Skip to content

🐛 Recreate watcher if the file unlinked and replaced#2893

Merged
k8s-ci-robot merged 2 commits intokubernetes-sigs:mainfrom
m-messiah:patch-1
Aug 3, 2024
Merged

🐛 Recreate watcher if the file unlinked and replaced#2893
k8s-ci-robot merged 2 commits intokubernetes-sigs:mainfrom
m-messiah:patch-1

Conversation

@m-messiah
Copy link
Member

@m-messiah m-messiah commented Jul 30, 2024
edited
Loading

The current certwatcher misses some events, so if the certificate is maintained in a failsafe-backup way it cannot be watched and fails to get any updates.

For example, when it started with certwartcher.New("app.crt", "app.key") and someone does:

curl -O app.crt.new example.com/cert
curl -O app.key.new example.com/key
diff app.crt.new app.crt || (echo "No change"; exit 0)
ln app.crt app.crt.old
ln app.key app.key.old
mv app.crt.new app.crt
mv app.key.new app.key

The FD of the file gets these inotify events and stops being watched.

# Diff
app.crt OPEN
app.crt CLOSE_NOWRITE,CLOSE
# Move
app.crt ATTRIB
app.crt MOVE_SELF
app.crt ATTRIB
app.crt DELETE_SELF

Please take a look at the added test for the implementation of failsafe cert replacement.
The problem is that in this stage because of hardlink the certwatcher continues to watch app.crt.old and app.key.old inodes until they are removed. If they are removed properly - it gets a REMOVE fsnotify event and recreates the watch, but if they use something like unlink and still have open FD or another watch - they would be watched forever.

The case is already mentioned in fsnotify library comments: https://github.com/fsnotify/fsnotify/blob/c1467c02fba575afdb5f4201072ab8403bbf00f4/fsnotify.go#L40-L48

// # Linux notes
//
// When a file is removed a Remove event won't be emitted until all file
// descriptors are closed, and deletes will always emit a Chmod. For example:
//
//      fp := os.Open("file")
//      os.Remove("file")        // Triggers Chmod
//      fp.Close()               // Triggers Remove
//

and https://github.com/fsnotify/fsnotify/blob/c1467c02fba575afdb5f4201072ab8403bbf00f4/fsnotify.go#L135-L139

        //   fsnotify.Chmod     Attributes were changed. On Linux this is also sent
        //                      when a file is removed (or more accurately, when a
        //                      link to an inode is removed). On kqueue it's sent
        //                      when a file is truncated. On Windows it's never
        //                      sent.

So the PR adds fsnotify.Chmod event to be treated equally to fsnotify.Remove in case someone still looks at the old inode, because for certiwatcher the important data are in the filename, not inode.

Note, there is no harm in recreating the watch for a file that is already monitored (in case Chmod was thrown for any other reason) as watcher would just reuse the existing: https://github.com/fsnotify/fsnotify/blob/c1467c02fba575afdb5f4201072ab8403bbf00f4/fsnotify.go#L277-L312

// A path can only be watched once; watching it more than once is a no-op and will
// not return an error. Paths that do not yet exist on the filesystem cannot be
// watched.
//
// A watch will be automatically removed if the watched path is deleted or
// renamed. The exception is the Windows backend, which doesn't remove the
// watcher on renames.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jul 30, 2024
@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jul 30, 2024
@m-messiah m-messiah marked this pull request as draft July 30, 2024 16:29
@k8s-ci-robot k8s-ci-robot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jul 30, 2024
@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jul 30, 2024
@vincepri
Copy link
Member

vincepri commented Jul 30, 2024

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Jul 30, 2024
@m-messiah m-messiah changed the title 🐛 Recreate watcher if the file was renamed 🐛 Recreate watcher if the file unlinked and replaced Aug 1, 2024
@m-messiah m-messiah marked this pull request as ready for review August 1, 2024 15:56
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Aug 1, 2024
vincepri
vincepri reviewed Aug 1, 2024
View reviewed changes
Copy link
Member

@vincepri vincepri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/assign @sbueringer

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Aug 1, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: m-messiah, vincepri

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 1, 2024
@sbueringer
Copy link
Member

sbueringer commented Aug 1, 2024

/lgtm
/hold

@k8s-ci-robot k8s-ci-robot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Aug 1, 2024
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Aug 1, 2024

LGTM label has been added.

DetailsGit tree hash: b9055ed877ccf5bafe16326c138eddb0e39f675f

@alvaroaleman alvaroaleman added the tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges. label Aug 3, 2024
@alvaroaleman
Copy link
Member

alvaroaleman commented Aug 3, 2024

/hold cancel
Thank you!

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 3, 2024
@k8s-ci-robot k8s-ci-robot merged commit 5b943b9 into kubernetes-sigs:main Aug 3, 2024
@m-messiah m-messiah deleted the patch-1 branch August 12, 2024 08:32
@vincepri
Copy link
Member

vincepri commented Aug 12, 2024

/cherry-pick release-1.8

@k8s-infra-cherrypick-robot
Copy link

k8s-infra-cherrypick-robot commented Aug 12, 2024

@vincepri: cannot checkout release-1.8: error checking out "release-1.8": exit status 1 error: pathspec 'release-1.8' did not match any file(s) known to git

Details

In response to this:

/cherry-pick release-1.8

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@vincepri
Copy link
Member

vincepri commented Aug 12, 2024

/cherry-pick release-0.18

@vincepri
Copy link
Member

vincepri commented Aug 12, 2024

/cherry-pick release-0.17

@k8s-infra-cherrypick-robot
Copy link

k8s-infra-cherrypick-robot commented Aug 12, 2024

@vincepri: new pull request created: #2919

Details

In response to this:

/cherry-pick release-0.18

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Aug 12, 2024
Merged
@k8s-infra-cherrypick-robot
Copy link

k8s-infra-cherrypick-robot commented Aug 12, 2024

@vincepri: new pull request created: #2920

Details

In response to this:

/cherry-pick release-0.17

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Aug 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vincepri vincepri vincepri left review comments

@inteon inteon Awaiting requested review from inteon

@varshaprasad96 varshaprasad96 Awaiting requested review from varshaprasad96

@alvaroaleman alvaroaleman Awaiting requested review from alvaroaleman

Assignees

@sbueringer sbueringer

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@m-messiah @vincepri @k8s-ci-robot @sbueringer @alvaroaleman @k8s-infra-cherrypick-robot