Compare commits
40 Commits
e6bd7ac854
...
290d2963b2
| Author | SHA1 | Date | |
|---|---|---|---|
| 290d2963b2 | |||
| 391420e417 | |||
| 3f93598156 | |||
| 98d891d3b4 | |||
| 8e97bdbe0e | |||
| de05180ba2 | |||
| 5fbbe548cf | |||
| 1cf40a0b94 | |||
| 5c5bb26deb | |||
| 58b02237c2 | |||
| ae3dec359b | |||
| 5891f44efb | |||
| c3e2e8cde6 | |||
| 4cc7df1031 | |||
| a143034689 | |||
| dfc1e83c50 | |||
| e7694c1bda | |||
| f0d0e3ec70 | |||
| 9af0dd87fd | |||
| 6dea641f6a | |||
| 5119552186 | |||
| 1c8287e04b | |||
| 31f660da3f | |||
| e1a7b42807 | |||
| 76584ef475 | |||
| 2252dfaf37 | |||
| d033e75782 | |||
| fff38115c4 | |||
| df0cc997cf | |||
| baf2964a09 | |||
| 7300def6dc | |||
| b8a102bd0b | |||
| a39f2139df | |||
| 5eff31c336 | |||
| 0eaaf6d577 | |||
| a02f8e4dea | |||
| 90356554a8 | |||
| e9f5ecddd5 | |||
| 05cb9ad33d | |||
| dfa8c1ccb6 |
1229
Cargo.lock
generated
1229
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
24
Cargo.toml
24
Cargo.toml
@@ -6,17 +6,17 @@ edition = "2021"
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[dependencies]
|
||||
log = "0.4.20"
|
||||
env_logger = "0.10.0"
|
||||
anyhow = "1.0.75"
|
||||
serde = { version = "1.0.185", features = ["derive"] }
|
||||
serde_json = "1.0.105"
|
||||
schemars = "0.8.16"
|
||||
tokio = { version = "1.34.0", features = ["full"] }
|
||||
kube = { version = "0.85.0", features = ["runtime", "derive"] }
|
||||
k8s-openapi = { version = "0.19.0", features = ["v1_27"] }
|
||||
futures = "0.3.29"
|
||||
thiserror = "1.0.49"
|
||||
log = "0.4.21"
|
||||
env_logger = "0.11.3"
|
||||
anyhow = "1.0.82"
|
||||
serde = { version = "1.0.198", features = ["derive"] }
|
||||
serde_json = "1.0.115"
|
||||
schemars = "0.8.17"
|
||||
tokio = { version = "1.37.0", features = ["full"] }
|
||||
kube = { version = "0.90.0", features = ["runtime", "derive"] }
|
||||
k8s-openapi = { version = "0.21.1", features = ["v1_29"] }
|
||||
futures = "0.3.30"
|
||||
thiserror = "1.0.59"
|
||||
rand = "0.8.5"
|
||||
mktemp = "0.5.1"
|
||||
reqwest = "0.11.20"
|
||||
reqwest = "0.12.3"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
FROM debian:bullseye-slim
|
||||
FROM debian:bookworm-slim
|
||||
|
||||
COPY minio-operator /usr/local/bin/minio-operator
|
||||
COPY mc /usr/local/bin/mc
|
||||
|
||||
@@ -4,4 +4,5 @@ pub mod minio;
|
||||
#[cfg(test)]
|
||||
pub mod minio_test_server;
|
||||
pub mod secrets;
|
||||
pub mod temp;
|
||||
pub mod utils;
|
||||
|
||||
23
src/minio.rs
23
src/minio.rs
@@ -5,6 +5,7 @@ use serde::Deserialize;
|
||||
|
||||
use crate::constants::{MC_EXE, SECRET_MINIO_BUCKET_ACCESS_LEN, SECRET_MINIO_BUCKET_SECRET_LEN};
|
||||
use crate::crd::{BucketRetention, MinioBucketSpec, RetentionType};
|
||||
use crate::temp;
|
||||
use crate::utils::rand_str;
|
||||
|
||||
const MC_ALIAS_NAME: &str = "managedminioinst";
|
||||
@@ -173,7 +174,7 @@ impl MinioService {
|
||||
{
|
||||
log::debug!("exec_mc_cmd with args {:?}", args);
|
||||
|
||||
let conf_dir = mktemp::Temp::new_dir()?;
|
||||
let conf_dir = temp::create_temp_dir()?;
|
||||
let global_flags = ["--config-dir", conf_dir.to_str().unwrap(), "--json"];
|
||||
|
||||
// First, set our alias to mc in a temporary directory
|
||||
@@ -261,7 +262,7 @@ impl MinioService {
|
||||
}
|
||||
|
||||
let res = self.exec_mc_cmd::<BasicMinioResult>(&args).await?;
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::MakeBucketFailed.into());
|
||||
}
|
||||
|
||||
@@ -292,7 +293,7 @@ impl MinioService {
|
||||
])
|
||||
.await?;
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::SetQuotaFailed.into());
|
||||
}
|
||||
Ok(())
|
||||
@@ -330,7 +331,7 @@ impl MinioService {
|
||||
])
|
||||
.await?;
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::SetAnonymousAcccessFailed.into());
|
||||
}
|
||||
|
||||
@@ -367,7 +368,7 @@ impl MinioService {
|
||||
.await?
|
||||
};
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::SetQuotaFailed.into());
|
||||
}
|
||||
Ok(())
|
||||
@@ -415,7 +416,7 @@ impl MinioService {
|
||||
.await?
|
||||
};
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::SetRetentionFailed.into());
|
||||
}
|
||||
|
||||
@@ -458,7 +459,7 @@ impl MinioService {
|
||||
|
||||
/// Apply a bucket policy
|
||||
pub async fn policy_apply(&self, name: &str, content: &str) -> anyhow::Result<()> {
|
||||
let tmp_file = mktemp::Temp::new_file()?;
|
||||
let tmp_file = temp::create_temp_file()?;
|
||||
std::fs::write(&tmp_file, content)?;
|
||||
|
||||
let res = self
|
||||
@@ -472,7 +473,7 @@ impl MinioService {
|
||||
])
|
||||
.await?;
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::ApplyPolicyFailed.into());
|
||||
}
|
||||
|
||||
@@ -512,7 +513,7 @@ impl MinioService {
|
||||
])
|
||||
.await?;
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::CreateUserFailed.into());
|
||||
}
|
||||
|
||||
@@ -552,7 +553,7 @@ impl MinioService {
|
||||
])
|
||||
.await?;
|
||||
|
||||
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||
if res.first().map(|r| r.success()) != Some(true) {
|
||||
return Err(MinioError::CreateUserFailed.into());
|
||||
}
|
||||
|
||||
@@ -579,7 +580,7 @@ impl MinioService {
|
||||
.userMappings;
|
||||
|
||||
if let Some(mapping) = res {
|
||||
if let Some(e) = mapping.get(0) {
|
||||
if let Some(e) = mapping.first() {
|
||||
return Ok(e.policies.clone());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
//! Used for testing only
|
||||
|
||||
use crate::minio::MinioService;
|
||||
use crate::temp;
|
||||
use crate::utils::rand_str;
|
||||
use rand::RngCore;
|
||||
use std::io::ErrorKind;
|
||||
@@ -20,7 +21,7 @@ pub struct MinioTestServer {
|
||||
|
||||
impl MinioTestServer {
|
||||
pub async fn start() -> anyhow::Result<Self> {
|
||||
let storage_dir = mktemp::Temp::new_dir()?;
|
||||
let storage_dir = temp::create_temp_dir()?;
|
||||
|
||||
let root_user = rand_str(30);
|
||||
let root_password = rand_str(30);
|
||||
|
||||
26
src/temp.rs
Normal file
26
src/temp.rs
Normal file
@@ -0,0 +1,26 @@
|
||||
use std::path::{Path, PathBuf};
|
||||
|
||||
/// Get the directory where temp files should be created
|
||||
fn temp_path() -> Option<PathBuf> {
|
||||
std::env::var("TEMP_DIR")
|
||||
.as_deref()
|
||||
.ok()
|
||||
.map(Path::new)
|
||||
.map(|p| p.to_path_buf())
|
||||
}
|
||||
|
||||
/// Create a temporary directory
|
||||
pub fn create_temp_dir() -> std::io::Result<mktemp::Temp> {
|
||||
match temp_path() {
|
||||
None => mktemp::Temp::new_dir(),
|
||||
Some(p) => mktemp::Temp::new_dir_in(p),
|
||||
}
|
||||
}
|
||||
|
||||
/// Create a temporary file
|
||||
pub fn create_temp_file() -> std::io::Result<mktemp::Temp> {
|
||||
match temp_path() {
|
||||
None => mktemp::Temp::new_file(),
|
||||
Some(p) => mktemp::Temp::new_file_in(p),
|
||||
}
|
||||
}
|
||||
@@ -63,8 +63,19 @@ spec:
|
||||
requests:
|
||||
memory: 150Mi
|
||||
cpu: "0.01"
|
||||
volumeMounts:
|
||||
- mountPath: /tmp
|
||||
readOnly: false
|
||||
name: tempdir
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
volumes:
|
||||
- name: tempdir
|
||||
emptyDir:
|
||||
sizeLimit: 500Mi
|
||||
|
||||
Reference in New Issue
Block a user