON schema.
+        class Encryption < Base
+        private
+
+          # @see Base
+          # @return [Configs::Encryption]
+          def default_config
+            Configs::Encryption.new
+          end
+
+          # @see Base#conversions
+          # @return [Hash]
+          def conversions
+            {
+              method:   convert_method,
+              password: model_json[:password]
+            }
+          end
+
+          # @return [Y2Storage::EncryptionMethod::Base]
+          def convert_method
+            method_conversions = {
+              "luks1"  => Y2Storage::EncryptionMethod::LUKS1,
+              "luks2"  => Y2Storage::EncryptionMethod::LUKS2,
+              "tpmFde" => Y2Storage::EncryptionMethod::TPM_FDE
+            }
+
+            method_conversions[model_json[:method]]
+          end
+        end
+      end
+    end
+  end
+end

service/lib/agama/storage/config_conversions/from_model_conversions/partition.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright (c) [2024] SUSE LLC
+# Copyright (c) [2024-2025] SUSE LLC
 #
 # All Rights Reserved.
 #
@@ -20,6 +20,7 @@
 # find current contact information at www.suse.com.
 
 require "agama/storage/config_conversions/from_model_conversions/base"
+require "agama/storage/config_conversions/from_model_conversions/with_encryption"
 require "agama/storage/config_conversions/from_model_conversions/with_filesystem"
 require "agama/storage/config_conversions/from_model_conversions/with_search"
 require "agama/storage/config_conversions/from_model_conversions/with_size"
@@ -32,26 +33,38 @@ module ConfigConversions
       module FromModelConversions
         # Partition conversion from model according to the JSON schema.
         class Partition < Base
-        private
-
           include WithSearch
+          include WithEncryption
           include WithFilesystem
           include WithSize
 
+          # @param model_json [Hash]
+          # @param encryption_model [Hash, nil]
+          def initialize(model_json, encryption_model = nil)
+            super(model_json)
+            @encryption_model = encryption_model
+          end
+
+        private
+
+          alias_method :partition_model, :model_json
+
+          # @return [Hash, nil]
+          attr_reader :encryption_model
+
           # @see Base
           # @return [Configs::Partition]
           def default_config
             Configs::Partition.new
           end
 
-          alias_method :partition_model, :model_json
-
           # @see Base#conversions
           # @return [Hash]
           def conversions
             {
               search:           convert_search,
               alias:            partition_model[:alias],
+              encryption:       convert_encryption,
               filesystem:       convert_filesystem,
               size:             convert_size,
               id:               convert_id,

service/lib/agama/storage/config_conversions/from_model_conversions/with_encryption.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+# Copyright (c) [2025] SUSE LLC
+#
+# All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of version 2 of the GNU General Public License as published
+# by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, contact SUSE LLC.
+#
+# To contact SUSE LLC about this file by physical or electronic mail, you may
+# find current contact information at www.suse.com.
+
+require "agama/storage/config_conversions/from_model_conversions/encryption"
+
+module Agama
+  module Storage
+    module ConfigConversions
+      module FromModelConversions
+        # Mixin for encryption conversion.
+        module WithEncryption
+          # @return [Configs::Encryption, nil]
+          def convert_encryption
+            # Do not encrypt reused partitions.
+            return if model_json[:name]
+
+            return if encryption_model.nil?
+
+            FromModelConversions::Encryption.new(encryption_model).convert
+          end
+        end
+      end
+    end
+  end
+end

service/lib/agama/storage/config_conversions/from_model_conversions/with_partitions.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright (c) [2024] SUSE LLC
+# Copyright (c) [2024-2025] SUSE LLC
 #
 # All Rights Reserved.
 #
@@ -28,40 +28,45 @@ module ConfigConversions
       module FromModelConversions
         # Mixin for partitions conversion.
         module WithPartitions
+          # @param encryption_model [Hash, nil]
           # @return [Array<Configs::Partition>]
-          def convert_partitions
+          def convert_partitions(encryption_model = nil)
             # If the model does not indicate a space policy, then the space policy defined by the
             # product is applied.
             space_policy = model_json[:spacePolicy] || product_config.space_policy
 
             case space_policy
             when "keep"
-              used_partition_configs
+              used_partition_configs(encryption_model)
             when "delete"
-              [used_partition_configs, delete_all_partition_config].flatten
+              [used_partition_configs(encryption_model), delete_all_partition_config].flatten
             when "resize"
-              [used_partition_configs, resize_all_partition_config].flatten
+              [used_partition_configs(encryption_model), resize_all_partition_config].flatten
             else
-              partition_configs
+              partition_configs(encryption_model)
             end
           end
 
           # @param partition_model [Hash]
+          # @param encryption_model [Hash, nil]
+          #
           # @return [Configs::Partition]
-          def convert_partition(partition_model)
-            FromModelConversions::Partition.new(partition_model).convert
+          def convert_partition(partition_model, encryption_model = nil)
+            FromModelConversions::Partition.new(partition_model, encryption_model).convert
           end
 
           # @return [Array<Configs::Partition>]
-          def partition_configs
-            partitions.map { |p| convert_partition(p) }
+          # @param encryption_model [Hash, nil]
+          def partition_configs(encryption_model = nil)
+            partitions.map { |p| convert_partition(p, encryption_model) }
           end
 
           # Partitions with any usage (format, mount, etc).
+          # @param encryption_model [Hash, nil]
           #
           # @return [Array<Configs::Partition>]
-          def used_partition_configs
-            used_partitions.map { |p| convert_partition(p) }
+          def used_partition_configs(encryption_model = nil)
+            used_partitions.map { |p| convert_partition(p, encryption_model) }
           end
 
           # @return [Array<Hash>]

service/lib/agama/storage/config_conversions/to_model_conversions.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright (c) [2024] SUSE LLC
+# Copyright (c) [2024-2025] SUSE LLC
 #
 # All Rights Reserved.
 #
@@ -24,6 +24,7 @@
 require "agama/storage/config_conversions/to_model_conversions/boot_device"
 require "agama/storage/config_conversions/to_model_conversions/config"
 require "agama/storage/config_conversions/to_model_conversions/drive"
+require "agama/storage/config_conversions/to_model_conversions/encryption"
 require "agama/storage/config_conversions/to_model_conversions/filesystem"
 require "agama/storage/config_conversions/to_model_conversions/partition"
 require "agama/storage/config_conversions/to_model_conversions/size"