From 4e4e3f3fd3152c5e348e2308d579f51cb210f81e Mon Sep 17 00:00:00 2001 From: Aravind K P Date: Fri, 6 Nov 2020 19:39:53 +0530 Subject: [PATCH] cli (cli-migrations image): fix problems running cli-migrations-v2 image as a non root user (close #4651 close #5333) (#5306) https://github.com/hasura/graphql-engine/pull/5306 --- CHANGELOG.md | 1 + cli/plugins/scanner.go | 10 +++++++ cli/plugins/types.go | 2 +- scripts/cli-migrations/Makefile | 6 ++-- scripts/cli-migrations/v2/Dockerfile | 8 ++--- .../cli-migrations/v2/docker-entrypoint.sh | 7 ++++- .../v2/prepare_docker_context.sh | 29 +++++++++++++++++++ 7 files changed, 53 insertions(+), 10 deletions(-) create mode 100755 scripts/cli-migrations/v2/prepare_docker_context.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index b75e60cc06c..745ed8101d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -104,6 +104,7 @@ This release contains the [PDV refactor (#4111)](https://github.com/hasura/graph ### Bug fixes and improvements (Add entries here in the order of: server, console, cli, docs, others) +- cli: fix cli-migrations-v2 image failing to run as a non root user (close #4651, close #5333) - server: Fix fine-grained incremental cache invalidation (fix #3759) diff --git a/cli/plugins/scanner.go b/cli/plugins/scanner.go index 255d928375a..d807d415fac 100644 --- a/cli/plugins/scanner.go +++ b/cli/plugins/scanner.go @@ -19,16 +19,24 @@ import ( ) func (c *Config) findPluginManifestFiles(indexDir string) ([]string, error) { + c.Logger.Debugf("finding plugin manifest files in directory %v", indexDir) var out []string fs := afero.Afero{ Fs: afero.NewOsFs(), } fs.Walk(indexDir, func(path string, info os.FileInfo, err error) error { + if info == nil { + if err != nil { + return err + } + return nil + } if info.Mode().IsRegular() && filepath.Ext(info.Name()) == paths.ManifestExtension { out = append(out, path) } return nil }) + return out, nil } @@ -50,6 +58,7 @@ func (c *Config) LoadPluginListFromFS(indexDir string) (Plugins, error) { // LoadPluginByName loads a plugins index file by its name. When plugin // file not found, it returns an error that can be checked with os.IsNotExist. func (c *Config) LoadPluginByName(pluginName string) (*PluginVersions, error) { + c.Logger.Debugf("loading plugin %s", pluginName) if !IsSafePluginName(pluginName) { return nil, errors.Errorf("plugin name %q not allowed", pluginName) } @@ -68,6 +77,7 @@ func (c *Config) LoadPluginByName(pluginName string) (*PluginVersions, error) { } func (c *Config) LoadPlugins(files []string, pluginName ...string) Plugins { + c.Logger.Debugf("loading plugins") ps := Plugins{} for _, file := range files { p, err := c.ReadPluginFromFile(file) diff --git a/cli/plugins/types.go b/cli/plugins/types.go index 3571177d3c3..f116311cf2d 100644 --- a/cli/plugins/types.go +++ b/cli/plugins/types.go @@ -99,7 +99,7 @@ type Plugin struct { func (p *Plugin) ParseVersion() { v, err := semver.NewVersion(p.Version) if err != nil { - p.ParsedVersion = nil + p.ParsedVersion = semver.MustParse("0.0.0-dev") return } p.ParsedVersion = v diff --git a/scripts/cli-migrations/Makefile b/scripts/cli-migrations/Makefile index c71ff68e067..a96c99ed383 100644 --- a/scripts/cli-migrations/Makefile +++ b/scripts/cli-migrations/Makefile @@ -5,7 +5,6 @@ BUILD_DIR ?= /build BINARY ?= $(BUILD_DIR)/_cli_output/binaries/cli-hasura-linux-amd64 IMAGE_TAG ?= cli-migrations BUILD_OUTPUT ?= $(BUILD_DIR)/_cli_migrations_output -CLI_EXT_MANIFEST_FILE ?