perm: Optionally ignore missing files

The default behavior of divingbell-perm is to fail when trying to assign permissions to non-existent files. This change adds an option to values.yaml to skip any missing files and proceed with the rest of the assignments. conf: perm: ignore_missing: true # default is false This may be useful in cases where files will never exist on a node, or cases where the file does not exist yet, but will exist later. Note that with this option enabled, a run in which files are skipped is considered successful, so the rerun_policy and rerun_interval will determine if and when another attempt will be made. Change-Id: I15505d6292dda66942c66eea5a4d0666bd6bdfa7
2021-09-07 16:32:41 +00:00 · 2021-09-07 16:32:41 +00:00 · caa7b4e833
commit caa7b4e833
parent c8eba1688c
3 changed files with 49 additions and 1 deletions
--- a/divingbell/templates/bin/_perm.sh.tpl
+++ b/divingbell/templates/bin/_perm.sh.tpl
@ -46,8 +46,18 @@ add_single_perm(){
  local permissions="${4}"

  # check if file exists
-  [ -e $path ] || return 1
  # if set -e is set the entire script will exit
+  # unless values has `conf: { perm: { ignore_missing: true } }`
+  if [ ! -e $path ]; then
+    local msg="$path does not exist"
+    if {{ index (index .Values "conf" "perm" | default dict) "ignore_missing" | default false }}; then
+      log.WARN "${msg}, skipping"
+      return 0
+    else
+      log.ERROR "${msg}"
+      return 1
+    fi
+  fi

  # construct backup name
  local file_name=$(systemd-escape $path)
--- a/divingbell/values.yaml
+++ b/divingbell/values.yaml
@ -38,6 +38,7 @@ conf:
 #    rerun_policy: always
 #    86400 = 1 day
 #    rerun_interval: 86400
+#    ignore_missing: false
 #    paths:
 #    -
 #      path: '/boot/System.map-*'
--- a/tools/gate/scripts/020-test-divingbell.sh
+++ b/tools/gate/scripts/020-test-divingbell.sh
@ -770,6 +770,43 @@ test_perm(){
  _test_perm_value ${p_test_file1} root shadow 640
  _test_perm_value ${p_test_file2} ${p_test_file2##*.} ${p_test_file2##*.} 777
  echo "[SUCCESS] Backup test for perm passed successfully" >> "${TEST_RESULTS}"
+  # Test missing files (default behavior, fail on missing files)
+  echo "conf:
+  perm:
+    paths:
+    -
+      path: /does/not/exist
+      owner: 'root'
+      group: 'shadow'
+      permissions: '0640'
+    -
+      path: ${p_test_file2}
+      owner: 'root'
+      group: 'shadow'
+      permissions: '0640'" > "${overrides_yaml}"
+  install_base "--values=${overrides_yaml}"
+  get_container_status perm ignore_failure
+  _test_perm_value ${p_test_file2} ${p_test_file2##*.} ${p_test_file2##*.} 777
+  echo '[SUCCESS] perm test fail on missing files passed successfully' >> "${TEST_RESULTS}"
+  # Test missing files (ignore_missing=true, continue if files are missing)
+  echo "conf:
+  perm:
+    ignore_missing: true
+    paths:
+    -
+      path: /does/not/exist
+      owner: 'root'
+      group: 'shadow'
+      permissions: '0640'
+    -
+      path: ${p_test_file2}
+      owner: 'root'
+      group: 'shadow'
+      permissions: '0640'" > "${overrides_yaml}"
+  install_base "--values=${overrides_yaml}"
+  get_container_status perm
+  _test_perm_value ${p_test_file2} root shadow 640
+  echo '[SUCCESS] perm test ignore_missing passed successfully' >> "${TEST_RESULTS}"
  # Test invalid rerun_interval (too short)
  echo "conf:
  perm: