Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not require sudo for go-ovs commands #2436

Merged
merged 2 commits into from
Feb 2, 2025
Merged

Do not require sudo for go-ovs commands #2436

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
86943dc
remove sudo from ovs commands
hellt Feb 1, 2025
69480e1
add suid to make targets
hellt Feb 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 20 additions & 4 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,36 +17,52 @@ all: build
build:
mkdir -p $(BIN_DIR)
CGO_ENABLED=0 go build -o $(BINARY) -ldflags="$(LDFLAGS)" main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

build-linux-arm64:
mkdir -p $(BIN_DIR)
GOOS=linux GOARCH=arm64 go build -o $(BINARY) -ldflags="$(LDFLAGS)" main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

build-linux-amd64:
mkdir -p $(BIN_DIR)
GOOS=linux GOARCH=amd64 go build -o $(BINARY) -ldflags="$(LDFLAGS)" main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

build-with-cover:
mkdir -p $(BIN_DIR)
go build -cover -o $(BINARY) -ldflags="$(LDFLAGS)" main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

build-debug:
mkdir -p $(BIN_DIR)
go build -o $(BINARY) -gcflags=all="-N -l" -race -cover main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

build-dlv-debug:
mkdir -p $(BIN_DIR)
go build -o $(BINARY) -gcflags=all="-N -l" main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)


build-with-podman:
mkdir -p $(BIN_DIR)
CGO_ENABLED=0 go build -o $(BINARY) -ldflags="$(LDFLAGS)" -trimpath -tags "podman exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper exclude_graphdriver_overlay containers_image_openpgp" main.go
chmod a+x $(BINARY)
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

build-with-podman-debug:
mkdir -p $(BIN_DIR)
CGO_ENABLED=1 go build -o $(BINARY) -gcflags=all="-N -l" -race -cover -trimpath -tags "podman exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper exclude_graphdriver_overlay containers_image_openpgp" main.go
sudo chown root:root $(BINARY)
sudo chmod 4755 $(BINARY)

convert-coverage:
go tool covdata textfmt -i=/tmp/clab-tests/coverage -o coverage.out
Expand Down Expand Up @@ -128,20 +144,20 @@ htmltest:
.PHONY: oci-push
oci-push: build-with-podman
@echo
@echo "With the following pull command you get a containerlab binary at your working directory. To use this downloaded binary - ./containerlab deploy.... Make sure not forget to add ./ prefix in order to use the downloaded binary and not the globally installed containerlab!"
@echo 'If https proxy is configured in your environment, pass the proxies via --env HTTPS_PROXY="<proxy-address>" flag of the docker run command.'
# push to ttl.sh
# docker run --rm -v $(CURDIR)/bin:/workspace ghcr.io/oras-project/oras:v1.1.0 push ttl.sh/clab-$(COMMIT_HASH):1d ./containerlab
# @echo "download with: docker run --rm -v \$$(pwd):/workspace ghcr.io/oras-project/oras:v1.1.0 pull ttl.sh/clab-$(COMMIT_HASH):1d"
# push to ghcr.io
@echo ""
docker run --rm -v $(CURDIR)/bin:/workspace -v $${HOME}/.docker/config.json:/root/.docker/config.json ghcr.io/oras-project/oras:v1.1.0 push ghcr.io/srl-labs/clab-oci:$(COMMIT_HASH) ./containerlab
@echo "With the following pull command you get a containerlab binary at your working directory. To use this downloaded binary - ./containerlab deploy.... Make sure not forget to add ./ prefix in order to use the downloaded binary and not the globally installed containerlab!"
@echo 'If https proxy is configured in your environment, pass the proxies via --env HTTPS_PROXY="<proxy-address>" flag of the docker run command.'
@echo "download with: sudo docker run --rm -v \$$(pwd):/workspace ghcr.io/oras-project/oras:v1.1.0 pull ghcr.io/srl-labs/clab-oci:$(COMMIT_HASH)"

oci-arm-push: build-linux-arm64
@echo
@echo "With the following pull command you get a containerlab binary at your working directory. To use this downloaded binary - do `chmod +x ./containerlab` and then `./containerlab deploy`. Make sure not forget to add ./ prefix in order to use the downloaded binary and not the globally installed containerlab!"
@echo 'If https proxy is configured in your environment, pass the proxies via --env HTTPS_PROXY="<proxy-address>" flag of the docker run command.'
@echo ""
docker run --rm -v $(CURDIR)/bin:/workspace -v $${HOME}/.docker/config.json:/root/.docker/config.json ghcr.io/oras-project/oras:v1.1.0 push ghcr.io/srl-labs/clab-oci:$(COMMIT_HASH) ./containerlab
@echo "With the following pull command you get a containerlab binary at your working directory. To use this downloaded binary - do `chmod +x ./containerlab` and then `./containerlab deploy`. Make sure not forget to add ./ prefix in order to use the downloaded binary and not the globally installed containerlab!"
@echo 'If https proxy is configured in your environment, pass the proxies via --env HTTPS_PROXY="<proxy-address>" flag of the docker run command.'
@echo "download with: sudo docker run --rm -v \$$(pwd):/workspace ghcr.io/oras-project/oras:v1.1.0 pull ghcr.io/srl-labs/clab-oci:$(COMMIT_HASH)"
19 changes: 5 additions & 14 deletions nodes/ovs/ovs.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ import (
"github.com/vishvananda/netlink"
)

var kindnames = []string{"ovs-bridge"}
var kindNames = []string{"ovs-bridge"}

// Register registers the node in the NodeRegistry.
func Register(r *nodes.NodeRegistry) {
r.Register(kindnames, func() nodes.Node {
r.Register(kindNames, func() nodes.Node {
return new(ovs)
}, nil)
}
Expand All @@ -50,10 +50,7 @@ func (n *ovs) Init(cfg *types.NodeConfig, opts ...nodes.NodeOption) error {

func (n *ovs) CheckDeploymentConditions(_ context.Context) error {
// check if ovs bridge exists
c := goOvs.New(
// Prepend "sudo" to all commands.
goOvs.Sudo(),
)
c := goOvs.New()

// We were previously doing c.VSwitch.Get.Bridge() but it doesn't work
// when the bridge has a protocol version higher than 1.0
Expand All @@ -78,10 +75,7 @@ func (*ovs) PullImage(_ context.Context) error { return nil }
func (*ovs) GetImages(_ context.Context) map[string]string { return map[string]string{} }

func (n *ovs) Delete(_ context.Context) error {
c := goOvs.New(
// Prepend "sudo" to all commands.
goOvs.Sudo(),
)
c := goOvs.New()

for _, ep := range n.GetEndpoints() {
// Under the hood, this is called with "--if-exists", so it will handle the case where it doesn't exist for some reason.
Expand Down Expand Up @@ -121,10 +115,7 @@ func (n *ovs) AddLinkToContainer(ctx context.Context, link netlink.Link, f func(
return err
}

c := goOvs.New(
// Prepend "sudo" to all commands.
goOvs.Sudo(),
)
c := goOvs.New()

// need to reread the link, due to the changed the function f might have applied to
// the link. Usually it renames the link to its final name.
Expand Down
Loading