= $(BUILD_DIR)/_cli_ext_output/manifest-dev.yaml SERVER_BUILD_OUTPUT := $(BUILD_DIR)/_server_output .PHONY: load-server-image @@ -30,8 +29,7 @@ test-cli-migrations-v1: .ONESHELL: build-cli-migrations-v2: cd v2 - cp ${BINARY} . - cp ${CLI_EXT_MANIFEST_FILE} manifest.yaml + ./prepare_docker_context.sh docker build -t '${IMAGE_TAG}-v2' . docker save -o '$(BUILD_OUTPUT)/v2.tar' '$(IMAGE_TAG)-v2' @@ -43,4 +41,4 @@ test-cli-migrations-v2: ./test-upgrade-from-latest-release.sh .PHONY: all -all: load-server-image build-cli-migrations-v1 build-cli-migrations-v2 test-cli-migrations-v1 test-cli-migrations-v2 \ No newline at end of file +all: load-server-image build-cli-migrations-v1 build-cli-migrations-v2 test-cli-migrations-v1 test-cli-migrations-v2 diff --git a/scripts/cli-migrations/v2/Dockerfile b/scripts/cli-migrations/v2/Dockerfile index df3c8fafd67..6c87920fa0f 100644 --- a/scripts/cli-migrations/v2/Dockerfile +++ b/scripts/cli-migrations/v2/Dockerfile @@ -15,10 +15,10 @@ ENV HASURA_GRAPHQL_SHOW_UPDATE_NOTIFICATION=false COPY docker-entrypoint.sh /bin/ COPY cli-hasura-linux-amd64 /bin/hasura-cli -COPY manifest.yaml /tmp/manifest.yaml -RUN chmod +x /bin/hasura-cli \ - && hasura-cli plugins install cli-ext --manifest-file /tmp/manifest.yaml \ - && rm /tmp/manifest.yaml +COPY manifest.yaml /opt/manifest.yaml +COPY cli-ext-hasura-linux.tar.gz /opt/cli-ext/cli-ext-hasura-linux.tar.gz +COPY ./hasura-home-dir-tmpl /opt/hasura-home-directory +RUN chmod +x /bin/hasura-cli # set an env var to let the cli know that # it is running in server environment diff --git a/scripts/cli-migrations/v2/docker-entrypoint.sh b/scripts/cli-migrations/v2/docker-entrypoint.sh index fb41633d301..ad55aa0017f 100755 --- a/scripts/cli-migrations/v2/docker-entrypoint.sh +++ b/scripts/cli-migrations/v2/docker-entrypoint.sh @@ -13,6 +13,11 @@ DEFAULT_MIGRATIONS_DIR="/hasura-migrations" DEFAULT_METADATA_DIR="/hasura-metadata" TEMP_PROJECT_DIR="/tmp/hasura-project" +# install cli-ext plugin +log "installing cli-ext plugin" +hasura-cli plugins install cli-ext --manifest-file /opt/manifest.yaml +cp -r /opt/hasura-home-directory/plugins/index ~/.hasura/plugins/index + # configure the target database for migrations if [ ${HASURA_GRAPHQL_MIGRATIONS_DATABASE_ENV_VAR} ]; then log "migrations-startup" "database url for migrations is set by $HASURA_GRAPHQL_MIGRATIONS_DATABASE_ENV_VAR" @@ -95,7 +100,7 @@ if [ -d "$HASURA_GRAPHQL_METADATA_DIR" ]; then echo "version: 2" > config.yaml echo "endpoint: http://localhost:$HASURA_GRAPHQL_MIGRATIONS_SERVER_PORT" >> config.yaml echo "metadata_directory: metadata" >> config.yaml - hasura-cli metadata apply + hasura-cli metadata apply else log "migrations-apply" "directory $HASURA_GRAPHQL_METADATA_DIR does not exist, skipping metadata" fi diff --git a/scripts/cli-migrations/v2/prepare_docker_context.sh b/scripts/cli-migrations/v2/prepare_docker_context.sh new file mode 100755 index 00000000000..3e3f7844db0 --- /dev/null +++ b/scripts/cli-migrations/v2/prepare_docker_context.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash + +set -evo pipefail + +# check if yq is installed +if ! command -v yq &> /dev/null +then + curl -LO https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_amd64 && chmod +x yq_linux_amd64 && mv yq_linux_amd64 /usr/local/bin/yq +fi + +BUILD_DIR=/build +BINARY=${BUILD_DIR}/_cli_output/binaries/cli-hasura-linux-amd64 +CLI_EXT_BINARY_NAME=cli-ext-hasura-linux.tar.gz +CLI_EXT_LINUX_BINARY_PATH=${BUILD_DIR}/_cli_ext_output/${CLI_EXT_BINARY_NAME} +CLI_EXT_MANIFEST_FILE=${BUILD_DIR}/_cli_ext_output/manifest.yaml +TEMPLATE_CLI_EXT_INDEX_DIR='hasura-home-dir-tmpl/plugins/index/plugins/cli-ext' + +cp ${BINARY} . +# copy linux binary +cp ${CLI_EXT_LINUX_BINARY_PATH} . + +# edit manifest file cli-ext linux uri to file:///opt/cli-ext-hasura-linux.tar.gz +yq write -i ${CLI_EXT_MANIFEST_FILE} "platforms[0].uri" "file:///opt/cli-ext/${CLI_EXT_BINARY_NAME}" +cp ${CLI_EXT_MANIFEST_FILE} manifest.yaml + +# edit hasura home template directory +CLI_EXT_VERSION=$(yq read manifest.yaml version) +mkdir -p ${TEMPLATE_CLI_EXT_INDEX_DIR}/${CLI_EXT_VERSION} +cp manifest.yaml ${TEMPLATE_CLI_EXT_INDEX_DIR}/${CLI_EXT_VERSION}/manifest.yaml