Skip to content

Commit

Permalink
Remove sh dependency.
Browse files Browse the repository at this point in the history
  • Loading branch information
hime committed Dec 23, 2024
1 parent a090329 commit 7001927
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 28 deletions.
3 changes: 1 addition & 2 deletions cmd/csi_driver/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,6 @@ FROM distroless-$TARGETARCH AS output-image
COPY --from=debian /bin/mount /bin/mount
COPY --from=debian /bin/umount /bin/umount
COPY --from=debian /bin/mountpoint /bin/mountpoint
# We should try to remove these
COPY --from=debian /bin/sh /bin/sh
COPY --from=debian /bin/cat /bin/cat

# Copy shared libraries into distroless base.
Expand All @@ -73,6 +71,7 @@ SHELL ["/bin/bash", "-c"]
RUN if ldd /bin/mount | grep "not found"; then echo "!!! Missing deps for mount command !!!" && exit 1; fi
RUN if ldd /bin/umount | grep "not found"; then echo "!!! Missing deps for umount command !!!" && exit 1; fi
RUN if ldd /bin/mountpoint | grep "not found"; then echo "!!! Missing deps for mountpoint command !!!" && exit 1; fi
RUN if ldd /bin/cat | grep "not found"; then echo "!!! Missing deps for cat command !!!" && exit 1; fi

# Final build stage, create the real Docker image with ENTRYPOINT
FROM output-image
Expand Down
38 changes: 12 additions & 26 deletions pkg/csi_mounter/csi_mounter.go
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ func (m *Mounter) Mount(source string, target string, fstype string, options []s

if len(sysfsBDI) != 0 {
go func() {
// updateReadAheadAndMaxRatio may hang until the file descriptor (fd) is either consumed or canceled.
// updateSysfsConfig may hang until the file descriptor (fd) is either consumed or canceled.
// It will succeed once dfuse finishes the mount process, or it will fail if dfuse fails
// or the mount point is cleaned up due to mounting failures.
if err := updateSysfsConfig(target, sysfsBDI); err != nil {
Expand Down Expand Up @@ -156,7 +156,7 @@ func (m *Mounter) Mount(source string, target string, fstype string, options []s
// updateSysfsConfig modifies the kernel page cache settings based on the read_ahead_kb or max_ratio provided in the mountOption,
// and verifies that the values are successfully updated after the operation completes.
func updateSysfsConfig(targetMountPath string, sysfsBDI map[string]int64) error {
start := time.Now()
// Command will hang until mount completes.
cmd := exec.Command("mountpoint", "-d", targetMountPath)
output, err := cmd.CombinedOutput()
if err != nil {
Expand All @@ -174,35 +174,21 @@ func updateSysfsConfig(targetMountPath string, sysfsBDI map[string]int64) error

for key, value := range sysfsBDI {
// Update the target value.
sysClassEchoCmd := fmt.Sprintf("echo %d > /sys/class/bdi/%s/%s", value, outputStr, key)
klog.V(4).Infof("Executing command %s", sysClassEchoCmd)
cmd := exec.Command("sh", "-c", sysClassEchoCmd)
_, err := cmd.CombinedOutput()
sysfsBDIPath := filepath.Join("/sys/class/bdi/", outputStr, key)
file, err := os.OpenFile(sysfsBDIPath, os.O_WRONLY|os.O_TRUNC, 0644)
if err != nil {
return fmt.Errorf("failed to execute command %q: %w", sysClassEchoCmd, err)
return fmt.Errorf("failed to open file %q: %w", sysfsBDIPath, err)
}
defer file.Close()

// Verify updated value.
sysClassCatCmd := fmt.Sprintf("cat /sys/class/bdi/%s/%s", outputStr, key)
klog.V(4).Infof("Executing command %s", sysClassCatCmd)
cmd = exec.Command("sh", "-c", sysClassCatCmd)
op, err := cmd.CombinedOutput()
klog.V(4).Infof("Executing command: echo %d %s", value, sysfsBDIPath)
cmd := exec.Command("echo", fmt.Sprintf("%d", value))

Check failure on line 185 in pkg/csi_mounter/csi_mounter.go

View workflow job for this annotation

GitHub Actions / verify

G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)
cmd.Stdout = file
_, err = cmd.CombinedOutput()
if err != nil {
return fmt.Errorf("failed to execute command %q: %w", sysClassCatCmd, err)
return fmt.Errorf("failed to execute command %q: %w", "echo", err)
}
klog.V(4).Infof("Output of %q : %s", sysClassCatCmd, op)

opStr := strings.TrimSpace(string(op))
updatedVal, err := strconv.ParseInt(opStr, 10, 0)
if err != nil {
return fmt.Errorf("invalid %s: %w", key, err)
}
if updatedVal != value {
return fmt.Errorf("mismatch in %s, expected %d, got %d", key, value, updatedVal)
}

currentTime := time.Now()
klog.Infof("Successfully set %s to %d for mountPoint %s at '%v' (elapsed time: %v)", key, value, targetMountPath, currentTime, time.Since(start))
klog.Infof("Updated %s to %d", sysfsBDIPath, value)
}

return nil
Expand Down

0 comments on commit 7001927

Please sign in to comment.