From 1858d0ef370019eac52a274cc92a0d945c799a80 Mon Sep 17 00:00:00 2001 From: Phil Sphicas Date: Tue, 7 Sep 2021 16:32:41 +0000 Subject: [PATCH] perm: Optionally ignore missing files The default behavior of divingbell-perm is to fail when trying to assign permissions to non-existent files. This change adds an option to values.yaml to skip any missing files and proceed with the rest of the assignments. conf: perm: ignore_missing: true # default is false This may be useful in cases where files will never exist on a node, or cases where the file does not exist yet, but will exist later. Note that with this option enabled, a run in which files are skipped is considered successful, so the rerun_policy and rerun_interval will determine if and when another attempt will be made. Change-Id: I15505d6292dda66942c66eea5a4d0666bd6bdfa7 --- divingbell/templates/bin/_perm.sh.tpl | 12 +++++++- divingbell/values.yaml | 1 + tools/gate/scripts/020-test-divingbell.sh | 37 +++++++++++++++++++++++ 3 files changed, 49 insertions(+), 1 deletion(-) diff --git a/divingbell/templates/bin/_perm.sh.tpl b/divingbell/templates/bin/_perm.sh.tpl index 1dac5ff..edfece7 100644 --- a/divingbell/templates/bin/_perm.sh.tpl +++ b/divingbell/templates/bin/_perm.sh.tpl @@ -46,8 +46,18 @@ add_single_perm(){ local permissions="${4}" # check if file exists - [ -e $path ] || return 1 # if set -e is set the entire script will exit + # unless values has `conf: { perm: { ignore_missing: true } }` + if [ ! -e $path ]; then + local msg="$path does not exist" + if {{ index (index .Values "conf" "perm" | default dict) "ignore_missing" | default false }}; then + log.WARN "${msg}, skipping" + return 0 + else + log.ERROR "${msg}" + return 1 + fi + fi # construct backup name local file_name=$(systemd-escape $path) diff --git a/divingbell/values.yaml b/divingbell/values.yaml index 4326842..da65dbb 100644 --- a/divingbell/values.yaml +++ b/divingbell/values.yaml @@ -38,6 +38,7 @@ conf: # rerun_policy: always # 86400 = 1 day # rerun_interval: 86400 +# ignore_missing: false # paths: # - # path: '/boot/System.map-*' diff --git a/tools/gate/scripts/020-test-divingbell.sh b/tools/gate/scripts/020-test-divingbell.sh index d93f869..7f4aeed 100755 --- a/tools/gate/scripts/020-test-divingbell.sh +++ b/tools/gate/scripts/020-test-divingbell.sh @@ -770,6 +770,43 @@ test_perm(){ _test_perm_value ${p_test_file1} root shadow 640 _test_perm_value ${p_test_file2} ${p_test_file2##*.} ${p_test_file2##*.} 777 echo "[SUCCESS] Backup test for perm passed successfully" >> "${TEST_RESULTS}" + # Test missing files (default behavior, fail on missing files) + echo "conf: + perm: + paths: + - + path: /does/not/exist + owner: 'root' + group: 'shadow' + permissions: '0640' + - + path: ${p_test_file2} + owner: 'root' + group: 'shadow' + permissions: '0640'" > "${overrides_yaml}" + install_base "--values=${overrides_yaml}" + get_container_status perm ignore_failure + _test_perm_value ${p_test_file2} ${p_test_file2##*.} ${p_test_file2##*.} 777 + echo '[SUCCESS] perm test fail on missing files passed successfully' >> "${TEST_RESULTS}" + # Test missing files (ignore_missing=true, continue if files are missing) + echo "conf: + perm: + ignore_missing: true + paths: + - + path: /does/not/exist + owner: 'root' + group: 'shadow' + permissions: '0640' + - + path: ${p_test_file2} + owner: 'root' + group: 'shadow' + permissions: '0640'" > "${overrides_yaml}" + install_base "--values=${overrides_yaml}" + get_container_status perm + _test_perm_value ${p_test_file2} root shadow 640 + echo '[SUCCESS] perm test ignore_missing passed successfully' >> "${TEST_RESULTS}" # Test invalid rerun_interval (too short) echo "conf: perm: