From 14708f23b52e2a980c2e1fcebbf67d4607da78f1 Mon Sep 17 00:00:00 2001 From: Claudiu Belu Date: Fri, 27 Aug 2021 16:00:47 -0700 Subject: [PATCH] agnhost: Check symlink target's permissions for Windows We're not interested in checking the file permissions of the symlink itself, but it's target's permissions. --- test/images/agnhost/README.md | 14 +++++++------- test/images/agnhost/VERSION | 2 +- test/images/agnhost/mounttest/mt_utils_windows.go | 14 +++++++++++++- 3 files changed, 21 insertions(+), 9 deletions(-) diff --git a/test/images/agnhost/README.md b/test/images/agnhost/README.md index ffaac0556e6..86e73f3f0db 100644 --- a/test/images/agnhost/README.md +++ b/test/images/agnhost/README.md @@ -32,7 +32,7 @@ For example, let's consider the following `pod.yaml` file: containers: - args: - dns-suffix - image: registry.k8s.io/e2e-test-images/agnhost:2.14 + image: registry.k8s.io/e2e-test-images/agnhost:2.40 name: agnhost dnsConfig: nameservers: @@ -201,7 +201,7 @@ Usage: ```console guestbook="test/e2e/testing-manifests/guestbook" -sed_expr="s|{{.AgnhostImage}}|registry.k8s.io/e2e-test-images/agnhost:2.14|" +sed_expr="s|{{.AgnhostImage}}|registry.k8s.io/e2e-test-images/agnhost:2.40|" # create the services. kubectl create -f ${guestbook}/frontend-service.yaml @@ -306,14 +306,14 @@ Examples: ```console docker run -i \ - registry.k8s.io/e2e-test-images/agnhost:2.29 \ + registry.k8s.io/e2e-test-images/agnhost:2.40 \ logs-generator --log-lines-total 10 --run-duration 1s ``` ```console kubectl run logs-generator \ --generator=run-pod/v1 \ - --image=registry.k8s.io/e2e-test-images/agnhost:2.29 \ + --image=registry.k8s.io/e2e-test-images/agnhost:2.40 \ --restart=Never \ -- logs-generator -t 10 -d 1s ``` @@ -492,7 +492,7 @@ Usage: ```console kubectl run test-agnhost \ --generator=run-pod/v1 \ - --image=registry.k8s.io/e2e-test-images/agnhost:2.14 \ + --image=registry.k8s.io/e2e-test-images/agnhost:2.40 \ --restart=Never \ --env "POD_IP=" \ --env "NODE_IP=" \ @@ -547,7 +547,7 @@ Usage: ```console kubectl run test-agnhost \ --generator=run-pod/v1 \ - --image=registry.k8s.io/e2e-test-images/agnhost:2.21 \ + --image=registry.k8s.io/e2e-test-images/agnhost:2.40 \ --restart=Never \ --env "BIND_ADDRESS=localhost" \ --env "BIND_PORT=8080" \ @@ -667,6 +667,6 @@ The Windows `agnhost` image includes a `nc` binary that is 100% compliant with i ## Image -The image can be found at `registry.k8s.io/e2e-test-images/agnhost:2.35` for both Linux and +The image can be found at `registry.k8s.io/e2e-test-images/agnhost:2.40` for both Linux and Windows containers (based on `mcr.microsoft.com/windows/nanoserver:1809`, `mcr.microsoft.com/windows/nanoserver:20H2`, and `mcr.microsoft.com/windows/nanoserver:ltsc2022`). diff --git a/test/images/agnhost/VERSION b/test/images/agnhost/VERSION index 23f36200812..4bdd32f8334 100644 --- a/test/images/agnhost/VERSION +++ b/test/images/agnhost/VERSION @@ -1 +1 @@ -2.39 +2.40 diff --git a/test/images/agnhost/mounttest/mt_utils_windows.go b/test/images/agnhost/mounttest/mt_utils_windows.go index 7e12a9d0fe6..2901c456e48 100644 --- a/test/images/agnhost/mounttest/mt_utils_windows.go +++ b/test/images/agnhost/mounttest/mt_utils_windows.go @@ -24,6 +24,7 @@ import ( "fmt" "os" "os/exec" + "path/filepath" "strconv" "strings" ) @@ -73,11 +74,22 @@ func getFilePerm(path string) (os.FileMode, error) { errOut bytes.Buffer ) + // NOTE(claudiub): Symlinks have different permissions which might not match the target's. + // We want to evaluate the permissions of the target's not the symlink's. + info, err := os.Lstat(path) + if err == nil && info.Mode()&os.ModeSymlink != 0 { + evaluated, err := filepath.EvalSymlinks(path) + if err != nil { + return 0, err + } + path = evaluated + } + cmd := exec.Command("powershell.exe", "-NonInteractive", "./filePermissions.ps1", "-FileName", path) cmd.Stdout = &out cmd.Stderr = &errOut - err := cmd.Run() + err = cmd.Run() if err != nil { fmt.Printf("error from PowerShell Script: %v, %v\n", err, errOut.String())