diff --git a/pkg/api/constants/scripts.go b/pkg/api/constants/scripts.go index dd500e41e..8f18e919b 100644 --- a/pkg/api/constants/scripts.go +++ b/pkg/api/constants/scripts.go @@ -50,7 +50,4 @@ const ( // IgnoreFile is the s2i version for ignore files like we see with .gitignore or .dockerignore .. initial impl mirrors documented .dockerignore capabilities IgnoreFile = ".s2iignore" - - // ClearInjections is the s2i script which removes injected content - ClearInjections = "clear-injections" ) diff --git a/pkg/build/strategies/dockerfile/dockerfile.go b/pkg/build/strategies/dockerfile/dockerfile.go index f77fc8364..fe1c5df58 100644 --- a/pkg/build/strategies/dockerfile/dockerfile.go +++ b/pkg/build/strategies/dockerfile/dockerfile.go @@ -230,14 +230,18 @@ func (builder *Dockerfile) CreateDockerfile(config *api.Config) error { return err } if len(filesToDelete) > 0 { - _, err := util.CreateDeleteFilesScript(filesToDelete, filepath.Join(config.WorkingDir, builder.uploadScriptsDir)) - if err != nil { - return err - } + wroteRun := false buffer.WriteString("# Cleaning up injected secret content\n") - rmDestination := filepath.Join(scriptsDestDir, constants.ClearInjections) - buffer.WriteString(fmt.Sprintf("COPY --chown=%s:0 %s %s\n", sanitize(imageUser), sanitize(filepath.ToSlash(filepath.Join(constants.UploadScripts, constants.ClearInjections))), filepath.ToSlash(rmDestination))) - buffer.WriteString(fmt.Sprintf("RUN %[1]s && rm %[1]s\n", filepath.ToSlash(rmDestination))) + for _, file := range(filesToDelete) { + if !wroteRun { + buffer.WriteString(fmt.Sprintf("RUN rm %s", file)) + wroteRun = true + continue + } + buffer.WriteString(fmt.Sprintf(" && \\\n")) + buffer.WriteString(fmt.Sprintf(" rm %s", file)) + } + buffer.WriteString("\n") } if _, provided := providedScripts[constants.Run]; provided { diff --git a/pkg/util/injection.go b/pkg/util/injection.go index 92bba7528..cf1b98763 100644 --- a/pkg/util/injection.go +++ b/pkg/util/injection.go @@ -1,7 +1,6 @@ package util import ( - "bytes" "fmt" "io/ioutil" "os" @@ -9,7 +8,6 @@ import ( "strings" "github.com/openshift/source-to-image/pkg/api" - "github.com/openshift/source-to-image/pkg/api/constants" "github.com/openshift/source-to-image/pkg/util/fs" ) @@ -129,20 +127,6 @@ func CreateTruncateFilesScript(files []string, scriptName string) (string, error return f.Name(), err } -// CreateDeleteFilesScript creates a shell script that contains removal -// of the provided files injected into the container. The path to the script is returned. -func CreateDeleteFilesScript(files []string, dir string) (string, error) { - rmScript := &bytes.Buffer{} - rmScript.WriteString("set -e\n") - for _, s := range files { - rmScript.WriteString(fmt.Sprintf("rm %q\n", s)) - } - rmScript.WriteString("set +e\n") - scriptName := filepath.Join(dir, constants.ClearInjections) - err := ioutil.WriteFile(scriptName, rmScript.Bytes(), 0700) - return scriptName, err -} - // CreateInjectionResultFile creates a result file with the message from the provided injection // error. The path to the result file is returned. If the provided error is nil, an empty file is // created. diff --git a/pkg/util/injection_test.go b/pkg/util/injection_test.go index 22cc0b2c0..6c9a91a03 100644 --- a/pkg/util/injection_test.go +++ b/pkg/util/injection_test.go @@ -113,33 +113,3 @@ func TestCreateInjectionResultFile(t *testing.T) { } } } - -func TestCreateDeleteFilesScript(t *testing.T) { - files := []string{ - "/foo", - "/bar/bar", - } - dir, err := ioutil.TempDir("", "s2i-delete-files-script") - if err != nil { - t.Fatalf("failed to create temp dir: %v", err) - } - defer os.RemoveAll(dir) - name, err := CreateDeleteFilesScript(files, dir) - if err != nil { - t.Errorf("Unexpected error: %v", name) - } - _, err = os.Stat(name) - if err != nil { - t.Errorf("Expected file %q to exists, got: %v", name, err) - } - data, err := ioutil.ReadFile(name) - if err != nil { - t.Errorf("Unable to read %q: %v", name, err) - } - for _, f := range files { - if !strings.Contains(string(data), fmt.Sprintf("rm %q", f)) { - t.Errorf("Expected script to contain rm %q, got: %q", f, string(data)) - } - } - -} diff --git a/test/integration/integration_test.go b/test/integration/integration_test.go index 21847dbe9..650097b04 100644 --- a/test/integration/integration_test.go +++ b/test/integration/integration_test.go @@ -751,9 +751,12 @@ func TestDockerfileBuildInjections(t *testing.T) { if err != nil { t.Errorf("Unable to create injection dir: %v", err) } - _, err = ioutil.TempFile(injection1, "injectfile-1") - if err != nil { - t.Errorf("Unable to create injection file: %v", err) + + for i := 0; i < 3; i++ { + _, err = ioutil.TempFile(injection1, "injectfile-") + if err != nil { + t.Errorf("Unable to create injection file: %v", err) + } } injection2 := filepath.Join(tempdir, "injection2") @@ -800,8 +803,8 @@ func TestDockerfileBuildInjections(t *testing.T) { expected := []string{ "COPY --chown=1001:0 upload/injections" + trimmedInjection1 + " /workdir/injection1", "COPY --chown=1001:0 upload/injections" + trimmedInjection2 + " /destination/injection2", - "COPY --chown=1001:0 upload/scripts/clear-injections /tmp/scripts/clear-injections", - "RUN /tmp/scripts/clear-injections && rm /tmp/scripts/clear-injections", + "RUN rm /workdir/injection1/injectfile-", + " rm /workdir/injection1/injectfile-", } notExpected := []string{ "rm -rf /destination/injection2", @@ -810,7 +813,6 @@ func TestDockerfileBuildInjections(t *testing.T) { filepath.Join(tempdir, "upload/src/server.js"), filepath.Join(tempdir, "upload/injections"+trimmedInjection1), filepath.Join(tempdir, "upload/injections"+trimmedInjection2), - filepath.Join(tempdir, "upload/scripts/clear-injections"), } runDockerfileTest(t, config, expected, notExpected, expectedFiles) }