From 07327f0af9cee4bc8d1318acab869d75f9c90760 Mon Sep 17 00:00:00 2001 From: shubham Date: Tue, 4 May 2021 11:49:10 +0530 Subject: [PATCH 1/5] Fix missing error handling Signed-off-by: shubham --- cmd/tink-worker/internal/worker.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/tink-worker/internal/worker.go b/cmd/tink-worker/internal/worker.go index 947540c74..ab37908af 100644 --- a/cmd/tink-worker/internal/worker.go +++ b/cmd/tink-worker/internal/worker.go @@ -261,7 +261,7 @@ func (w *Worker) ProcessWorkflowActions(ctx context.Context, workerID string, ca os.Exit(1) } - f.Close() + err = f.Close() if err != nil { l.Error(err) os.Exit(1) From 7197bc82653c4c8b54a57acd042600b19e47a103 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 23 Jun 2021 14:30:34 -0400 Subject: [PATCH 2/5] Fix ineffective assignment in db/mock/template.go --- db/mock/template.go | 4 +- grpc-server/template_test.go | 24 ++++---- grpc-server/tinkerbell_test.go | 106 ++++++++++++++++----------------- grpc-server/workflow_test.go | 20 +++---- 4 files changed, 77 insertions(+), 77 deletions(-) diff --git a/db/mock/template.go b/db/mock/template.go index 0447fbb79..533fea17f 100644 --- a/db/mock/template.go +++ b/db/mock/template.go @@ -16,7 +16,7 @@ type Template struct { } // CreateTemplate creates a new workflow template -func (d DB) CreateTemplate(ctx context.Context, name string, data string, id uuid.UUID) error { +func (d *DB) CreateTemplate(ctx context.Context, name string, data string, id uuid.UUID) error { if d.TemplateDB == nil { d.TemplateDB = make(map[string]interface{}) } @@ -66,6 +66,6 @@ func (d DB) UpdateTemplate(ctx context.Context, name string, data string, id uui } // ClearTemplateDB clear all the templates -func (d DB) ClearTemplateDB() { +func (d *DB) ClearTemplateDB() { d.TemplateDB = make(map[string]interface{}) } diff --git a/grpc-server/template_test.go b/grpc-server/template_test.go index 599834227..8cb0fe00e 100644 --- a/grpc-server/template_test.go +++ b/grpc-server/template_test.go @@ -54,7 +54,7 @@ tasks: func TestCreateTemplate(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB name string template string } @@ -68,7 +68,7 @@ func TestCreateTemplate(t *testing.T) { }{ "SuccessfulTemplateCreation": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: make(map[string]interface{}), }, name: "template_1", @@ -81,7 +81,7 @@ func TestCreateTemplate(t *testing.T) { "SuccessfulMultipleTemplateCreation": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ "template_1": mock.Template{ Data: template1, @@ -99,7 +99,7 @@ func TestCreateTemplate(t *testing.T) { "FailedMultipleTemplateCreationWithSameName": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ "template_1": mock.Template{ Data: template1, @@ -117,7 +117,7 @@ func TestCreateTemplate(t *testing.T) { "SuccessfulTemplateCreationAfterDeletingWithSameName": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ "template_1": mock.Template{ Data: template1, @@ -156,7 +156,7 @@ func TestCreateTemplate(t *testing.T) { func TestGetTemplate(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB getRequest *pb.GetRequest } ) @@ -169,7 +169,7 @@ func TestGetTemplate(t *testing.T) { }{ "SuccessfulTemplateGet_Name": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ templateName1: template1, }, @@ -200,7 +200,7 @@ func TestGetTemplate(t *testing.T) { "FailedTemplateGet_Name": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ templateName1: template1, }, @@ -231,7 +231,7 @@ func TestGetTemplate(t *testing.T) { "SuccessfulTemplateGet_ID": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ templateName1: template1, }, @@ -262,7 +262,7 @@ func TestGetTemplate(t *testing.T) { "FailedTemplateGet_ID": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ templateName1: template1, }, @@ -293,7 +293,7 @@ func TestGetTemplate(t *testing.T) { "FailedTemplateGet_EmptyRequest": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ templateName1: template1, }, @@ -324,7 +324,7 @@ func TestGetTemplate(t *testing.T) { "FailedTemplateGet_NilRequest": { args: args{ - db: mock.DB{ + db: &mock.DB{ TemplateDB: map[string]interface{}{ templateName1: template1, }, diff --git a/grpc-server/tinkerbell_test.go b/grpc-server/tinkerbell_test.go index 81701b830..d30fe7425 100644 --- a/grpc-server/tinkerbell_test.go +++ b/grpc-server/tinkerbell_test.go @@ -45,7 +45,7 @@ func TestMain(m *testing.M) { func TestGetWorkflowContextList(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB workerID string } want struct { @@ -58,7 +58,7 @@ func TestGetWorkflowContextList(t *testing.T) { }{ "empty worker id": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, }, want: want{ expectedError: true, @@ -66,7 +66,7 @@ func TestGetWorkflowContextList(t *testing.T) { }, "database failure": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowsForWorkerFunc: func(id string) ([]string, error) { return []string{workflowID}, nil }, @@ -82,7 +82,7 @@ func TestGetWorkflowContextList(t *testing.T) { }, "no workflows found": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowsForWorkerFunc: func(id string) ([]string, error) { return nil, nil }, @@ -98,7 +98,7 @@ func TestGetWorkflowContextList(t *testing.T) { }, "workflows found": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowsForWorkerFunc: func(id string) ([]string, error) { return []string{workflowID}, nil }, @@ -144,7 +144,7 @@ func TestGetWorkflowContextList(t *testing.T) { func TestGetWorkflowActions(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB workflowID string } want struct { @@ -157,7 +157,7 @@ func TestGetWorkflowActions(t *testing.T) { }{ "empty workflow id": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, }, want: want{ expectedError: true, @@ -165,7 +165,7 @@ func TestGetWorkflowActions(t *testing.T) { }, "database failure": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowActionsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowActionList, error) { return nil, errors.New("SELECT from worflow_state") }, @@ -178,7 +178,7 @@ func TestGetWorkflowActions(t *testing.T) { }, "getting actions": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowActionsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowActionList, error) { return &pb.WorkflowActionList{ ActionList: []*pb.WorkflowAction{ @@ -223,7 +223,7 @@ func TestGetWorkflowActions(t *testing.T) { func TestReportActionStatus(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB workflowID, taskName, actionName, workerID string actionState pb.State } @@ -237,7 +237,7 @@ func TestReportActionStatus(t *testing.T) { }{ "empty workflow id": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, taskName: taskName, actionName: actionName, }, @@ -247,7 +247,7 @@ func TestReportActionStatus(t *testing.T) { }, "empty task name": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, workflowID: workflowID, actionName: actionName, }, @@ -257,7 +257,7 @@ func TestReportActionStatus(t *testing.T) { }, "empty action name": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, taskName: taskName, workflowID: workflowID, }, @@ -267,7 +267,7 @@ func TestReportActionStatus(t *testing.T) { }, "error getting workflow context": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return nil, errors.New("SELECT from worflow_state") }, @@ -284,7 +284,7 @@ func TestReportActionStatus(t *testing.T) { }, "failed getting actions for context": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -308,7 +308,7 @@ func TestReportActionStatus(t *testing.T) { }, "success reporting status": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -348,7 +348,7 @@ func TestReportActionStatus(t *testing.T) { }, "report status for second action": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -397,7 +397,7 @@ func TestReportActionStatus(t *testing.T) { }, "reporting different action name": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -431,7 +431,7 @@ func TestReportActionStatus(t *testing.T) { }, "reporting different task name": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -465,7 +465,7 @@ func TestReportActionStatus(t *testing.T) { }, "failed to update workflow state": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -502,7 +502,7 @@ func TestReportActionStatus(t *testing.T) { }, "failed to update workflow events": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -572,7 +572,7 @@ func TestReportActionStatus(t *testing.T) { func TestUpdateWorkflowData(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB data []byte workflowID string } @@ -586,7 +586,7 @@ func TestUpdateWorkflowData(t *testing.T) { }{ "empty workflow id": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, }, want: want{ expectedError: true, @@ -594,7 +594,7 @@ func TestUpdateWorkflowData(t *testing.T) { }, "database failure": { args: args{ - db: mock.DB{ + db: &mock.DB{ InsertIntoWfDataTableFunc: func(ctx context.Context, req *pb.UpdateWorkflowDataRequest) error { return errors.New("INSERT Into workflow_data") }, @@ -608,7 +608,7 @@ func TestUpdateWorkflowData(t *testing.T) { }, "add new data": { args: args{ - db: mock.DB{ + db: &mock.DB{ InsertIntoWfDataTableFunc: func(ctx context.Context, req *pb.UpdateWorkflowDataRequest) error { return nil }, @@ -644,7 +644,7 @@ func TestUpdateWorkflowData(t *testing.T) { func TestGetWorkflowData(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB workflowID string } want struct { @@ -658,7 +658,7 @@ func TestGetWorkflowData(t *testing.T) { }{ "empty workflow id": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetfromWfDataTableFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { return []byte{}, nil }, @@ -672,7 +672,7 @@ func TestGetWorkflowData(t *testing.T) { }, "invalid workflow id": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetfromWfDataTableFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { return []byte{}, errors.New("invalid uuid") }, @@ -686,7 +686,7 @@ func TestGetWorkflowData(t *testing.T) { }, "no workflow data": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetfromWfDataTableFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { return []byte{}, nil }, @@ -699,7 +699,7 @@ func TestGetWorkflowData(t *testing.T) { }, "workflow data": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetfromWfDataTableFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { return wfData, nil }, @@ -734,7 +734,7 @@ func TestGetWorkflowData(t *testing.T) { func TestGetWorkflowsForWorker(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB workerID string } want struct { @@ -748,7 +748,7 @@ func TestGetWorkflowsForWorker(t *testing.T) { }{ "empty workflow id": { args: args{ - db: mock.DB{}, + db: &mock.DB{}, workerID: "", }, want: want{ @@ -757,7 +757,7 @@ func TestGetWorkflowsForWorker(t *testing.T) { }, "database failure": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowsForWorkerFunc: func(id string) ([]string, error) { return nil, errors.New("database failed") }, @@ -770,7 +770,7 @@ func TestGetWorkflowsForWorker(t *testing.T) { }, "no workflows found": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowsForWorkerFunc: func(id string) ([]string, error) { return nil, nil }, @@ -783,7 +783,7 @@ func TestGetWorkflowsForWorker(t *testing.T) { }, "workflows found": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowsForWorkerFunc: func(id string) ([]string, error) { return []string{workflowID}, nil }, @@ -815,7 +815,7 @@ func TestGetWorkflowsForWorker(t *testing.T) { func TestGetWorkflowMetadata(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB workflowID string } want struct { @@ -828,7 +828,7 @@ func TestGetWorkflowMetadata(t *testing.T) { }{ "database failure": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowMetadataFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { return []byte{}, errors.New("SELECT from workflow_data") }, @@ -841,7 +841,7 @@ func TestGetWorkflowMetadata(t *testing.T) { }, "no metadata": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowMetadataFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { return []byte{}, nil }, @@ -854,7 +854,7 @@ func TestGetWorkflowMetadata(t *testing.T) { }, "metadata": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowMetadataFunc: func(ctx context.Context, req *pb.GetWorkflowDataRequest) ([]byte, error) { type workflowMetadata struct { WorkerID string `json:"worker-id"` @@ -914,7 +914,7 @@ func TestGetWorkflowMetadata(t *testing.T) { func TestGetWorkflowDataVersion(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB } want struct { version int32 @@ -927,7 +927,7 @@ func TestGetWorkflowDataVersion(t *testing.T) { }{ "database failure": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowDataVersionFunc: func(ctx context.Context, workflowID string) (int32, error) { return -1, errors.New("SELECT from workflow_data") }, @@ -940,7 +940,7 @@ func TestGetWorkflowDataVersion(t *testing.T) { }, "success": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowDataVersionFunc: func(ctx context.Context, workflowID string) (int32, error) { return 2, nil }, @@ -973,7 +973,7 @@ func TestGetWorkflowDataVersion(t *testing.T) { func TestIsApplicableToSend(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB } want struct { isApplicable bool @@ -985,7 +985,7 @@ func TestIsApplicableToSend(t *testing.T) { }{ "failed state": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1001,7 +1001,7 @@ func TestIsApplicableToSend(t *testing.T) { }, "timeout state": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1017,7 +1017,7 @@ func TestIsApplicableToSend(t *testing.T) { }, "failed to get actions": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1036,7 +1036,7 @@ func TestIsApplicableToSend(t *testing.T) { }, "is last action and success state": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1065,7 +1065,7 @@ func TestIsApplicableToSend(t *testing.T) { }, "in-progress last action for different worker": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1094,7 +1094,7 @@ func TestIsApplicableToSend(t *testing.T) { }, "success state and not the last action": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1130,7 +1130,7 @@ func TestIsApplicableToSend(t *testing.T) { }, "not the last action": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1182,7 +1182,7 @@ func TestIsApplicableToSend(t *testing.T) { func TestIsLastAction(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB } want struct { isLastAction bool @@ -1194,7 +1194,7 @@ func TestIsLastAction(t *testing.T) { }{ "is not last": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, @@ -1230,7 +1230,7 @@ func TestIsLastAction(t *testing.T) { }, "is last": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, wfID string) (*pb.WorkflowContext, error) { return &pb.WorkflowContext{ WorkflowId: workflowID, diff --git a/grpc-server/workflow_test.go b/grpc-server/workflow_test.go index 076878799..62b9c460b 100644 --- a/grpc-server/workflow_test.go +++ b/grpc-server/workflow_test.go @@ -31,7 +31,7 @@ tasks: func TestCreateWorkflow(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB wfTemplate, wfHardware string } want struct { @@ -44,7 +44,7 @@ func TestCreateWorkflow(t *testing.T) { }{ "FailedToGetTemplate": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetTemplateFunc: func(ctx context.Context, fields map[string]string, deleted bool) (*tb.WorkflowTemplate, error) { return &tb.WorkflowTemplate{ Id: "", @@ -62,7 +62,7 @@ func TestCreateWorkflow(t *testing.T) { }, "FailedCreatingWorkflow": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetTemplateFunc: func(ctx context.Context, fields map[string]string, deleted bool) (*tb.WorkflowTemplate, error) { return &tb.WorkflowTemplate{ Id: "", @@ -83,7 +83,7 @@ func TestCreateWorkflow(t *testing.T) { }, "SuccessCreatingWorkflow": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetTemplateFunc: func(ctx context.Context, fields map[string]string, deleted bool) (*tb.WorkflowTemplate, error) { return &tb.WorkflowTemplate{ Id: "", @@ -129,7 +129,7 @@ func TestCreateWorkflow(t *testing.T) { func TestGetWorkflow(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB wfTemplate, wfHardware string state workflow.State } @@ -143,7 +143,7 @@ func TestGetWorkflow(t *testing.T) { }{ "SuccessGettingWorkflow": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowFunc: func(ctx context.Context, workflowID string) (db.Workflow, error) { return db.Workflow{ ID: workflowID, @@ -176,7 +176,7 @@ func TestGetWorkflow(t *testing.T) { }, "WorkflowDoesNotExist": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowFunc: func(ctx context.Context, workflowID string) (db.Workflow, error) { return db.Workflow{}, errors.New("Workflow with id " + workflowID + " does not exist") }, @@ -188,7 +188,7 @@ func TestGetWorkflow(t *testing.T) { }, "GetWorkflowState": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowFunc: func(ctx context.Context, workflowID string) (db.Workflow, error) { return db.Workflow{ ID: workflowID, @@ -246,7 +246,7 @@ func TestGetWorkflow(t *testing.T) { func TestGetWorkflowContext(t *testing.T) { type ( args struct { - db mock.DB + db *mock.DB } want struct { expectedError bool @@ -258,7 +258,7 @@ func TestGetWorkflowContext(t *testing.T) { }{ "WorkflowDoesNotExist": { args: args{ - db: mock.DB{ + db: &mock.DB{ GetWorkflowContextsFunc: func(ctx context.Context, workflowID string) (*workflow.WorkflowContext, error) { w := workflow.WorkflowContext{} return &w, errors.New("Workflow with id " + workflowID + " does not exist") From 7f829f51eaaf447daeff1180625fd2494abbae6a Mon Sep 17 00:00:00 2001 From: Rahul Grover Date: Tue, 29 Jun 2021 21:31:14 +0530 Subject: [PATCH 3/5] Fix gosec warning "Potential file inclusion via variable" (#490) Signed-off-by: Rahul Grover --- cmd/tink-cli/cmd/hardware/push.go | 3 ++- cmd/tink-cli/cmd/template/create.go | 3 ++- cmd/tink-worker/internal/worker.go | 3 ++- grpc-server/grpc_server.go | 5 +++-- test/framework/hardware.go | 3 ++- test/framework/template.go | 3 ++- workflow/template_validator.go | 3 ++- 7 files changed, 15 insertions(+), 8 deletions(-) diff --git a/cmd/tink-cli/cmd/hardware/push.go b/cmd/tink-cli/cmd/hardware/push.go index e73bc160f..78ab0858d 100644 --- a/cmd/tink-cli/cmd/hardware/push.go +++ b/cmd/tink-cli/cmd/hardware/push.go @@ -9,6 +9,7 @@ import ( "io/ioutil" "log" "os" + "path/filepath" "strings" "github.com/spf13/cobra" @@ -84,7 +85,7 @@ func readDataFromStdin() string { } func readDataFromFile() string { - f, err := os.Open(file) + f, err := os.Open(filepath.Clean(file)) if err != nil { log.Fatal(err) } diff --git a/cmd/tink-cli/cmd/template/create.go b/cmd/tink-cli/cmd/template/create.go index f3df9ff5c..19d3b2fd6 100644 --- a/cmd/tink-cli/cmd/template/create.go +++ b/cmd/tink-cli/cmd/template/create.go @@ -7,6 +7,7 @@ import ( "io/ioutil" "log" "os" + "path/filepath" "github.com/spf13/cobra" "github.com/tinkerbell/tink/client" @@ -39,7 +40,7 @@ $ tink template create --file /tmp/example.tmpl if isInputFromPipe() { reader = os.Stdin } else { - f, err := os.Open(filePath) + f, err := os.Open(filepath.Clean(filePath)) if err != nil { log.Fatal(err) } diff --git a/cmd/tink-worker/internal/worker.go b/cmd/tink-worker/internal/worker.go index ab37908af..89723539f 100644 --- a/cmd/tink-worker/internal/worker.go +++ b/cmd/tink-worker/internal/worker.go @@ -9,6 +9,7 @@ import ( "fmt" "io/ioutil" "os" + "path/filepath" "strconv" "strings" "time" @@ -473,7 +474,7 @@ func sendUpdate(ctx context.Context, logger log.Logger, client pb.WorkflowServic } func openDataFile(wfDir string, l log.Logger) *os.File { - f, err := os.OpenFile(wfDir+string(os.PathSeparator)+dataFile, os.O_RDWR|os.O_CREATE, 0644) + f, err := os.OpenFile(filepath.Clean(wfDir+string(os.PathSeparator)+dataFile), os.O_RDWR|os.O_CREATE, 0600) if err != nil { l.Error(err) os.Exit(1) diff --git a/grpc-server/grpc_server.go b/grpc-server/grpc_server.go index 3c83e0e4e..e971d5066 100644 --- a/grpc-server/grpc_server.go +++ b/grpc-server/grpc_server.go @@ -6,6 +6,7 @@ import ( "io/ioutil" "net" "os" + "path/filepath" "strings" "sync" "time" @@ -110,7 +111,7 @@ func getCerts(facility string, logger log.Logger) (tls.Certificate, []byte, time certsDir += "/" } - certFile, err := os.Open(certsDir + "bundle.pem") + certFile, err := os.Open(filepath.Clean(certsDir + "bundle.pem")) if err != nil { err = errors.Wrap(err, "failed to open TLS cert") logger.Error(err) @@ -131,7 +132,7 @@ func getCerts(facility string, logger log.Logger) (tls.Certificate, []byte, time logger.Error(err) panic(err) } - keyPEM, err := ioutil.ReadFile(certsDir + "server-key.pem") + keyPEM, err := ioutil.ReadFile(filepath.Clean(certsDir + "server-key.pem")) if err != nil { err = errors.Wrap(err, "failed to read TLS key") logger.Error(err) diff --git a/test/framework/hardware.go b/test/framework/hardware.go index 5510f7939..dcc006295 100644 --- a/test/framework/hardware.go +++ b/test/framework/hardware.go @@ -5,13 +5,14 @@ import ( "encoding/json" "io/ioutil" "os" + "path/filepath" "github.com/tinkerbell/tink/client" "github.com/tinkerbell/tink/protos/hardware" ) func readHwData(file string) ([]byte, error) { - f, err := os.Open(file) + f, err := os.Open(filepath.Clean(file)) if err != nil { return []byte(""), err } diff --git a/test/framework/template.go b/test/framework/template.go index 2d2a3cf8f..d1c9d3343 100644 --- a/test/framework/template.go +++ b/test/framework/template.go @@ -4,13 +4,14 @@ import ( "context" "io/ioutil" "os" + "path/filepath" "github.com/tinkerbell/tink/client" "github.com/tinkerbell/tink/protos/template" ) func readTemplateData(file string) (string, error) { - f, err := os.Open(file) + f, err := os.Open(filepath.Clean(file)) if err != nil { return "", err } diff --git a/workflow/template_validator.go b/workflow/template_validator.go index 864706b39..851ca626f 100644 --- a/workflow/template_validator.go +++ b/workflow/template_validator.go @@ -5,6 +5,7 @@ import ( "encoding/json" "fmt" "io/ioutil" + "path/filepath" "text/template" "github.com/docker/distribution/reference" @@ -52,7 +53,7 @@ func MustParse(yamlContent []byte) *Workflow { // MustParseFromFile parse a template from a file and it panics if any error is // detected. Ideal to be used in testing. func MustParseFromFile(path string) *Workflow { - content, err := ioutil.ReadFile(path) + content, err := ioutil.ReadFile(filepath.Clean(path)) if err != nil { panic(err) } From fc0bfda8ca3690542e4d57253e0ffcf8ddf62f8e Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Tue, 29 Jun 2021 17:00:52 -0600 Subject: [PATCH 4/5] Add simplified docker-compose: The previous deploy directory was spinning up more than just tink. This is a duplicate of what is in the sandbox repo. This commit adds a basic docker-compose for just tink server and tink cli. Easy to use make target `run` will build the binaries first and then up the stack. Signed-off-by: Jacob Weinstock --- Makefile | 1 + deploy/db/tinkerbell-init.sql | 78 ---------- deploy/docker-compose.yml | 162 -------------------- deploy/registry/Dockerfile | 7 - deploy/tls/.gitignore | 1 - deploy/tls/Dockerfile | 7 - deploy/tls/ca.in.json | 12 -- deploy/tls/{server-csr.in.json => csr.json} | 0 deploy/tls/entrypoint.sh | 13 -- deploy/tls/gencerts.sh | 30 ---- deploy/tls/generate.sh | 7 + deploy/vagrant/Vagrantfile | 74 --------- deploy/vagrant/scripts/tinkerbell.sh | 118 -------------- docker-compose.yaml | 107 +++++++++++++ rules.mk | 3 + 15 files changed, 118 insertions(+), 502 deletions(-) delete mode 100644 deploy/db/tinkerbell-init.sql delete mode 100644 deploy/docker-compose.yml delete mode 100644 deploy/registry/Dockerfile delete mode 100644 deploy/tls/.gitignore delete mode 100644 deploy/tls/Dockerfile delete mode 100644 deploy/tls/ca.in.json rename deploy/tls/{server-csr.in.json => csr.json} (100%) delete mode 100755 deploy/tls/entrypoint.sh delete mode 100755 deploy/tls/gencerts.sh create mode 100755 deploy/tls/generate.sh delete mode 100644 deploy/vagrant/Vagrantfile delete mode 100644 deploy/vagrant/scripts/tinkerbell.sh create mode 100644 docker-compose.yaml diff --git a/Makefile b/Makefile index 4680d809d..2f64973c9 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ all: cli server worker ## Build all binaries for host OS and CPU crosscompile: $(crossbinaries) ## Build all binaries for Linux and all supported CPU arches images: tink-cli-image tink-server-image tink-worker-image ## Build all docker images +run: crosscompile run-stack ## Builds and runs the Tink stack (tink, db, cli) via docker-compose test: ## Run tests go clean -testcache diff --git a/deploy/db/tinkerbell-init.sql b/deploy/db/tinkerbell-init.sql deleted file mode 100644 index a0eda5203..000000000 --- a/deploy/db/tinkerbell-init.sql +++ /dev/null @@ -1,78 +0,0 @@ -SET ROLE tinkerbell; - -CREATE TABLE IF NOT EXISTS hardware ( - id UUID UNIQUE - , inserted_at TIMESTAMPTZ - , deleted_at TIMESTAMPTZ - , data JSONB -); - -CREATE INDEX IF NOT EXISTS idx_id ON hardware (id); -CREATE INDEX IF NOT EXISTS idx_deleted_at ON hardware (deleted_at NULLS FIRST); -CREATE INDEX IF NOT EXISTS idxgin_type ON hardware USING GIN (data JSONB_PATH_OPS); - -CREATE TABLE IF NOT EXISTS template ( - id UUID UNIQUE NOT NULL - , name VARCHAR(200) UNIQUE NOT NULL - , created_at TIMESTAMPTZ - , updated_at TIMESTAMPTZ - , deleted_at TIMESTAMPTZ - , data BYTEA - - CONSTRAINT CK_name CHECK (name ~ '^[a-zA-Z0-9_-]*$') -); - -CREATE INDEX IF NOT EXISTS idx_tid ON template (id); -CREATE INDEX IF NOT EXISTS idx_tdeleted_at ON template (deleted_at NULLS FIRST); - -CREATE TABLE IF NOT EXISTS workflow ( - id UUID UNIQUE NOT NULL - , template UUID NOT NULL - , devices JSONB NOT NULL - , created_at TIMESTAMPTZ - , updated_at TIMESTAMPTZ - , deleted_at TIMESTAMPTZ -); - -CREATE INDEX IF NOT EXISTS idx_wid ON workflow (id); -CREATE INDEX IF NOT EXISTS idx_wdeleted_at ON workflow (deleted_at NULLS FIRST); - -CREATE TABLE IF NOT EXISTS workflow_state ( - workflow_id UUID UNIQUE NOT NULL - , current_task_name VARCHAR(200) - , current_action_name VARCHAR(200) - , current_action_state SMALLINT - , current_worker VARCHAR(200) - , action_list JSONB - , current_action_index int - , total_number_of_actions INT -); - -CREATE INDEX IF NOT EXISTS idx_wfid ON workflow_state (workflow_id); - -CREATE TABLE IF NOT EXISTS workflow_event ( - workflow_id UUID NOT NULL - , worker_id UUID NOT NULL - , task_name VARCHAR(200) - , action_name VARCHAR(200) - , execution_time int - , message VARCHAR(200) - , status SMALLINT - , created_at TIMESTAMPTZ -); - -CREATE INDEX IF NOT EXISTS idx_event ON workflow_event (created_at); - -CREATE TABLE IF NOT EXISTS workflow_worker_map ( - workflow_id UUID NOT NULL - , worker_id UUID NOT NULL -); - -CREATE UNIQUE INDEX IF NOT EXISTS uidx_workflow_worker_map ON workflow_worker_map (workflow_id, worker_id); - -CREATE TABLE IF NOT EXISTS workflow_data ( - workflow_id UUID NOT NULL - , version INT - , metadata JSONB - , data JSONB -); diff --git a/deploy/docker-compose.yml b/deploy/docker-compose.yml deleted file mode 100644 index d692e5554..000000000 --- a/deploy/docker-compose.yml +++ /dev/null @@ -1,162 +0,0 @@ -version: "2.1" -services: - tink-server: - build: ../cmd/tink-server - restart: unless-stopped - environment: - FACILITY: ${FACILITY:-onprem} - PGDATABASE: tinkerbell - PGHOST: db - PGPASSWORD: tinkerbell - PGPORT: 5432 - PGSSLMODE: disable - PGUSER: tinkerbell - TINKERBELL_GRPC_AUTHORITY: :42113 - TINKERBELL_HTTP_AUTHORITY: :42114 - TINK_AUTH_USERNAME: ${TINKERBELL_TINK_USERNAME} - TINK_AUTH_PASSWORD: ${TINKERBELL_TINK_PASSWORD} - depends_on: - tink-server-migration: - condition: service_started - db: - condition: service_healthy - healthcheck: - test: ["CMD-SHELL", "wget -qO- 127.0.0.1:42114/cert"] # port needs to match TINKERBELL_HTTP_AUTHORITY - interval: 5s - timeout: 2s - retries: 30 - volumes: - - ./state/certs:/certs/${FACILITY:-onprem} - ports: - - 42113:42113/tcp - - 42114:42114/tcp - - tink-server-migration: - build: ../cmd/tink-server - restart: on-failure - environment: - ONLY_MIGRATION: "true" - FACILITY: ${FACILITY:-onprem} - PGDATABASE: tinkerbell - PGHOST: db - PGPASSWORD: tinkerbell - PGPORT: 5432 - PGSSLMODE: disable - PGUSER: tinkerbell - TINKERBELL_GRPC_AUTHORITY: :42113 - TINKERBELL_HTTP_AUTHORITY: :42114 - TINK_AUTH_USERNAME: ${TINKERBELL_TINK_USERNAME} - TINK_AUTH_PASSWORD: ${TINKERBELL_TINK_PASSWORD} - depends_on: - db: - condition: service_healthy - volumes: - - ./state/certs:/certs/${FACILITY:-onprem} - - db: - image: postgres:10-alpine - restart: unless-stopped - environment: - POSTGRES_PASSWORD: tinkerbell - POSTGRES_USER: tinkerbell - POSTGRES_DB: tinkerbell - volumes: - - postgres_data:/var/lib/postgresql/data:rw - ports: - - 5432:5432 - healthcheck: - test: ["CMD-SHELL", "pg_isready -U tinkerbell"] - interval: 1s - timeout: 1s - retries: 