don't alias Env slices in build controller strategy

Author: Jim Minter

pkg/build/controller/strategy/custom_test.go

@@ -97,6 +97,8 @@ func TestCustomCreateBuildPod(t *testing.T) {
 			t.Errorf("Expected %s variable to be set", name)
 		}
 	}
+
+	checkAliasing(t, actual)
 }
 
 func TestCustomCreateBuildPodExpectedForcePull(t *testing.T) {

pkg/build/controller/strategy/docker.go

@@ -55,7 +55,7 @@ func (bs *DockerBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 					Name:    "docker-build",
 					Image:   bs.Image,
 					Command: []string{"openshift-docker-build"},
-					Env:     containerEnv,
+					Env:     copyEnvVarSlice(containerEnv),
 					// TODO: run unprivileged https://github.com/openshift/origin/issues/662
 					SecurityContext: &v1.SecurityContext{
 						Privileged: &privileged,
@@ -92,7 +92,7 @@ func (bs *DockerBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 			Name:    GitCloneContainer,
 			Image:   bs.Image,
 			Command: []string{"openshift-git-clone"},
-			Env:     containerEnv,
+			Env:     copyEnvVarSlice(containerEnv),
 			TerminationMessagePolicy: v1.TerminationMessageFallbackToLogsOnError,
 			VolumeMounts: []v1.VolumeMount{
 				{
@@ -115,7 +115,7 @@ func (bs *DockerBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 			Name:    ExtractImageContentContainer,
 			Image:   bs.Image,
 			Command: []string{"openshift-extract-image-content"},
-			Env:     containerEnv,
+			Env:     copyEnvVarSlice(containerEnv),
 			// TODO: run unprivileged https://github.com/openshift/origin/issues/662
 			SecurityContext: &v1.SecurityContext{
 				Privileged: &privileged,
@@ -137,7 +137,7 @@ func (bs *DockerBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 			Name:    "manage-dockerfile",
 			Image:   bs.Image,
 			Command: []string{"openshift-manage-dockerfile"},
-			Env:     containerEnv,
+			Env:     copyEnvVarSlice(containerEnv),
 			TerminationMessagePolicy: v1.TerminationMessageFallbackToLogsOnError,
 			VolumeMounts: []v1.VolumeMount{
 				{

pkg/build/controller/strategy/docker_test.go

@@ -107,6 +107,8 @@ func TestDockerCreateBuildPod(t *testing.T) {
 			t.Errorf("Expected %s:%s, got %s:%s!\n", exp[0], exp[1], e.Name, e.Value)
 		}
 	}
+
+	checkAliasing(t, actual)
 }
 
 func TestDockerBuildLongName(t *testing.T) {

pkg/build/controller/strategy/sti.go

@@ -80,7 +80,7 @@ func (bs *SourceBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 					Name:    "sti-build",
 					Image:   bs.Image,
 					Command: []string{"openshift-sti-build"},
-					Env:     containerEnv,
+					Env:     copyEnvVarSlice(containerEnv),
 					// TODO: run unprivileged https://github.com/openshift/origin/issues/662
 					SecurityContext: &v1.SecurityContext{
 						Privileged: &privileged,
@@ -114,7 +114,7 @@ func (bs *SourceBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 			Name:    GitCloneContainer,
 			Image:   bs.Image,
 			Command: []string{"openshift-git-clone"},
-			Env:     containerEnv,
+			Env:     copyEnvVarSlice(containerEnv),
 			TerminationMessagePolicy: v1.TerminationMessageFallbackToLogsOnError,
 			VolumeMounts: []v1.VolumeMount{
 				{
@@ -137,7 +137,7 @@ func (bs *SourceBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 			Name:    ExtractImageContentContainer,
 			Image:   bs.Image,
 			Command: []string{"openshift-extract-image-content"},
-			Env:     containerEnv,
+			Env:     copyEnvVarSlice(containerEnv),
 			// TODO: run unprivileged https://github.com/openshift/origin/issues/662
 			SecurityContext: &v1.SecurityContext{
 				Privileged: &privileged,
@@ -159,7 +159,7 @@ func (bs *SourceBuildStrategy) CreateBuildPod(build *buildapi.Build) (*v1.Pod, e
 			Name:    "manage-dockerfile",
 			Image:   bs.Image,
 			Command: []string{"openshift-manage-dockerfile"},
-			Env:     containerEnv,
+			Env:     copyEnvVarSlice(containerEnv),
 			TerminationMessagePolicy: v1.TerminationMessageFallbackToLogsOnError,
 			VolumeMounts: []v1.VolumeMount{
 				{

