diff --git a/charts/rancher-wins-upgrader/Chart.yaml b/charts/rancher-wins-upgrader/Chart.yaml index 3e3dc136..b59056bd 100755 --- a/charts/rancher-wins-upgrader/Chart.yaml +++ b/charts/rancher-wins-upgrader/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: rancher-wins-upgrader version: 0.0.1 -appVersion: 0.1.0 +appVersion: 0.1.1 annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/namespace: cattle-wins-system diff --git a/charts/rancher-wins-upgrader/README.md b/charts/rancher-wins-upgrader/README.md index 7a2517aa..1789824f 100755 --- a/charts/rancher-wins-upgrader/README.md +++ b/charts/rancher-wins-upgrader/README.md @@ -24,7 +24,7 @@ If the second requirement is not met, there are two options to reconcile: This is the recommended approach for updating your Windows hosts, but it requires the user to log onto every Windows host to upgrade the wins config. After logging onto each host, you will need to do manually update the wins config. -By default, the wins config is located in `C:\etc\rancher\wins\config`, but you could use the following powershell command to identify the command line arguments passed into the `rancher-wins` service (`--config` corresponds to the config path on the host): +By default, the wins config is located in `c:\etc\rancher\wins\config`, but you could use the following powershell command to identify the command line arguments passed into the `rancher-wins` service (`--config` corresponds to the config path on the host): ```powershell (Get-CimInstance Win32_Service -Filter 'Name = "rancher-wins"').PathName ``` diff --git a/charts/rancher-wins-upgrader/scripts/upgrade.ps1 b/charts/rancher-wins-upgrader/scripts/upgrade.ps1 index dccacbd3..25687cb0 100644 --- a/charts/rancher-wins-upgrader/scripts/upgrade.ps1 +++ b/charts/rancher-wins-upgrader/scripts/upgrade.ps1 @@ -36,7 +36,7 @@ function Transfer-File $null = Copy-Item -Force -Path $Src -Destination $Dst } -$prefixPath = 'C:\' +$prefixPath = 'c:\' if ($env:CATTLE_PREFIX_PATH) { $prefixPath = $env:CATTLE_PREFIX_PATH } @@ -50,11 +50,11 @@ $winsUpgradeDir = Split-Path -Path $winsUpgradePath $winsUpgradeFilename = Split-Path -Path $winsUpgradePath -Leaf Create-Directory -Path $winsUpgradeDir -Transfer-File -Src "C:\Windows\wins.exe" -Dst $winsUpgradePath +Transfer-File -Src "c:\Windows\wins.exe" -Dst $winsUpgradePath -Create-Directory -Path "C:\host\etc\rancher\wins" -Transfer-File -Src $winsUpgradePath -Dst "C:\host\etc\rancher\wins\$winsUpgradeFilename" -Transfer-File -Src "C:\scripts\config" -Dst "C:\host\etc\rancher\wins\config" +Create-Directory -Path "c:\host\etc\rancher\wins" +Transfer-File -Src $winsUpgradePath -Dst "c:\host\etc\rancher\wins\$winsUpgradeFilename" +Transfer-File -Src "c:\scripts\config" -Dst "c:\host\etc\rancher\wins\config" $winsOut = wins.exe cli prc run --path=$winsUpgradePath --args="up --wins-args=`'--config=$winsUpgradeDir\config`'" diff --git a/charts/rancher-wins-upgrader/templates/_helpers.tpl b/charts/rancher-wins-upgrader/templates/_helpers.tpl index 72e75d52..9f44d618 100644 --- a/charts/rancher-wins-upgrader/templates/_helpers.tpl +++ b/charts/rancher-wins-upgrader/templates/_helpers.tpl @@ -39,7 +39,7 @@ provider: kubernetes {{- end -}} {{- define "winsUpgrader.winsHostPath" -}} -{{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "\\\\" "\\" | replace "\\" "/" }}etc/rancher/wins +{{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "\\\\" "\\" | replace "\\" "/" }}etc/rancher/wins {{- end -}} {{- define "winsUpgrader.winsMasqueradePath" -}} diff --git a/charts/rancher-wins-upgrader/templates/daemonset.yaml b/charts/rancher-wins-upgrader/templates/daemonset.yaml index 9f3d3bb9..e6df52a3 100755 --- a/charts/rancher-wins-upgrader/templates/daemonset.yaml +++ b/charts/rancher-wins-upgrader/templates/daemonset.yaml @@ -25,26 +25,26 @@ spec: containers: - name: noop image: {{ template "system_default_registry" $ }}{{ required "Must provide name for .Values.winsConfigs[].image.repository" .image.repository }}:{{ required "Must provide name for .Values.winsConfigs[].tag" .image.tag }} - command: ["pwsh", "-f", "C:/scripts/noop.ps1"] + command: ["pwsh", "-f", "c:/scripts/noop.ps1"] volumeMounts: - name: upgrade-scripts - mountPath: C:/scripts + mountPath: c:/scripts initContainers: - name: wins-upgrader image: {{ template "system_default_registry" $ }}{{ .image.repository }}:{{ .image.tag }} - command: ["pwsh", "-f", "C:/scripts/upgrade.ps1"] + command: ["pwsh", "-f", "c:/scripts/upgrade.ps1"] volumeMounts: - name: wins-pipe mountPath: \\.\pipe\rancher_wins - name: wins - mountPath: C:/host/etc/rancher/wins + mountPath: c:/host/etc/rancher/wins - name: upgrade-scripts - mountPath: C:/scripts + mountPath: c:/scripts env: - name: HELM_REVISION_NUMBER value: {{ $.Release.Revision | quote }} - name: CATTLE_PREFIX_PATH - value: {{ default "C:\\" $.Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }} + value: {{ default "c:\\" $.Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }} {{- if $.Values.masquerade.enabled }} - name: WINS_UPGRADE_PATH value: {{ include "winsUpgrader.winsMasqueradePath" $ }} diff --git a/charts/rancher-wins-upgrader/values.yaml b/charts/rancher-wins-upgrader/values.yaml index 8d48d9a1..8ff315ec 100755 --- a/charts/rancher-wins-upgrader/values.yaml +++ b/charts/rancher-wins-upgrader/values.yaml @@ -7,7 +7,7 @@ global: cattle: systemDefaultRegistry: "" - rkeWindowsPathPrefix: "C:\\" + rkeWindowsPathPrefix: "c:\\" ## One or more configurations for the wins server to be applied across all of the nodes based on the nodeSelector and tolerations provided ## @@ -16,7 +16,7 @@ winsConfigs: image: # TODO(aiyengar2): replace with an image that just contains wins repository: rancher/wins - tag: v0.1.0 + tag: v0.1.1 os: "windows" config: | debug: false @@ -24,18 +24,18 @@ winsConfigs: proxy: rancher_wins_proxy whiteList: processPaths: - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\rancher\wins\wins-upgrade.exe - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\windows-exporter\windows-exporter.exe - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\wmi-exporter\wmi-exporter.exe - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\kubernetes\bin\kube-proxy.exe - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\kubernetes\bin\kubelet.exe - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\nginx\nginx.exe - - {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}opt\bin\flanneld.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\rancher\wins\wins-upgrade.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\windows-exporter\windows-exporter.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\wmi-exporter\wmi-exporter.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\kubernetes\bin\kube-proxy.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\kubernetes\bin\kubelet.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\nginx\nginx.exe + - {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}opt\bin\flanneld.exe proxyPorts: - 9796 upgrade: mode: watching - watchingPath: {{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\rancher\wins\wins.exe + watchingPath: {{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\rancher\wins\wins.exe # By default, `kubernetes.io/os: windows` or `beta.kubernetes.io/os: windows` will be included nodeSelector: {} # If provided, these tolerations will be used. Otherwise, it defaults to `[ {operator: Exists} ]` @@ -57,4 +57,4 @@ masquerade: # wmi_exporter is the only default whitelisted process that may or may not be run on the host, since # it is only ever deployed if the Windows cluster is also using Prometheus-based Windows monitoring (e.g. Rancher Monitoring V1) # All of the other default whitelisted processes are required for the Kubernetes cluster to operate - as: '{{ default "C:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\wmi-exporter\wmi-exporter.exe' + as: '{{ default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "/" "\\" }}etc\wmi-exporter\wmi-exporter.exe' diff --git a/cmd/grpcs/process_path_whitelist.go b/cmd/grpcs/process_path_whitelist.go index 9dab56d5..acc27673 100644 --- a/cmd/grpcs/process_path_whitelist.go +++ b/cmd/grpcs/process_path_whitelist.go @@ -3,6 +3,7 @@ package grpcs import ( "context" "path/filepath" + "strings" "github.com/rancher/wins/pkg/types" "google.golang.org/grpc" @@ -13,13 +14,15 @@ import ( func ProcessPathUnaryServerInterceptor(whitelist []string) grpc.UnaryServerInterceptor { whitelistIndex := make(map[string]struct{}, len(whitelist)) for _, wl := range whitelist { - whitelistIndex[filepath.Clean(wl)] = struct{}{} + path := strings.ToLower(filepath.Clean(wl)) + whitelistIndex[path] = struct{}{} } return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) { if info.FullMethod == "/wins.ProcessService/Start" { if psr, ok := req.(*types.ProcessStartRequest); ok { - if _, exist := whitelistIndex[filepath.Clean(psr.Path)]; !exist { + path := strings.ToLower(filepath.Clean(psr.Path)) + if _, exist := whitelistIndex[path]; !exist { return nil, status.Errorf(codes.InvalidArgument, "invalid path") } } diff --git a/tests/integration/process_test.ps1 b/tests/integration/process_test.ps1 index ff1fe9e7..c0db5f25 100644 --- a/tests/integration/process_test.ps1 +++ b/tests/integration/process_test.ps1 @@ -35,8 +35,8 @@ Describe "process" { $config = @{ whiteList = @{ processPaths = @( - "c:\otherpath" - "c:\etc\nginx\nginx.exe" + "C:\otherpath" + "C:\etc\nginx\nginx.exe" ) } } @@ -82,7 +82,7 @@ Describe "process" { $config = @{ whiteList = @{ processPaths = @( - "c:\otherpath" + "C:\otherpath" ) } }