Skip to content

fix(one-click): remove configurable install root#649

Merged
fslongjin merged 2 commits into
TencentCloud:masterfrom
fslongjin:fix/remove-one-click-install-path-vars
Jun 26, 2026
Merged

fix(one-click): remove configurable install root#649
fslongjin merged 2 commits into
TencentCloud:masterfrom
fslongjin:fix/remove-one-click-install-path-vars

Conversation

@fslongjin

Copy link
Copy Markdown
Member

Summary

  • Remove the user-facing one-click install root knobs and make /usr/local/services/cubetoolbox the single fixed install root.
  • Keep runtime data such as cubebox_os_image, cube-snapshot, and cube-vs protected by continuing to delete only packaged artifact directories during reinstall/upgrade.
  • Migrate legacy CUBE_PROXY_CERT_DIR defaults that referenced the removed install prefix variable and update docs/tests accordingly.

Why

The configurable install root was not actually supported end to end: Cubelet/cubebox and the shim/kernel paths already assume /usr/local/services/cubetoolbox for runtime artifacts and cube-kernel-scf/vmlinux. Keeping ONE_CLICK_INSTALL_PREFIX / ONE_CLICK_TOOLBOX_ROOT exposed made the installer look configurable while producing deployments that could not run correctly.

Test plan

  • bash deploy/one-click/tests/test_env_merge.sh
  • bash deploy/one-click/tests/test_runtime_file_safety.sh
  • bash deploy/one-click/tests/test_install_mode.sh
  • bash deploy/one-click/tests/test_cidr_preflight.sh
  • bash deploy/one-click/tests/test_version_compare.sh
  • bash deploy/one-click/tests/test_release_manifest_contract.sh

Assisted-by: Cursor:GPT-5.5

Made with Cursor

Comment thread deploy/one-click/lib/common.sh Outdated
Comment thread deploy/one-click/lib/common.sh
Comment thread deploy/one-click/install.sh
@cubesandboxbot

cubesandboxbot Bot commented Jun 25, 2026

Copy link
Copy Markdown

Review of #649 -- Remove configurable install root

Overall: This is a well-structured refactoring that cleanly removes the configurable install root knobs. The test coverage for the migration path is good, and most of the changes are mechanical and correct. Below are the findings worth addressing.


High priority

1. CUBE_SANDBOX_INSTALL_ROOT is not readonly -- docs say "fixed" but .env can override
deploy/one-click/lib/common.sh:9 -- The variable is a plain assignment. install.sh (line 47), down.sh (line 10), and smoke.sh (line 10) all source .env via set -a; source before reading it, so adding CUBE_SANDBOX_INSTALL_ROOT=/custom/path to .env silently overrides the constant. Either add readonly or update the doc language.

2. normalize_legacy_value can break TLS cert resolution for custom-prefix users
deploy/one-click/lib/common.sh:888-891 -- The function matches raw CUBE_PROXY_CERT_DIR value against legacy defaults by string equality alone. A user who set ONE_CLICK_INSTALL_PREFIX=/opt/cube would have their cert dir silently migrated to the hard-coded path, despite their actual TLS certs living at /opt/cube/cubeproxy/certs. Fix: cross-check the old ONE_CLICK_INSTALL_PREFIX value before normalizing.


Medium priority

3. Missing assert_safe_install_prefix on install.sh rm -rf path
deploy/one-click/install.sh:945-960 -- The old conditional wipe had a safety guard. The new direct rm -rf list bypasses this entirely. Safe today with a hard-coded path, but a future refactoring would lose this defense-in-depth.

4. Unquoted legacy CUBE_PROXY_CERT_DIR form is untested
deploy/one-click/tests/test_env_merge.sh -- Only the quoted form is tested. The unquoted form exercises a distinct set member and is not covered.

5. No three-way merge test for legacy migration
Both legacy cert-dir tests use two-way fallback (empty baseline). A real upgrade uses three-way merge, which takes a different code path through normalize_legacy_value.


Low / Informational

  • assert_safe_install_prefix and wipe_custom_install_prefix_contents are no longer called by install.sh -- consider documenting as legacy or removing in a follow-up.
  • Hard-coded TOOLBOX_ROOT in 4 sub-scripts has no cross-reference to CUBE_SANDBOX_INSTALL_ROOT.
  • No measurable performance impact.

Fix one-click to use the fixed cubetoolbox install root consistently and migrate legacy env defaults that depended on removed path variables.

Signed-off-by: jinlong <jinlong@tencent.com>
@fslongjin fslongjin force-pushed the fix/remove-one-click-install-path-vars branch from 1811b51 to eb1615d Compare June 26, 2026 10:50
Comment thread deploy/one-click/lib/common.sh Outdated
Comment thread deploy/one-click/lib/common.sh
Comment thread deploy/one-click/install.sh
Make CUBE_SANDBOX_INSTALL_ROOT readonly so it cannot be overridden
by an env file or subshell. Add assert_safe_install_prefix call in
install.sh before rm -rf to guard against destructive installs.
Add test_install_root_readonly to verify the readonly enforcement.

Signed-off-by: jinlong <jinlong@tencent.com>
@fslongjin fslongjin force-pushed the fix/remove-one-click-install-path-vars branch from eb1615d to 72b16ca Compare June 26, 2026 12:55
@fslongjin fslongjin merged commit 41f074a into TencentCloud:master Jun 26, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant