refactor: create safer command execution method (#2899)

* rename ExecuteCommand to ExecuteRawCommand

* add safer execute command method

* fix windows platform command test

* add uts and comments

* address feedback

* add parent context to execute command

Author: QxBytes

aitelemetry/telemetrywrapper_test.go

@@ -32,12 +32,12 @@ func TestMain(m *testing.M) {
 	p := platform.NewExecClient(nil)
 	if runtime.GOOS == "linux" {
 		//nolint:errcheck // initial test setup
-		p.ExecuteCommand("cp metadata_test.json /tmp/azuremetadata.json")
+		p.ExecuteRawCommand("cp metadata_test.json /tmp/azuremetadata.json")
 	} else {
 		metadataFile := filepath.FromSlash(os.Getenv("TEMP")) + "\\azuremetadata.json"
 		cmd := fmt.Sprintf("copy metadata_test.json %s", metadataFile)
 		//nolint:errcheck // initial test setup
-		p.ExecuteCommand(cmd)
+		p.ExecuteRawCommand(cmd)
 	}
 
 	hostu, _ := url.Parse("tcp://" + hostAgentUrl)
@@ -58,12 +58,12 @@ func TestMain(m *testing.M) {
 
 	if runtime.GOOS == "linux" {
 		//nolint:errcheck // test cleanup
-		p.ExecuteCommand("rm /tmp/azuremetadata.json")
+		p.ExecuteRawCommand("rm /tmp/azuremetadata.json")
 	} else {
 		metadataFile := filepath.FromSlash(os.Getenv("TEMP")) + "\\azuremetadata.json"
 		cmd := fmt.Sprintf("del %s", metadataFile)
 		//nolint:errcheck // initial test cleanup
-		p.ExecuteCommand(cmd)
+		p.ExecuteRawCommand(cmd)
 	}
 
 	log.Close()

cns/dockerclient/dockerclient.go

@@ -181,7 +181,7 @@ func (c *Client) DeleteNetwork(networkName string) error {
 
 		cmd := fmt.Sprintf("iptables -t nat -D POSTROUTING -m iprange ! --dst-range 168.63.129.16 -m addrtype ! --dst-type local ! -d %v -j MASQUERADE",
 			primaryNic.Subnet)
-		_, err = p.ExecuteCommand(cmd)
+		_, err = p.ExecuteRawCommand(cmd)
 		if err != nil {
 			logger.Printf("[Azure CNS] Error Removing Outbound SNAT rule %v", err)
 		}

ebtables/ebtables.go

@@ -133,7 +133,7 @@ func GetEbtableRules(tableName, chainName string) ([]string, error) {
 	command := fmt.Sprintf(
 		"ebtables -t %s -L %s --Lmac2",
 		tableName, chainName)
-	out, err := p.ExecuteCommand(command)
+	out, err := p.ExecuteRawCommand(command)
 	if err != nil {
 		return nil, err
 	}
@@ -228,7 +228,7 @@ func EbTableRuleExists(tableName, chainName, matchSet string) (bool, error) {
 func runEbCmd(table, action, chain, rule string) error {
 	p := platform.NewExecClient(nil)
 	command := fmt.Sprintf("ebtables -t %s %s %s %s", table, action, chain, rule)
-	_, err := p.ExecuteCommand(command)
+	_, err := p.ExecuteRawCommand(command)
 
 	return err
 }

iptables/iptables.go

@@ -109,7 +109,7 @@ func (c *Client) RunCmd(version, params string) error {
 		cmd = fmt.Sprintf("%s -w %d %s", iptCmd, lockTimeout, params)
 	}
 
-	if _, err := p.ExecuteCommand(cmd); err != nil {
+	if _, err := p.ExecuteRawCommand(cmd); err != nil {
 		return err
 	}
 

network/network_linux.go

@@ -256,7 +256,7 @@ func isGreaterOrEqaulUbuntuVersion(versionToMatch int) bool {
 }
 
 func (nm *networkManager) systemVersion() (string, error) {
-	osVersion, err := nm.plClient.ExecuteCommand("lsb_release -rs")
+	osVersion, err := nm.plClient.ExecuteRawCommand("lsb_release -rs")
 	if err != nil {
 		return osVersion, errors.Wrap(err, "error retrieving the system distribution version")
 	}
@@ -327,7 +327,7 @@ func (nm *networkManager) readDNSInfo(ifName string) (DNSInfo, error) {
 		return dnsInfo, errors.Wrap(err, "Error generating interface name status cmd")
 	}
 
