From 28d666181b3686b093a360ea929ccb4c6f009617 Mon Sep 17 00:00:00 2001 From: Daniel Fangl Date: Tue, 12 Mar 2024 15:48:20 +0100 Subject: [PATCH] Allow LocalStack specific configuration of chmod on startup, remove DNS logic (#34) --- cmd/localstack/awsutil.go | 17 --------- cmd/localstack/dns.go | 71 ------------------------------------ cmd/localstack/file_utils.go | 29 +++++++++++++++ cmd/localstack/main.go | 30 +++------------ go.mod | 3 -- go.sum | 32 ---------------- 6 files changed, 34 insertions(+), 148 deletions(-) delete mode 100644 cmd/localstack/dns.go diff --git a/cmd/localstack/awsutil.go b/cmd/localstack/awsutil.go index 7fa02c4..c7fcbc4 100644 --- a/cmd/localstack/awsutil.go +++ b/cmd/localstack/awsutil.go @@ -139,23 +139,6 @@ func resetListener(changeChannel <-chan bool, server *CustomInteropServer) { } -func RunDNSRewriter(opts *LsOpts, ctx context.Context) { - if opts.EnableDnsServer != "1" { - log.Debugln("DNS server disabled.") - return - } - dnsForwarder, err := NewDnsForwarder(opts.LocalstackIP) - if err != nil { - log.Errorln("Error creating dns forwarder.") - return - } - defer dnsForwarder.Shutdown() - dnsForwarder.Start() - - <-ctx.Done() - log.Debugln("DNS server stopped") -} - func RunHotReloadingListener(server *CustomInteropServer, targetPaths []string, ctx context.Context, fileWatcherStrategy string) { if len(targetPaths) == 1 && targetPaths[0] == "" { log.Debugln("Hot reloading disabled.") diff --git a/cmd/localstack/dns.go b/cmd/localstack/dns.go deleted file mode 100644 index fc68819..0000000 --- a/cmd/localstack/dns.go +++ /dev/null @@ -1,71 +0,0 @@ -package main - -import ( - "github.com/miekg/dns" - log "github.com/sirupsen/logrus" - "net" -) - -type DNSForwarder struct { - server *dns.Server -} - -type DNSRewriteForwardHandler struct { - upstreamServer string - redirectTo string -} - -func (D DNSRewriteForwardHandler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { - client := dns.Client{ - Net: "udp", - } - response, _, err := client.Exchange(r, D.upstreamServer+":53") - if err != nil { - log.Errorln("Error connecting to upstream: ", err) - return - } - for _, rr := range response.Answer { - switch rr.Header().Rrtype { - case dns.TypeA: - if t, ok := rr.(*dns.A); ok { - if t.A.Equal(net.IPv4(127, 0, 0, 1)) { - log.Debugln("Redirecting answer for ", t.Header().Name, "to ", D.redirectTo) - t.A = net.ParseIP(D.redirectTo) - } - } - } - } - err = w.WriteMsg(response) - if err != nil { - log.Errorln("Error writing response: ", err) - } -} - -func NewDnsForwarder(upstreamServer string) (*DNSForwarder, error) { - forwarder := &DNSForwarder{ - server: &dns.Server{ - Net: "udp", - Handler: DNSRewriteForwardHandler{ - upstreamServer: upstreamServer, - redirectTo: upstreamServer, - }, - }, - } - return forwarder, nil -} - -func (c *DNSForwarder) Start() { - go func() { - err := c.server.ListenAndServe() - if err != nil { - log.Errorln("Error starting DNS server: ", err) - } - }() -} - -func (c *DNSForwarder) Shutdown() { - err := c.server.Shutdown() - if err != nil { - log.Errorln("Error shutting down DNS server: ", err) - } -} diff --git a/cmd/localstack/file_utils.go b/cmd/localstack/file_utils.go index ed65c70..0de9519 100644 --- a/cmd/localstack/file_utils.go +++ b/cmd/localstack/file_utils.go @@ -1,11 +1,40 @@ package main import ( + "encoding/json" + log "github.com/sirupsen/logrus" "io" "os" "path/filepath" + "strconv" ) +type Chmod struct { + Path string `json:"path"` + Mode string `json:"mode"` +} + +// AdaptFilesystemPermissions Adapts the file system permissions to the mode specified in the chmodInfoString parameter +// chmodInfoString should be a json encoded list of `Chmod` structs. +// example: '[{"path": "/opt", "mode": "0755"}]'. The mode string should be an octal representation of the targeted file mode. +func AdaptFilesystemPermissions(chmodInfoString string) error { + var chmodInfo []Chmod + err := json.Unmarshal([]byte(chmodInfoString), &chmodInfo) + if err != nil { + return err + } + for _, chmod := range chmodInfo { + mode, err := strconv.ParseInt(chmod.Mode, 0, 32) + if err != nil { + return err + } + if err := ChmodRecursively(chmod.Path, os.FileMode(mode)); err != nil { + log.Warnf("Could not change file mode recursively of directory %s: %s\n", chmod.Path, err) + } + } + return nil +} + // Inspired