From b809514ef9881c86ce11c7202f30e7c65ff2a1fe Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Tue, 8 Feb 2022 16:40:41 -0500
Subject: [PATCH] Fix osdeploy initialize dependency on master key

Make sure confluent has made /etc/confluent, and further always initialize the
encryption key, as it will almost certainly
be needed and easiest to just always
generate on first startup.
---
 confluent_server/bin/osdeploy      | 22 ++++++++++++++--------
 confluent_server/confluent/main.py |  2 ++
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/confluent_server/bin/osdeploy b/confluent_server/bin/osdeploy
index d125ef0a..44a46b29 100644
--- a/confluent_server/bin/osdeploy
+++ b/confluent_server/bin/osdeploy
@@ -121,6 +121,9 @@ def init_confluent_myname():
         return
     mynamedone = True
     hasconfluentuser = None
+    neededuid = os.stat('/etc/confluent').st_uid
+    if neededuid == 0:
+        return
     try:
         hasconfluentuser = pwd.getpwnam('confluent')
     except KeyError:
@@ -247,6 +250,17 @@ def initialize(cmdset):
                 'subject.')
     else:
         didsomething = False
+    if not os.path.exists('/etc/confluent'):
+        sys.stderr.write('Start confluent service prior to initializng OS deployment\n')
+        sys.exit(1)
+    if cmdset.t or cmdset.s or cmdset.a or cmdset.u:
+        neededuid = os.stat('/etc/confluent').st_uid
+        try:
+            os.makedirs('/var/lib/confluent')
+            os.chown('/var/lib/confluent', neededuid, -1)
+        except OSError as e:
+            if e.errno != 17:
+                raise
     if cmdset.u:
         didsomething = True
         if not glob.glob('/root/.ssh/*.pub'):
@@ -258,14 +272,6 @@ def initialize(cmdset):
             sys.exit(1)
         init_confluent_myname()
         sshutil.initialize_root_key(False)
-    if cmdset.t or cmdset.s or cmdset.a or cmdset.u:
-        neededuid = os.stat('/etc/confluent').st_uid
-        try:
-            os.makedirs('/var/lib/confluent')
-            os.chown('/var/lib/confluent', neededuid, -1)
-        except OSError as e:
-            if e.errno != 17:
-                raise
     if cmdset.t:
         didsomething = True
         init_confluent_myname()
diff --git a/confluent_server/confluent/main.py b/confluent_server/confluent/main.py
index 3a429b54..5f35b2c8 100644
--- a/confluent_server/confluent/main.py
+++ b/confluent_server/confluent/main.py
@@ -272,6 +272,8 @@ def run(args):
     if not confluentuuid:
         confluentuuid = str(uuid.uuid4())
         configmanager.set_global('confluent_uuid', confluentuuid)
+    if not configmanager._masterkey:
+        configmanager.init_masterkey()
     if dbgif:
         oumask = os.umask(0o077)
         try: