From 097ca8acee5315371431df1af624abce83935455 Mon Sep 17 00:00:00 2001 From: Anton Ustyuzhanin Date: Wed, 12 Oct 2022 15:43:05 +0200 Subject: [PATCH 1/5] Add support of generating files via scripts --- .github/workflows/build_and_test.yaml | 2 ++ src/helpers.py | 4 +++- src/resources.py | 3 +++ test/resources/resources.yaml | 20 ++++++++++++++++++++ 4 files changed, 28 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_and_test.yaml b/.github/workflows/build_and_test.yaml index b402f42..af290e8 100644 --- a/.github/workflows/build_and_test.yaml +++ b/.github/workflows/build_and_test.yaml @@ -97,6 +97,7 @@ jobs: kubectl cp sidecar:/tmp/absolute/absolute.txt /tmp/absolute.txt kubectl cp sidecar:/tmp/relative/relative.txt /tmp/relative.txt kubectl cp sidecar:/tmp/500.txt /tmp/500.txt || true + kubectl cp sidecar:/tmp/script.txt /tmp/script.txt echo "Downloading resource files from sidecar-5xx..." kubectl cp sidecar-5xx:/tmp-5xx/hello.world /tmp/5xx/hello.world @@ -119,6 +120,7 @@ jobs: echo -n "This absolutely exists" | diff - /tmp/absolute.txt && echo -n "This relatively exists" | diff - /tmp/relative.txt && [ ! -f /tmp/500.txt ] && echo "No 5xx file created" && + echo -n "This generated by script" | diff - /tmp/script.txt && ls /tmp/script_result && echo -n "Hello World!" | diff - /tmp/5xx/hello.world && diff test/kubelogo.png /tmp/5xx/cm-kubelogo.png && diff --git a/src/helpers.py b/src/helpers.py index 4155dbf..83c59d6 100755 --- a/src/helpers.py +++ b/src/helpers.py @@ -160,9 +160,11 @@ def execute(script_path): try: result = subprocess.run(["sh", script_path], capture_output=True, - check=True) + check=True, + text=True) logger.debug(f"Script stdout: {result.stdout}") logger.debug(f"Script stderr: {result.stderr}") logger.debug(f"Script exit code: {result.returncode}") except subprocess.CalledProcessError as e: logger.error(f"Script failed with error: {e}") + return result diff --git a/src/resources.py b/src/resources.py index 3da08ac..87173af 100755 --- a/src/resources.py +++ b/src/resources.py @@ -52,6 +52,9 @@ def _get_file_data_and_name(full_filename, content, enable_5xx, content_type=CON if full_filename.endswith(".url"): filename = full_filename[:-4] file_data = request(file_data, "GET", enable_5xx).text + elif full_filename.endswith(".script"): + filename = full_filename[:-7] + file_data = execute(file_data).stdout else: filename = full_filename diff --git a/test/resources/resources.yaml b/test/resources/resources.yaml index ee621cc..4ab91d9 100644 --- a/test/resources/resources.yaml +++ b/test/resources/resources.yaml @@ -51,3 +51,23 @@ metadata: findme: "yup" data: 500.txt.url: "http://dummy-server/500" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: scripted-command + labels: + findme: "yup" +data: + script.sh: |- + #!/bin/sh + echo -n "This generated by script" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: scripted-configmap + labels: + findme: "yup" +data: + script.txt.script: '/tmp/script.sh' From 0b5a49e73392a51c603777f8d6001e239726eb15 Mon Sep 17 00:00:00 2001 From: Anton Ustyuzhanin Date: Wed, 12 Oct 2022 16:37:59 +0200 Subject: [PATCH 2/5] Rename suffix to .command --- src/helpers.py | 2 +- src/resources.py | 11 ++++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/helpers.py b/src/helpers.py index 83c59d6..78adb44 100755 --- a/src/helpers.py +++ b/src/helpers.py @@ -158,7 +158,7 @@ def unique_filename(filename, namespace, resource, resource_name): def