CISS.debian.installer/func/cdi_1250_yaml/1250_yaml_parser.sh

#!/bin/bash
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu

guard_sourcing

#######################################
# Parsing './.preseed/preseed.yaml' and './.preseed/partitioning.yaml'.
# Globals:
#   ARY_ALLOW_IPV4
#   ARY_ALLOW_IPV6
#   ARY_BOOTPARAM
#   ARY_LOCALE
#   ARY_NTPSRVR
#   ARY_PACKAGES
#   BASH_REMATCH
#   DIR_CNF
#   DIR_TMP
#   VAR_PRESEED
#   VAR_USER_MAX
# Arguments:
#   None
# Returns:
#   0: on success
#######################################
yaml_parser() {
  ### Declare Arrays, HashMaps, and Variables.
  # shellcheck disable=SC2034
  declare -ag  ARY_ALLOW_IPV4=() ARY_ALLOW_IPV6=() ARY_BOOTPARAM=() ARY_LOCALE=() ARY_NTPSRVR=() ARY_PACKAGES=()
  declare -gix VAR_USER_MAX=-1
  declare      var_index="" var_key="" var_value="" _=""

  cat "${DIR_CNF}/preseed.yaml" "${DIR_CNF}/partitioning.yaml" >| "${DIR_TMP}/combined.yaml"

  yq -o=shell "${DIR_TMP}/combined.yaml" >| "${VAR_PRESEED}"

  ### Generate Arrays for [Grub Parameter], [Locales], [NTPSec Server FQDN], [Software Packages].
  while IFS='=' read -r var_key var_value; do
    var_value=${var_value#\'}
    var_value=${var_value%\'}
    # shellcheck disable=SC2034,SC2249
    case "${var_key}" in
      grub_parameter_[0-9]*) ARY_BOOTPARAM+=("${var_value}")  ;;
      locale_locale_[0-9]*)  ARY_LOCALE+=("${var_value}")     ;;
      ntp_server_[0-9]*)     ARY_NTPSRVR+=("${var_value}")    ;;
      ssh_allow_ipv4_[0-9]*) ARY_ALLOW_IPV4+=("${var_value}") ;;
      ssh_allow_ipv6_[0-9]*) ARY_ALLOW_IPV6+=("${var_value}") ;;
      software_[0-9]*)       ARY_PACKAGES+=("${var_value}")   ;;
    esac
  done < "${VAR_PRESEED}"
  var_key=""

  ### Search all set variables for user_userN_name patterns.
  # shellcheck disable=SC2312
  while IFS='=' read -r var_key _; do
    ### Accept any of these keys: name, fullname, uid, gid, shell, password, sshpubkey, authentication_* and privileges_*
    if [[ "${var_key}" =~ ^user_user([0-9]+)_(name|fullname|uid|gid|shell|password|sshpubkey|authentication_[A-Za-z0-9_]+|privileges_[A-Za-z0-9_]+)$ ]]; then
      var_index=${BASH_REMATCH[1]}
      (( var_index > VAR_USER_MAX )) && VAR_USER_MAX=var_index
    fi
  done < "${VAR_PRESEED}"

  ### If nothing matched, default to 0 (only user 0).
  (( VAR_USER_MAX < 0 )) && VAR_USER_MAX=0
  do_log "info" "file_only" "1250() Found highest User #: '${VAR_USER_MAX}'."

  ### Remove obsolete variables, normalize empty assignments, wrap remaining values in single quotes.
  sed -i -E '
    # --- Deletions --------------------------------------------------------
    /^grub_parameter_[0-9]+=/d         # delete grub parameter variables
    /^locale_locale_[0-9]+=/d          # delete locale variables
    /^ntp_server_[0-9]+=/d             # delete NTP server variables
    /^ssh_allow_ipv4_[0-9]+=/d         # delete ssh allow IPv4 variables
    /^ssh_allow_ipv6_[0-9]+=/d         # delete ssh allow IPv6 variables
    /^software_[0-9]+=/d               # delete software list variables

    # --- Empty-value normalisation ---------------------------------------
    s/^(.*)=\s*$/\1=""/                # turn key=  into key=""

    # --- Quote unquoted values -------------------------------------------
    s/^(.*)=([^'\''"]+)/\1='\''\2'\''/ # wrap value in single quotes
' "${VAR_PRESEED}"

  # shellcheck disable=SC1090
  . "${VAR_PRESEED}"

  guard_dir && return 0
}
### Prevents accidental 'unset -f'.
# shellcheck disable=SC2034
readonly -f yaml_parser
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh