Refactor EncryptionType (#4438)

* Use UPPER_CASE for EncryptionType

* Use StrEnum for EncryptionType
This commit is contained in:
codefiles 2026-04-16 20:08:23 -04:00 committed by GitHub
parent 8fe8d4e35f
commit 9fdd7eb12e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 38 additions and 38 deletions

View File

@ -280,7 +280,7 @@ class DiskLayoutConfigurationMenu(AbstractSubMenu[DiskMenuConfig]):
if enc_config.encryption_password: if enc_config.encryption_password:
output += tr('Password') + f': {enc_config.encryption_password.hidden()}\n' output += tr('Password') + f': {enc_config.encryption_password.hidden()}\n'
if enc_type != EncryptionType.NoEncryption: if enc_type != EncryptionType.NO_ENCRYPTION:
output += tr('Iteration time') + f': {enc_config.iter_time or DEFAULT_ITER_TIME}ms\n' output += tr('Iteration time') + f': {enc_config.iter_time or DEFAULT_ITER_TIME}ms\n'
if enc_config.partitions: if enc_config.partitions:

View File

@ -105,19 +105,19 @@ class DiskEncryptionMenu(AbstractSubMenu[DiskEncryption]):
def _check_dep_enc_type(self) -> bool: def _check_dep_enc_type(self) -> bool:
enc_type: EncryptionType | None = self._item_group.find_by_key('encryption_type').value enc_type: EncryptionType | None = self._item_group.find_by_key('encryption_type').value
if enc_type and enc_type != EncryptionType.NoEncryption: if enc_type and enc_type != EncryptionType.NO_ENCRYPTION:
return True return True
return False return False
def _check_dep_partitions(self) -> bool: def _check_dep_partitions(self) -> bool:
enc_type: EncryptionType | None = self._item_group.find_by_key('encryption_type').value enc_type: EncryptionType | None = self._item_group.find_by_key('encryption_type').value
if enc_type and enc_type in [EncryptionType.Luks, EncryptionType.LvmOnLuks]: if enc_type and enc_type in [EncryptionType.LUKS, EncryptionType.LVM_ON_LUKS]:
return True return True
return False return False
def _check_dep_lvm_vols(self) -> bool: def _check_dep_lvm_vols(self) -> bool:
enc_type: EncryptionType | None = self._item_group.find_by_key('encryption_type').value enc_type: EncryptionType | None = self._item_group.find_by_key('encryption_type').value
if enc_type and enc_type == EncryptionType.LuksOnLvm: if enc_type and enc_type == EncryptionType.LUKS_ON_LVM:
return True return True
return False return False
@ -137,13 +137,13 @@ class DiskEncryptionMenu(AbstractSubMenu[DiskEncryption]):
assert enc_partitions is not None assert enc_partitions is not None
assert enc_lvm_vols is not None assert enc_lvm_vols is not None
if enc_type in [EncryptionType.Luks, EncryptionType.LvmOnLuks] and enc_partitions: if enc_type in [EncryptionType.LUKS, EncryptionType.LVM_ON_LUKS] and enc_partitions:
enc_lvm_vols = [] enc_lvm_vols = []
if enc_type == EncryptionType.LuksOnLvm: if enc_type == EncryptionType.LUKS_ON_LVM:
enc_partitions = [] enc_partitions = []
if enc_type != EncryptionType.NoEncryption and enc_password and (enc_partitions or enc_lvm_vols): if enc_type != EncryptionType.NO_ENCRYPTION and enc_password and (enc_partitions or enc_lvm_vols):
return DiskEncryption( return DiskEncryption(
encryption_password=enc_password, encryption_password=enc_password,
encryption_type=enc_type, encryption_type=enc_type,
@ -227,7 +227,7 @@ class DiskEncryptionMenu(AbstractSubMenu[DiskEncryption]):
iter_time = item.value iter_time = item.value
enc_type = self._item_group.find_by_key('encryption_type').value enc_type = self._item_group.find_by_key('encryption_type').value
if iter_time and enc_type != EncryptionType.NoEncryption: if iter_time and enc_type != EncryptionType.NO_ENCRYPTION:
return f'{tr("Iteration time")}: {iter_time}ms' return f'{tr("Iteration time")}: {iter_time}ms'
return None return None
@ -240,9 +240,9 @@ async def select_encryption_type(
options: list[EncryptionType] = [] options: list[EncryptionType] = []
if lvm_config: if lvm_config:
options = [EncryptionType.LvmOnLuks, EncryptionType.LuksOnLvm] options = [EncryptionType.LVM_ON_LUKS, EncryptionType.LUKS_ON_LVM]
else: else:
options = [EncryptionType.Luks] options = [EncryptionType.LUKS]
if not preset: if not preset:
preset = options[0] preset = options[0]

View File

@ -139,7 +139,7 @@ class FilesystemHandler:
self._format_lvm_vols(self._disk_config.lvm_config) self._format_lvm_vols(self._disk_config.lvm_config)
def _setup_lvm_encrypted(self, lvm_config: LvmConfiguration, enc_config: DiskEncryption) -> None: def _setup_lvm_encrypted(self, lvm_config: LvmConfiguration, enc_config: DiskEncryption) -> None:
if enc_config.encryption_type == EncryptionType.LvmOnLuks: if enc_config.encryption_type == EncryptionType.LVM_ON_LUKS:
enc_mods = self._encrypt_partitions(enc_config, lock_after_create=False) enc_mods = self._encrypt_partitions(enc_config, lock_after_create=False)
self._setup_lvm(lvm_config, enc_mods) self._setup_lvm(lvm_config, enc_mods)
@ -148,7 +148,7 @@ class FilesystemHandler:
# Don't close LVM or LUKS during setup - keep everything active # Don't close LVM or LUKS during setup - keep everything active
# The installation phase will handle unlocking and mounting # The installation phase will handle unlocking and mounting
# Closing causes "parent leaked" and lvchange errors # Closing causes "parent leaked" and lvchange errors
elif enc_config.encryption_type == EncryptionType.LuksOnLvm: elif enc_config.encryption_type == EncryptionType.LUKS_ON_LVM:
self._setup_lvm(lvm_config) self._setup_lvm(lvm_config)
enc_vols = self._encrypt_lvm_vols(lvm_config, enc_config, False) enc_vols = self._encrypt_lvm_vols(lvm_config, enc_config, False)
self._format_lvm_vols(lvm_config, enc_vols) self._format_lvm_vols(lvm_config, enc_vols)

