pkg/asset/installconfig: Add OPENSHIFT_INSTALL_PULL_SECRET_PATH

docs/user/environment-variables.md

@@ -4,19 +4,36 @@ The installer accepts a number of environment variable that allow the interactiv
 
 ## General
 
-| Environment Variable              | Description                                                                                 |
-|:----------------------------------|:--------------------------------------------------------------------------------------------|
-| `OPENSHIFT_INSTALL_BASE_DOMAIN`   | The base domain of the cluster. All DNS records will be sub-domains of this base.           |
-| `OPENSHIFT_INSTALL_CLUSTER_NAME`  | The name of the cluster. This will be used when generating sub-domains.                     |
-| `OPENSHIFT_INSTALL_EMAIL_ADDRESS` | The email address of the cluster administrator. This will be used to log in to the console. |
-| `OPENSHIFT_INSTALL_PASSWORD`      | The password of the cluster administrator. This will be used to log in to the console.      |
-| `OPENSHIFT_INSTALL_PLATFORM`      | The platform onto which the cluster will be installed.                                      |
-| `OPENSHIFT_INSTALL_PULL_SECRET`   | The container registry pull secret for this cluster.                                        |
-| `OPENSHIFT_INSTALL_SSH_PUB_KEY`   | The SSH key used to access all nodes within the cluster. This is optional.                  |
+* `OPENSHIFT_INSTALL_BASE_DOMAIN`:
+    The base domain of the cluster. All DNS records will be sub-domains of this base.
+
+* `OPENSHIFT_INSTALL_CLUSTER_NAME`:
+     The name of the cluster.
+     This will be used when generating sub-domains.
+* `OPENSHIFT_INSTALL_EMAIL_ADDRESS`:
+     The email address of the cluster administrator.
+     This will be used to log in to the console.
+* `OPENSHIFT_INSTALL_PASSWORD`:
+     The password of the cluster administrator.
+     This will be used to log in to the console.
+* `OPENSHIFT_INSTALL_PLATFORM`:
+     The platform onto which the cluster will be installed.
+     Valid values are `aws` and `libvirt`.
+* `OPENSHIFT_INSTALL_PULL_SECRET`:
+     The container registry pull secret for this cluster (e.g. `{"auths": {...}}`).
+     You can generate these secrets with the `podman login` command.
+* `OPENSHIFT_INSTALL_PULL_SECRET_PATH`:
+     As an alternative to `OPENSHIFT_INSTALL_SSH_PUB_KEY`, you can configure this variable with a path containing your pull secret.
+* `OPENSHIFT_INSTALL_SSH_PUB_KEY`:
+     The SSH public key used to access all nodes within the cluster (e.g. `ssh-rsa AAAA...`).
+     This is optional.
+* `OPENSHIFT_INSTALL_SSH_PUB_KEY_PATH`:
+     As an alternative to `OPENSHIFT_INSTALL_SSH_PUB_KEY`, you can configure this variable with a path containing your SSH public key (e.g. `~/.ssh/id_rsa.pub`).
 
 ## Platform-Specific
 
-| Environment Variable              | Description                                                                              |
-|:----------------------------------|:-----------------------------------------------------------------------------------------|
-| `OPENSHIFT_INSTALL_AWS_REGION`    | The AWS region to be used for installation.                                              |
-| `OPENSHIFT_INSTALL_LIBVIRT_URI`   | The libvirt connection URI to be used. This must be accessible from the running cluster. |
+* `OPENSHIFT_INSTALL_AWS_REGION`:
+    The AWS region to be used for installation.
+* `OPENSHIFT_INSTALL_LIBVIRT_URI`:
+    The libvirt connection URI to be used.
+    This must be accessible from the running cluster.

pkg/asset/installconfig/ssh.go

@@ -24,6 +24,20 @@ func (a *sshPublicKey) Dependencies() []asset.Asset {
 	return nil
 }
 
