rbd: Add timeout for cryptsetup commands

This PR modifies the execCryptSetupCommand so that the process is killed in an event of lock timeout. Useful in cases where the volume lock is released but the command is still running. Signed-off-by: Niraj Yadav <niryadav@redhat.com>
2025-06-13 02:33:34 +00:00 · 2024-10-17 17:25:08 +05:30
parent c451997762
commit 1c02e69ba4
5 changed files with 100 additions and 42 deletions
--- a/internal/util/cephcmds.go
+++ b/internal/util/cephcmds.go
@ -26,6 +26,7 @@ import (
 	"time"

 	"github.com/ceph/ceph-csi/internal/util/log"
+	"github.com/ceph/ceph-csi/internal/util/stripsecrets"

 	"github.com/ceph/go-ceph/rados"
 )
@ -49,7 +50,7 @@ func ExecuteCommandWithNSEnter(ctx context.Context, netPath, program string, arg
 	}
 	//  nsenter --net=%s -- <program> <args>
 	args = append([]string{"--net=" + netPath, "--", program}, args...)
-	sanitizedArgs := StripSecretInArgs(args)
+	sanitizedArgs := stripsecrets.InArgs(args)
 	cmd := exec.Command(nsenter, args...) // #nosec:G204, commands executing not vulnerable.
 	cmd.Stdout = &stdoutBuf
 	cmd.Stderr = &stderrBuf
@ -80,7 +81,7 @@ func ExecuteCommandWithNSEnter(ctx context.Context, netPath, program string, arg
 func ExecCommand(ctx context.Context, program string, args ...string) (string, string, error) {
 	var (
 		cmd           = exec.Command(program, args...) // #nosec:G204, commands executing not vulnerable.
-		sanitizedArgs = StripSecretInArgs(args)
+		sanitizedArgs = stripsecrets.InArgs(args)
 		stdoutBuf     bytes.Buffer
 		stderrBuf     bytes.Buffer
 	)
@ -122,7 +123,7 @@ func ExecCommandWithTimeout(
 	error,
 ) {
 	var (
-		sanitizedArgs = StripSecretInArgs(args)
+		sanitizedArgs = stripsecrets.InArgs(args)
 		stdoutBuf     bytes.Buffer
 		stderrBuf     bytes.Buffer
 	)