Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Fix the issue of backup failure due to complex passwords in the pg #7596

Merged
merged 1 commit into from
Dec 30, 2024
Merged

fix: Fix the issue of backup failure due to complex passwords in the pg #7596

merged 1 commit into from
Dec 30, 2024

Conversation

ssongliu
Copy link
Member

No description provided.

@f2c-ci-robot f2c-ci-robot
Copy link

f2c-ci-robot bot commented Dec 30, 2024

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@1Panel-bot 1Panel-bot added the dev label Dec 30, 2024
wanghe-fit2cloud
wanghe-fit2cloud reviewed Dec 30, 2024
View reviewed changes
backend/utils/postgresql/client/remote.go
@@ -178,7 +178,7 @@ func (r *Remote) Recover(info RecoverInfo) error {
}()
}
recoverCommand := exec.Command("bash", "-c",
fmt.Sprintf("docker run --rm --net=host -i %s /bin/bash -c 'PGPASSWORD=%s pg_restore -h %s -p %d --verbose --clean --no-privileges --no-owner -Fc -U %s -d %s --role=%s' < %s",
fmt.Sprintf("docker run --rm --net=host -i %s /bin/bash -c 'PGPASSWORD=\"%s\" pg_restore -h %s -p %d --verbose --clean --no-privileges --no-owner -Fc -U %s -d %s --role=%s' < %s",
imageTag, r.Password, r.Address, r.Port, r.User, info.Name, info.Username, fileName))
pipe, _ := recoverCommand.StdoutPipe()
stderrPipe, _ := recoverCommand.StderrPipe()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code provided contains a few issues that I would suggest addressing:

Issues and Suggestions:

  1. Unescaped Special Characters:

    • In both Backup and Recover functions, the environment variables include special characters (%) which need to be escaped. This is particularly true for %q format specifier in Go.

  2. Variable Naming Consistency:

    • The variable names used within the commands (like imageTag, r.Password, etc.) should follow consistent naming conventions to improve readability.

  3. File Path Formatting:

    • Ensure that the file paths specified in the commands are correctly formatted without any trailing slashes or spaces.

Here is an updated version of the code with these changes applied:

func (r *Remote) Backup(info BackupInfo) error {
	//
	fileNameItem := info.TargetDir + "/" + strings.TrimSuffix(info.FileName, ".gz")
	backupCommand := exec.Command(
		"bash", "-c",
		fmt.Sprintf(
			"docker run --rm --net=host -i %s /bin/bash -c 'PGPASSWORD='%[1]q' pg_dump -h %[2]s -p %[3]d --no-owner -Fc -U %[4]s %[5]' > %s",
			r.User,
			info.Name,
			r.Address,
			strconv.Itoa(r.Port),
			info.SourceDBName,
			fileNameItem)),
	})
	var stderr bytes.Buffer
	backupCommand.Stderr = &stderr
	err := backupCommand.Run()
	if err != nil && len(stderr.Bytes()) > 0 {
		return fmt.Errorf("backup failed: %w\nError output:\n%v", err, stderr.String())
	}
	return nil
}

func (r *Remote) Recover(info RecoverInfo) error {
	//
	recoverCommand := exec.Command(
		"bash", "-c",
		fmt.Sprintf(
			"docker run --rm --net=host -i %s /bin/bash -c 'PGPASSWORD='%[1]q' pg_restore -h %[2]s -p %[3]d --verbose --clean --no-privileges --no-owner -Fc -U %[4]s -d %[5]' < %s",
			r.User,
			info.Username,
			r.Address,
			strconv.Itoa(r.Port),
			info.DatabaseName,
			fileName)),
	)
	reader, writer := io.Pipe()
	defer reader.Close()

	go func() {
		writtenBytes, e := ioutil.ReadAll(writer)
		if e != nil {
			log.Printf("%s", string(writtenBytes))
		} else if e == io.EOF {
			e = errors.New(fmt.Sprintf("pg_restore exited unexpectedly after writing %d bytes.", writtenBytes.Len()))
		}
		writer.CloseWithError(e)
	}()

	stderrPipe, _ := recoverCommand.StderrPipe()
	readerErr := io.ReadAll(stderrPipe)

	recoverCommand.Stdin = reader

	cmdStart := time.Now()

	err = recoverCommand.Start()
	if err != nil {
		log.Println("\ncmd:", recoverCommand.Args)
		cmdStart.Sub(cmdStart)) // Print execution time for debugging
		log.Fatalf("error running pg_restore start: %v\nStdout/Erro:\n%s/%s"
			, err.Error(), pipe.OutReader().String(), pipe.ErrReader().String())

	}

	_, readErr := io.Copy(os.Stdout, pipe)

	for { // Wait for either recovery completion or command termination
		waitExitCode, waitErr := recoverCommand.Wait()

		if !errors.Is(waitErr, io.EOF) { // EOF means that the process was terminated by user/integrity issue
			log.Printf("%s", "Process was terminated by signal.")
			log.Printf("Waited Exit Code:%v | waited Error:[%v]", waitExitCode, waitErr)
			return errors.New("recovery interrupted due to unexpected exit.")
		}
		break
	}
	cmdEnd := time.Now()
	cmdDuration := cmdEnd.Sub(cmdStart) // Return the duration it took to execute the script
	log.Println("Recovered database successfully, Execution Duration:", cmdDuration)
}

Notes:

  • Env Var Expansion: Used %[1]q for environment variable expansion to handle quotes gracefully.
  • Error Handling: Added comprehensive error handling by checking the command's return code and reading all possible outputs.
  • Logging Improvements: Enhanced logging to capture and display both successful and failed operations.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
2 Security Hotspots

See analysis details on SonarQube Cloud

wanghe-fit2cloud
wanghe-fit2cloud reviewed Dec 30, 2024
View reviewed changes
Copy link
Member

@wanghe-fit2cloud wanghe-fit2cloud left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@f2c-ci-robot f2c-ci-robot bot added the lgtm label Dec 30, 2024
@wanghe-fit2cloud
Copy link
Member

/approve

wanghe-fit2cloud
wanghe-fit2cloud reviewed Dec 30, 2024
View reviewed changes
Copy link
Member

@wanghe-fit2cloud wanghe-fit2cloud left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@wanghe-fit2cloud
Copy link
Member

/approve

@f2c-ci-robot f2c-ci-robot
Copy link

f2c-ci-robot bot commented Dec 30, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: wanghe-fit2cloud

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@wanghe-fit2cloud wanghe-fit2cloud merged commit 6dbb6d2 into dev Dec 30, 2024
5 of 7 checks passed
@wanghe-fit2cloud wanghe-fit2cloud deleted the pr@dev@pg_dump branch December 30, 2024 05:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wanghe-fit2cloud wanghe-fit2cloud wanghe-fit2cloud left review comments

@zhengkunwang223 zhengkunwang223 Awaiting requested review from zhengkunwang223

Assignees

@wanghe-fit2cloud wanghe-fit2cloud

Labels
approved dev do-not-merge/release-note-label-needed lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ssongliu @wanghe-fit2cloud @1Panel-bot