+func readSSHKey(path string) (key []byte, err error) {
+	key, err = ioutil.ReadFile(path)
+	if err != nil {
+		return key, err
+	}
+
+	err = validate.OpenSSHPublicKey(string(key))
+	if err != nil {
+		return key, err
+	}
+
+	return key, nil
+}
+
 // Generate generates the SSH public key asset.
 func (a *sshPublicKey) Generate(map[asset.Asset]*asset.State) (state *asset.State, err error) {
 	if value, ok := os.LookupEnv("OPENSHIFT_INSTALL_SSH_PUB_KEY"); ok {
@@ -39,32 +53,39 @@ func (a *sshPublicKey) Generate(map[asset.Asset]*asset.State) (state *asset.Stat
 		}, nil
 	}
 
-	pubKeys := map[string][]byte{
-		none: {},
-	}
-	home := os.Getenv("HOME")
-	if home != "" {
-		paths, err := filepath.Glob(filepath.Join(home, ".ssh", "*.pub"))
+	pubKeys := map[string][]byte{}
+	if path, ok := os.LookupEnv("OPENSHIFT_INSTALL_SSH_PUB_KEY_PATH"); ok {
+		key, err := readSSHKey(path)
 		if err != nil {
 			return nil, err
 		}
-
-		for _, path := range paths {
-			pubKeyBytes, err := ioutil.ReadFile(path)
+		pubKeys[path] = key
+	} else {
+		pubKeys[none] = []byte{}
+		home := os.Getenv("HOME")
+		if home != "" {
+			paths, err := filepath.Glob(filepath.Join(home, ".ssh", "*.pub"))
 			if err != nil {
-				continue
+				return nil, err
 			}
-			pubKey := string(pubKeyBytes)
-
-			err = validate.OpenSSHPublicKey(pubKey)
-			if err != nil {
-				continue
+			for _, path := range paths {
+				key, err := readSSHKey(path)
+				if err != nil {
+					continue
+				}
+				pubKeys[path] = key
 			}
-
-			pubKeys[path] = pubKeyBytes
 		}
 	}
 
+	if len(pubKeys) == 1 {
+		return &asset.State{
+			Contents: []asset.Content{{
+				Data: []byte{},
+			}},
+		}, nil
+	}
+
 	var paths []string
 	for path := range pubKeys {
 		paths = append(paths, path)

pkg/asset/installconfig/stock.go

@@ -110,7 +110,8 @@ func (s *StockImpl) EstablishStock() {
 				return validate.JSON([]byte(ans.(string)))
 			}),
 		},
-		EnvVarName: "OPENSHIFT_INSTALL_PULL_SECRET",
+		EnvVarName:     "OPENSHIFT_INSTALL_PULL_SECRET",
+		PathEnvVarName: "OPENSHIFT_INSTALL_PULL_SECRET_PATH",
 	}
 	s.platform = &Platform{}
 	s.sshKey = &sshPublicKey{}

pkg/asset/userprovided.go

@@ -1,16 +1,18 @@
 package asset
 
 import (
+	"io/ioutil"
 	"os"
 
 	"github.com/AlecAivazis/survey"
 )
 
 // UserProvided generates an asset that is supplied by a user.
 type UserProvided struct {
-	AssetName  string
-	Question   *survey.Question
-	EnvVarName string
+	AssetName      string
+	Question       *survey.Question
+	EnvVarName     string
+	PathEnvVarName string
 }
 
 var _ Asset = (*UserProvided)(nil)
@@ -23,15 +25,23 @@ func (a *UserProvided) Dependencies() []Asset {
 // Generate queries for input from the user.
 func (a *UserProvided) Generate(map[Asset]*State) (*State, error) {
 	var response string
+
 	if value, ok := os.LookupEnv(a.EnvVarName); ok {
 		response = value
-		if a.Question.Validate != nil {
-			if err := a.Question.Validate(response); err != nil {
-				return nil, err
-			}
+	} else if path, ok := os.LookupEnv(a.PathEnvVarName); ok {
+		value, err := ioutil.ReadFile(path)
+		if err != nil {
+			return nil, err
 		}
-	} else {
+		response = string(value)
+	}
+
+	if response == "" {
 		survey.AskOne(a.Question.Prompt, &response, a.Question.Validate)
+	} else if a.Question.Validate != nil {
+		if err := a.Question.Validate(response); err != nil {
+			return nil, err
+		}
 	}
 
 	return &State{