Revert MakeSecureFSOnDisk to MakeFSOnDisk
The reason to this is because MakeSecureFSOnDisk is not consistent between OS. Signed-off-by: Soule BA <soule@weave.works>
This commit is contained in:
Soule BA
4
go.mod
4
go.mod
@@ -2,6 +2,8 @@ module github.com/fluxcd/flux2
|
||||
|
||||
go 1.18
|
||||
|
||||
replace github.com/fluxcd/pkg/kustomize => github.com/souleb/pkg/kustomize v0.0.0-20221114164450-c3ad651f477b
|
||||
|
||||
require (
|
||||
github.com/Masterminds/semver/v3 v3.1.1
|
||||
github.com/ProtonMail/go-crypto v0.0.0-20220930113650-c6815a8c17ad
|
||||
@@ -98,7 +100,7 @@ require (
|
||||
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
|
||||
github.com/docker/go-metrics v0.0.1 // indirect
|
||||
github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 // indirect
|
||||
github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 // indirect
|
||||
github.com/drone/envsubst v1.0.3 // indirect
|
||||
github.com/emicklei/go-restful/v3 v3.8.0 // indirect
|
||||
github.com/emirpasic/gods v1.12.0 // indirect
|
||||
github.com/evanphx/json-patch v4.12.0+incompatible // indirect
|
||||
|
||||
9
go.sum
9
go.sum
@@ -171,8 +171,8 @@ github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHz
|
||||
github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4=
|
||||
github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE=
|
||||
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
|
||||
github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 h1:7QPwrLT79GlD5sizHf27aoY2RTvw62mO6x7mxkScNk0=
|
||||
github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46/go.mod h1:esf2rsHFNlZlxsqsZDojNBcnNs5REqIvRrWRHqX0vEU=
|
||||
github.com/drone/envsubst v1.0.3 h1:PCIBwNDYjs50AsLZPYdfhSATKaRg/FJmDc2D6+C2x8g=
|
||||
github.com/drone/envsubst v1.0.3/go.mod h1:N2jZmlMufstn1KEqvbHjw40h1KyTmnVzHcSc9bFiJ2g=
|
||||
github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc=
|
||||
github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw=
|
||||
github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
|
||||
@@ -216,8 +216,6 @@ github.com/fluxcd/pkg/apis/kustomize v0.6.0 h1:Afxv3Uv+xiuettzqm3sP0ceWikDZTfHdH
|
||||
github.com/fluxcd/pkg/apis/kustomize v0.6.0/go.mod h1:iY0zSpK6eUiPfNt/yR6g0q/wQP+wH+Ax/L7KBOx5x2M=
|
||||
github.com/fluxcd/pkg/apis/meta v0.17.0 h1:Y2dfo1syHZDb9Mexjr2SWdcj1FnxnRXm015hEnhl6wU=
|
||||
github.com/fluxcd/pkg/apis/meta v0.17.0/go.mod h1:GrOVzWXiu22XjLNgLLe2EBYhQPqZetes5SIADb4bmHE=
|
||||
github.com/fluxcd/pkg/kustomize v0.8.0 h1:8AdEvp6y38ISZzoi0H82Si5zkmLXClbeX10W7HevB00=
|
||||
github.com/fluxcd/pkg/kustomize v0.8.0/go.mod h1:zGtCZF6V3hMWcf46SqrQc10fS9yUlKzi2UcFUeabDAE=
|
||||
github.com/fluxcd/pkg/oci v0.14.0 h1:KwjOf2OSB1bZvNEwDfp+FbOrK0fMcSYA01AJEc671mQ=
|
||||
github.com/fluxcd/pkg/oci v0.14.0/go.mod h1:TH7ru7YlX5L3xihbdnIgYVWXsOqrYcJIci/Mq4MgWbo=
|
||||
github.com/fluxcd/pkg/runtime v0.22.0 h1:4YV/An41b+OGdSWDogwFfHr22CEE/in+lBLEK0fr1yc=
|
||||
@@ -532,6 +530,7 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
|
||||
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
|
||||
github.com/opencontainers/image-spec v1.1.0-rc2 h1:2zx/Stx4Wc5pIPDvIxHXvXtQFW/7XWJGmnM7r3wg034=
|
||||
github.com/opencontainers/image-spec v1.1.0-rc2/go.mod h1:3OVijpioIKYWTqjiG0zfF6wvoJ4fAXGbjdZuI2NgsRQ=
|
||||
github.com/otiai10/copy v1.7.0 h1:hVoPiN+t+7d2nzzwMiDHPSOogsWAStewq3TwU05+clE=
|
||||
github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
|
||||
github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
|
||||
github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI=
|
||||
@@ -593,6 +592,8 @@ github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrf
|
||||
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
|
||||
github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
|
||||
github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
|
||||
github.com/souleb/pkg/kustomize v0.0.0-20221114164450-c3ad651f477b h1:JlaF96cEGlAxdW7NYi8ON398wR2xtrJkRUAAHFCTh0w=
|
||||
github.com/souleb/pkg/kustomize v0.0.0-20221114164450-c3ad651f477b/go.mod h1:rXQcYjvqqS+9oCOA2J/w7KTnwNhdwDCeW4mE5zQRjN4=
|
||||
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
||||
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
|
||||
github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI=
|
||||
|
||||
@@ -42,8 +42,8 @@ import (
|
||||
|
||||
kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta2"
|
||||
"github.com/fluxcd/pkg/kustomize"
|
||||
"github.com/fluxcd/pkg/kustomize/filesys"
|
||||
runclient "github.com/fluxcd/pkg/runtime/client"
|
||||
"sigs.k8s.io/kustomize/kyaml/filesys"
|
||||
|
||||
"github.com/fluxcd/flux2/internal/utils"
|
||||
)
|
||||
@@ -188,7 +188,7 @@ func (b *Builder) build() (m resmap.ResMap, err error) {
|
||||
defer cancel()
|
||||
|
||||
// Get the kustomization object
|
||||
k := &kustomizev1.Kustomization{}
|
||||
var k *kustomizev1.Kustomization
|
||||
if b.kustomizationFile != "" {
|
||||
k, err = b.unMarshallKustomization()
|
||||
if err != nil {
|
||||
@@ -273,7 +273,7 @@ func (b *Builder) generate(kustomization kustomizev1.Kustomization, dirPath stri
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
gen := kustomize.NewGenerator(unstructured.Unstructured{Object: data})
|
||||
gen := kustomize.NewGenerator("", unstructured.Unstructured{Object: data})
|
||||
|
||||
// acuire the lock
|
||||
b.mu.Lock()
|
||||
@@ -283,17 +283,13 @@ func (b *Builder) generate(kustomization kustomizev1.Kustomization, dirPath stri
|
||||
}
|
||||
|
||||
func (b *Builder) do(ctx context.Context, kustomization kustomizev1.Kustomization, dirPath string) (resmap.ResMap, error) {
|
||||
// TODO(hidde): provide option to enforce FS boundaries of local build
|
||||
fs, err := filesys.MakeFsOnDiskSecureBuild("/")
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("kustomization build failed: %w", err)
|
||||
}
|
||||
fs := filesys.MakeFsOnDisk()
|
||||
|
||||
// acuire the lock
|
||||
b.mu.Lock()
|
||||
defer b.mu.Unlock()
|
||||
|
||||
m, err := kustomize.BuildKustomization(fs, dirPath)
|
||||
m, err := kustomize.Build(fs, dirPath)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("kustomize build failed: %w", err)
|
||||
}
|
||||
@@ -305,7 +301,7 @@ func (b *Builder) do(ctx context.Context, kustomization kustomizev1.Kustomizatio
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
outRes, err := kustomize.SubstituteVariables(ctx, b.client, unstructured.Unstructured{Object: data}, res)
|
||||
outRes, err := kustomize.SubstituteVariables(ctx, b.client, unstructured.Unstructured{Object: data}, res, false)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("var substitution failed for '%s': %w", res.GetName(), err)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user