Verify calico cni binary contents instead of executing 'calico -v'

'destinationUptoDate()' compares the files byte for byte, so if they’re exactly the same, it’s equivalent to running 'calico -v'
projectcalico · Feb 20, 2024 · 34e7849 · 34e7849
1 parent 6664347
commit 34e7849
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 22 deletions.
diff --git a/cni-plugin/cmd/install/install.go b/cni-plugin/cmd/install/install.go
@@ -24,7 +24,7 @@ import (
 var VERSION string
 
 func main() {
-	err := install.Install()
+	err := install.Install(VERSION)
 	if err != nil {
 		logrus.WithError(err).Fatal("Error installing CNI plugin")
 	}

diff --git a/cni-plugin/pkg/install/install.go b/cni-plugin/pkg/install/install.go
@@ -15,13 +15,12 @@
 package install
 
 import (
-	"bytes"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
 	"os"
-	"os/exec"
+	"runtime"
 	"strings"
 	"time"
 
@@ -118,7 +117,7 @@ func loadConfig() config {
 	return c
 }
 
-func Install() error {
+func Install(version string) error {
 	// Make sure the RNG is seeded.
 	seedrng.EnsureSeeded()
 
@@ -188,8 +187,6 @@ func Install() error {
 			logrus.Infof("%s is not writeable, skipping", d)
 			continue
 		}
-		// Don't exec the 'calico' binary later on if it has been skipped
-		calicoBinarySkipped := true
 
 		// Iterate through each binary we might want to install.
 		files, err := os.ReadDir("/opt/cni/bin/")
@@ -214,29 +211,26 @@ func Install() error {
 				logrus.WithError(err).Errorf("Failed to install %s", target)
 				os.Exit(1)
 			}
-			if binary.Name() == "calico" || binary.Name() == "calico.exe" {
-				calicoBinarySkipped = false
-			}
 			logrus.Infof("Installed %s", target)
 		}
 
 		// Binaries were placed into at least one directory
 		logrus.Infof("Wrote Calico CNI binaries to %s\n", d)
 		binsWritten = true
 
-		// Don't exec the 'calico' binary later on if it has been skipped
-		if !calicoBinarySkipped {
-			// Print CNI plugin version to confirm that the binary was actually written.
-			// If this fails, it means something has gone wrong so we should retry.
-			cmd := exec.Command(d+"/calico", "-v")
-			var out bytes.Buffer
-			cmd.Stdout = &out
-			err = cmd.Run()
-			if err != nil {
-				logrus.WithError(err).Warnf("Failed getting CNI plugin version from installed binary, exiting")
-				return err
-			}
-			logrus.Infof("CNI plugin version: %s", out.String())
+		// Instead of executing 'calico -v', check if the calico binary was copied successfully
+		calicoBinaryName := "calico"
+		if runtime.GOOS == "windows" {
+			calicoBinaryName = "calico.exe"
+		}
+		calicoBinaryOK, err := destinationUptoDate("/opt/cni/bin/"+calicoBinaryName, d+"/"+calicoBinaryName)
+		if err != nil {
+			logrus.WithError(err).Warnf("Failed verifying installed binary, exiting")
+			return err
+		}
+		// Print version number if successful
+		if calicoBinaryOK {
+			logrus.Infof("CNI plugin version: %s", version)
 		}
 	}