The --mount-string argument defaults to `/Users` on darwin, and
homedir.Homedir() on other platforms (e.g. $HOME on unix).
This is wrong in many ways:
- `/Users` is not HOME on darwin (the right path is `/Users/$USER`).
Using the default mount we cannot access anything inside the guest in
the user home directory. We can access the special `/Users/Shared`
directory, but this should not be a default mount.
- Mounting the user home directory inside the guest in read-write mode
is a horrible default. This exposes the users private keys in .ssh/ to
the guest, any sensitive files in the user home directory, and allows
the guest to change any file on the host.
- Using the `--mount` option mount the default mount directory silently.
This is unexpected, surprising, and not documented in the minikube
handbook[1].
Example access to user private key from the guest with the default
mount:
$ minikube start --mount
$ minikube ssh cat /minikube-host/.ssh/id_ed25519
-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----
Fixed by removing the default mount directory and changing mount logic
to check for non-empty mount-string instead of the mount flag.
The mount flag is kept for backward compatibility, but its value is
ignored. In the next release we want to use this flag for supporting
multiple mounts.
Example usage before:
minikube start --mount --mount-string ~/models:/mnt/models
Example usage after:
minikube start --mount-string ~/models:/mnt/models
Breaking changes:
User depending the default mount will have to replace the command:
minikube start --mount
With:
minikube start --mount-string $HOME:/minikube-host
[1] https://minikube.sigs.k8s.io/docs/handbook/mount/
* add qemu functional test to github action on macos13
* remove memory arg
* add higher wait time for qemu and nested in integration test for pvc
* higher mins for qemu/vfkit nested
* use maxwait
* add same workflow for master jobs
* bump wait
Add special case handlers in get_version.go for components that require
non-standard version extraction methods:
- docsy: Extract git submodule commit hash
- kubernetes: Read DefaultKubernetesVersion from constants
- kubeadm-constants: Parse latest version from kubeadm images map
- kubernetes-versions-list: Count and summarize supported versions
- site-node: Use existing node version extraction from netlify.toml
Remove all entries from noVersionCheck map in update_all.go to enable
before/after version comparison for these components.
This allows 'DEP=component make get-dependency-version' commands to work
for all components, improving the auto-updater workflow.
Move all files and packages which are not a driver to the drivers/common
package. This helps to understand the structure of the code.
While moving, move the iso_test.iso into testdata/test.iso to separate
code and test data.
While fixing the test iso path fix few bugs in the tests using wrong iso
path. The test failed because the iso path was wrong instead of issue
with source or destination path.
New directory structure:
% tree -L1 pkg/drivers
pkg/drivers
├── common
├── hyperkit
├── kic
├── krunkit
├── kvm
├── none
├── qemu
├── ssh
└── vfkit
Running the function tests creates a licenses directory and checks out
the "github.com/hooklift/iso9660" module, which imports
"github.com/c4milo/gotoolkit".
% git status
...
Untracked files:
(use "git add <file>..." to include in what will be committed)
test/integration/licenses/
At this point running go mod tidy will add the gotoolkit module:
% go mod tidy --diff
diff current/go.mod tidy/go.mod
--- current/go.mod
+++ tidy/go.mod
@@ -13,6 +13,7 @@
github.com/Xuanwo/go-locale v1.1.3
github.com/blang/semver/v4 v4.0.0
github.com/briandowns/spinner v1.23.2
+ github.com/c4milo/gotoolkit v0.0.0-20190525173301-67483a18c17a
github.com/cenkalti/backoff/v4 v4.3.0
github.com/cheggaaa/pb/v3 v3.1.7
github.com/cloudevents/sdk-go/v2 v2.16.0
...
"github.com/hooklift/iso9660" does not have a go.mod file, so `go mod
tidy` treats is as part of the main module and update go.mod.
We should find a better place to check out the licenses, maybe a test
temporary directory, but let's start with quick fix: ignore the license
directory, and include it in `make clean`.
getWindowsVolumeNameCmd uses the deprecated wmic.exe.
See https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic for
details.
Replace the implementation with a call to the Powershell equivalent.
Look in path and system environment vars to locate Powershell.
Improve Powershell discovery
* remove omitnew line
* add new option to hide after spin
* refactor to use new return hideAfterSpin
* add new line by default only when not spinining and delegate spinner newline to spinner code
* add new func for ouptputing with spinner and pass fdwriter directly to the spininer func
* fix unit test
* fix lint for krunkit
* add comment and context
* use different spinning progress bar for sub steps
* make func private
* making more spinning icons
* integration test dont expect sub steps to be visible
* fix unit test and comment why
* change sub step spining icon not to be a progressbar
* pass the filewriter to the spinner library for the spinning steps
* remove un-needed gomod replaces
* add a make target gomodtidy
* update docs on using gomodtidy
* add automation to run go mod tidy on every push
* update contributing docs to be more helpful
* install gopogh if it is not installed in html_report
* addres PR reviews
* update docs headings
* add update all go script
* add update all make target
* add update all make target
* standardize the component name for look up
* standardize amd amd component name
* rename all hack update go code to match component name to standardize
* delete extra folder
* update makefile with new standard filenames
* update component name amd
* fix amd gpu name
* skip amd for now till broken
* fix cilium helm update
* standard name for cloud spanner emulator
* standard crio name
* set max to 100
* delete old folder
* skip docsy for update all
* return error if fail to apply
* docsy versoin
* update files with go-github
* update file names
* move all make targets to same location
* standard name for golang comp
* skip istio addon
* skip kicbase version since it is not related
* skip kubeadm constant too
* skip kubernetes version too
* run components that dont support before/after
* update kubeadm constant
* skip kubeadm constant on non linux
* add kubernetes_versions_list to not support before/after
* list preload version as one of the internal jobs
* list preload version as one of the internal jobs
* simpllify the code
* use log for printing
* add boiler plates
* add gh workflow
* copy licenses to gh assests as well
* download licneses from github
* try head first to make code more simple
* remove debug
* fix extra dash
* create license directory if doesnt exist
* Apply suggestion from prezha
* Apply suggestion from prezha
* Apply suggestion from prezha
* Apply suggestion from prezha
dependabot[bot]
Nir Soffer
Medya Ghazizadeh
minikube-bot
VerlorenerReisender
Laxman Gupta
Aaron Nall
James World
Divy Singhvi
Jun Sugimoto
Joaquim Rocha