ConfigMaps and --copy-service argument leads to duplicated custom schemas

[jankosecki]

Hi,

I'm not sure if it's something that should be addressed in the images themselves or can be fixed using different configuration.

I've been trying to mount a custom schema from a ConfigMap :

volumeMounts:
- name: schema
     mountPath: /container/service/slapd/assets/config/bootstrap/schema/custom
volumes:
 - name: schema
      configMap:
        name: openldap-bootstrap-schema

Due to read-only files I'm using --copy-service to copy everything from /container/service to /container/run/service. That however, due to how ConfigMaps works in kubernetes, lead to 3 copies of my custom schema being copied into /container/run/service which then leads to schema check to fail due to duplicate OIDs attributes.

When a ConfigMap is mounted in a pod, some hidden dirs are created where the actual file is mounted, i.e:

lrwxrwxrwx 1 root root   29 Sep 30 06:30 custom.schema -> ..data/custom.schema
drwxr-xr-x 2 root root 4096 Sep 30 06:30 ..2022_09_30_06_30_20.3806518392
lrwxrwxrwx 1 root root   32 Sep 30 06:30 ..data -> ..2022_09_30_06_30_20.3806518392

When run script runs its copying method that uses shutil.copytree, the method traverse the whole tree, including dot files. So then instead of just copying schema/custom/custom.schema, it also copies schema/custom/..2022_09_30_06_30_20.3806518392/custom.schema

In my scenario the only .dot files that are under /container/service are these belonging to mounted volumes so I added a bit of hack to my command:

command:
        - sh
        - -c
        - >
          sed -i "s/shutil.copytree(IMPORT_SERVICE_DIR, RUN_SERVICE_DIR)/shutil.copytree(IMPORT_SERVICE_DIR, RUN_SERVICE_DIR, ignore=shutil.ignore_patterns('.*'))/g" /container/tool/run && /container/tool/run --copy-service

This way, when shutil.copytree() runs with the additional ignore_pattern, only one copy of custom schemas is copied over to /container/run/service.

I wonder if there is a better approach to tackle this issue?