Skip to content

[CFX-6634] fix(update): prevent circular dr symlink#605

Merged
ajalon1 merged 4 commits into
datarobot-oss:mainfrom
ajalon1:aj/CFX-6634
Jul 1, 2026
Merged

[CFX-6634] fix(update): prevent circular dr symlink#605
ajalon1 merged 4 commits into
datarobot-oss:mainfrom
ajalon1:aj/CFX-6634

Conversation

@ajalon1

@ajalon1 ajalon1 commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

RATIONALE

In DataRobot Codespaces, running dr self update twice left dr a self-referential symlink (dr → dr), breaking the CLI with "too many levels of symbolic links". Codespaces install dr as a directory on PATH (dr/dr) rather than a flat file; install.sh's ln -sf dr datarobot then followed the datarobot → dr directory symlink on the second run and wrote the new link inside the directory, clobbering the real binary. This is critical (CFX-6634) since the CLI becomes unusable, and reproduces only in Codespaces.

CHANGES

  • install.sh: add ensure_datarobot_alias() using rm -f + ln -sfn so ln never dereferences a symlinked directory.
  • cmd/self/update: pass INSTALL_DIR resolved from the running binary so updates land where dr actually lives.
  • Add resolveInstallDir unit tests and an install.sh alias regression smoke test.

NOTES

  • Fix reaches users as soon as it merges to main (dr self update fetches install.sh from main); the Go change ships in the next build.
  • Already-broken Codespaces recover by re-running the installer directly.

TESTING

  • task lint (0 issues), go test -race ./cmd/self/..., install alias + install integration smoke tests all pass.

PR Automation

Important

Forked PR: the run-smoke-tests label won't work — a maintainer needs to /approve-smoke-tests or /skip-smoke-tests to clear the required Smoke Tests check.


Note

Medium Risk
Touches self-update and install scripting paths that can brick the CLI if wrong, but changes are narrow and covered by unit and smoke tests.

Overview
Fixes a Codespaces-only failure where a second dr self update could replace the real binary with a self-referential dr → dr symlink (“too many levels of symbolic links”).

install.sh centralizes alias creation in ensure_datarobot_alias(): remove any existing datarobot entry, then ln -sfn so ln does not follow a datarobot → dr directory symlink and write a link inside dr/dr. The script can be sourced for tests via DR_INSTALL_SH_NO_MAIN.

dr self update sets INSTALL_DIR from the running binary’s directory (symlinks resolved) when the user has not set INSTALL_DIR, so the fetched installer updates in place instead of defaulting to ~/.local/bin.

Adds Go tests for resolveInstallDir and a shell smoke test for the alias behavior in Codespace vs flat layouts.

Reviewed by Cursor Bugbot for commit 24ebb90. Configure here.

@ajalon1 ajalon1 self-assigned this Jun 24, 2026
@ajalon1 ajalon1 changed the title CFX-6634: fix: prevent circular dr symlink on self update [CFX-6634] fix(update): prevent circular dr symlink Jun 24, 2026
@ajalon1

ajalon1 commented Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

Putting this out here, but it is untested. If someone wants to attempt to test this, they can tag a new dev release from this branch, let the publish workflow complete, and then do a dr self update -f <version> twice in a Codespace to verify.

@ajalon1

ajalon1 commented Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

/approve-smoke-tests

@github-actions

Copy link
Copy Markdown
Contributor

🔐 Fork PR smoke tests triggered by @ajalon1

⚠️ Security Notice: This will run tests with access to repository secrets.

What happens next:

  1. Security scans will run automatically (Trivy, gosec)
  2. If security scans pass, smoke tests will run
  3. Results will be posted as PR comments

⚠️ Important: Review the PR code carefully before approving!

@github-actions

Copy link
Copy Markdown
Contributor

Some smoke tests failed. (Fork PR)

❌ Security Scan: failure
❌ Linux: skipped
❌ Windows: skipped

View run details

⚠️ Security vulnerabilities detected! Check the Security tab for details.

@ajalon1

ajalon1 commented Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

/approve-smoke-tests

@github-actions

Copy link
Copy Markdown
Contributor

🔐 Fork PR smoke tests triggered by @ajalon1

⚠️ Security Notice: This will run tests with access to repository secrets.

What happens next:

  1. Security scans will run automatically (Trivy, gosec)
  2. If security scans pass, smoke tests will run
  3. Results will be posted as PR comments

⚠️ Important: Review the PR code carefully before approving!

@github-actions

Copy link
Copy Markdown
Contributor

Some smoke tests failed. (Fork PR)

❌ Security Scan: failure
❌ Linux: skipped
❌ Windows: skipped

View run details

⚠️ Security vulnerabilities detected! Check the Security tab for details.

In DataRobot Codespaces dr is installed as a directory on PATH (dr/dr),
not a flat file. install.sh's `ln -sf dr datarobot` followed the
datarobot->dr directory symlink on the second `dr self update` and wrote
the link inside it, turning dr/dr into a self-referential `dr -> dr`
symlink ("too many levels of symbolic links").

- install.sh: add ensure_datarobot_alias() using `rm -f` + `ln -sfn`
  (no-dereference) so ln never descends into a symlinked directory.
- cmd/self/update: pass INSTALL_DIR resolved from the running binary so
  updates land where dr actually lives instead of ~/.local/bin.
- Add alias regression smoke test and resolveInstallDir unit tests.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Comment thread install.sh
@ajalon1 ajalon1 marked this pull request as ready for review June 30, 2026 18:13
@ajalon1 ajalon1 requested a review from victorborshak June 30, 2026 18:13

@c-h-russell-walker c-h-russell-walker left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice - looks great 👍

@ajalon1

ajalon1 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor Author

/approve-smoke-tests

@github-actions

Copy link
Copy Markdown
Contributor

🔐 Fork PR smoke tests triggered by @ajalon1

⚠️ Security Notice: This will run tests with access to repository secrets.

What happens next:

  1. Security scans will run automatically (Trivy, gosec)
  2. If security scans pass, smoke tests will run
  3. Results will be posted as PR comments

⚠️ Important: Review the PR code carefully before approving!

@github-actions

Copy link
Copy Markdown
Contributor

🔐 Fork smoke tests started by maintainer

⏳ Security scans passed. Running smoke tests...

Commit: 24ebb9088200798237542f9ef546a831a486ff35
View run

@github-actions

Copy link
Copy Markdown
Contributor

All smoke tests passed! (Fork PR)

✅ Security Scan: success
✅ Linux: success
✅ Windows: success

View run details

@ajalon1 ajalon1 merged commit df6ad18 into datarobot-oss:main Jul 1, 2026
21 checks passed
@ajalon1 ajalon1 deleted the aj/CFX-6634 branch July 1, 2026 14:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants