From 21602a79e7644b27b18242bd9d12bb275e56dcf7 Mon Sep 17 00:00:00 2001
From: Geoff Bourne <itzgeoff@gmail.com>
Date: Wed, 26 Jan 2022 20:25:52 -0600
Subject: [PATCH] Refactored ops and whitelist processing into its own file
 (#1306)

---
 Dockerfile                                    |  2 +-
 scripts/start-configuration                   |  2 +-
 scripts/start-finalExec                       | 94 +-----------------
 scripts/start-setupEnvVariables               |  2 +-
 scripts/start-setupRbac                       | 98 +++++++++++++++++++
 .../ops_from_scratch/docker-compose.yml       | 13 +++
 .../setuponlytests/ops_from_scratch/verify.sh |  3 +
 tests/setuponlytests/test.sh                  |  6 +-
 .../whitelist_from_scratch/docker-compose.yml | 15 +++
 .../whitelist_from_scratch/verify.sh          |  4 +
 10 files changed, 142 insertions(+), 97 deletions(-)
 create mode 100644 scripts/start-setupRbac
 create mode 100644 tests/setuponlytests/ops_from_scratch/docker-compose.yml
 create mode 100644 tests/setuponlytests/ops_from_scratch/verify.sh
 create mode 100644 tests/setuponlytests/whitelist_from_scratch/docker-compose.yml
 create mode 100644 tests/setuponlytests/whitelist_from_scratch/verify.sh

diff --git a/Dockerfile b/Dockerfile
index 4e9db69f..34e54808 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -62,7 +62,7 @@ RUN easy-add --var os=${TARGETOS} --var arch=${TARGETARCH}${TARGETVARIANT} \
   --var version=0.1.1 --var app=maven-metadata-release --file {{.app}} \
   --from https://github.com/itzg/{{.app}}/releases/download/{{.version}}/{{.app}}_{{.version}}_{{.os}}_{{.arch}}.tar.gz
 
-ARG MC_HELPER_VERSION=1.16.0
+ARG MC_HELPER_VERSION=1.16.2
 ARG MC_HELPER_BASE_URL=https://github.com/itzg/mc-image-helper/releases/download/v${MC_HELPER_VERSION}
 RUN curl -fsSL ${MC_HELPER_BASE_URL}/mc-image-helper-${MC_HELPER_VERSION}.tgz \
   | tar -C /usr/share -zxf - \
diff --git a/scripts/start-configuration b/scripts/start-configuration
index a52af4f2..ae08aa3d 100755
--- a/scripts/start-configuration
+++ b/scripts/start-configuration
@@ -3,7 +3,7 @@ set -euo pipefail
 IFS=$'\n\t'
 
 # shellcheck source=start-utils
-. ${SCRIPTS:-/}start-utils
+. "${SCRIPTS:-/}start-utils"
 
 : "${EULA:=}"
 : "${PROXY:=}"
diff --git a/scripts/start-finalExec b/scripts/start-finalExec
index e5178446..79376840 100755
--- a/scripts/start-finalExec
+++ b/scripts/start-finalExec
@@ -1,97 +1,9 @@
 #!/bin/bash
 
-. ${SCRIPTS:-/}start-utils
+# shellcheck source=start-utils
+. "${SCRIPTS:-/}start-utils"
 isDebugging && set -x
 
-if versionLessThan 1.7.6; then
-  opsFile=ops.txt
-  whitelistFile=white-list.txt
-else
-  opsFile=ops.json
-  whitelistFile=whitelist.json
-fi
-
-function process_user_file() {
-  local output=$1
-  local source=$2
-
-  if isURL "$source"; then
-    log "Downloading $output from $source"
-    if ! get -o /data/$output "$source"; then
-      log "ERROR: failed to download from $source"
-      exit 2
-    fi
-  else
-    log "Copying $output from $source"
-    if ! cp "$source" /data/$output; then
-      log "ERROR: failed to copy from $source"
-      exit 1
-    fi
-  fi
-}
-
-function process_user_csv() {
-  local output=$1
-  local list=$2
-  local playerDataList
-
-  if [[ "$output" == *"ops"* ]]; then
-    # Extra data for ops.json
-    userData='{"uuid": .id, "name": .username, "level": 4}'
-  else
-    userData='{"uuid": .id, "name": .username}'
-  fi
-
-  log "Updating ${output%.*}"
-  for i in ${list//,/ }
-  do
-    if [ -e "$output" ] && grep -q "$i" "$output"; then
-      log "$i already present in $output, skipping"
-      continue
-    fi
-    if ! playerData=$(get "https://playerdb.co/api/player/minecraft/$i" | jq -re ".data.player"); then
-      log "WARNING: Could not lookup user $i for ${output} addition"
-    else
-      playerDataList=$playerDataList$(echo $playerData | jq -r "$userData")
-    fi
-  done
-  local newUsers=$(echo $playerDataList | jq -s .)
-  if [[ $output =~ .*\.txt ]]; then
-    # username list for txt config (Minecraft <= 1.7.5)
-    echo $newUsers | jq -r '.[].name' >> /data/${output}
-    sort -u /data/${output} -o /data/${output}
-  elif [ -e /data/${output} ]; then
-    # Merge with existing json file
-    local currentUsers=$(cat /data/${output})
-    jq --argjson current "$currentUsers" --argjson new "$newUsers" -n '$new + $current | unique_by(.uuid)' > /data/${output}
-  else
-    # New json file
-    echo $newUsers > /data/${output}
-  fi
-}
-
-if isTrue "${OVERRIDE_OPS}"; then
-  log "Recreating ${opsFile} file at server startup"
-  rm -f /data/${opsFile}
-fi
-if [ -n "${OPS_FILE}" ] && [ ! -e "/data/${opsFile}" ]; then
-  process_user_file ${opsFile} "$OPS_FILE"
-fi
-if [ -n "${OPS}" ]; then
-  process_user_csv ${opsFile} "$OPS"
-fi
-
-if isTrue "${OVERRIDE_WHITELIST}"; then
-  log "Recreating ${whitelistFile} file at server startup"
-  rm -f /data/${whitelistFile}
-fi
-if [ -n "${WHITELIST_FILE}" ] && [ ! -e "/data/${whitelistFile}" ]; then
-  process_user_file ${whitelistFile} "$WHITELIST_FILE"
-fi
-if [ -n "${WHITELIST}" ]; then
-  process_user_csv ${whitelistFile} "$WHITELIST"
-fi
-
 if [ -n "$ICON" ]; then
     if [ ! -e server-icon.png ] || [ "${OVERRIDE_ICON}" == "TRUE" ]; then
       log "Using server icon from $ICON..."
@@ -169,7 +81,7 @@ if versionLessThan 1.14 && [[ ${CONSOLE,,} = false ]]; then
 fi
 
 # Optional disable GUI for headless servers
-if [[ ${GUI} = false || ${GUI} = FALSE ]]; then
+if [[ ${GUI,,} = false ]]; then
   EXTRA_ARGS+=" nogui"
 fi
 
diff --git a/scripts/start-setupEnvVariables b/scripts/start-setupEnvVariables
index 34712ded..42eae28f 100755
--- a/scripts/start-setupEnvVariables
+++ b/scripts/start-setupEnvVariables
@@ -32,4 +32,4 @@ if [[ ${PATCH_DEFINITIONS} ]]; then
     "${PATCH_DEFINITIONS}"
 fi
 
