Skip to content

Commit

Permalink
PRODENG-2744 host override sudo test
Browse files Browse the repository at this point in the history
- host flag allows explicit sudo assign, preventing rig discovery

STILL POC, and requires rig k0sproject/rig#227

Signed-off-by: James Nesbitt <[email protected]>
  • Loading branch information
james-nesbitt committed Nov 8, 2024
1 parent 1111954 commit 8716aef
Show file tree
Hide file tree
Showing 8 changed files with 103 additions and 21 deletions.
18 changes: 9 additions & 9 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
module github.com/Mirantis/mcc

go 1.22.4

toolchain go1.23.0
go 1.23.2

require (
github.com/AlecAivazis/survey/v2 v2.3.7
Expand All @@ -20,6 +18,7 @@ require (
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
github.com/logrusorgru/aurora v2.0.3+incompatible
github.com/mattn/go-isatty v0.0.20
github.com/mattn/go-shellwords v1.0.12
github.com/mitchellh/go-homedir v1.1.0
github.com/schollz/progressbar/v3 v3.14.6
github.com/sirupsen/logrus v1.9.3
Expand Down Expand Up @@ -147,7 +146,6 @@ require (
github.com/masterzen/winrm v0.0.0-20240702205601-3fad6e106085 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-runewidth v0.0.9 // indirect
github.com/mattn/go-shellwords v1.0.12 // indirect
github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
Expand Down Expand Up @@ -198,13 +196,13 @@ require (
go.opentelemetry.io/otel/metric v1.28.0 // indirect
go.opentelemetry.io/otel/trace v1.28.0 // indirect
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
golang.org/x/crypto v0.26.0 // indirect
golang.org/x/net v0.28.0 // indirect
golang.org/x/crypto v0.28.0 // indirect
golang.org/x/net v0.30.0 // indirect
golang.org/x/oauth2 v0.21.0 // indirect
golang.org/x/sync v0.8.0 // indirect
golang.org/x/sys v0.24.0 // indirect
golang.org/x/term v0.23.0 // indirect
golang.org/x/text v0.17.0 // indirect
golang.org/x/sys v0.26.0 // indirect
golang.org/x/term v0.25.0 // indirect
golang.org/x/text v0.19.0 // indirect
golang.org/x/time v0.6.0 // indirect
google.golang.org/api v0.169.0 // indirect
google.golang.org/genproto v0.0.0-20240213162025-012b6fc9bca9 // indirect
Expand All @@ -228,3 +226,5 @@ require (
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
sigs.k8s.io/yaml v1.4.0 // indirect
)

replace github.com/k0sproject/rig v0.18.7 => github.com/james-nesbitt/rig v0.18.5-0.20241106064551-c604d0a85c44
24 changes: 12 additions & 12 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -591,6 +591,8 @@ github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/james-nesbitt/rig v0.18.5-0.20241106064551-c604d0a85c44 h1:Lf3Me9DKejrpf66MsMcuvu2vSGr9R6/hcyoHYO+58Hc=
github.com/james-nesbitt/rig v0.18.5-0.20241106064551-c604d0a85c44/go.mod h1:rV9v56TQ6e62jgpAO1kEuoMMczwNH/I1MIxiV8gsvmg=
github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8=
github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs=
github.com/jcmturner/dnsutils/v2 v2.0.0 h1:lltnkeZGL0wILNvrNiVCR6Ro5PGU/SeBvVO/8c/iPbo=
Expand Down Expand Up @@ -623,8 +625,6 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V
github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213/go.mod h1:vNUNkEQ1e29fT/6vq2aBdFsgNPmy8qMdSay1npru+Sw=
github.com/k0sproject/dig v0.2.0 h1:cNxEIl96g9kqSMfPSZLhpnZ0P8bWXKv08nxvsMHop5w=
github.com/k0sproject/dig v0.2.0/go.mod h1:rBcqaQlJpcKdt2x/OE/lPvhGU50u/e95CSm5g/r4s78=
github.com/k0sproject/rig v0.18.7 h1:MFLTVmhj+lGcCHbemwoWorlCD26CwzxhKckec+lGgdc=
github.com/k0sproject/rig v0.18.7/go.mod h1:FS9xKO2a4hco2XthIcXnYBozKSLr/V3tlP+fWi7OVyE=
github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw=
github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
Expand Down Expand Up @@ -933,8 +933,8 @@ golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
Expand Down Expand Up @@ -1026,8 +1026,8 @@ golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
Expand Down Expand Up @@ -1146,17 +1146,17 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4=
golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=
golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24=
golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
Expand All @@ -1168,8 +1168,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down
1 change: 1 addition & 0 deletions pkg/product/mke/api/host.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ type Host struct {
Hooks common.Hooks `yaml:"hooks,omitempty" validate:"dive,keys,oneof=apply reset,endkeys,dive,keys,oneof=before after,endkeys,omitempty"`
ImageDir string `yaml:"imageDir,omitempty"`
SudoDocker bool `yaml:"sudodocker"`
SudoOverride bool `yaml:"sudooverride"` // some customers can't allow the default rig connection sudo detection

