Description of problem: opm index prune will fail if the working directory does not have write permissions. Version-Release number of selected component (if applicable): - (4.6.22) Version: version.Version{OpmVersion:"v1.14.3-34-gd0b49148", GitCommit:"d0b49148a4f476f1403c7b8fd262173789009484", BuildDate:"2021-03-13T05:04:00Z", GoOs:"linux", GoArch:"amd64"} - (4.7.4) Version: version.Version{OpmVersion:"v1.15.4-6-ga97d366a", GitCommit:"a97d366a92d302ff2056fa2d19aa3e48b0fbc99c", BuildDate:"2021-03-20T23:23:02Z", GoOs:"linux", GoArch:"amd64"} - (4.8.0-0.nightly-2021-03-24-200346) ersion: version.Version{OpmVersion:"v1.16.0-49-g4b5d403b", GitCommit:"4b5d403b8b91dbb1141f46087fa13a6d0649a103", BuildDate:"2021-03-24T13:31:11Z", GoOs:"linux", GoArch:"amd64"} How reproducible: All the time, with all the mentioned versions Steps to Reproduce: mkdir /tmp/fail cd /tmp/fail chmod u-w . chmod o-w . REGISTRY_AUTH_FILE=/path/to/pull-secrets.txt \ opm index prune \ --from-index registry.redhat.io/redhat/redhat-operator-index:v${version} \ --packages performance-addon-operator,sriov-network-operator,ptp-operator,kubevirt-hyperconverged \ --tag ${local_registry}/redhat/redhat-operator-index:v4.6 Actual results: INFO[0000] pruning the index packages="[performance-addon-operator sriov-network-operator ptp-operator kubevirt-hyperconverged]" panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1724068] goroutine 1 [running]: github.com/operator-framework/operator-registry/pkg/lib/indexer.ImageIndexer.PruneFromIndex(0x1d8d2e0, 0xc0001d4578, 0x1dccba0, 0xc00000f9e0, 0x1d8f3e0, 0xc00000fa40, 0x0, 0x0, 0x0, 0x0, ...) /src/pkg/lib/indexer/indexer.go:253 +0x4c8 github.com/operator-framework/operator-registry/cmd/opm/index.runIndexPruneCmdFunc(0xc000482b00, 0xc0001a8c00, 0x0, 0x6, 0x0, 0x0) /src/cmd/opm/index/prune.go:120 +0x6d5 github.com/spf13/cobra.(*Command).execute(0xc000482b00, 0xc0001a8ba0, 0x6, 0x6, 0xc000482b00, 0xc0001a8ba0) /src/vendor/github.com/spf13/cobra/command.go:840 +0x47c github.com/spf13/cobra.(*Command).ExecuteC(0xc0002138c0, 0x1b806b0, 0x5, 0x0) /src/vendor/github.com/spf13/cobra/command.go:945 +0x336 github.com/spf13/cobra.(*Command).Execute(...) /src/vendor/github.com/spf13/cobra/command.go:885 main.main() /src/cmd/opm/main.go:39 +0x246 Expected results: An image should be created locally and tagged as defined. Additional info:
This is expected, as opm requires these permissions. In order to prune the existing image, it needs to be able to pull the old image down and unpack it locally in order to read its contents -- there is not currently a way for that to be done purely in memory. As a result, I'm closing this as NOTABUG. If you have further questions, feel free to reach out to the OLM team on our mailing list aos-odin or on our coreos slack channel forum-operator-fw.
I don't see how having a segfault could be considered not a bug. Anyway the command should display a meaningful error at least. And at most use a temporary directory in /tmp instead of doing it in the current directory.
I'm re-opening this as it should at least report an error that it can't write to the current directory instead of just segfaulting. I wasted time because the error message was not meaningful.
https://github.com/operator-framework/operator-registry/pull/610#issuecomment-807577824 The above PR should be considered.
verified. zhaoxia@xzha-mac fail % opm version Version: version.Version{OpmVersion:"0ba8af9f5", GitCommit:"0ba8af9f5f4f5445a5b47a187074cc084dd6f369", BuildDate:"2021-08-23T02:57:27Z", GoOs:"darwin", GoArch:"amd64"} zhaoxia@xzha-mac bug-1943284 % mkdir fail zhaoxia@xzha-mac bug-1943284 % cd fail zhaoxia@xzha-mac fail % chmod u-w . zhaoxia@xzha-mac fail % chmod o-w . zhaoxia@xzha-mac fail % opm index prune --from-index registry.redhat.io/redhat/redhat-operator-index:4.8 -p performance-addon-operator,sriov-network-operator,ptp-operator,kubevirt-hyperconverged -t quay.io/xzhao/redhat-operator-index-test:4.8 INFO[0000] pruning the index packages="[performance-addon-operator sriov-network-operator ptp-operator kubevirt-hyperconverged]" Error: mkdir index_build_tmp220531695: permission denied Usage: opm index prune [flags] Flags: -i, --binary-image opm container image for on-image opm command -c, --container-tool string tool to interact with container images (save, build, etc.). One of: [docker, podman] (default "podman") -f, --from-index string index to prune --generate if enabled, just creates the dockerfile and saves it to local disk -h, --help help for prune -d, --out-dockerfile string if generating the dockerfile, this flag is used to (optionally) specify a dockerfile name -p, --packages strings comma separated list of packages to keep --permissive allow registry load errors -t, --tag string custom tag for container image being built Global Flags: --skip-tls skip TLS certificate verification for container image registries while pulling bundles or index There is error message "mkdir index_build_tmp220531695: permission denied" LGTM, verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759