-exec "${SCRIPTS:-/}start-finalExec" "$@"
+exec "${SCRIPTS:-/}start-setupRbac" "$@"
diff --git a/scripts/start-setupRbac b/scripts/start-setupRbac
new file mode 100644
index 00000000..9c92764b
--- /dev/null
+++ b/scripts/start-setupRbac
@@ -0,0 +1,98 @@
+#!/bin/bash
+
+# shellcheck source=start-utils
+. "${SCRIPTS:-/}start-utils"
+isDebugging && set -x
+
+if versionLessThan 1.7.6; then
+  opsFile=ops.txt
+  whitelistFile=white-list.txt
+else
+  opsFile=ops.json
+  whitelistFile=whitelist.json
+fi
+
+function process_user_file() {
+  local output=$1
+  local source=$2
+
+  if isURL "$source"; then
+    log "Downloading $output from $source"
+    if ! get -o "/data/$output" "$source"; then
+      log "ERROR: failed to download from $source"
+      exit 2
+    fi
+  else
+    log "Copying $output from $source"
+    if ! cp "$source" "/data/$output"; then
+      log "ERROR: failed to copy from $source"
+      exit 1
+    fi
+  fi
+}
+
+function process_user_csv() {
+  local output=$1
+  local list=$2
+  local playerDataList
+
+  if [[ "$output" == *"ops"* ]]; then
+    # Extra data for ops.json
+    userData='{"uuid": .id, "name": .username, "level": 4}'
+  else
+    userData='{"uuid": .id, "name": .username}'
+  fi
+
+  log "Updating ${output%.*}"
+  for i in ${list//,/ }
+  do
+    if [ -e "$output" ] && grep -q "$i" "$output"; then
+      log "$i already present in $output, skipping"
+      continue
+    fi
+    if ! playerData=$(get "https://playerdb.co/api/player/minecraft/$i" | jq -re ".data.player"); then
+      log "WARNING: Could not lookup user $i for ${output} addition"
+    else
+      playerDataList=$playerDataList$(echo "$playerData" | jq -r "$userData")
+    fi
+  done
+  local newUsers=$(echo "$playerDataList" | jq -s .)
+  if [[ $output =~ .*\.txt ]]; then
+    # username list for txt config (Minecraft <= 1.7.5)
+    echo $newUsers | jq -r '.[].name' >> "/data/${output}"
+    sort -u /data/${output} -o /data/${output}
+  elif [ -e /data/${output} ]; then
+    # Merge with existing json file
+    local currentUsers=$(cat "/data/${output}")
+    jq --argjson current "$currentUsers" --argjson new "$newUsers" -n '$new + $current | unique_by(.uuid)' > "/data/${output}"
+  else
+    # New json file
+    echo $newUsers > "/data/${output}"
+  fi
+}
+
+if isTrue "${OVERRIDE_OPS}"; then
+  log "Recreating ${opsFile} file at server startup"
+  rm -f /data/${opsFile}
+fi
+if [ -n "${OPS_FILE}" ] && [ ! -e "/data/${opsFile}" ]; then
+  process_user_file ${opsFile} "$OPS_FILE"
+fi
+if [ -n "${OPS}" ]; then
+  process_user_csv ${opsFile} "$OPS"
+fi
+
+if isTrue "${OVERRIDE_WHITELIST}"; then
+  log "Recreating ${whitelistFile} file at server startup"
+  rm -f /data/${whitelistFile}
+fi
+if [ -n "${WHITELIST_FILE}" ] && [ ! -e "/data/${whitelistFile}" ]; then
+  process_user_file ${whitelistFile} "$WHITELIST_FILE"
+fi
+if [ -n "${WHITELIST}" ]; then
+  process_user_csv ${whitelistFile} "$WHITELIST"
+fi
+
+
+
+exec "${SCRIPTS:-/}start-finalExec" "$@"
diff --git a/tests/setuponlytests/ops_from_scratch/docker-compose.yml b/tests/setuponlytests/ops_from_scratch/docker-compose.yml
new file mode 100644
index 00000000..4cc8eb64
--- /dev/null
+++ b/tests/setuponlytests/ops_from_scratch/docker-compose.yml
@@ -0,0 +1,13 @@
+version: "3"
+
+services:
+  mc:
+    restart: "no"
+    image: ${IMAGE_TO_TEST:-itzg/minecraft-server}
+    environment:
+      EULA: "TRUE"
+      SETUP_ONLY: "TRUE"
+      VERSION: ${MINECRAFT_VERSION:-LATEST}
+      OPS: itzg
+    volumes:
+      - ./data:/data
diff --git a/tests/setuponlytests/ops_from_scratch/verify.sh b/tests/setuponlytests/ops_from_scratch/verify.sh
new file mode 100644
index 00000000..4c916e07
--- /dev/null
+++ b/tests/setuponlytests/ops_from_scratch/verify.sh
@@ -0,0 +1,3 @@
+mc-image-helper assert jsonPathEquals --file=ops.json --path='$[0].name' --expect=itzg
+mc-image-helper assert jsonPathEquals --file=ops.json --path='$[0].uuid' --expect=5cddfd26-fc86-4981-b52e-c42bb10bfdef
+mc-image-helper assert jsonPathEquals --file=ops.json --path='$[0].level' --expect=4
\ No newline at end of file
diff --git a/tests/setuponlytests/test.sh b/tests/setuponlytests/test.sh
index 8c8cb38e..1ccf04f3 100644
--- a/tests/setuponlytests/test.sh
+++ b/tests/setuponlytests/test.sh
@@ -11,8 +11,8 @@ setupOnlyMinecraftTest(){
   cd "$folder"
   result=0
 
-  if ! logs=$(docker compose run --quiet-pull mc 2>&1); then
-    echo "${folder} setup FAILED"
+  if ! logs=$(docker-compose run mc 2>&1); then
+    echo "${folder} test scenario FAILED"
     echo ":::::::::::: LOGS ::::::::::::::::
 $logs
 ::::::::::::::::::::::::::::::::::
@@ -29,7 +29,7 @@ $logs
     echo "${folder} PASS"
   fi
 
-  docker compose down -v --remove-orphans
+  docker-compose down -v --remove-orphans
   cd ..
 
   return $result
diff --git a/tests/setuponlytests/whitelist_from_scratch/docker-compose.yml b/tests/setuponlytests/whitelist_from_scratch/docker-compose.yml
new file mode 100644
index 00000000..a09104ac
--- /dev/null
+++ b/tests/setuponlytests/whitelist_from_scratch/docker-compose.yml
@@ -0,0 +1,15 @@
+version: "3"
+
+services:
+  mc:
+    restart: "no"
+    image: ${IMAGE_TO_TEST:-itzg/minecraft-server}
+    environment:
+      EULA: "TRUE"
+      SETUP_ONLY: "TRUE"
+      VERSION: ${MINECRAFT_VERSION:-LATEST}
+      WHITELIST: itzg
+      ENFORCE_WHITELIST: "true"
+      OVERRIDE_SERVER_PROPERTIES: "true"
+    volumes:
+      - ./data:/data
diff --git a/tests/setuponlytests/whitelist_from_scratch/verify.sh b/tests/setuponlytests/whitelist_from_scratch/verify.sh
new file mode 100644
index 00000000..4e2417d2
--- /dev/null
+++ b/tests/setuponlytests/whitelist_from_scratch/verify.sh
@@ -0,0 +1,4 @@
+mc-image-helper assert jsonPathEquals --file=whitelist.json --path='$[0].name' --expect=itzg
+mc-image-helper assert jsonPathEquals --file=whitelist.json --path='$[0].uuid' --expect=5cddfd26-fc86-4981-b52e-c42bb10bfdef
+mc-image-helper assert propertyEquals --file=server.properties --property=white-list --expect=true
+mc-image-helper assert propertyEquals --file=server.properties --property=enforce-whitelist --expect=true