execute(script_path): logger.debug(f"Executing script from {script_path}") try: - result = subprocess.run(["sh", script_path], + result = subprocess.run(script_path, shell=True, capture_output=True, check=True, text=True) diff --git a/src/resources.py b/src/resources.py index 87173af..da2945d 100755 --- a/src/resources.py +++ b/src/resources.py @@ -43,17 +43,17 @@ def signal_handler(signum, frame): signal.signal(signal.SIGTERM, signal_handler) -def _get_file_data_and_name(full_filename, content, enable_5xx, content_type=CONTENT_TYPE_TEXT): +def _get_file_data_and_name(full_filename, content, enable_5xx, content_type=CONTENT_TYPE_TEXT, remove=False): if content_type == CONTENT_TYPE_BASE64_BINARY: file_data = base64.b64decode(content) else: file_data = content - if full_filename.endswith(".url"): + if full_filename.endswith(".url") and not remove: filename = full_filename[:-4] file_data = request(file_data, "GET", enable_5xx).text - elif full_filename.endswith(".script"): - filename = full_filename[:-7] + elif full_filename.endswith(".command") and not remove: + filename = full_filename[:-8] file_data = execute(file_data).stdout else: filename = full_filename @@ -190,7 +190,8 @@ def _update_file(data_key, data_content, dest_folder, metadata, resource, filename, file_data = _get_file_data_and_name(data_key, data_content, enable_5xx, - content_type) + content_type, + remove) if unique_filenames: filename = unique_filename(filename=filename, namespace=metadata.namespace, From a4b4b5a628d6d59246336444cb0fdd4813d1694c Mon Sep 17 00:00:00 2001 From: Anton Ustyuzhanin Date: Wed, 12 Oct 2022 16:38:27 +0200 Subject: [PATCH 3/5] Update README and examples --- README.md | 3 ++- example.yaml | 14 +++++++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index fdf4dcd..faf7a6a 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ Both are identical multi-arch images built for `amd64`, `arm64`, `arm/v7`, `ppc6 - Update/Delete on change of configmap or secret - Enforce unique filenames -# Usage +# Usage Example for a simple deployment can be found in [`example.yaml`](./example.yaml). Depending on the cluster setup you have to grant yourself admin rights first: ```shell @@ -48,6 +48,7 @@ metadata: ``` If the filename ends with `.url` suffix, the content will be processed as a URL which the target file contents will be downloaded from. +If the filename ends with `.command` suffix, the content will be processed as a shell command which will be executed. Stdout of the command will be stored in the file. ## Configuration Environment Variables diff --git a/example.yaml b/example.yaml index 278c782..21410e5 100644 --- a/example.yaml +++ b/example.yaml @@ -71,6 +71,19 @@ data: # base64 encoded: my super cool \n multiline \ secret secret.world: bXkgc3VwZXIgY29vbAptdWx0aWxpbmUKc2VjcmV0 --- +apiVersion: v1 +kind: ConfigMap +metadata: + name: output-of-command + labels: + findme: "yup" +data: + rand.sh: | + #!