From 877ee8e18a3cae539126c303442f86695bfc4d4b Mon Sep 17 00:00:00 2001 From: xuchuan19 Date: Fri, 1 Aug 2025 11:19:34 +0800 Subject: [PATCH] =?UTF-8?q?=E5=88=9B=E5=BB=BA=E6=96=87=E4=BB=B6=E6=97=B6?= =?UTF-8?q?=E5=88=B6=E5=AE=9A=E6=9D=83=E9=99=90=E5=92=8C=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ascend_deployer/ansible_plugin/ansible_log.py | 2 +- ascend_deployer/ansible_plugin/deploy_info_output_plugin.py | 2 +- ascend_deployer/downloader/downloader.py | 2 +- ascend_deployer/large_scale_deployer.py | 2 +- ascend_deployer/library/generate_check_result_json.py | 2 +- ascend_deployer/library/install_fault_diag.py | 2 +- ascend_deployer/library/label_node.py | 2 +- ascend_deployer/library/process_test_report.py | 2 +- ascend_deployer/library/system_report.py | 2 +- ascend_deployer/module_utils/path_manager.py | 2 +- ascend_deployer/scripts/nexus.py | 3 +++ ascend_deployer/start_deploy.py | 2 +- packages/resources/setup.py | 2 +- 13 files changed, 15 insertions(+), 12 deletions(-) diff --git a/ascend_deployer/ansible_plugin/ansible_log.py b/ascend_deployer/ansible_plugin/ansible_log.py index 503b94d3..7d4d2f1c 100644 --- a/ascend_deployer/ansible_plugin/ansible_log.py +++ b/ascend_deployer/ansible_plugin/ansible_log.py @@ -375,7 +375,7 @@ class BasicLogConfig(object): backupCount=5, encoding="UTF-8") if not os.path.exists(LOG_PATH): - os.makedirs(LOG_PATH) + os.makedirs(LOG_PATH, mode=0o750, exist_ok=True) if not os.path.exists(LOG_FILE): os.close(os.open(LOG_FILE, os.O_CREAT, stat.S_IRUSR | stat.S_IWUSR)) else: diff --git a/ascend_deployer/ansible_plugin/deploy_info_output_plugin.py b/ascend_deployer/ansible_plugin/deploy_info_output_plugin.py index 3a3ee184..8f475aeb 100644 --- a/ascend_deployer/ansible_plugin/deploy_info_output_plugin.py +++ b/ascend_deployer/ansible_plugin/deploy_info_output_plugin.py @@ -626,7 +626,7 @@ class ProgressManager(object): if not self.need_output: return if not os.path.exists(DEPLOY_INFO_OUTPUT_DIR): - os.makedirs(DEPLOY_INFO_OUTPUT_DIR) + os.makedirs(DEPLOY_INFO_OUTPUT_DIR, mode=0o750, exist_ok=True) with open(self._PROGRESS_OUTPUT_PATH, "w") as output_fs: json.dump(self.get_deployer_progress_output().to_json(), output_fs, indent=4, ensure_ascii=False) diff --git a/ascend_deployer/downloader/downloader.py b/ascend_deployer/downloader/downloader.py index dd6bc6c4..50beea92 100644 --- a/ascend_deployer/downloader/downloader.py +++ b/ascend_deployer/downloader/downloader.py @@ -284,7 +284,7 @@ def download_dependency(os_list, software_list, download_path, check): download_res_output_json = os.path.join(DOWNLOAD_INFO_OUTPUT_DIR, "failed_download_result_{}_{}.json".format(os.getpid(), formatted_time)) if not os.path.exists(DOWNLOAD_INFO_OUTPUT_DIR): - os.makedirs(DOWNLOAD_INFO_OUTPUT_DIR) + os.makedirs(DOWNLOAD_INFO_OUTPUT_DIR, mode=0o750, exist_ok=True) download_cmd = "--os-list={} --download={}".format(",".join(os_list), ",".join(software_list)) download_info_json = {"download_cmd": download_cmd, "url_open_failed_list": url_open_failed_list, "failed_download_file_list": failed_download_file_list} diff --git a/ascend_deployer/large_scale_deployer.py b/ascend_deployer/large_scale_deployer.py index 2fd67cc3..5e54b7f3 100644 --- a/ascend_deployer/large_scale_deployer.py +++ b/ascend_deployer/large_scale_deployer.py @@ -135,7 +135,7 @@ class LargeScaleDeployer: return if os.path.exists(LargeScalePath.REPORT_DIR): shutil.rmtree(LargeScalePath.REPORT_DIR) - os.makedirs(LargeScalePath.REPORT_DIR) + os.makedirs(LargeScalePath.REPORT_DIR, mode=0o750, exist_ok=True) report_file = os.path.join(LargeScalePath.REPORT_DIR, "host_deploy_report.csv") report_json = os.path.join(LargeScalePath.REPORT_DIR, "large_scale_deploy.json") with open(report_json, "w") as output_fs: diff --git a/ascend_deployer/library/generate_check_result_json.py b/ascend_deployer/library/generate_check_result_json.py index c0da1dd8..05a169a3 100644 --- a/ascend_deployer/library/generate_check_result_json.py +++ b/ascend_deployer/library/generate_check_result_json.py @@ -142,7 +142,7 @@ class OutputCheck: @staticmethod def generate_check_result_json(check_output): if not os.path.exists(DEPLOY_INFO_OUTPUT_DIR): - os.makedirs(DEPLOY_INFO_OUTPUT_DIR) + os.makedirs(DEPLOY_INFO_OUTPUT_DIR, mode=0o750, exist_ok=True) with open(CHECK_RES_OUTPUT_PATH, "w") as output_fs: json.dump(check_output, output_fs, indent=4, ensure_ascii=False) diff --git a/ascend_deployer/library/install_fault_diag.py b/ascend_deployer/library/install_fault_diag.py index ea5b5bbd..0fb616aa 100644 --- a/ascend_deployer/library/install_fault_diag.py +++ b/ascend_deployer/library/install_fault_diag.py @@ -153,7 +153,7 @@ class FaultDiagInstaller(object): venv_pip_path = os.path.join(venv_bin_dir, "pip3") fd_install_dir = self._find_fd_site_package_dir(venv_pip_path) if not os.path.exists(self.dist_tmp_dir): - os.makedirs(self.dist_tmp_dir) + os.makedirs(self.dist_tmp_dir, mode=0o750, exist_ok=True) cmd = """ {} --onefile {} \ --hidden-import=ascend_fd \ diff --git a/ascend_deployer/library/label_node.py b/ascend_deployer/library/label_node.py index 6a64e673..43443342 100644 --- a/ascend_deployer/library/label_node.py +++ b/ascend_deployer/library/label_node.py @@ -55,7 +55,7 @@ class LabelNode: self.facts = dict() self.label_yaml_dir = os.path.join(path_manager.TmpPath.DL_YAML_DIR, "label") if not os.path.exists(self.label_yaml_dir): - os.makedirs(self.label_yaml_dir) + os.makedirs(self.label_yaml_dir, mode=0o750, exist_ok=True) def _get_noded_label(self): if self.noded_label == "on" or "noded" in self.tags or "dl" in self.tags: diff --git a/ascend_deployer/library/process_test_report.py b/ascend_deployer/library/process_test_report.py index 247c5c25..883f9e39 100644 --- a/ascend_deployer/library/process_test_report.py +++ b/ascend_deployer/library/process_test_report.py @@ -88,7 +88,7 @@ def output_test_result_json(cann_result, dl_result): if os.path.exists(TmpPath.TEST_REPORT_JSON): os.remove(TmpPath.TEST_REPORT_JSON) if not os.path.exists(TmpPath.DEPLOY_INFO): - os.makedirs(TmpPath.DEPLOY_INFO) + os.makedirs(TmpPath.DEPLOY_INFO, mode=0o750, exist_ok=True) to_json(TmpPath.TEST_REPORT_JSON, TestReport.ASCEND_SOFTWARE_TEST_REPORT, cann_result) to_json(TmpPath.TEST_REPORT_JSON, TestReport.DL_TEST_REPORT, dl_result) diff --git a/ascend_deployer/library/system_report.py b/ascend_deployer/library/system_report.py index 21828b24..d8964edf 100644 --- a/ascend_deployer/library/system_report.py +++ b/ascend_deployer/library/system_report.py @@ -259,7 +259,7 @@ def main(): only_package = module.params["only_package"] if os.path.exists(os.path.expanduser("~/smartkit/reports/")): shutil.rmtree(os.path.expanduser("~/smartkit/reports/")) - os.makedirs(os.path.expanduser("~/smartkit/reports")) + os.makedirs(os.path.expanduser("~/smartkit/reports"), mode=0o750, exist_ok=True) app_info = collect_app_info() if only_package: diff --git a/ascend_deployer/module_utils/path_manager.py b/ascend_deployer/module_utils/path_manager.py index 82ee261c..c98a85a8 100644 --- a/ascend_deployer/module_utils/path_manager.py +++ b/ascend_deployer/module_utils/path_manager.py @@ -135,7 +135,7 @@ class PathManager: def recover_dir(cls, dir_path): if os.path.exists(dir_path): shutil.rmtree(dir_path) - os.makedirs(dir_path, exist_ok=True) + os.makedirs(dir_path, mode=0o750, exist_ok=True) @classmethod def init_large_scale_dirs(cls): diff --git a/ascend_deployer/scripts/nexus.py b/ascend_deployer/scripts/nexus.py index d6c842ff..1822011d 100644 --- a/ascend_deployer/scripts/nexus.py +++ b/ascend_deployer/scripts/nexus.py @@ -75,6 +75,7 @@ class OsRepository: os.environ.pop("https_proxy", "") with open(self.config, "r") as f: self.config_content = json.load(f) + os.chmod(self.config, 0o640) self.nexus_data_dir = os.path.join("/tmp", "nexus-data") self.nexus_image_name = self.config_content.get("image") nexus_dir = os.path.join(ROOT_PATH, "resources", "nexus") @@ -312,7 +313,9 @@ class AptRepository(OsRepository): if os.path.exists(centos_release): export_private_key_cmd = "gpg -a -o {} --export-secret-key nexus".format(gpg_pri_key) self._run_cmd(export_public_key_cmd) + os.chmod(gpg_pub_key, 0o644) self._run_cmd(export_private_key_cmd, log=False) + os.chmod(gpg_pri_key, 0o600) with open(gpg_pri_key, "r") as f: gpg_pri_content = f.read() return gpg_pri_content diff --git a/ascend_deployer/start_deploy.py b/ascend_deployer/start_deploy.py index 6353fe66..403a5c12 100644 --- a/ascend_deployer/start_deploy.py +++ b/ascend_deployer/start_deploy.py @@ -265,7 +265,7 @@ class CLI(object): {"localhost": { "check_res_list": [check_res]}}} if not os.path.exists(TmpPath.DEPLOY_INFO): - os.makedirs(TmpPath.DEPLOY_INFO) + os.makedirs(TmpPath.DEPLOY_INFO, mode=0o750, exist_ok=True) with codecs.open(TmpPath.CHECK_RES_OUTPUT_JSON, 'w', encoding='utf-8') as file: json.dump(error_info, file, indent=4, ensure_ascii=False) raise diff --git a/packages/resources/setup.py b/packages/resources/setup.py index 948c801b..e68afd7d 100644 --- a/packages/resources/setup.py +++ b/packages/resources/setup.py @@ -151,7 +151,7 @@ class Install(setuptools.command.install.install, object): def run(self): print("run installing {}".format(local_file)) if not os.path.exists(package_dir): - os.makedirs(package_dir) + os.makedirs(package_dir, mode=0o750, exist_ok=True) download_url(select_url, sha256sum, local_file) if os.path.exists(local_file): install_zip_file(local_file) -- Gitee