Add temp dir cleanup on startup

Adding a reliable way of cleaning up the contents of temp and src dirs to make sure they don't get piled up and grow in size with every restart. This will make the `init-tmp-cleanup` initContainer redundant, so it's getting removed.
utilitywarehouse · Oct 16, 2023 · 88570d6 · 88570d6
1 parent 75a0284
commit 88570d6
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -179,6 +179,8 @@ repositories:
 - `--git-ssh-known-hosts-file (GIT_SSH_KNOWN_HOSTS_FILE)` - (default: `/etc/git-secret/known_hosts`) The local path to the known hosts file used to setup GIT_SSH_COMMAND env.
 - `--git-verify-known-hosts (GIT_VERIFY_KNOWN_HOSTS)` - (default: `true`) The local path to the known hosts file used to setup GIT_SSH_COMMAND env.
 - `--controller-runtime-env (CONTROLLER_RUNTIME_ENV)` - (default: `""`) The comma separated list of ENVs which will be passed from controller to all terraform run process. The envs should be set on the controller.
+- `--cleanup-temp-dir` - (default: `false`) If set, the contents of the OS temporary directory and `/src` will be removed. This can help removing redundant terraform binaries and avoiding the directories growing in size with every restart.
+
 ---
 
 - `--module-label-selector (MODULE_LABEL_SELECTOR)` - (default: `""`) If present controller will only watch and process modules with this label.

diff --git a/main.go b/main.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"os/exec"
 	"os/signal"
 	"path/filepath"
 	"strings"
@@ -151,7 +152,12 @@ var (
 			Usage: "The comma separated list of ENVs which will be passed from controller to its managed modules during terraform run. " +
 				"The values should be set on the controller.",
 		},
-
+		&cli.BoolFlag{
+			Name:  "cleanup-temp-dir",
+			Value: false,
+			Usage: "If set, the OS temporary directory will be removed and re-created. This can help removing redundant terraform" +
+				"binaries and avoiding temp directory growing in size with every restart.",
+		},
 		&cli.StringFlag{
 			Name:    "module-label-selector",
 			EnvVars: []string{"MODULE_LABEL_SELECTOR"},
@@ -411,6 +417,18 @@ preferences: {}
 
 }
 
+func cleanupTmpDir() {
+	tmpDir := os.TempDir()
+
+	tmpDirCleanupCommand := fmt.Sprintf("rm -rf %s/* %s/*", tmpDir, reposRootPath)
+
+	cmd := exec.Command("sh", "-c", tmpDirCleanupCommand)
+	err := cmd.Run()
+	if err != nil {
+		fmt.Printf("Error: %v\n", err)
+	}
+}
+
 func main() {
 	app := &cli.App{
 		Name: "terraform-applier",
@@ -419,6 +437,10 @@ func main() {
 		Flags: flags,
 		Action: func(cCtx *cli.Context) error {
 			validate(cCtx)
+			// Cleanup temp directory if the corresponding flag is set
+			if cCtx.Bool("cleanup-temp-dir") {
+				cleanupTmpDir()
+			}
 			setupGlobalEnv(cCtx)
 			run(cCtx)
 			return nil

diff --git a/manifests/base/namespaced/tf-applier.yaml b/manifests/base/namespaced/tf-applier.yaml
@@ -26,16 +26,6 @@ spec:
           type: RuntimeDefault
       serviceAccountName: terraform-applier
       terminationGracePeriodSeconds: 300
-      initContainers:
-        - name: init-tmp-cleanup
-          image: busybox:latest
-          command: ["sh", "-c", "rm -rf /tmp/*"] # clean up tmp pvc on re-start
-          volumeMounts:
-            - mountPath: /tmp
-              name: tmp
-          securityContext:
-            runAsNonRoot: true
-            runAsUser: 1000
       containers:
         - name: tf-applier
           command:
@@ -87,4 +77,3 @@ spec:
         resources:
           requests:
             storage: 20Gi
-