View File

@ -82,7 +82,7 @@ class Installer:
self.kernels = kernels or ['linux'] self.kernels = kernels or ['linux']
self._disk_config = disk_config self._disk_config = disk_config
self._disk_encryption = disk_config.disk_encryption or DiskEncryption(EncryptionType.NoEncryption) self._disk_encryption = disk_config.disk_encryption or DiskEncryption(EncryptionType.NO_ENCRYPTION)
self.target: Path = target self.target: Path = target
self.init_time = time.strftime('%Y-%m-%d_%H-%M-%S') self.init_time = time.strftime('%Y-%m-%d_%H-%M-%S')
@ -254,16 +254,16 @@ class Installer:
luks_handlers: dict[Any, Luks2] = {} luks_handlers: dict[Any, Luks2] = {}
match self._disk_encryption.encryption_type: match self._disk_encryption.encryption_type:
case EncryptionType.NoEncryption: case EncryptionType.NO_ENCRYPTION:
self._import_lvm() self._import_lvm()
self._mount_lvm_layout() self._mount_lvm_layout()
case EncryptionType.Luks: case EncryptionType.LUKS:
luks_handlers = self._prepare_luks_partitions(self._disk_encryption.partitions) luks_handlers = self._prepare_luks_partitions(self._disk_encryption.partitions)
case EncryptionType.LvmOnLuks: case EncryptionType.LVM_ON_LUKS:
luks_handlers = self._prepare_luks_partitions(self._disk_encryption.partitions) luks_handlers = self._prepare_luks_partitions(self._disk_encryption.partitions)
self._import_lvm() self._import_lvm()
self._mount_lvm_layout(luks_handlers) self._mount_lvm_layout(luks_handlers)
case EncryptionType.LuksOnLvm: case EncryptionType.LUKS_ON_LVM:
self._import_lvm() self._import_lvm()
luks_handlers = self._prepare_luks_lvm(self._disk_encryption.lvm_volumes) luks_handlers = self._prepare_luks_lvm(self._disk_encryption.lvm_volumes)
self._mount_lvm_layout(luks_handlers) self._mount_lvm_layout(luks_handlers)
@ -433,11 +433,11 @@ class Installer:
def generate_key_files(self) -> None: def generate_key_files(self) -> None:
match self._disk_encryption.encryption_type: match self._disk_encryption.encryption_type:
case EncryptionType.Luks: case EncryptionType.LUKS:
self._generate_key_files_partitions() self._generate_key_files_partitions()
case EncryptionType.LuksOnLvm: case EncryptionType.LUKS_ON_LVM:
self._generate_key_file_lvm_volumes() self._generate_key_file_lvm_volumes()
case EncryptionType.LvmOnLuks: case EncryptionType.LVM_ON_LUKS:
# currently LvmOnLuks only supports a single # currently LvmOnLuks only supports a single
# partitioning layout (boot + partition) # partitioning layout (boot + partition)
# so we won't need any keyfile generation atm # so we won't need any keyfile generation atm
@ -899,7 +899,7 @@ class Installer:
if vol.fs_type is not None: if vol.fs_type is not None:
self._prepare_fs_type(vol.fs_type, vol.mountpoint) self._prepare_fs_type(vol.fs_type, vol.mountpoint)
types = (EncryptionType.LvmOnLuks, EncryptionType.LuksOnLvm) types = (EncryptionType.LVM_ON_LUKS, EncryptionType.LUKS_ON_LVM)
if self._disk_encryption.encryption_type in types: if self._disk_encryption.encryption_type in types:
self._prepare_encrypt(lvm) self._prepare_encrypt(lvm)
else: else:
@ -1137,7 +1137,7 @@ class Installer:
kernel_parameters = [] kernel_parameters = []
match self._disk_encryption.encryption_type: match self._disk_encryption.encryption_type:
case EncryptionType.LvmOnLuks: case EncryptionType.LVM_ON_LUKS:
if not lvm.vg_name: if not lvm.vg_name:
raise ValueError(f'Unable to determine VG name for {lvm.name}') raise ValueError(f'Unable to determine VG name for {lvm.name}')
@ -1154,7 +1154,7 @@ class Installer:
else: else:
debug(f'LvmOnLuks, encrypted root partition, identifying by UUID: {uuid}') debug(f'LvmOnLuks, encrypted root partition, identifying by UUID: {uuid}')
kernel_parameters.append(f'cryptdevice=UUID={uuid}:cryptlvm root={lvm.safe_dev_path}') kernel_parameters.append(f'cryptdevice=UUID={uuid}:cryptlvm root={lvm.safe_dev_path}')
case EncryptionType.LuksOnLvm: case EncryptionType.LUKS_ON_LVM:
uuid = self._get_luks_uuid_from_mapper_dev(lvm.mapper_path) uuid = self._get_luks_uuid_from_mapper_dev(lvm.mapper_path)
if self._disk_encryption.hsm_device: if self._disk_encryption.hsm_device:
@ -1163,7 +1163,7 @@ class Installer:
else: else:
debug(f'LuksOnLvm, encrypted root partition, identifying by UUID: {uuid}') debug(f'LuksOnLvm, encrypted root partition, identifying by UUID: {uuid}')
kernel_parameters.append(f'cryptdevice=UUID={uuid}:root root=/dev/mapper/root') kernel_parameters.append(f'cryptdevice=UUID={uuid}:root root=/dev/mapper/root')
case EncryptionType.NoEncryption: case EncryptionType.NO_ENCRYPTION:
debug(f'Identifying root lvm by mapper device: {lvm.dev_path}') debug(f'Identifying root lvm by mapper device: {lvm.dev_path}')
kernel_parameters.append(f'root={lvm.safe_dev_path}') kernel_parameters.append(f'root={lvm.safe_dev_path}')