by https://stackoverflow.com/questions/73864379/golang-change-permission-os-chmod-and-os-chowm-recursively // but using the more efficient WalkDir API func ChmodRecursively(root string, mode os.FileMode) error { diff --git a/cmd/localstack/main.go b/cmd/localstack/main.go index e936d78..064a174 100644 --- a/cmd/localstack/main.go +++ b/cmd/localstack/main.go @@ -23,7 +23,7 @@ type LsOpts struct { CodeArchives string HotReloadingPaths []string FileWatcherStrategy string - EnableDnsServer string + ChmodPaths string LocalstackIP string InitLogLevel string EdgePort string @@ -57,10 +57,10 @@ func InitLsOpts() *LsOpts { CodeArchives: os.Getenv("LOCALSTACK_CODE_ARCHIVES"), HotReloadingPaths: strings.Split(GetenvWithDefault("LOCALSTACK_HOT_RELOADING_PATHS", ""), ","), FileWatcherStrategy: os.Getenv("LOCALSTACK_FILE_WATCHER_STRATEGY"), - EnableDnsServer: os.Getenv("LOCALSTACK_ENABLE_DNS_SERVER"), EnableXRayTelemetry: os.Getenv("LOCALSTACK_ENABLE_XRAY_TELEMETRY"), LocalstackIP: os.Getenv("LOCALSTACK_HOSTNAME"), PostInvokeWaitMS: os.Getenv("LOCALSTACK_POST_INVOKE_WAIT_MS"), + ChmodPaths: GetenvWithDefault("LOCALSTACK_CHMOD_PATHS", "[]"), } } @@ -75,12 +75,12 @@ func UnsetLsEnvs() { "LOCALSTACK_USER", "LOCALSTACK_CODE_ARCHIVES", "LOCALSTACK_HOT_RELOADING_PATHS", - "LOCALSTACK_ENABLE_DNS_SERVER", "LOCALSTACK_ENABLE_XRAY_TELEMETRY", "LOCALSTACK_INIT_LOG_LEVEL", "LOCALSTACK_POST_INVOKE_WAIT_MS", "LOCALSTACK_FUNCTION_ACCOUNT_ID", "LOCALSTACK_MAX_PAYLOAD_SIZE", + "LOCALSTACK_CHMOD_PATHS", // Docker container ID "HOSTNAME", @@ -139,31 +139,13 @@ func main() { } interop.MaxPayloadSize = payloadSize - // enable dns server - dnsServerContext, stopDnsServer := context.WithCancel(context.Background()) - go RunDNSRewriter(lsOpts, dnsServerContext) - // download code archive if env variable is set if err := DownloadCodeArchives(lsOpts.CodeArchives); err != nil { log.Fatal("Failed to download code archives: " + err.Error()) } - // set file permissions of the tmp directory for better AWS parity - if err := ChmodRecursively("/tmp", 0700); err != nil { - log.Warnln("Could not change file mode recursively of directory /tmp:", err) - } - // set file permissions of the layers directory for better AWS parity - if err := ChmodRecursively("/opt", 0755); err != nil { - log.Warnln("Could not change file mode recursively of directory /opt:", err) - } - // set file permissions of the code directory if at least one layer is present for better AWS parity - // Limitation: hot reloading likely breaks file permission parity for /var/task in combination with layers - // Heuristic for detecting the presence of layers. It might fail for an empty layer or image-based Lambda. - if isDirEmpty, _ := IsDirEmpty("/opt"); !isDirEmpty { - log.Debugln("Detected layer present") - if err := ChmodRecursively("/var/task", 0755); err != nil { - log.Warnln("Could not change file mode recursively of directory /var/task:", err) - } + if err := AdaptFilesystemPermissions(lsOpts.ChmodPaths); err != nil { + log.Warnln("Could not change file mode of code directories:", err) } // parse CLI args @@ -200,8 +182,6 @@ func main() { AddShutdownFunc(func() { log.Debugln("Stopping file watcher") cancelFileWatcher() - log.Debugln("Stopping DNS server") - stopDnsServer() }). SetExtensionsFlag(true). SetInitCachingFlag(true). diff --git a/go.mod b/go.mod index 206b761..992860c 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,6 @@ require ( github.com/go-chi/chi v4.1.2+incompatible github.com/google/uuid v1.3.0 github.com/jessevdk/go-flags v1.5.0 - github.com/miekg/dns v1.1.50 github.com/shirou/gopsutil v2.19.10+incompatible github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 @@ -26,10 +25,8 @@ require ( github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/stretchr/objx v0.5.0 // indirect - golang.org/x/mod v0.8.0 // indirect golang.org/x/net v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/tools v0.6.0 // indirect gopkg.in/yaml.v2 v2.2.8 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 8cc90e8..0474547 100644 --- a/go.sum +++ b/go.sum @@ -25,8 +25,6 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA= -github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -43,53 +41,23 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI= golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=