From ecbe347f0a0e53fa0b232dbd65378ea69879493c Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Fri, 2 Aug 2019 11:11:19 -0400
Subject: [PATCH 1/2] Add sd-export-config.json in sd-export VMs

This will allow sd-export to know what the dedicated USB device is for the export VM to facilitate preflight checks.
---
 dom0/sd-export-files.sls | 19 +++++++++++++++++++
 sd-export/config.json.j2 |  4 ++++
 2 files changed, 23 insertions(+)
 create mode 100644 sd-export/config.json.j2

diff --git a/dom0/sd-export-files.sls b/dom0/sd-export-files.sls
index 8d4626cc..30fed69f 100644
--- a/dom0/sd-export-files.sls
+++ b/dom0/sd-export-files.sls
@@ -77,3 +77,22 @@ sd-export-securedrop-icon:
     - group: root
     - mode: 644
     - makedirs: True
+
+# populate sd-export-config.json in sd-export-template. This contains the usb
+# device information used for the export
+
+{% import_json "sd/config.json" as d %}
+
+install-securedrop-export-json-config:
+  file.managed:
+    - name: /etc/sd-export-config.json
+    - source: salt://sd/sd-export/config.json.j2
+    - template: jinja
+    - context:
+        # get pci ID and usb ID from config.json
+        pci_bus_id_value: {{ (d.usb.device | regex_search('sys-usb:(.)-.'))[0] | int }}
+        usb_device_value: {{ (d.usb.device | regex_search('sys-usb:.-(.)'))[0] | int }}
+    - user: user
+    - group: user
+    - mode: 0644
+    - makedirs: True
diff --git a/sd-export/config.json.j2 b/sd-export/config.json.j2
new file mode 100644
index 00000000..15e42ca4
--- /dev/null
+++ b/sd-export/config.json.j2
@@ -0,0 +1,4 @@
+{
+  "pci_bus_id": "{{ pci_bus_id_value }}",
+  "usb_device": "{{ usb_device_value }}"
+}

From 6bdff92015d6df23f6ed4dcb8271e59b6a16cf25 Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Fri, 2 Aug 2019 13:35:11 -0400
Subject: [PATCH 2/2] Add dom0 tests for sd-export-config

---
 tests/test_sd_export.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tests/test_sd_export.py b/tests/test_sd_export.py
index 58812568..35cbaaec 100644
--- a/tests/test_sd_export.py
+++ b/tests/test_sd_export.py
@@ -1,3 +1,5 @@
+import json
+import re
 import unittest
 
 from base import SD_VM_Local_Test
@@ -21,6 +23,24 @@ def test_sd_export_package_installed(self):
         self.assertTrue(self._package_is_installed("cryptsetup"))
         self.assertTrue(self._package_is_installed("printer-driver-brlaser"))
 
+    def test_sd_export_config_present(self):
+        with open("config.json") as c:
+            config = json.load(c)
+
+            # Extract values from config.json
+            match = re.match(r'sys-usb:(\d)-(\d)', config['usb']['device'])
+            pci_bus_id_value = match.group(1)
+            usb_device_value = match.group(2)
+
+        wanted_lines = [
+            "{",
+            "  \"pci_bus_id\": \"{}\",".format(pci_bus_id_value),
+            "  \"usb_device\": \"{}\"".format(usb_device_value),
+            "}",
+        ]
+        for line in wanted_lines:
+            self.assertFileHasLine("/etc/sd-export-config.json", line)
+
 
 def load_tests(loader, tests, pattern):
     suite = unittest.TestLoader().loadTestsFromTestCase(SD_Export_Tests)