View File

@ -1400,19 +1400,19 @@ class DeviceModification:
} }
class EncryptionType(Enum): class EncryptionType(StrEnum):
NoEncryption = 'no_encryption' NO_ENCRYPTION = auto()
Luks = 'luks' LUKS = auto()
LvmOnLuks = 'lvm_on_luks' LVM_ON_LUKS = auto()
LuksOnLvm = 'luks_on_lvm' LUKS_ON_LVM = auto()
@classmethod @classmethod
def _encryption_type_mapper(cls) -> dict[str, Self]: def _encryption_type_mapper(cls) -> dict[str, Self]:
return { return {
tr('No Encryption'): cls.NoEncryption, tr('No Encryption'): cls.NO_ENCRYPTION,
tr('LUKS'): cls.Luks, tr('LUKS'): cls.LUKS,
tr('LVM on LUKS'): cls.LvmOnLuks, tr('LVM on LUKS'): cls.LVM_ON_LUKS,
tr('LUKS on LVM'): cls.LuksOnLvm, tr('LUKS on LVM'): cls.LUKS_ON_LVM,
} }
@classmethod @classmethod
@ -1436,7 +1436,7 @@ class _DiskEncryptionSerialization(TypedDict):
@dataclass @dataclass
class DiskEncryption: class DiskEncryption:
encryption_type: EncryptionType = EncryptionType.NoEncryption encryption_type: EncryptionType = EncryptionType.NO_ENCRYPTION
encryption_password: Password | None = None encryption_password: Password | None = None
partitions: list[PartitionModification] = field(default_factory=list) partitions: list[PartitionModification] = field(default_factory=list)
lvm_volumes: list[LvmVolume] = field(default_factory=list) lvm_volumes: list[LvmVolume] = field(default_factory=list)
@ -1444,10 +1444,10 @@ class DiskEncryption:
iter_time: int = DEFAULT_ITER_TIME iter_time: int = DEFAULT_ITER_TIME
def __post_init__(self) -> None: def __post_init__(self) -> None:
if self.encryption_type in [EncryptionType.Luks, EncryptionType.LvmOnLuks] and not self.partitions: if self.encryption_type in [EncryptionType.LUKS, EncryptionType.LVM_ON_LUKS] and not self.partitions:
raise ValueError('Luks or LvmOnLuks encryption require partitions to be defined') raise ValueError('Luks or LvmOnLuks encryption require partitions to be defined')
if self.encryption_type == EncryptionType.LuksOnLvm and not self.lvm_volumes: if self.encryption_type == EncryptionType.LUKS_ON_LVM and not self.lvm_volumes:
raise ValueError('LuksOnLvm encryption require LMV volumes to be defined') raise ValueError('LuksOnLvm encryption require LMV volumes to be defined')
def should_generate_encryption_file(self, dev: PartitionModification | LvmVolume) -> bool: def should_generate_encryption_file(self, dev: PartitionModification | LvmVolume) -> bool:

View File

@ -92,7 +92,7 @@ def perform_installation(
) )
if disk_config.config_type != DiskLayoutType.Pre_mount: if disk_config.config_type != DiskLayoutType.Pre_mount:
if disk_config.disk_encryption and disk_config.disk_encryption.encryption_type != EncryptionType.NoEncryption: if disk_config.disk_encryption and disk_config.disk_encryption.encryption_type != EncryptionType.NO_ENCRYPTION:
# generate encryption key files for the mounted luks devices # generate encryption key files for the mounted luks devices
installation.generate_key_files() installation.generate_key_files()

View File

@ -82,7 +82,7 @@ disk_config = DiskLayoutConfiguration(
# disk encryption configuration (Optional) # disk encryption configuration (Optional)
disk_encryption = DiskEncryption( disk_encryption = DiskEncryption(
encryption_password=Password(plaintext='enc_password'), encryption_password=Password(plaintext='enc_password'),
encryption_type=EncryptionType.Luks, encryption_type=EncryptionType.LUKS,
partitions=[home_partition], partitions=[home_partition],
hsm_device=None, hsm_device=None,
) )