Merge branch 'master' into feature-logging-configuration

form3tech-oss · Nov 16, 2023 · 7cbfe2b · 7cbfe2b
2 parents 01a34ff + f44a688
commit 7cbfe2b
Show file tree

Hide file tree

Showing 4 changed files with 145 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -50,6 +50,7 @@ For more information and how-to, see [RFC: Keep A Changelog](https://github.com/
 - Fix remote cluster cannot upgrade helm release [#4075](https://github.com/chaos-mesh/chaos-mesh/pull/4075)
 - Fix goroutine leak [#4229](https://github.com/chaos-mesh/chaos-mesh/pull/4229)
 - Remove the duplicate `make test` [#4234](https://github.com/chaos-mesh/chaos-mesh/pull/4234)
+- Fix daemon-server `SetDNSServer` endpoint to validate provided server address [#4246](https://github.com/chaos-mesh/chaos-mesh/pull/4246)
 
 ### Security
 

diff --git a/controllers/test/types.go b/controllers/test/types.go
@@ -23,7 +23,6 @@ import (
 	"google.golang.org/grpc"
 
 	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/client"
-	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/pb"
 	chaosdaemon "github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/pb"
 	"github.com/chaos-mesh/chaos-mesh/pkg/mock"
 )
@@ -106,10 +105,10 @@ func (c *MockChaosDaemonClient) UninstallJVMRules(ctx context.Context, in *chaos
 	return nil, mockError("UninstallJVMRules")
 }
 
-func (c *MockChaosDaemonClient) ApplyBlockChaos(ctx context.Context, req *pb.ApplyBlockChaosRequest, opts ...grpc.CallOption) (*pb.ApplyBlockChaosResponse, error) {
+func (c *MockChaosDaemonClient) ApplyBlockChaos(ctx context.Context, req *chaosdaemon.ApplyBlockChaosRequest, opts ...grpc.CallOption) (*chaosdaemon.ApplyBlockChaosResponse, error) {
 	return nil, mockError("ApplyBlockChaosRequest")
 }
 
-func (c *MockChaosDaemonClient) RecoverBlockChaos(ctx context.Context, req *pb.RecoverBlockChaosRequest, opts ...grpc.CallOption) (*empty.Empty, error) {
+func (c *MockChaosDaemonClient) RecoverBlockChaos(ctx context.Context, req *chaosdaemon.RecoverBlockChaosRequest, opts ...grpc.CallOption) (*empty.Empty, error) {
 	return &empty.Empty{}, nil
 }
diff --git a/pkg/chaosdaemon/dns_server.go b/pkg/chaosdaemon/dns_server.go
@@ -18,6 +18,7 @@ package chaosdaemon
 import (
 	"context"
 	"fmt"
+	"net"
 
 	"github.com/golang/protobuf/ptypes/empty"
 	"github.com/pkg/errors"
@@ -32,6 +33,8 @@ const (
 	DNSServerConfFile = "/etc/resolv.conf"
 )
 
+var ErrInvalidDNSServer = errors.New("invalid DNS server address")
+
 func (s *DaemonServer) SetDNSServer(ctx context.Context,
 	req *pb.SetDNSServerRequest) (*empty.Empty, error) {
 	log := s.getLoggerFromContext(ctx)
@@ -46,8 +49,8 @@ func (s *DaemonServer) SetDNSServer(ctx context.Context,
 	if req.Enable {
 		// set dns server to the chaos dns server's address
 
-		if len(req.DnsServer) == 0 {
-			return &empty.Empty{}, errors.Errorf("invalid set dns server request %v", req)
+		if net.ParseIP(req.DnsServer) == nil {
+			return nil, ErrInvalidDNSServer
 		}
 
 		// backup the /etc/resolv.conf

diff --git a/pkg/chaosdaemon/dns_server_test.go b/pkg/chaosdaemon/dns_server_test.go
@@ -0,0 +1,137 @@
+// Copyright 2023 Chaos Mesh Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package chaosdaemon_test
+
+import (
+	"context"
+	"os/exec"
+	"testing"
+
+	"github.com/go-logr/logr"
+	. "github.com/onsi/gomega"
+
+	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon"
+	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/crclients"
+	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/crclients/test"
+	pb "github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/pb"
+	"github.com/chaos-mesh/chaos-mesh/pkg/mock"
+)
+
+func Test_SetDNSServer_Enable(t *testing.T) {
+	g := NewWithT(t)
+
+	type mockCmd struct {
+		cmd  string
+		args []string
+	}
+	var executedCommands []mockCmd
+
+	mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
+		executedCommands = append(executedCommands, mockCmd{cmd, args})
+		return exec.Command("echo", "mock command")
+	})
+
+	mock.With("MockContainerdClient", &test.MockClient{})
+
+	crc, err := crclients.CreateContainerRuntimeInfoClient(&crclients.CrClientConfig{
+		Runtime: crclients.ContainerRuntimeContainerd,
+	})
+	g.Expect(err).NotTo(HaveOccurred())
+
+	server := chaosdaemon.NewDaemonServerWithCRClient(crc, nil, logr.Discard())
+
+	res, err := server.SetDNSServer(context.TODO(), &pb.SetDNSServerRequest{
+		ContainerId: "containerd://foo",
+		DnsServer:   "8.6.4.2",
+		Enable:      true,
+		EnterNS:     false,
+	})
+	g.Expect(err).NotTo(HaveOccurred())
+	g.Expect(res).NotTo(BeNil())
+
+	g.Expect(executedCommands).To(Equal([]mockCmd{
+		{cmd: "sh", args: []string{"-c", "ls /etc/resolv.conf.chaos.bak || cp /etc/resolv.conf /etc/resolv.conf.chaos.bak"}},
+		{cmd: "sh", args: []string{"-c", "cp /etc/resolv.conf /etc/resolv_conf_dnschaos_temp && sed -i 's/.*nameserver.*/nameserver 8.6.4.2/' /etc/resolv_conf_dnschaos_temp && cat /etc/resolv_conf_dnschaos_temp > /etc/resolv.conf && rm /etc/resolv_conf_dnschaos_temp"}},
+	}))
+}
+
+func Test_SetDNSServer_Enable_InvalidIP(t *testing.T) {
+	g := NewWithT(t)
+
+	cases := []string{"", "127.0.0.b", " 127.0.0.1", "127.0.0.1 ", ":g:1", "127.0.0.1;"}
+
+	mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
+		g.Fail("no process should be executed")
+		return exec.Command("echo", "mock command")
+	})
+
+	mock.With("MockContainerdClient", &test.MockClient{})
+
+	crc, err := crclients.CreateContainerRuntimeInfoClient(&crclients.CrClientConfig{
+		Runtime: crclients.ContainerRuntimeContainerd,
+	})
+	g.Expect(err).NotTo(HaveOccurred())
+
+	server := chaosdaemon.NewDaemonServerWithCRClient(crc, nil, logr.Discard())
+
+	for _, tc := range cases {
+		res, err := server.SetDNSServer(context.TODO(), &pb.SetDNSServerRequest{
+			ContainerId: "containerd://foo",
+			DnsServer:   tc,
+			Enable:      true,
+			EnterNS:     false,
+		})
+		g.Expect(err).To(Equal(chaosdaemon.ErrInvalidDNSServer))
+		g.Expect(res).To(BeNil())
+	}
+}
+
+func Test_SetDNSServer_Disable(t *testing.T) {
+	g := NewWithT(t)
+
+	type mockCmd struct {
+		cmd  string
+		args []string
+	}
+	var executedCommands []mockCmd
+
+	mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
+		executedCommands = append(executedCommands, mockCmd{cmd, args})
+		return exec.Command("echo", "mock command")
+	})
+
+	mock.With("MockContainerdClient", &test.MockClient{})
+
+	crc, err := crclients.CreateContainerRuntimeInfoClient(&crclients.CrClientConfig{
+		Runtime: crclients.ContainerRuntimeContainerd,
+	})
+	g.Expect(err).NotTo(HaveOccurred())
+
+	server := chaosdaemon.NewDaemonServerWithCRClient(crc, nil, logr.Discard())
+
+	res, err := server.SetDNSServer(context.TODO(), &pb.SetDNSServerRequest{
+		ContainerId: "containerd://foo",
+		DnsServer:   "",
+		Enable:      false,
+		EnterNS:     false,
+	})
+	g.Expect(err).NotTo(HaveOccurred())
+	g.Expect(res).NotTo(BeNil())
+
+	g.Expect(executedCommands).To(Equal([]mockCmd{
+		{cmd: "sh", args: []string{"-c", "ls /etc/resolv.conf.chaos.bak && cat /etc/resolv.conf.chaos.bak > /etc/resolv.conf || true"}},
+	}))
+}