github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use environment varaibles for parameters in Powershell

Browse Source 
As a defense in depth, pass parameters to powershell via environment variables.

Signed-off-by: James Sturtevant <jstur@microsoft.com>
This commit is contained in:
James Sturtevant
2023-07-17 14:24:02 -07:00
committed by Rita Zhang
parent fb785f1f42
commit 2bede058f9
3 changed files with 25 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pkg/volume/util/util.go
View File

@@ -709,11 +709,15 @@ func HasMountRefs(mountPath string, mountRefs []string) bool {
func WriteVolumeCache(deviceMountPath string, exec utilexec.Interface) error { func WriteVolumeCache(deviceMountPath string, exec utilexec.Interface) error {
// If runtime os is windows, execute Write-VolumeCache powershell command on the disk // If runtime os is windows, execute Write-VolumeCache powershell command on the disk
if runtime.GOOS == "windows" { if runtime.GOOS == "windows" {
cmd := fmt.Sprintf("Get-Volume -FilePath %s | Write-Volumecache", deviceMountPath) cmdString := "Get-Volume -FilePath $env:mountpath | Write-Volumecache"
output, err := exec.Command("powershell", "/c", cmd).CombinedOutput() cmd := exec.Command("powershell", "/c", cmdString)
klog.Infof("command (%q) execeuted: %v, output: %q", cmd, err, string(output)) env := append(os.Environ(), fmt.Sprintf("mountpath=%s", deviceMountPath))
cmd.SetEnv(env)
klog.V(8).Infof("Executing command: %q", cmdString)
output, err := cmd.CombinedOutput()
klog.Infof("command (%q) execeuted: %v, output: %q", cmdString, err, string(output))
if err != nil { if err != nil {
return fmt.Errorf("command (%q) failed: %v, output: %q", cmd, err, string(output)) return fmt.Errorf("command (%q) failed: %v, output: %q", cmdString, err, string(output))
} }
} }
// For linux runtime, it skips because unmount will automatically flush disk data // For linux runtime, it skips because unmount will automatically flush disk data

24
staging/src/k8s.io/mount-utils/mount_windows.go
View File

@@ -287,14 +287,20 @@ func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target
fstype = "NTFS" fstype = "NTFS"
} }
// format disk if it is unformatted(raw)
formatOptionsUnwrapped := ""
if len(formatOptions) > 0 { if len(formatOptions) > 0 {
formatOptionsUnwrapped = " " + strings.Join(formatOptions, " ") return fmt.Errorf("diskMount: formatOptions are not supported on Windows")
} }
cmd := fmt.Sprintf("Get-Disk -Number %s | Where partitionstyle -eq 'raw' | Initialize-Disk -PartitionStyle GPT -PassThru"+
" | New-Partition -UseMaximumSize | Format-Volume -FileSystem %s -Confirm:$false%s", source, fstype, formatOptionsUnwrapped) cmdString := "Get-Disk -Number $env:source | Where partitionstyle -eq 'raw' | Initialize-Disk -PartitionStyle GPT -PassThru" +
if output, err := mounter.Exec.Command("powershell", "/c", cmd).CombinedOutput(); err != nil { " | New-Partition -UseMaximumSize | Format-Volume -FileSystem $env:fstype -Confirm:$false"
cmd := mounter.Exec.Command("powershell", "/c", cmdString)
env := append(os.Environ(),
fmt.Sprintf("source=%s", source),
fmt.Sprintf("fstype=%s", fstype),
)
cmd.SetEnv(env)
klog.V(8).Infof("Executing command: %q", cmdString)
if output, err := cmd.CombinedOutput(); err != nil {
return fmt.Errorf("diskMount: format disk failed, error: %v, output: %q", err, string(output)) return fmt.Errorf("diskMount: format disk failed, error: %v, output: %q", err, string(output))
} }
klog.V(4).Infof("diskMount: Disk successfully formatted, disk: %q, fstype: %q", source, fstype) klog.V(4).Infof("diskMount: Disk successfully formatted, disk: %q, fstype: %q", source, fstype)
@@ -310,8 +316,10 @@ func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target
// ListVolumesOnDisk - returns back list of volumes(volumeIDs) in the disk (requested in diskID). // ListVolumesOnDisk - returns back list of volumes(volumeIDs) in the disk (requested in diskID).
func ListVolumesOnDisk(diskID string) (volumeIDs []string, err error) { func ListVolumesOnDisk(diskID string) (volumeIDs []string, err error) {
// If a Disk has multiple volumes, Get-Volume may not return items in the same order. // If a Disk has multiple volumes, Get-Volume may not return items in the same order.
cmd := fmt.Sprintf("(Get-Disk -DeviceId %s | Get-Partition | Get-Volume | Sort-Object -Property UniqueId).UniqueId", diskID) cmd := exec.Command("powershell", "/c", "(Get-Disk -DeviceId $env:diskID | Get-Partition | Get-Volume | Sort-Object -Property UniqueId).UniqueId")
output, err := exec.Command("powershell", "/c", cmd).CombinedOutput() cmd.Env = append(os.Environ(), fmt.Sprintf("diskID=%s", diskID))
klog.V(8).Infof("Executing command: %q", cmd.String())
output, err := cmd.CombinedOutput()
klog.V(4).Infof("ListVolumesOnDisk id from %s: %s", diskID, string(output)) klog.V(4).Infof("ListVolumesOnDisk id from %s: %s", diskID, string(output))
if err != nil { if err != nil {
return []string{}, fmt.Errorf("error list volumes on disk. cmd: %s, output: %s, error: %v", cmd, string(output), err) return []string{}, fmt.Errorf("error list volumes on disk. cmd: %s, output: %s, error: %v", cmd, string(output), err)

2
staging/src/k8s.io/mount-utils/mount_windows_test.go
View File

@@ -275,7 +275,7 @@ func TestFormatAndMount(t *testing.T) {
Exec: fakeExec, Exec: fakeExec,
} }
target := filepath.Join(t.TempDir(), test.target) target := filepath.Join(t.TempDir(), test.target)
err = mounter.FormatAndMount(test.device, target, test.fstype, test.mountOptions) err := mounter.FormatAndMount(test.device, target, test.fstype, test.mountOptions)
if test.expectError { if test.expectError {
assert.NotNil(t, err, "Expect error during FormatAndMount(%s, %s, %s, %v)", test.device, test.target, test.fstype, test.mountOptions) assert.NotNil(t, err, "Expect error during FormatAndMount(%s, %s, %s, %v)", test.device, test.target, test.fstype, test.mountOptions)
} else { } else {