From 7e4f862f611169ac03f8ef97e05327b6924e8241 Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 14:09:23 -0700 Subject: [PATCH 1/7] address issue-244, issue-259, issue-269 Signed-off-by: Brian Downs --- pkg/bootstrap/{stage.go => bootstrap.go} | 17 ++++++++++------- pkg/rke2/np.go | 13 +++++++------ scripts/validate | 2 +- 3 files changed, 18 insertions(+), 14 deletions(-) rename pkg/bootstrap/{stage.go => bootstrap.go} (97%) diff --git a/pkg/bootstrap/stage.go b/pkg/bootstrap/bootstrap.go similarity index 97% rename from pkg/bootstrap/stage.go rename to pkg/bootstrap/bootstrap.go index 13e69b0ef3..ef7b2decd2 100644 --- a/pkg/bootstrap/stage.go +++ b/pkg/bootstrap/bootstrap.go @@ -12,16 +12,15 @@ import ( "runtime" "strings" - errors2 "github.com/pkg/errors" - "github.com/rancher/wrangler/pkg/merr" - "github.com/google/go-containerregistry/pkg/authn" "github.com/google/go-containerregistry/pkg/name" v1 "github.com/google/go-containerregistry/pkg/v1" "github.com/google/go-containerregistry/pkg/v1/mutate" "github.com/google/go-containerregistry/pkg/v1/remote" "github.com/google/go-containerregistry/pkg/v1/tarball" + errors2 "github.com/pkg/errors" "github.com/rancher/rke2/pkg/images" + "github.com/rancher/wrangler/pkg/merr" "github.com/sirupsen/logrus" ) @@ -162,6 +161,7 @@ func extractFromDir(dir, prefix string, img v1.Image, imgName string) error { return err } defer os.RemoveAll(tempDir) + r := mutate.Extract(img) defer r.Close() @@ -169,16 +169,19 @@ func extractFromDir(dir, prefix string, img v1.Image, imgName string) error { if err := extract(imgName, tempDir, prefix, r); err != nil { return err } - if err := os.Rename(tempDir, dir); err != nil && err != os.ErrExist { - return err - } else if err == nil { + + if err := os.Rename(tempDir, dir); err != nil { + logrus.Warn(err.Error()) + } else { return nil } - //manifests dir exists: + + // manifests dir exists files, err := ioutil.ReadDir(tempDir) if err != nil { return err } + var errs []error for _, file := range files { src := filepath.Join(tempDir, file.Name()) diff --git a/pkg/rke2/np.go b/pkg/rke2/np.go index 70e97c2035..4ff7bb7562 100644 --- a/pkg/rke2/np.go +++ b/pkg/rke2/np.go @@ -57,14 +57,15 @@ func setNetworkPolicy(ctx context.Context, namespace string, cs *kubernetes.Clie if _, ok := ns.Annotations[namespaceAnnotationNetworkPolicy]; !ok { if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Get(ctx, defaultNetworkPolicyName, metav1.GetOptions{}); err != nil { if !apierrors.IsNotFound(err) { + if err := cs.NetworkingV1().NetworkPolicies(namespace).Delete(ctx, defaultNetworkPolicyName, metav1.DeleteOptions{}); err != nil { + return err + } + } else { + return err + } + if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Create(ctx, &networkPolicy, metav1.CreateOptions{}); err != nil { return err } - } - if err := cs.NetworkingV1().NetworkPolicies(namespace).Delete(ctx, defaultNetworkPolicyName, metav1.DeleteOptions{}); err != nil { - return err - } - if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Create(ctx, &networkPolicy, metav1.CreateOptions{}); err != nil { - return err } ns.Annotations[namespaceAnnotationNetworkPolicy] = cisAnnotationValue diff --git a/scripts/validate b/scripts/validate index 164191216a..44e0822aa0 100755 --- a/scripts/validate +++ b/scripts/validate @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -ex -if [ -n "${SKIP_VALIDATE}" ]; then +if [ -z "${SKIP_VALIDATE}" ]; then echo "skipping validation. continuing..." exit 0 fi From 211f5366ee391ff71f6bb53d9db64421e90ec5ba Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 14:22:37 -0700 Subject: [PATCH 2/7] update rename error processing logic to quietly ignore error Signed-off-by: Brian Downs --- pkg/bootstrap/bootstrap.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkg/bootstrap/bootstrap.go b/pkg/bootstrap/bootstrap.go index ef7b2decd2..450e62f97c 100644 --- a/pkg/bootstrap/bootstrap.go +++ b/pkg/bootstrap/bootstrap.go @@ -170,9 +170,7 @@ func extractFromDir(dir, prefix string, img v1.Image, imgName string) error { return err } - if err := os.Rename(tempDir, dir); err != nil { - logrus.Warn(err.Error()) - } else { + if err := os.Rename(tempDir, dir); err == nil { return nil } From 5178d1268c3791fd6d69ad48e44edc8d2d73f6a1 Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 14:29:46 -0700 Subject: [PATCH 3/7] revert if arg in validate script Signed-off-by: Brian Downs --- scripts/validate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/validate b/scripts/validate index 44e0822aa0..164191216a 100755 --- a/scripts/validate +++ b/scripts/validate @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -ex -if [ -z "${SKIP_VALIDATE}" ]; then +if [ -n "${SKIP_VALIDATE}" ]; then echo "skipping validation. continuing..." exit 0 fi From bdd34d3df64eaa05342453f3dcacba1e2d634b78 Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 15:45:33 -0700 Subject: [PATCH 4/7] update network polciy processing logic Signed-off-by: Brian Downs --- pkg/rke2/np.go | 12 +++++------- scripts/validate | 2 +- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/pkg/rke2/np.go b/pkg/rke2/np.go index 4ff7bb7562..5e2eed45df 100644 --- a/pkg/rke2/np.go +++ b/pkg/rke2/np.go @@ -55,15 +55,13 @@ func setNetworkPolicy(ctx context.Context, namespace string, cs *kubernetes.Clie ns.Annotations = make(map[string]string) } if _, ok := ns.Annotations[namespaceAnnotationNetworkPolicy]; !ok { - if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Get(ctx, defaultNetworkPolicyName, metav1.GetOptions{}); err != nil { - if !apierrors.IsNotFound(err) { - if err := cs.NetworkingV1().NetworkPolicies(namespace).Delete(ctx, defaultNetworkPolicyName, metav1.DeleteOptions{}); err != nil { - return err - } - } else { + if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Get(ctx, defaultNetworkPolicyName, metav1.GetOptions{}); err == nil { + if err := cs.NetworkingV1().NetworkPolicies(namespace).Delete(ctx, defaultNetworkPolicyName, metav1.DeleteOptions{}); err != nil { return err } - if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Create(ctx, &networkPolicy, metav1.CreateOptions{}); err != nil { + } + if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Create(ctx, &networkPolicy, metav1.CreateOptions{}); err != nil { + if !apierrors.IsAlreadyExists(err) { return err } } diff --git a/scripts/validate b/scripts/validate index 164191216a..b17844515a 100755 --- a/scripts/validate +++ b/scripts/validate @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -ex -if [ -n "${SKIP_VALIDATE}" ]; then +if [ -n ${SKIP_VALIDATE} ]; then echo "skipping validation. continuing..." exit 0 fi From 2606e703b4c6c1bb93df244607b4eef161907292 Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 16:36:05 -0700 Subject: [PATCH 5/7] return network policy delete errors if it's not a IsNotFound error Signed-off-by: Brian Downs --- pkg/rke2/np.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkg/rke2/np.go b/pkg/rke2/np.go index 5e2eed45df..8522fe8dc8 100644 --- a/pkg/rke2/np.go +++ b/pkg/rke2/np.go @@ -57,7 +57,9 @@ func setNetworkPolicy(ctx context.Context, namespace string, cs *kubernetes.Clie if _, ok := ns.Annotations[namespaceAnnotationNetworkPolicy]; !ok { if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Get(ctx, defaultNetworkPolicyName, metav1.GetOptions{}); err == nil { if err := cs.NetworkingV1().NetworkPolicies(namespace).Delete(ctx, defaultNetworkPolicyName, metav1.DeleteOptions{}); err != nil { - return err + if !apierrors.IsNotFound(err) { + return err + } } } if _, err := cs.NetworkingV1().NetworkPolicies(namespace).Create(ctx, &networkPolicy, metav1.CreateOptions{}); err != nil { From d5aadbdd54b561e025cf3b696a2ab09009d442a7 Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 16:39:50 -0700 Subject: [PATCH 6/7] add comment explaining why we ignore the rename error Signed-off-by: Brian Downs --- pkg/bootstrap/bootstrap.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/bootstrap/bootstrap.go b/pkg/bootstrap/bootstrap.go index 97794e6d6d..e0802525e1 100644 --- a/pkg/bootstrap/bootstrap.go +++ b/pkg/bootstrap/bootstrap.go @@ -169,6 +169,10 @@ func extractFromDir(dir, prefix string, img v1.Image, imgName string) error { return err } + // we're ignoring and returned errors since the likelihood here is that + // the error is that the new path already exists. That's indicative of a + // previously bootstrapped system. If it's a different error, it's indicative + // of an operating system or filesystem issue. if err := os.Rename(tempDir, dir); err == nil { return nil } From da3d54330c78dc8775b0eb8921af8878acefdc4f Mon Sep 17 00:00:00 2001 From: Brian Downs Date: Mon, 31 Aug 2020 16:42:03 -0700 Subject: [PATCH 7/7] update comment Signed-off-by: Brian Downs --- pkg/bootstrap/bootstrap.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/bootstrap/bootstrap.go b/pkg/bootstrap/bootstrap.go index e0802525e1..ae56de7d93 100644 --- a/pkg/bootstrap/bootstrap.go +++ b/pkg/bootstrap/bootstrap.go @@ -169,7 +169,7 @@ func extractFromDir(dir, prefix string, img v1.Image, imgName string) error { return err } - // we're ignoring and returned errors since the likelihood here is that + // we're ignoring any returned errors since the likelihood is that // the error is that the new path already exists. That's indicative of a // previously bootstrapped system. If it's a different error, it's indicative // of an operating system or filesystem issue.