30 - - tink-cli: - build: ../cmd/tink-cli - restart: unless-stopped - environment: - TINKERBELL_GRPC_AUTHORITY: 127.0.0.1:42113 - TINKERBELL_CERT_URL: http://127.0.0.1:42114/cert - depends_on: - tink-server: - condition: service_healthy - db: - condition: service_healthy - network_mode: host - - registry: - build: - context: registry - args: - REGISTRY_USERNAME: $TINKERBELL_REGISTRY_USERNAME - REGISTRY_PASSWORD: $TINKERBELL_REGISTRY_PASSWORD - restart: unless-stopped - healthcheck: - test: ["CMD-SHELL", "curl --cacert /certs/ca.pem -fsSL https://127.0.0.1"] - interval: 5s - timeout: 1s - retries: 5 - environment: - REGISTRY_HTTP_ADDR: 0.0.0.0:443 - REGISTRY_HTTP_TLS_CERTIFICATE: /certs/server.pem - REGISTRY_HTTP_TLS_KEY: /certs/server-key.pem - REGISTRY_AUTH: htpasswd - REGISTRY_AUTH_HTPASSWD_REALM: "Registry Realm" - REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd - volumes: - - ./state/certs:/certs - - ./state/registry:/var/lib/registry - network_mode: host - - boots: - image: quay.io/tinkerbell/boots:latest - restart: unless-stopped - network_mode: host - command: -dhcp-addr 0.0.0.0:67 -tftp-addr $TINKERBELL_HOST_IP:69 -http-addr $TINKERBELL_HOST_IP:80 -log-level DEBUG - environment: - API_AUTH_TOKEN: ${PACKET_API_AUTH_TOKEN:-ignored} - API_CONSUMER_TOKEN: ${PACKET_CONSUMER_TOKEN:-ignored} - FACILITY_CODE: ${FACILITY:-onprem} - MIRROR_HOST: ${TINKERBELL_NGINX_IP:-127.0.0.1} - DNS_SERVERS: 8.8.8.8 - PUBLIC_IP: $TINKERBELL_HOST_IP - BOOTP_BIND: $TINKERBELL_HOST_IP:67 - HTTP_BIND: $TINKERBELL_HOST_IP:80 - SYSLOG_BIND: $TINKERBELL_HOST_IP:514 - TFTP_BIND: $TINKERBELL_HOST_IP:69 - DOCKER_REGISTRY: $TINKERBELL_HOST_IP - REGISTRY_USERNAME: $TINKERBELL_REGISTRY_USERNAME - REGISTRY_PASSWORD: $TINKERBELL_REGISTRY_PASSWORD - TINKERBELL_GRPC_AUTHORITY: $TINKERBELL_HOST_IP:42113 - TINKERBELL_CERT_URL: http://$TINKERBELL_HOST_IP:42114/cert - ELASTIC_SEARCH_URL: $TINKERBELL_HOST_IP:9200 - DATA_MODEL_VERSION: 1 - depends_on: - db: - condition: service_healthy - - nginx: - image: nginx:alpine - restart: unless-stopped - tty: true - ports: - - $TINKERBELL_NGINX_IP:80:80/tcp - volumes: - - ./state/webroot:/usr/share/nginx/html/ - - hegel: - image: quay.io/tinkerbell/hegel:latest - restart: unless-stopped - network_mode: host - environment: - GRPC_PORT: 42115 - HEGEL_FACILITY: ${FACILITY:-onprem} - HEGEL_USE_TLS: 0 - TINKERBELL_GRPC_AUTHORITY: 127.0.0.1:42113 - TINKERBELL_CERT_URL: http://127.0.0.1:42114/cert - DATA_MODEL_VERSION: 1 - depends_on: - db: - condition: service_healthy - -volumes: - postgres_data: diff --git a/deploy/registry/Dockerfile b/deploy/registry/Dockerfile deleted file mode 100644 index dedd7d6d0..000000000 --- a/deploy/registry/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM registry:2.7.1 -RUN apk add --no-cache --update curl apache2-utils -ARG REGISTRY_USERNAME -ARG REGISTRY_PASSWORD -RUN mkdir -p /certs /auth -RUN htpasswd -Bbn ${REGISTRY_USERNAME} ${REGISTRY_PASSWORD} > /auth/htpasswd -EXPOSE 443 diff --git a/deploy/tls/.gitignore b/deploy/tls/.gitignore deleted file mode 100644 index 355164c12..000000000 --- a/deploy/tls/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*/ diff --git a/deploy/tls/Dockerfile b/deploy/tls/Dockerfile deleted file mode 100644 index 3162c8a98..000000000 --- a/deploy/tls/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM alpine:3.11 -ENTRYPOINT [ "/entrypoint.sh" ] - -RUN apk add --no-cache --update --upgrade ca-certificates postgresql-client -RUN apk add --no-cache --update --upgrade --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing cfssl - -COPY . . diff --git a/deploy/tls/ca.in.json b/deploy/tls/ca.in.json deleted file mode 100644 index 0c0cf7a24..000000000 --- a/deploy/tls/ca.in.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "CN": "Autogenerated CA", - "key": { - "algo": "rsa", - "size": 2048 - }, - "names": [ - { - "L": "@FACILITY@" - } - ] -} diff --git a/deploy/tls/server-csr.in.json b/deploy/tls/csr.json similarity index 100% rename from deploy/tls/server-csr.in.json rename to deploy/tls/csr.json diff --git a/deploy/tls/entrypoint.sh b/deploy/tls/entrypoint.sh deleted file mode 100755 index a172eaa7d..000000000 --- a/deploy/tls/entrypoint.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env sh - -# set -o errexit -o nounset -o pipefail - -if [ -z "${TINKERBELL_TLS_CERT:-}" ]; then - ( - echo "creating directory" - mkdir -p "certs" - ./gencerts.sh - ) -fi - -"$@" diff --git a/deploy/tls/gencerts.sh b/deploy/tls/gencerts.sh deleted file mode 100755 index 66731dfea..000000000 --- a/deploy/tls/gencerts.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/env sh - -set -eux - -cd /certs - -if [ ! -f ca-key.pem ]; then - cfssl gencert \ - -initca ca.json | cfssljson -bare ca -fi - -if [ ! -f server.pem ]; then - cfssl gencert \ - -ca=ca.pem \ - -ca-key=ca-key.pem \ - -config=/ca-config.json \ - -profile=server \ - server-csr.json | - cfssljson -bare server -fi - -cat server.pem ca.pem >bundle.pem.tmp - -# only "modify" the file if truly necessary since workflow will serve it with -# modtime info for client caching purposes -if ! cmp -s bundle.pem.tmp bundle.pem; then - mv bundle.pem.tmp bundle.pem -else - rm bundle.pem.tmp -fi diff --git a/deploy/tls/generate.sh b/deploy/tls/generate.sh new file mode 100755 index 000000000..3f0fa57da --- /dev/null +++ b/deploy/tls/generate.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +cfssl gencert -initca /code/tls/csr.json | cfssljson -bare ca - +cfssl gencert -config /code/tls/ca-config.json -ca ca.pem -ca-key ca-key.pem -profile server /code/tls/csr.json | cfssljson -bare server +cat server.pem ca.pem >/certs/"${FACILITY:-onprem}"/bundle.pem +mv server-key.pem /certs/"${FACILITY:-onprem}"/server-key.pem +rm -rf ca-key.pem ca.csr ca.pem server.csr server.pem diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile deleted file mode 100644 index 127ad4440..000000000 --- a/deploy/vagrant/Vagrantfile +++ /dev/null @@ -1,74 +0,0 @@ -ENV['VAGRANT_NO_PARALLEL'] = 'yes' - -# Returns true if `GUI` environment variable is set to a non-empty value. -# Defaults to false -def worker_gui_enabled? - ENV.fetch('VAGRANT_WORKER_GUI', '').empty? -end - -Vagrant.configure('2') do |config| - - config.vm.define :provisioner do |provisioner| - provisioner.vm.box = 'generic/ubuntu1804' - provisioner.vm.hostname = 'provisioner' - provisioner.vm.synced_folder './../../', '/vagrant' - provisioner.vm.provision :shell, path: './scripts/tinkerbell.sh' - - provisioner.vm.network :private_network, - virtualbox__intnet: "tink_network", - libvirt__network_name: "tink_network", - libvirt__host_ip: "192.168.1.254", - libvirt__dhcp_enabled: false, - libvirt__forward_mode: 'none', - auto_config: false - - provisioner.vm.network "forwarded_port", guest: 42113, host: 42113 - provisioner.vm.network "forwarded_port", guest: 42114, host: 42114 - - - provisioner.vm.provider :libvirt do |lv, override| - lv.memory = 2*1024 - lv.cpus = 2 - lv.cpu_mode = 'host-passthrough' - end - - provisioner.vm.provider :virtualbox do |vb, override| - vb.memory = 2*1024 - vb.cpus = 2 - end - end - - config.vm.define "worker" do |worker| - worker.vm.box = nil - worker.vm.network :private_network, - mac: "080027000001", - virtualbox__intnet: "tink_network", - libvirt__network_name: "tink_network", - libvirt__dhcp_enabled: false, - libvirt__forward_mode: 'none', - auto_config: false - - worker.vm.provider :libvirt do |lv| - lv.memory = 4*1024 - lv.cpus = 1 - lv.boot 'network' - lv.mgmt_attach = false - end - - worker.vm.provider :virtualbox do |vb, worker| - worker.vm.box = 'generic/alpine38' - vb.memory = 4*1024 - vb.cpus = 1 - vb.gui = worker_gui_enabled? - vb.customize [ - 'modifyvm', :id, - '--nic1', 'none', - '--boot1', 'net', - '--boot2', 'none', - '--boot3', 'none', - '--boot4', 'none', - '--macaddress1', '080027000001' - ] - end - end -end diff --git a/deploy/vagrant/scripts/tinkerbell.sh b/deploy/vagrant/scripts/tinkerbell.sh deleted file mode 100644 index 1308e0243..000000000 --- a/deploy/vagrant/scripts/tinkerbell.sh +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/bash - -# abort this script on errors -set -euxo pipefail - -whoami - -cd /vagrant - -ensure_os_packages_exists() ( - declare -a pkgs=() - for p in "$@"; do - if ! command_exists "$p"; then - pkgs+=("$p") - fi - done - - if ((${#pkgs[@]} == 0)); then - return - fi - - sudo apt-get update - sudo apt-get install -y "${pkgs[@]}" -) - -ensure_docker_exists() ( - if command_exists docker; then - return - fi - - # steps from https://docs.docker.com/engine/install/ubuntu/ - - ensure_os_packages_exists \ - apt-transport-https \ - ca-certificates \ - gnupg-agent \ - software-properties-common \ - ; - - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | - sudo apt-key add - - - local repo - repo=$( - printf "deb [arch=amd64] https://download.docker.com/linux/ubuntu %s stable" \ - "$(lsb_release -cs)" - ) - sudo add-apt-repository "$repo" - - ensure_os_packages_exists \ - containerd.io \ - docker-ce \ - docker-ce-cli \ - ; -) - -ensure_docker-compose_exists() ( - if command_exists docker-compose; then - return - fi - - # from https://docs.docker.com/compose/install/ - sudo curl -fsSL \ - "https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" \ - -o /usr/local/bin/docker-compose - - sudo chmod +x /usr/local/bin/docker-compose -) - -make_certs_writable() ( - local certdir="/etc/docker/certs.d/$TINKERBELL_HOST_IP" - sudo mkdir -p "$certdir" - sudo chown -R "$USER" "$certdir" -) - -secure_certs() ( - local certdir="/etc/docker/certs.d/$TINKERBELL_HOST_IP" - sudo chown "root" "$certdir" -) - -command_exists() ( - command -v "$@" >/dev/null 2>&1 -) - -configure_vagrant_user() ( - sudo usermod -aG docker vagrant - - echo -n "$TINKERBELL_REGISTRY_PASSWORD" | - sudo -iu vagrant docker login \ - --username="$TINKERBELL_REGISTRY_USERNAME" \ - --password-stdin "$TINKERBELL_HOST_IP" -) - -main() ( - export DEBIAN_FRONTEND=noninteractive - - ensure_os_packages_exists curl jq - ensure_docker_exists - ensure_docker-compose_exists - - if [ ! -f ./.env ]; then - ./generate-env.sh eth1 >.env - fi - - # shellcheck disable=SC1091 - . ./.env - - make_certs_writable - - ./setup.sh - - secure_certs - - configure_vagrant_user - -) - -main diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 000000000..4d750f54c --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,107 @@ +version: "3.8" +services: + tls-gen: + image: cfssl/cfssl + entrypoint: /bin/bash + command: + - /code/tls/generate.sh + environment: + FACILITY: ${FACILITY:-onprem} + volumes: + - ${PWD}/deploy:/code + - certs:/certs/${FACILITY:-onprem}:rw + + tinkerbell: + build: + context: ./cmd/tink-server/ + dockerfile: Dockerfile + restart: unless-stopped + environment: + FACILITY: ${FACILITY:-onprem} + PACKET_ENV: ${PACKET_ENV:-testing} + PACKET_VERSION: ${PACKET_VERSION:-ignored} + ROLLBAR_TOKEN: ${ROLLBAR_TOKEN:-ignored} + ROLLBAR_DISABLE: ${ROLLBAR_DISABLE:-1} + PGDATABASE: tinkerbell + PGHOST: db + PGPASSWORD: tinkerbell + PGPORT: 5432 + PGSSLMODE: disable + PGUSER: tinkerbell + TINKERBELL_GRPC_AUTHORITY: :42113 + TINKERBELL_HTTP_AUTHORITY: :42114 + TINK_AUTH_USERNAME: ${TINKERBELL_TINK_USERNAME} + TINK_AUTH_PASSWORD: ${TINKERBELL_TINK_PASSWORD} + depends_on: + tink-server-migration: + condition: service_started + db: + condition: service_healthy + tls-gen: + condition: service_started + volumes: + - certs:/certs/${FACILITY:-onprem}:rw + healthcheck: + test: ["CMD-SHELL", "wget -qO- 127.0.0.1:42114/cert"] # port needs to match TINKERBELL_HTTP_AUTHORITY + interval: 5s + timeout: 2s + retries: 3 + ports: + - 42113:42113/tcp + - 42114:42114/tcp + + tink-server-migration: + image: quay.io/tinkerbell/tink:latest + restart: on-failure + environment: + ONLY_MIGRATION: "true" + FACILITY: ${FACILITY:-onprem} + PGDATABASE: tinkerbell + PGHOST: db + PGPASSWORD: tinkerbell + PGPORT: 5432 + PGSSLMODE: disable + PGUSER: tinkerbell + TINKERBELL_GRPC_AUTHORITY: :42113 + TINKERBELL_HTTP_AUTHORITY: :42114 + TINK_AUTH_USERNAME: ${TINKERBELL_TINK_USERNAME} + TINK_AUTH_PASSWORD: ${TINKERBELL_TINK_PASSWORD} + depends_on: + db: + condition: service_healthy + + db: + image: postgres:10-alpine + restart: unless-stopped + environment: + POSTGRES_DB: tinkerbell + POSTGRES_PASSWORD: tinkerbell + POSTGRES_USER: tinkerbell + volumes: + - postgres_data:/var/lib/postgresql/data:rw + ports: + - 5432:5432 + healthcheck: + test: ["CMD-SHELL", "pg_isready -U tinkerbell"] + interval: 1s + timeout: 1s + retries: 30 + + tink-cli: + build: + context: ./cmd/tink-cli/ + dockerfile: Dockerfile + restart: unless-stopped + environment: + TINKERBELL_GRPC_AUTHORITY: tinkerbell:42113 + TINKERBELL_CERT_URL: http://tinkerbell:42114/cert + depends_on: + tinkerbell: + condition: service_healthy + db: + condition: service_healthy + +volumes: + postgres_data: + certs: + diff --git a/rules.mk b/rules.mk index ce771d0b3..c3d0c1fe4 100644 --- a/rules.mk +++ b/rules.mk @@ -45,6 +45,9 @@ tink-server-image: cmd/tink-server/tink-server-linux-amd64 tink-worker-image: cmd/tink-worker/tink-worker-linux-amd64 docker build -t tink-worker cmd/tink-worker/ +run-stack: + docker-compose up --build + protos/gen_mock: go generate ./protos/**/* goimports -w ./protos/**/mock.go From 8ea8a0e511be9edde0b608cc7babd3bbe000f281 Mon Sep 17 00:00:00 2001 From: Moath Qasim Date: Mon, 5 Jul 2021 08:59:47 +0300 Subject: [PATCH 5/5] fix getWorkerID when mac addresses have captalized letters (#486) * fix getWorkerID when mac addresses have captalized letters Signed-off-by: Moath Qasim * add test case for lowered case mac addresses for hardwares Signed-off-by: Moath Qasim Co-authored-by: Gaurav Gahlot --- db/testdata/hardware_2.json | 69 +++++++++++++++++++++++++++++++++++++ db/workflow.go | 4 +-- db/workflow_test.go | 27 +++++++++++++++ 3 files changed, 98 insertions(+), 2 deletions(-) create mode 100644 db/testdata/hardware_2.json diff --git a/db/testdata/hardware_2.json b/db/testdata/hardware_2.json new file mode 100644 index 000000000..13dd973c5 --- /dev/null +++ b/db/testdata/hardware_2.json @@ -0,0 +1,69 @@ +{ + "metadata": { + "state": "provisioning", + "manufacturer": {}, + "instance": { + "operating_system_version": { + "distro": "ubuntu", + "version": "18.04", + "os_slug": "ubuntu_18_04" + }, + "crypted_root_password": "$6$xyz$/pdZy4hazXmqu1t0TACitLlKZPD4bFyRUw6ycXiOTdf4kcnkmpgmtg9zUpEE8rG9KtOWwX7kp1Gl96NCGbDk60", + "storage": { + "disks": [ + { + "device": "/dev/sda", + "wipe_table": true, + "partitions": [ + { "label": "BIOS", "number": 1, "size": 4096 }, + { "label": "SWAP", "number": 2, "size": 3993600 }, + { "label": "ROOT", "number": 3, "size": 15993600 } + ] + } + ], + "filesystems": [ + { + "mount": { + "device": "/dev/sda3", + "format": "ext4", + "create": { "options": ["-L", "ROOT"] }, + "point": "/" + } + }, + { + "mount": { + "device": "/dev/sda2", + "format": "swap", + "create": { "options": ["-L", "SWAP"] }, + "point": "none" + } + } + ] + } + }, + "facility": { "plan_slug": "c2.medium.x86", "facility_code": "onprem" } + }, + "network": { + "interfaces": [ + { + "dhcp": { + "mac": "ae:fb:27:a1:c4:02", + "hostname": "server002", + "lease_time": 86400, + "arch": "x86_64", + "ip": { + "address": "192.168.1.6", + "netmask": "255.255.255.248", + "gateway": "192.168.1.1" + } + }, + "netboot": { + "allow_pxe": true, + "allow_workflow": true, + "osie": { "kernel": "vmlinuz-x86_64" } + } + } + ] + }, + "id": "0eba0bf8-3772-4b4a-ab9f-6ebe93b90a96" +} diff --git a/db/workflow.go b/db/workflow.go index 6474d3a20..fa470cd5a 100644 --- a/db/workflow.go +++ b/db/workflow.go @@ -762,7 +762,7 @@ func getWorkerIDbyIP(ctx context.Context, db *sql.DB, ip string) (string, error) } func getWorkerID(ctx context.Context, db *sql.DB, addr string) (string, error) { - _, err := net.ParseMAC(addr) + parsedMAC, err := net.ParseMAC(addr) if err != nil { ip := net.ParseIP(addr) if ip == nil || ip.To4() == nil { @@ -772,7 +772,7 @@ func getWorkerID(ctx context.Context, db *sql.DB, addr string) (string, error) { return id, errors.WithMessage(err, "no worker found") } - id, err := getWorkerIDbyMac(ctx, db, addr) + id, err := getWorkerIDbyMac(ctx, db, parsedMAC.String()) return id, errors.WithMessage(err, "no worker found") } diff --git a/db/workflow_test.go b/db/workflow_test.go index 259e5499c..ca042a164 100644 --- a/db/workflow_test.go +++ b/db/workflow_test.go @@ -66,6 +66,33 @@ func TestCreateWorkflow(t *testing.T) { } }, }, + { + Name: "create-single-workflow-with-upper-case-worker-address", + Input: &input{ + workflowCount: 1, + devices: "{\"device_1\":\"AE:FB:27:a1:C4:02\"}", + hardware: readHardwareData("./testdata/hardware_2.json"), + template: func() *workflow.Workflow { + tmp := workflow.MustParseFromFile("./testdata/template_happy_path_1.yaml") + tmp.ID = uuid.New().String() + tmp.Name = fmt.Sprintf("id_%d", rand.Int()) + return tmp + }(), + }, + Expectation: func(t *testing.T, in *input, tinkDB *db.TinkDB) { + count := 0 + err := tinkDB.ListWorkflows(func(wf db.Workflow) error { + count = count + 1 + return nil + }) + if err != nil { + t.Error(err) + } + if count != in.workflowCount { + t.Errorf("expected %d workflows stored in the database but we got %d", in.workflowCount, count) + } + }, + }, { Name: "create-fails-invalid-worker-address", Input: &input{