From 7492d6f12802b0bc81ae86297ba443aa4d26b4fc Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 31 Jul 2024 22:43:18 +0200
Subject: [PATCH] Implement groups for users

Allows created (or existing) user to be added to existing groups.
---
 lib/tiny-cloud/user-data/alpine-config | 10 +++++++++-
 tests/tiny-cloud-alpine.test           | 18 ++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/lib/tiny-cloud/user-data/alpine-config b/lib/tiny-cloud/user-data/alpine-config
index a4118c0..814826b 100644
--- a/lib/tiny-cloud/user-data/alpine-config
+++ b/lib/tiny-cloud/user-data/alpine-config
@@ -270,7 +270,7 @@ in_list() {
 init__userdata_users() {
 	local users="$(get_userdata users)"
 	for i in $users; do
-		local name gecos homedir shell
+		local name gecos homedir shell groups
 		local system=false no_create_home=false lock_passwd=true
 		local keys="$(get_userdata users/$i)"
 		if [ "$i" = 1 ] && [ "$keys" = "default" ]; then
@@ -320,6 +320,14 @@ init__userdata_users() {
 		if in_list ssh_authorized_keys $keys; then
 			set_ssh_authorized_keys_for "$name" users/$i/ssh_authorized_keys
 		fi
+
+		if in_list groups $keys; then
+			groups="$(get_userdata users/$i/groups | tr ',' ' ')"
+			local group
+			for group in $groups; do
+				$MOCK addgroup "$name" "$group"
+			done
+		fi
 	done
 }
 
diff --git a/tests/tiny-cloud-alpine.test b/tests/tiny-cloud-alpine.test
index 6bf3b0a..815e29d 100755
--- a/tests/tiny-cloud-alpine.test
+++ b/tests/tiny-cloud-alpine.test
@@ -24,6 +24,7 @@ init_tests \
 	userdata_users_shell \
 	userdata_users_system \
 	userdata_users_no_create_home \
+	userdata_users_groups \
 	userdata_users_lock_passwd \
 	userdata_users_ssh_authorized_keys \
 	userdata_ssh_authorized_keys \
@@ -281,6 +282,23 @@ userdata_users_no_create_home_body() {
 		tiny-cloud main
 }
 
+userdata_users_groups_body() {
+	# first specified user will replace default user
+	fake_userdata_nocloud <<-EOF
+		#alpine-config
+		users:
+		  - default
+		  - name: foo
+		    groups: wheel, admin
+	EOF
+	atf_check -e ignore -o ignore tiny-cloud early
+	atf_check \
+		-e match:"userdata_users: done" \
+		-o match:"addgroup.*foo.*wheel" \
+		-o match:"addgroup.*foo.*admin" \
+		tiny-cloud main
+}
+
 userdata_users_lock_passwd_body() {
 	# first specified user will replace default user
 	fake_userdata_nocloud <<-EOF