fix paths w shortcuts when copying from pods #65189
Conversation
k8s-ci-robot
added
release-note
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
from
c00442d
to
212804e
Compare
k8s-ci-robot
added
size/M
k8s-ci-robot
added
lgtm
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
This addresses a panic that occurs when a user attempts to copy from a pod, specifying a relative path containing The panic was happening here due to the prefix being longer than the |
pkg/kubectl/cmd/cp.go
Outdated
| @@ -299,6 +299,7 @@ func (o *CopyOptions) copyFromPod(src, dest fileSpec) error { | |||
| // stripPathShortcuts removes any leading or trailing "../" from a given path | |||
| func stripPathShortcuts(p string) string { | |||
| newPath := path.Clean(p) | |||
| newPath = strings.TrimLeft(p, "../") | |||
There was a problem hiding this comment.
TrimLeft is not correct here. I think you meant TrimPrefix. TrimLeft removes all "/" and "." characters from the front of the string. It would turn ".../.../.../test" into "test"
There was a problem hiding this comment.
Updated to use strings.TrimPrefix(). Since that method only trims the first instance, I kept the call to path.Clean() above (to first resolve cases where "../foo/../foo/bar/" is given), then remove any remaining instances of "../" that occur as a prefix
pkg/kubectl/cmd/cp_test.go
Outdated
| @@ -113,10 +113,14 @@ func TestGetPrefix(t *testing.T) { | |||
| }{ | |||
| { | |||
| input: "/foo/bar", | |||
| expected: "foo/bar", | |||
There was a problem hiding this comment.
this is a pretty different result, and doesn't involve any backsteps in the path... why did this change?
pkg/kubectl/cmd/cp.go
Outdated
|
|
||
| lastIdx := -1 | ||
| for i := len(segs) - 1; i > 0; i-- { | ||
| if len(segs[i]) == 0 { |
There was a problem hiding this comment.
can you describe the purpose of this function, and of this change?
There was a problem hiding this comment.
it modified the remote path to just return the prefix without the filename, i.e. for a string "foo/bar/baz.exe" it returned "foo/bar/". I realize this changes existing behavior, particularly when attempting to copy a remote file under a different filename locally (copying remote file "/foo/bar/baz" to local file "buz" would now just create a directory "buz" and place file "baz" in it). Will undo this change
|
this should not be merged as-is. it looks like this was already picked to 1.11 and merged... we should probably revert it and wait until this is ready to reintroduce. the issue this is fixing was not a regression in 1.11, correct? |
Okay
Not a regression - just a bug that had not been caught yet |
|
thanks. can you open the revert against the 1.11 branch and tag sig-release and sig-cli on it? |
…uts when copying from pods"
|
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
from
212804e
to
1fa3f3e
Compare
k8s-ci-robot
removed
the
lgtm
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
from
1fa3f3e
to
33dcfbc
Compare
|
@liggitt thanks, comments addressed |
k8s-ci-robot
added
the
size/L
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
from
122dfa5
to
c37010f
Compare
k8s-ci-robot
removed
the
approved
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
2 times, most recently
from
caf5bd8
to
05c25da
Compare
|
/test pull-kubernetes-e2e-gce |
|
@liggitt friendly ping |
pkg/kubectl/cmd/cp.go
Outdated
| } | ||
|
|
||
| // trim leftover ".." | ||
| newPath = strings.TrimPrefix(newPath, "..") |
There was a problem hiding this comment.
won't this incorrectly remove ".." from "...foo"?
There was a problem hiding this comment.
add a testcase for a path containing three leading dots, since that has cropped up a few times as a mishandled case
test/e2e/kubectl/kubectl.go
Outdated
| Testname: Kubectl, copy | ||
| Description: When a Pod is running, copy a known file from it to a temporary local destination. | ||
| */ | ||
| framework.ConformanceIt("should copy a file from a running Pod ", func() { |
There was a problem hiding this comment.
I'm not convinced this should be a conformance test. let's start with it as a normal e2e, and deal with promotion to conformance as an optional follow-up
test/e2e/kubectl/kubectl.go
Outdated
| @@ -1046,6 +1048,46 @@ metadata: | |||
| }) | |||
| }) | |||
|
|
|||
| framework.KubeDescribe("Kubectl copy", func() { | |||
| podYaml := substituteImageName(string(readTestFileOrDie("busybox-pod.yaml.in"))) | |||
There was a problem hiding this comment.
just name this file ....yaml (no .in suffix) if it is a valid yaml file that can be created directly
|
@juanvallejo I see the comments from Jordan are still not addressed, |
k8s-ci-robot
added
the
needs-rebase
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
from
05c25da
to
f8bf95b
Compare
k8s-ci-robot
added
approved
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
2 times, most recently
from
b73cea9
to
3f7c7ae
Compare
Addresses an issue where copying from a remote location containing path shortcuts (podName:../../../tmp/foo) causes an index out of range panic.
juanvallejo
force-pushed
the
jvallejo/path-fixes-cmd-copy
branch
from
3f7c7ae
to
e55a28d
Compare
k8s-ci-robot
added
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: juanvallejo, soltysh The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Addresses an issue where copying from a remote location containing path
shortcuts (podName:../../../tmp/foo) causes an index out of range panic.
Release note:
cc @soltysh