[jira] [Comment Edited] (FLINK-36544) Failing to generate OLM bundle (open manifests/flink-kubernetes-operator.clusterserviceversion.yaml: permission denied)

Keith Wall (Jira) Tue, 15 Oct 2024 09:58:04 -0700


    [ 
https://issues.apache.org/jira/browse/FLINK-36544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17889756#comment-17889756
 ]


Keith Wall edited comment on FLINK-36544 at 10/15/24 4:57 PM:
--------------------------------------------------------------

I've investigated the error and I can see the issue is a file permission error 
on the manifests/flink-kubernetes-operator.clusterserviceversion.yaml within 
the bundle container image.

 

{{docker save  quay.io/k_wall/flink-op-bundle:1.10.0_f  > bundle.tar}}
{{tar xvf bundle.tar}}

{{for i in $(find . -name layer.tar)}}
{{do}}
{{  tar tvf $i}}
{{done}}

{{drwxr-xr-x  0 0      0           0 15 Oct 17:40 metadata/}}
{{{-}rw-r{-}{-}r{-}-  0 0      0         575 15 Oct 17:40 
metadata/annotations.yaml}}
{{drwxr-xr-x  0 0      0           0 15 Oct 17:40 manifests/}}
{{{-}rw{-}------  0 0      0      127947 15 Oct 17:40 
manifests/flink-kubernetes-operator.clusterserviceversion.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0        8828 15 Oct 17:40 
manifests/flink-operator-config_v1_configmap.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0         124 15 Oct 17:40 
manifests/flink-operator-webhook-secret_v1_secret.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0         503 15 Oct 17:40 
manifests/flink-role-binding_rbac.authorization.k8s.io_v1_rolebinding.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0      520843 15 Oct 17:40 
manifests/flink.apache.org_flinkdeployments.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0        8316 15 Oct 17:40 
manifests/flink.apache.org_flinksessionjobs.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0        2579 15 Oct 17:40 
manifests/flink.apache.org_flinkstatesnapshots.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0         658 15 Oct 17:40 
manifests/flink_rbac.authorization.k8s.io_v1_role.yaml}}
{{{-}rw-r{-}{-}r{-}-  0 0      0         342 15 Oct 17:40 
manifests/flink_v1_serviceaccount.yaml}}

Notice that the manifests/flink-kubernetes-operator.clusterserviceversion.yaml 
has no group or other read permission.

 


was (Author: k-wall):
I've investigated the error and I can see the issue is a file permission error 
on the manifests/flink-kubernetes-operator.clusterserviceversion.yaml within 
the bundle container image.

 

{{docker save  quay.io/k_wall/flink-op-bundle:1.10.0_f  > bundle.tar}}
{{tar xvf bundle.tar}}

{{for i in $(find . -name layer.tar)}}
{{do}}
{{  tar tvf $i}}
{{done}}


```

drwxr-xr-x  0 0      0           0 15 Oct 17:40 metadata/
-rw-r--r--  0 0      0         575 15 Oct 17:40 metadata/annotations.yaml
drwxr-xr-x  0 0      0           0 15 Oct 17:40 manifests/
-rw-------  0 0      0      127947 15 Oct 17:40 
manifests/flink-kubernetes-operator.clusterserviceversion.yaml
-rw-r--r--  0 0      0        8828 15 Oct 17:40 
manifests/flink-operator-config_v1_configmap.yaml
-rw-r--r--  0 0      0         124 15 Oct 17:40 
manifests/flink-operator-webhook-secret_v1_secret.yaml
-rw-r--r--  0 0      0         503 15 Oct 17:40 
manifests/flink-role-binding_rbac.authorization.k8s.io_v1_rolebinding.yaml
-rw-r--r--  0 0      0      520843 15 Oct 17:40 
manifests/flink.apache.org_flinkdeployments.yaml
-rw-r--r--  0 0      0        8316 15 Oct 17:40 
manifests/flink.apache.org_flinksessionjobs.yaml
-rw-r--r--  0 0      0        2579 15 Oct 17:40 
manifests/flink.apache.org_flinkstatesnapshots.yaml
-rw-r--r--  0 0      0         658 15 Oct 17:40 
manifests/flink_rbac.authorization.k8s.io_v1_role.yaml
-rw-r--r--  0 0      0         342 15 Oct 17:40 
manifests/flink_v1_serviceaccount.yaml
```



 

> Failing to generate OLM bundle (open 
> manifests/flink-kubernetes-operator.clusterserviceversion.yaml: permission 
> denied)
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: FLINK-36544
>                 URL: https://issues.apache.org/jira/browse/FLINK-36544
>             Project: Flink
>          Issue Type: Bug
>          Components: Kubernetes Operator
>         Environment: minikube version
> minikube version: v1.33.1
> commit: 248d1ec5b3f9be5569977749a725f47b018078ff
> Host:
> uname -a
> Darwin Oslo.fritz.box 22.6.0 Darwin Kernel Version 22.6.0: Wed Jul 31 
> 21:42:48 PDT 2024; root:xnu-8796.141.3.707.4~1/RELEASE_X86_64 x86_64
> I get the same beneath on OpenShift
> oc version
> Client Version: 4.14.3
> Kustomize Version: v5.0.1
> Server Version: 4.16.9
> Kubernetes Version: v1.29.7+4510e9c
>  
>            Reporter: Keith Wall
>            Priority: Major
>
> I'm trying to generate an updated OLM bundle from main. 
> I have overridden BUNDLE_VERSION, DOCKER_REGISTRY, DOCKER_ORG and IMAGE_TAG 
> to 1.10.0 and point to my organisation on Quay,io.
> I run tools/olm/generate-olm-bundle.sh successfully and then follow the 
> prompts to create the resources.
> CatalogSource succeeds but I fail at the next step after creating 
> OperatorGroup and Subscription.
> The job that gets created by OLM fails with:
> {{oc get jobs}}
> {{NAME                                                              
> COMPLETIONS   DURATION   AGE}}
> {{{}29c1443d94822f7573c33016099d04790c8f9849aaa938374a0fd807fe11048   0/1     
>       6m{}}}19s      6m19s
> fails like this:
>  
> {{oc get pods}}
> {{NAME                                                              READY   
> STATUS       RESTARTS   AGE}}
> {{29c1443d94822f7573c33016099d04790c8f9849aaa938374a0fd807fe7vbgf   0/1     
> Init:Error   0          7m17s}}
> {{29c1443d94822f7573c33016099d04790c8f9849aaa938374a0fd807fejdf7v   0/1     
> Init:Error   0          7m27s}}
> {{29c1443d94822f7573c33016099d04790c8f9849aaa938374a0fd807fezfxqh   0/1     
> Init:Error   0          6m17s}}
> {{29c1443d94822f7573c33016099d04790c8f9849aaa938374a0fd807feztg5v   0/1     
> Init:Error   0          6m57s}}
> {{olm-flink-operator-catalog-48rp4                                  1/1     
> Running      0          8m19s}}
>  
> Doing an oc describe on the pod:
> {{    State:      Terminated}}
> {{      Reason:   Error}}
> {{      Message:  skipping a dir without errors: /}}
> {{skipping a dir without errors: /bundle}}
> {{skipping all files in the dir: /dev}}
> {{skipping a dir without errors: /etc}}
> {{skipping a dir without errors: /manifests}}
> {{skipping a dir without errors: /metadata}}
> {{skipping all files in the dir: /proc}}
> {{skipping a dir without errors: /run}}
> {{skipping a dir without errors: /run/secrets}}
> {{skipping a dir without errors: /run/secrets/rhsm}}
> {{skipping a dir without errors: /run/secrets/rhsm/ca}}
> {{skipping all files in the dir: /sys}}
> {{skipping a dir without errors: /util}}
> {{skipping a dir without errors: /var}}
> {{skipping a dir without errors: /var/run}}
> {{skipping a dir without errors: /var/run/secrets}}
> {{skipping a dir without errors: /var/run/secrets/kubernetes.io}}
> {{skipping a dir without errors: 
> /var/run/secrets/kubernetes.io/serviceaccount}}
> {{skipping a dir without errors: 
> /var/run/secrets/kubernetes.io/serviceaccount/..2024_10_15_16_42_33.823288185}}
> {{&\{metadata/annotations.yaml manifests/}}}
> {{open manifests/flink-kubernetes-operator.clusterserviceversion.yaml: 
> permission denied}}
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Comment Edited] (FLINK-36544) Failing to generate OLM bundle (open manifests/flink-kubernetes-operator.clusterserviceversion.yaml: permission denied)

Reply via email to