From a35dcf952eee565cfc176ef012bd4617df5e86d3 Mon Sep 17 00:00:00 2001 From: Alex Lyn Date: Thu, 5 Mar 2026 10:17:30 +0800 Subject: [PATCH] ci: Fix YAML parsing flakiness caused by mktemp random suffixes In some CI runs, `mktemp` generates random characters that accidentally form file extensions like `.cSV` or `.Xml`. This triggers downstream parsing errors because the YAML content is misidentified as CSV/XML. The issues look like as below: ``` '/tmp/bats-run-KodZEA/.../pod-guest-pull-in-trusted-storage.yaml.in.cSV': ... ``` This commit fixes the issue by: 1. Moving the `XXXXXX` placeholder before the `.yaml` extension. 2. Ensuring the generated file always ends in `.yaml`. This prevents format misidentification while maintaining filename uniqueness and security. Signed-off-by: Alex Lyn --- .../integration/kubernetes/k8s-guest-pull-image.bats | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/integration/kubernetes/k8s-guest-pull-image.bats b/tests/integration/kubernetes/k8s-guest-pull-image.bats index 3a5196795b..ab6422b678 100644 --- a/tests/integration/kubernetes/k8s-guest-pull-image.bats +++ b/tests/integration/kubernetes/k8s-guest-pull-image.bats @@ -95,7 +95,7 @@ setup() { # The image pulled in the guest will be downloaded and unpacked in the `/run/kata-containers/image` directory. # The tests will use `cryptsetup` to encrypt a block device and mount it at `/run/kata-containers/image`. - storage_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${storage_config_template}").XXX") + storage_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${storage_config_template}").XXXXXX.yaml") local_device=$(create_loop_device) LOCAL_DEVICE="$local_device" NODE_NAME="$node" envsubst < "$storage_config_template" > "$storage_config" @@ -106,7 +106,7 @@ setup() { # Create persistent volume and persistent volume claim retry_kubectl_apply $storage_config - pod_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${pod_config_template}").XXX") + pod_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${pod_config_template}").XXXXXX.yaml") IMAGE="$image_pulled_time_less_than_default_time" NODE_NAME="$node" envsubst < "$pod_config_template" > "$pod_config" # Set CreateContainerRequest timeout in the annotation to allow for enough time for guest-pull where @@ -140,7 +140,7 @@ setup() { } @test "Test we cannot pull a large image that pull time exceeds createcontainer timeout inside the guest" { - storage_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${storage_config_template}").XXX") + storage_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${storage_config_template}").XXXXXX.yaml") local_device=$(create_loop_device) LOCAL_DEVICE="$local_device" NODE_NAME="$node" envsubst < "$storage_config_template" > "$storage_config" @@ -151,7 +151,7 @@ setup() { # Create persistent volume and persistent volume claim retry_kubectl_apply $storage_config - pod_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${pod_config_template}").XXX") + pod_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${pod_config_template}").XXXXXX.yaml") IMAGE="$large_image" NODE_NAME="$node" envsubst < "$pod_config_template" > "$pod_config" # Set a short CreateContainerRequest timeout in the annotation to fail to pull image in guest @@ -191,7 +191,7 @@ setup() { if [[ "${KATA_HYPERVISOR}" == qemu-coco-dev* ]] && [ "${KBS_INGRESS}" = "aks" ]; then skip "skip this specific one due to issue https://github.com/kata-containers/kata-containers/issues/10299" fi - storage_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${storage_config_template}").XXX") + storage_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${storage_config_template}").XXXXXX.yaml") local_device=$(create_loop_device) LOCAL_DEVICE="$local_device" NODE_NAME="$node" envsubst < "$storage_config_template" > "$storage_config" @@ -202,7 +202,7 @@ setup() { # Create persistent volume and persistent volume claim retry_kubectl_apply $storage_config - pod_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${pod_config_template}").XXX") + pod_config=$(mktemp "${BATS_FILE_TMPDIR}/$(basename "${pod_config_template}").XXXXXX.yaml") IMAGE="$large_image" NODE_NAME="$node" envsubst < "$pod_config_template" > "$pod_config" # Set CreateContainerRequest timeout in the annotation to pull large image in guest