/bin/sh + dd if=/dev/random bs=4 count=1 | hexdump -v -e '/1 "%02X"' + random.txt.command: '/tmp/rand.sh' + hostname.txt.command: '/bin/hostname' +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -97,4 +110,3 @@ subjects: - kind: ServiceAccount name: sample-acc namespace: default - From d340c3292552fd54e9ba6edbe4f296b5fddf5fa7 Mon Sep 17 00:00:00 2001 From: Anton Ustyuzhanin Date: Wed, 12 Oct 2022 16:40:06 +0200 Subject: [PATCH 4/5] Update tests --- .github/workflows/build_and_test.yaml | 2 ++ test/resources/resources.yaml | 13 +++---------- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build_and_test.yaml b/.github/workflows/build_and_test.yaml index af290e8..4a57943 100644 --- a/.github/workflows/build_and_test.yaml +++ b/.github/workflows/build_and_test.yaml @@ -98,6 +98,7 @@ jobs: kubectl cp sidecar:/tmp/relative/relative.txt /tmp/relative.txt kubectl cp sidecar:/tmp/500.txt /tmp/500.txt || true kubectl cp sidecar:/tmp/script.txt /tmp/script.txt + kubectl cp sidecar:/tmp/hostname.txt /tmp/hostname.txt echo "Downloading resource files from sidecar-5xx..." kubectl cp sidecar-5xx:/tmp-5xx/hello.world /tmp/5xx/hello.world @@ -121,6 +122,7 @@ jobs: echo -n "This relatively exists" | diff - /tmp/relative.txt && [ ! -f /tmp/500.txt ] && echo "No 5xx file created" && echo -n "This generated by script" | diff - /tmp/script.txt && + echo "sidecar" | diff - /tmp/hostname.txt && ls /tmp/script_result && echo -n "Hello World!" | diff - /tmp/5xx/hello.world && diff test/kubelogo.png /tmp/5xx/cm-kubelogo.png && diff --git a/test/resources/resources.yaml b/test/resources/resources.yaml index 4ab91d9..f5126b5 100644 --- a/test/resources/resources.yaml +++ b/test/resources/resources.yaml @@ -55,19 +55,12 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: scripted-command + name: command-configmap labels: findme: "yup" data: script.sh: |- #!/bin/sh echo -n "This generated by script" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: scripted-configmap - labels: - findme: "yup" -data: - script.txt.script: '/tmp/script.sh' + script-output.txt.command: '/tmp/script.sh' + hostname.txt.command: '/bin/hostname' From 86adfce7c0e8e7dad12baf27a57fe3d5cbe6d365 Mon Sep 17 00:00:00 2001 From: Anton Ustyuzhanin Date: Wed, 12 Oct 2022 16:44:31 +0200 Subject: [PATCH 5/5] Fix filenames in tests --- .github/workflows/build_and_test.yaml | 4 ++-- test/resources/resources.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_and_test.yaml b/.github/workflows/build_and_test.yaml index 4a57943..7751414 100644 --- a/.github/workflows/build_and_test.yaml +++ b/.github/workflows/build_and_test.yaml @@ -97,7 +97,7 @@ jobs: kubectl cp sidecar:/tmp/absolute/absolute.txt /tmp/absolute.txt kubectl cp sidecar:/tmp/relative/relative.txt /tmp/relative.txt kubectl cp sidecar:/tmp/500.txt /tmp/500.txt || true - kubectl cp sidecar:/tmp/script.txt /tmp/script.txt + kubectl cp sidecar:/tmp/command-output.txt /tmp/command-output.txt kubectl cp sidecar:/tmp/hostname.txt /tmp/hostname.txt echo "Downloading resource files from sidecar-5xx..." @@ -121,7 +121,7 @@ jobs: echo -n "This absolutely exists" | diff - /tmp/absolute.txt && echo -n "This relatively exists" | diff - /tmp/relative.txt && [ ! -f /tmp/500.txt ] && echo "No 5xx file created" && - echo -n "This generated by script" | diff - /tmp/script.txt && + echo -n "This generated by script" | diff - /tmp/command-output.txt && echo "sidecar" | diff - /tmp/hostname.txt && ls /tmp/script_result && echo -n "Hello World!" | diff - /tmp/5xx/hello.world && diff --git a/test/resources/resources.yaml b/test/resources/resources.yaml index f5126b5..241f185 100644 --- a/test/resources/resources.yaml +++ b/test/resources/resources.yaml @@ -62,5 +62,5 @@ data: script.sh: |- #!/bin/sh echo -n "This generated by script" - script-output.txt.command: '/tmp/script.sh' + command-output.txt.command: '/tmp/script.sh' hostname.txt.command: '/bin/hostname'