Description of problem: If the MachineConfig spec.config.storage.files[].contents.compression field is set to "gzip", the MCD writes the corresponding file to the filesystem without decompressing it first. Version-Release number of selected component (if applicable): 4.8.0-0.nightly-2021-06-09-214128 How reproducible: Always Steps to Reproduce: 1. Apply the following MachineConfig: apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig metadata: labels: machineconfiguration.openshift.io/role: worker name: foo spec: config: ignition: version: 3.2.0 storage: files: - contents: compression: gzip source: data:;base64,H4sIAAAAAAAC/zSQQY4bMQwE7/OKfsBgXpHccs0DGKntEJBIWSINP3+htfcmQECxq/74ZIeOlR3Vm08sDUhnnChuiyUYOSFVh66idgebxonFiuoHNVf3imAfPqFWtGpNC2SgyT+fBOONJrrcTSBNHykX8DcOmnZIRdf9eNJU+olH6oL5ipkVfHEWDQl1Q7YmvfgbreswXbpPfTN1gC9QULx3r/42eKTEBfzaTMkgdObkx1btmByT/2mVUwNqeHrLERLEc7uCaxFFW/tpRDBxy7tKHLYXYchUiZwX8PtVOIK5S1rASxEWCZQcWiUkYG4Y07XS4jzWjqWGkm3INoffblpUULk492/3tnfITqQVXJ+02a/jKwAA//+jjAk6wQEAAA== path: /etc/test-file Actual results: /etc/test-file contains compressed data. Expected results: Either /etc/test-file contains readable text, or the MCD detects an unsupported field and marks the node degraded. Additional info: If the MC is applied on day 1, Ignition correctly writes the uncompressed version of the file.
https://github.com/coreos/butane/pull/244 disables automatic file compression in Butane and fails config validation if compression is manually specified.
Fortunately I don't believe I've seen anyone use the compression flag, but I do agree we should shore this up. I'm leaning towards also failing in the MCO if compression is specified, citing not supported, and adding that support when needed. Setting medium for now.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056