-	out, err := nm.plClient.ExecuteCommand(cmd)
+	out, err := nm.plClient.ExecuteRawCommand(cmd)
 	if err != nil {
 		return dnsInfo, errors.Wrapf(err, "Error executing interface status with cmd %s", cmd)
 	}
@@ -434,7 +434,7 @@ func (nm *networkManager) applyDNSConfig(extIf *externalInterface, ifName string
 				return errors.Wrap(err, "Error generating add DNS Servers cmd")
 			}
 			if cmd != "" {
-				_, err = nm.plClient.ExecuteCommand(cmd)
+				_, err = nm.plClient.ExecuteRawCommand(cmd)
 				if err != nil {
 					return errors.Wrapf(err, "Error executing add DNS Servers with cmd %s", cmd)
 				}
@@ -447,7 +447,7 @@ func (nm *networkManager) applyDNSConfig(extIf *externalInterface, ifName string
 				return errors.Wrap(err, "Error generating add domain cmd")
 			}
 
-			_, err = nm.plClient.ExecuteCommand(cmd)
+			_, err = nm.plClient.ExecuteRawCommand(cmd)
 			if err != nil {
 				return errors.Wrapf(err, "Error executing add Domain with cmd %s", cmd)
 			}
@@ -533,7 +533,7 @@ func (nm *networkManager) connectExternalInterface(extIf *externalInterface, nwI
 	isSystemdResolvedActive := false
 	if isGreaterOrEqualUbuntu17 {
 		// Don't copy dns servers if systemd-resolved isn't available
-		if _, cmderr := nm.plClient.ExecuteCommand("systemctl status systemd-resolved"); cmderr == nil {
+		if _, cmderr := nm.plClient.ExecuteRawCommand("systemctl status systemd-resolved"); cmderr == nil {
 			isSystemdResolvedActive = true
 			logger.Info("Saving dns config from", zap.String("Name", hostIf.Name))
 			if err = nm.saveDNSConfig(extIf); err != nil {

network/network_windows.go

@@ -214,13 +214,13 @@ func (nm *networkManager) appIPV6RouteEntry(nwInfo *EndpointInfo) error {
 
 		cmd := fmt.Sprintf(routeCmd, "delete", nwInfo.Subnets[1].Prefix.String(),
 			ifName, ipv6DefaultHop)
-		if out, err = nm.plClient.ExecuteCommand(cmd); err != nil {
+		if out, err = nm.plClient.ExecuteRawCommand(cmd); err != nil {
 			logger.Error("Deleting ipv6 route failed", zap.Any("out", out), zap.Error(err))
 		}
 
 		cmd = fmt.Sprintf(routeCmd, "add", nwInfo.Subnets[1].Prefix.String(),
 			ifName, ipv6DefaultHop)
-		if out, err = nm.plClient.ExecuteCommand(cmd); err != nil {
+		if out, err = nm.plClient.ExecuteRawCommand(cmd); err != nil {
 			logger.Error("Adding ipv6 route failed", zap.Any("out", out), zap.Error(err))
 		}
 	}

network/networkutils/networkutils_linux.go

@@ -209,7 +209,7 @@ func (nu NetworkUtils) BlockIPAddresses(iptablesClient ipTablesClient, bridgeNam
 }
 
 func (nu NetworkUtils) EnableIPV4Forwarding() error {
-	_, err := nu.plClient.ExecuteCommand(enableIPV4ForwardCmd)
+	_, err := nu.plClient.ExecuteRawCommand(enableIPV4ForwardCmd)
 	if err != nil {
 		logger.Error("Enable ipv4 forwarding failed with", zap.Error(err))
 		return errors.Wrap(err, "enable ipv4 forwarding failed")
@@ -220,7 +220,7 @@ func (nu NetworkUtils) EnableIPV4Forwarding() error {
 
 func (nu NetworkUtils) EnableIPV6Forwarding() error {
 	cmd := fmt.Sprint(enableIPV6ForwardCmd)
-	_, err := nu.plClient.ExecuteCommand(cmd)
+	_, err := nu.plClient.ExecuteRawCommand(cmd)
 	if err != nil {
 		logger.Error("Enable ipv6 forwarding failed with", zap.Error(err))
 		return err
@@ -233,7 +233,7 @@ func (nu NetworkUtils) EnableIPV6Forwarding() error {
 func (nu NetworkUtils) UpdateIPV6Setting(disable int) error {
 	// sysctl -w net.ipv6.conf.all.disable_ipv6=0/1
 	cmd := fmt.Sprintf(toggleIPV6Cmd, disable)
-	_, err := nu.plClient.ExecuteCommand(cmd)
+	_, err := nu.plClient.ExecuteRawCommand(cmd)
 	if err != nil {
 		logger.Error("Update IPV6 Setting failed with", zap.Error(err))
 	}
@@ -261,7 +261,7 @@ func (nu NetworkUtils) DisableRAForInterface(ifName string) error {
 	}
 