Metadata *HostMetadata `yaml:"-"`
MSRMetadata *MSRMetadata `yaml:"-"`
Expand Down
1 change: 1 addition & 0 deletions pkg/product/mke/apply.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ func (p *MKE) Apply(disableCleanup, force bool, concurrency int, forceUpgrade bo

phaseManager.AddPhases(
&mke.UpgradeCheck{},
&mke.OverrideHostSudo{},
&common.Connect{},
&mke.DetectOS{},
&mke.GatherFacts{},
Expand Down
1 change: 1 addition & 0 deletions pkg/product/mke/client_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ func (p *MKE) ClientConfig() error {

phaseManager := phase.NewManager(&p.ClusterConfig)
phaseManager.AddPhases(
&de.OverrideHostSudo{},
&common.Connect{},
&de.DetectOS{},
&de.GatherFacts{},
Expand Down
1 change: 1 addition & 0 deletions pkg/product/mke/describe.go
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ func (p *MKE) Describe(reportName string) error {
phaseManager.IgnoreErrors = true

phaseManager.AddPhases(
&de.OverrideHostSudo{},
&common.Connect{},
&de.DetectOS{},
&de.GatherFacts{},
Expand Down
77 changes: 77 additions & 0 deletions pkg/product/mke/phase/overridehostsudo.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
package phase

import (
"fmt"
"strings"

"github.com/Mirantis/mcc/pkg/phase"
"github.com/Mirantis/mcc/pkg/product/mke/api"
"github.com/alessio/shellescape"
"github.com/mattn/go-shellwords"
log "github.com/sirupsen/logrus"
)

// OverrideHostSudo of the host if it has an override in the config.
type OverrideHostSudo struct {
phase.Analytics
phase.HostSelectPhase

overrideHosts api.Hosts
}

// Title for the phase.
func (p *OverrideHostSudo) Title() string {
return "Override the host sudo"
}

// ShouldRun should return true only when there is a host with an overridet.
func (p *OverrideHostSudo) ShouldRun() bool {
for _, h := range p.Hosts {
if h.SudoOverride {
p.overrideHosts = append(p.overrideHosts, h)
}
}
return len(p.overrideHosts) > 0
}

// Run the phase.
func (p *OverrideHostSudo) Run() error {
err := p.Hosts.ParallelEach(func(h *api.Host) error {
if h.SudoOverride {
log.Warnf("%s: overriding sudo for host", h)
h.SetSudofn(sudoSudo)
}
return nil
})
if err != nil {
return fmt.Errorf("failed to override sudo on hosts: %w", err)
}
return nil
}

// @see https://github.com/k0sproject/rig/blob/release-0.x/connection.go#L253
func sudoSudo(cmd string) string {
parts, err := shellwords.Parse(cmd)
if err != nil {
return "sudo -- " + cmd
}

var idx int
for i, p := range parts {
if strings.Contains(p, "=") {
idx = i + 1
continue
}
break
}

if idx == 0 {
return "sudo -- " + cmd
}

for i, p := range parts {
parts[i] = shellescape.Quote(p)
}

return fmt.Sprintf("sudo %s -- %s", strings.Join(parts[0:idx], " "), strings.Join(parts[idx:], " "))
}
1 change: 1 addition & 0 deletions pkg/product/mke/reset.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ func (p *MKE) Reset() error {
phaseManager := phase.NewManager(&p.ClusterConfig)

phaseManager.AddPhases(
&mke.OverrideHostSudo{},
&common.Connect{},
&mke.DetectOS{},
&mke.GatherFacts{},
Expand Down

0 comments on commit 8716aef

Please sign in to comment.