From b7afcaf5a251477ee3879ae02b1cc3e022408cc8 Mon Sep 17 00:00:00 2001
From: zhzhuang-zju <m17799853869@163.com>
Date: Wed, 27 Nov 2024 16:47:58 +0800
Subject: [PATCH] karmadactl init: add CRDs archive verification to enhance
 file system robustness

Signed-off-by: zhzhuang-zju <m17799853869@163.com>
---
 pkg/karmadactl/cmdinit/kubernetes/deploy.go | 29 ++++++++++++++++-----
 pkg/karmadactl/cmdinit/utils/util.go        | 14 ++++++++++
 pkg/util/validation/validation_test.go      |  2 +-
 3 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/pkg/karmadactl/cmdinit/kubernetes/deploy.go b/pkg/karmadactl/cmdinit/kubernetes/deploy.go
index 827a6d1ea04e..75cd73adbc60 100644
--- a/pkg/karmadactl/cmdinit/kubernetes/deploy.go
+++ b/pkg/karmadactl/cmdinit/kubernetes/deploy.go
@@ -23,6 +23,7 @@ import (
 	"net"
 	"os"
 	"path"
+	"path/filepath"
 	"strings"
 	"time"
 
@@ -43,6 +44,7 @@ import (
 	globaloptions "github.com/karmada-io/karmada/pkg/karmadactl/options"
 	"github.com/karmada-io/karmada/pkg/karmadactl/util"
 	"github.com/karmada-io/karmada/pkg/karmadactl/util/apiclient"
+	"github.com/karmada-io/karmada/pkg/util/validation"
 	"github.com/karmada-io/karmada/pkg/version"
 )
 
@@ -381,19 +383,34 @@ func (i *CommandInitOption) genCerts() error {
 
 // prepareCRD download or unzip `crds.tar.gz` to `options.DataPath`
 func (i *CommandInitOption) prepareCRD() error {
+	var filename string
 	if strings.HasPrefix(i.CRDs, "http") {
-		filename := i.KarmadaDataPath + "/" + path.Base(i.CRDs)
+		filename = i.KarmadaDataPath + "/" + path.Base(i.CRDs)
 		klog.Infof("download crds file:%s", i.CRDs)
 		if err := utils.DownloadFile(i.CRDs, filename); err != nil {
 			return err
 		}
-		if err := utils.DeCompress(filename, i.KarmadaDataPath); err != nil {
-			return err
+	} else {
+		filename = i.CRDs
+		klog.Infoln("local crds file name:", i.CRDs)
+	}
+
+	if err := validation.ValidateTarball(filename, validation.ValidateCrdsTarBall); err != nil {
+		return fmt.Errorf("inValid crd tar, err: %w", err)
+	}
+
+	if err := utils.DeCompress(filename, i.KarmadaDataPath); err != nil {
+		return err
+	}
+
+	for _, archive := range validation.CrdsArchive {
+		expectedDir := filepath.Join(i.KarmadaDataPath, archive)
+		exist, _ := utils.PathExists(expectedDir)
+		if !exist {
+			return fmt.Errorf("lacking the necessary file path: %s", expectedDir)
 		}
-		return nil
 	}
-	klog.Infoln("local crds file name:", i.CRDs)
-	return utils.DeCompress(i.CRDs, i.KarmadaDataPath)
+	return nil
 }
 
 func (i *CommandInitOption) createCertsSecrets() error {
diff --git a/pkg/karmadactl/cmdinit/utils/util.go b/pkg/karmadactl/cmdinit/utils/util.go
index 3c7c4d551e1b..8bb6f7e2c3e1 100644
--- a/pkg/karmadactl/cmdinit/utils/util.go
+++ b/pkg/karmadactl/cmdinit/utils/util.go
@@ -157,3 +157,17 @@ func ListFiles(path string) []string {
 	}
 	return files
 }
+
+// PathExists check whether the path is exist
+func PathExists(path string) (bool, error) {
+	_, err := os.Stat(path)
+	if err == nil {
+		return true, nil
+	}
+
+	if os.IsNotExist(err) {
+		return false, nil
+	}
+
+	return false, err
+}
diff --git a/pkg/util/validation/validation_test.go b/pkg/util/validation/validation_test.go
index 07243968b950..d15648f8c3a7 100644
--- a/pkg/util/validation/validation_test.go
+++ b/pkg/util/validation/validation_test.go
@@ -721,7 +721,7 @@ func TestValidateApplicationFailover(t *testing.T) {
 	}
 }
 
-func TestCheckOperatorCrdsTar(t *testing.T) {
+func TestValidateCrdsTarBall(t *testing.T) {
 	testItems := []struct {
 		name        string
 		header      *tar.Header