From b19c94ba3ca96018f468a956aa0170388354e5d9 Mon Sep 17 00:00:00 2001 From: Xun Jiang Date: Thu, 13 Apr 2023 18:04:20 +0800 Subject: [PATCH 1/2] Replace busybox with internal copy binary. Signed-off-by: Xun Jiang --- Dockerfile | 6 ++---- changelogs/CHANGELOG-0.5.md | 1 + hack/build.sh | 3 +++ hack/cp-plugin/main.go | 42 +++++++++++++++++++++++++++++++++++++ 4 files changed, 48 insertions(+), 4 deletions(-) create mode 100644 hack/cp-plugin/main.go diff --git a/Dockerfile b/Dockerfile index 412d49fb..5a1d2fab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,10 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -FROM busybox@sha256:91540637a8c1bd8374832a77bb11ec286c9599ff8b528d69794f5dea6e257fd9 AS busybox - FROM scratch +ADD cp-plugin /bin/cp-plugin ADD velero-plugin-for-csi /plugins/ -COPY --from=busybox /bin/cp /bin/cp USER 65532:65532 -ENTRYPOINT ["cp", "/plugins/velero-plugin-for-csi", "/target/."] +ENTRYPOINT ["/bin/cp-plugin", "/plugins/velero-plugin-for-csi", "/target/velero-plugin-for-csi"] diff --git a/changelogs/CHANGELOG-0.5.md b/changelogs/CHANGELOG-0.5.md index 5b7b0b03..070714fa 100644 --- a/changelogs/CHANGELOG-0.5.md +++ b/changelogs/CHANGELOG-0.5.md @@ -1,5 +1,6 @@ ### All Changes +* Replace busybox with internal copy binary. (#162, @blackpiglet) * When restorePVs is false, CSI should restore the PVC. (#154, @blackpiglet) * Bump the Golang version to v1.19 for the GCP plugin's main branch. (#153, @blackpiglet) * Update golang.org/x/net to fix CVE. (#149, @blackpiglet) diff --git a/hack/build.sh b/hack/build.sh index fac40523..70d38e41 100755 --- a/hack/build.sh +++ b/hack/build.sh @@ -36,6 +36,7 @@ export CGO_ENABLED=0 if [[ -z "${OUTPUT_DIR:-}" ]]; then OUTPUT_DIR=. fi + OUTPUT=${OUTPUT_DIR}/${BIN} if [[ "${GOOS}" = "windows" ]]; then OUTPUT="${OUTPUT}.exe" @@ -46,3 +47,5 @@ go build \ -installsuffix "static" \ -mod=readonly \ ./ + +CGO_ENABLED=0 go build -v -o ${OUTPUT_DIR}/cp-plugin ./hack/cp-plugin diff --git a/hack/cp-plugin/main.go b/hack/cp-plugin/main.go new file mode 100644 index 00000000..3f864872 --- /dev/null +++ b/hack/cp-plugin/main.go @@ -0,0 +1,42 @@ +package main + +import ( + "errors" + "fmt" + "io" + "os" +) + +func main() { + if len(os.Args) != 3 { + fmt.Println( + `Error: This command requires two arguments. +Usage: cp-plugin src dst`) + os.Exit(1) + } + src, dst := os.Args[1], os.Args[2] + fmt.Printf("Copying %s to %s ... ", src, dst) + srcFile, err := os.Open(src) + if err != nil { + panic(err) + } + defer srcFile.Close() + if _, err := os.Stat(dst); errors.Is(err, os.ErrNotExist) { + _, err = os.Create(dst) + if err != nil { + panic(err) + } + } + dstFile, err := os.OpenFile(dst, os.O_WRONLY, 0755) + if err != nil { + panic(err) + } + defer dstFile.Close() + buf := make([]byte, 1024*128) + _, err = io.CopyBuffer(dstFile, srcFile, buf) + if err != nil { + panic(err) + } + os.Chmod(dst, 0755) + fmt.Println("done.") +} From a304b1261da378986cf446da53c49802daadc2cf Mon Sep 17 00:00:00 2001 From: Xun Jiang Date: Tue, 11 Apr 2023 21:33:22 +0800 Subject: [PATCH 2/2] Clean PVC's DataSource and DataSourceRef by setting them to nil. Signed-off-by: Xun Jiang --- internal/restore/pvc_action.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/restore/pvc_action.go b/internal/restore/pvc_action.go index 9d08219d..f5ca06db 100644 --- a/internal/restore/pvc_action.go +++ b/internal/restore/pvc_action.go @@ -125,8 +125,8 @@ func (p *PVCRestoreItemAction) Execute(input *velero.RestoreItemActionExecuteInp if boolptr.IsSetToFalse(input.Restore.Spec.RestorePVs) { p.Log.Infof("Restore did not request for PVs to be restored from snapshot %s/%s.", input.Restore.Namespace, input.Restore.Name) pvc.Spec.VolumeName = "" - pvc.Spec.DataSource = &corev1api.TypedLocalObjectReference{} - pvc.Spec.DataSourceRef = &corev1api.TypedLocalObjectReference{} + pvc.Spec.DataSource = nil + pvc.Spec.DataSourceRef = nil } else { _, snapClient, err := util.GetClients() if err != nil {