pkg/build/controller/strategy/sti_test.go

@@ -161,6 +161,8 @@ func testSTICreateBuildPod(t *testing.T, rootAllowed bool) {
 			t.Errorf("Expected %s:%s, got %s:%s!\n", exp[0], exp[1], e.Name, e.Value)
 		}
 	}
+
+	checkAliasing(t, actual)
 }
 
 func TestS2IBuildLongName(t *testing.T) {

pkg/build/controller/strategy/util.go

@@ -265,3 +265,10 @@ func setOwnerReference(pod *v1.Pod, build *buildapi.Build) {
 		},
 	}
 }
+
+// copyEnvVarSlice returns a copy of an []v1.EnvVar
+func copyEnvVarSlice(in []v1.EnvVar) []v1.EnvVar {
+	out := make([]v1.EnvVar, len(in))
+	copy(out, in)
+	return out
+}

pkg/build/controller/strategy/util_test.go

@@ -1,7 +1,9 @@
 package strategy
 
 import (
+	"reflect"
 	"testing"
+	"unsafe"
 
 	kapi "k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/api/v1"
@@ -118,3 +120,36 @@ func TestSetupDockerSecrets(t *testing.T) {
 		seenMountPath[m.Name] = true
 	}
 }
+
+func TestCopyEnvVarSlice(t *testing.T) {
+	s1 := []v1.EnvVar{{Name: "FOO", Value: "bar"}, {Name: "BAZ", Value: "qux"}}
+	s2 := copyEnvVarSlice(s1)
+
+	if !reflect.DeepEqual(s1, s2) {
+		t.Error(s2)
+	}
+
+	if (*reflect.SliceHeader)(unsafe.Pointer(&s1)).Data == (*reflect.SliceHeader)(unsafe.Pointer(&s2)).Data {
+		t.Error("copyEnvVarSlice didn't copy backing store")
+	}
+}
+
+func checkAliasing(t *testing.T, pod *v1.Pod) {
+	m := map[uintptr]bool{}
+	for _, c := range pod.Spec.Containers {
+		p := (*reflect.SliceHeader)(unsafe.Pointer(&c.Env)).Data
+		if m[p] {
+			t.Error("pod Env slices are aliased")
+			return
+		}
+		m[p] = true
+	}
+	for _, c := range pod.Spec.InitContainers {
+		p := (*reflect.SliceHeader)(unsafe.Pointer(&c.Env)).Data
+		if m[p] {
+			t.Error("pod Env slices are aliased")
+			return
+		}
+		m[p] = true
+	}
+}

test/extended/testdata/bindata.go

@@ -10,6 +10,10 @@ parameters:
 - name: SOURCE_SECRET
   required: true
 objects:
+- apiVersion: v1
+  kind: ImageStream
+  metadata:
+    name: output
 - apiVersion: v1
   kind: BuildConfig
   metadata:
@@ -28,3 +32,11 @@ objects:
           name: ruby:latest
           namespace: openshift
       type: Source
+    # this test specifically does a push, to help exercise the code that sets
+    # environment variables on build pods (i.e., by having a source secret and
+    # a push secret, multiple environment variables need to be set correctly for
+    # the build to succeed).
+    output:
+      to:
+        kind: ImageStreamTag
+        name: output:latest