cloud: Remember password updates

kernelci · Jan 20, 2024 · 1d48b80 · 1d48b80
1 parent 1090452
commit 1d48b80
Showing 1 changed file with 14 additions and 2 deletions.
diff --git a/kcidb/cloud/password.sh b/kcidb/cloud/password.sh
@@ -32,6 +32,9 @@ declare -A PASSWORD_FILES=()
 # A map of password names and their strings
 declare -A PASSWORD_STRINGS=()
 
+# A map of password names and their update status
+declare -A PASSWORD_UPDATED=()
+
 # Check that every specified password exists.
 # Args: name...
 function password_exists() {
@@ -91,6 +94,7 @@ function password_get() {
         else
             password=$(<"$password_file")
         fi
+        PASSWORD_UPDATED[$name]="true"
     # If secret exists
     elif "$password_secret_exists"; then
         password=$(
@@ -99,9 +103,11 @@ function password_get() {
     # If can be generated
     elif "$password_generate"; then
         password=$(dd if=/dev/random bs=32 count=1 status=none | base64)
+        PASSWORD_UPDATED[$name]="true"
     # Else read from user
     else
         password=$(password_input "$name")
+        PASSWORD_UPDATED[$name]="true"
     fi
 
     PASSWORD_STRINGS[$name]="$password"
@@ -226,8 +232,7 @@ function password_is_specified() {
     return 0
 }
 
-# Check if any of the passwords with specified names are (going to be) updated
-# (specified on the command line, or missing).
+# Check if any of the passwords with specified names are (to be) updated.
 # Args: name...
 # Output: "true" if all secrets exists, "false" otherwise.
 function password_is_updated() {
@@ -236,13 +241,20 @@ function password_is_updated() {
     assert password_exists "$@"
     while (($#)); do
         name="$1"; shift
+        # If the password was updated
+        if "${PASSWORD_UPDATED[$name]:-false}"; then
+            echo true
+            return
+        fi
+        # If the password is going to be read from a file
         if password_is_specified "$name"; then
             echo true
             return
         fi
         if password_secret_is_specified "$name"; then
             secret_exists="$(password_secret_exists "$name")"
             if "$secret_exists"; then
+                # We're going to use the password's secret
                 continue
             fi
         fi