Add external support for provision scripts

The provision scripts are run with ssh, instead
of being started by cloud-init like other drivers.

The ExecuteScript was duplicated from sshocker,
since it needs support for running with "sudo".

Signed-off-by: Anders F Björklund <[email protected]>

Author: afbjorklund

pkg/hostagent/hostagent.go

@@ -564,6 +564,12 @@ sudo chown -R "${USER}" /run/host-services`
 		})
 	}
 
+	if *a.instConfig.VMType == limatype.EXT {
+		if err := a.runProvisionScripts(); err != nil {
+			return err
+		}
+	}
+
 	staticPortForwards := a.separateStaticPortForwards()
 	a.addStaticPortForwardsFromList(ctx, staticPortForwards)
 

pkg/hostagent/provision.go

@@ -0,0 +1,73 @@
+// SPDX-FileCopyrightText: Copyright The Lima Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package hostagent
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/lima-vm/sshocker/pkg/ssh"
+	"github.com/sirupsen/logrus"
+
+	"github.com/lima-vm/lima/v2/pkg/limatype"
+)
+
+func (a *HostAgent) runProvisionScripts() error {
+	var errs []error
+
+	for i, f := range a.instConfig.Provision {
+		switch f.Mode {
+		case limatype.ProvisionModeSystem, limatype.ProvisionModeUser:
+			logrus.Infof("Running %s provision %d of %d", f.Mode, i+1, len(a.instConfig.Provision))
+			err := a.waitForProvision(
+				provision{
+					description: fmt.Sprintf("provision.%s/%08d", f.Mode, i),
+					sudo:        f.Mode == limatype.ProvisionModeSystem,
+					script:      f.Script,
+				})
+			if err != nil {
+				errs = append(errs, err)
+			}
+		case limatype.ProvisionModeDependency, limatype.ProvisionModeBoot:
+			logrus.Infof("Skipping %s provision %d of %d", f.Mode, i+1, len(a.instConfig.Provision))
+			continue
+		default:
+			return fmt.Errorf("unknown provision mode %q", f.Mode)
+		}
+	}
+	return errors.Join(errs...)
+}
+
+func (a *HostAgent) waitForProvision(p provision) error {
+	if p.sudo {
+		return a.waitForSystemProvision(p)
+	}
+	return a.waitForUserProvision(p)
+}
+
+func (a *HostAgent) waitForSystemProvision(p provision) error {
+	logrus.Debugf("executing script %q", p.description)
+	stdout, stderr, err := sudoExecuteScript(a.instSSHAddress, a.sshLocalPort, a.sshConfig, p.script, p.description)
+	logrus.Debugf("stdout=%q, stderr=%q, err=%v", stdout, stderr, err)
+	if err != nil {
+		return fmt.Errorf("stdout=%q, stderr=%q: %w", stdout, stderr, err)
+	}
+	return nil
+}
+
+func (a *HostAgent) waitForUserProvision(p provision) error {
+	logrus.Debugf("executing script %q", p.description)
+	stdout, stderr, err := ssh.ExecuteScript(a.instSSHAddress, a.sshLocalPort, a.sshConfig, p.script, p.description)
+	logrus.Debugf("stdout=%q, stderr=%q, err=%v", stdout, stderr, err)
+	if err != nil {
+		return fmt.Errorf("stdout=%q, stderr=%q: %w", stdout, stderr, err)
+	}
+	return nil
+}
+
+type provision struct {
+	description string
+	script      string
+	sudo        bool
+}

pkg/hostagent/sudo.go

@@ -0,0 +1,47 @@
+// SPDX-FileCopyrightText: Copyright The Lima Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package hostagent
+
+import (
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"os/exec"
+	"strconv"
+	"strings"
+
+	"github.com/lima-vm/sshocker/pkg/ssh"
+	"github.com/sirupsen/logrus"
+)
+
+// sudoExecuteScript executes the given script (as root) on the remote host via stdin.
+// Returns stdout and stderr.
+//
+// scriptName is used only for readability of error strings.
+func sudoExecuteScript(host string, port int, c *ssh.SSHConfig, script, scriptName string) (stdout, stderr string, err error) {
+	if c == nil {
+		return "", "", errors.New("got nil SSHConfig")
+	}
+	interpreter, err := ssh.ParseScriptInterpreter(script)
+	if err != nil {
+		return "", "", err
+	}
+	sshBinary := c.Binary()
+	sshArgs := c.Args()
+	if port != 0 {
+		sshArgs = append(sshArgs, "-p", strconv.Itoa(port))
+	}
+	sshArgs = append(sshArgs, host, "--", "sudo", interpreter)
+	sshCmd := exec.CommandContext(context.TODO(), sshBinary, sshArgs...)
+	sshCmd.Stdin = strings.NewReader(script)
+	var buf bytes.Buffer
+	sshCmd.Stderr = &buf
+	logrus.Debugf("executing ssh for script %q: %s %v", scriptName, sshCmd.Path, sshCmd.Args)
+	out, err := sshCmd.Output()
+	if err != nil {
+		return string(out), buf.String(), fmt.Errorf("failed to execute script %q: stdout=%q, stderr=%q: %w", scriptName, string(out), buf.String(), err)
+	}
+	return string(out), buf.String(), nil
+}