 	cmd := fmt.Sprintf(disableRACmd, ifName)
-	out, err := nu.plClient.ExecuteCommand(cmd)
+	out, err := nu.plClient.ExecuteRawCommand(cmd)
 	if err != nil {
 		logger.Error("Diabling ra failed with", zap.Error(err), zap.Any("out", out))
 	}
@@ -271,7 +271,7 @@ func (nu NetworkUtils) DisableRAForInterface(ifName string) error {
 
 func (nu NetworkUtils) SetProxyArp(ifName string) error {
 	cmd := fmt.Sprintf("echo 1 > /proc/sys/net/ipv4/conf/%v/proxy_arp", ifName)
-	_, err := nu.plClient.ExecuteCommand(cmd)
+	_, err := nu.plClient.ExecuteRawCommand(cmd)
 	return errors.Wrapf(err, "failed to set proxy arp for interface %v", ifName)
 }
 

network/snat/snat_linux.go

@@ -469,7 +469,7 @@ func (client *Client) addMasqueradeRule(snatBridgeIPWithPrefix string) error {
 
 // Drop all vlan traffic on linux bridge
 func (client *Client) addVlanDropRule() error {
-	out, err := client.plClient.ExecuteCommand(l2PreroutingEntries)
+	out, err := client.plClient.ExecuteRawCommand(l2PreroutingEntries)
 	if err != nil {
 		logger.Error("Error while listing ebtable rules")
 		return err
@@ -482,15 +482,15 @@ func (client *Client) addVlanDropRule() error {
 	}
 
 	logger.Info("Adding ebtable rule to drop vlan traffic on snat bridge", zap.String("vlanDropAddRule", vlanDropAddRule))
-	_, err = client.plClient.ExecuteCommand(vlanDropAddRule)
+	_, err = client.plClient.ExecuteRawCommand(vlanDropAddRule)
 	return err
 }
 
 // This function enables ip forwarding in VM and allow forwarding packets from the interface
 func (client *Client) EnableIPForwarding() error {
 	// Enable ip forwading on linux vm.
 	// sysctl -w net.ipv4.ip_forward=1
-	_, err := client.plClient.ExecuteCommand(enableIPForwardCmd)
+	_, err := client.plClient.ExecuteRawCommand(enableIPForwardCmd)
 	if err != nil {
 		return errors.Wrap(err, "enable ipforwarding command failed")
 	}

network/transparent_endpointclient_linux.go

@@ -73,7 +73,7 @@ func NewTransparentEndpointClient(
 
 func (client *TransparentEndpointClient) setArpProxy(ifName string) error {
 	cmd := fmt.Sprintf("echo 1 > /proc/sys/net/ipv4/conf/%v/proxy_arp", ifName)
-	_, err := client.plClient.ExecuteCommand(cmd)
+	_, err := client.plClient.ExecuteRawCommand(cmd)
 	return err
 }
 

network/transparent_vlan_endpointclient_linux.go

@@ -371,12 +371,12 @@ func (client *TransparentVlanEndpointClient) PopulateVnet(epInfo *EndpointInfo)
 	}
 	client.vnetMac = vnetVethIf.HardwareAddr
 	// Disable rp filter again to allow asymmetric routing for tunneling packets
-	_, err = client.plClient.ExecuteCommand(DisableRPFilterCmd)
+	_, err = client.plClient.ExecuteRawCommand(DisableRPFilterCmd)
 	if err != nil {
 		return errors.Wrap(err, "transparent vlan failed to disable rp filter in vnet")
 	}
 	disableRPFilterVlanIfCmd := strings.Replace(DisableRPFilterCmd, "all", client.vlanIfName, 1)
-	_, err = client.plClient.ExecuteCommand(disableRPFilterVlanIfCmd)
+	_, err = client.plClient.ExecuteRawCommand(disableRPFilterVlanIfCmd)
 	if err != nil {
 		return errors.Wrap(err, "transparent vlan failed to disable rp filter vlan interface in vnet")
 	}