Bug 2042444 - Build is not recognizing the USER group from an s2i image
Summary: Build is not recognizing the USER group from an s2i image
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Build
Version: 4.6.z
Hardware: All
OS: All
Target Milestone: ---
: 4.9.z
Assignee: Nalin Dahyabhai
QA Contact: Jitendar Singh
Depends On: 2021551
Blocks: 2053122
TreeView+ depends on / blocked
Reported: 2022-01-19 14:22 UTC by OpenShift BugZilla Robot
Modified: 2022-02-23 20:03 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2022-02-23 20:02:53 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift builder pull 280 0 None open [release-4.9] Bug 2042444: getAssembleUser(): strip the group part out before checking the UID 2022-01-19 14:22:18 UTC
Red Hat Product Errata RHSA-2022:0561 0 None None None 2022-02-23 20:03:23 UTC

Comment 4 Priti Kumari 2022-02-15 12:55:30 UTC
Verified with 4.9.0-0.nightly-2022-02-11-171352


> oc logs -f bc/nginx-container

Cloning "https://github.com/sclorg/nginx-container.git" ...
	Commit:	fdc9bd0d719a83c1cb61cafe72f6562a5aacff99 (Merge pull request #169 from sclorg/fix_build_and_push)
	Author:	Petr Hracek <phracek>
	Date:	Mon Feb 7 13:11:36 2022 +0100
time="2022-02-15T12:50:57Z" level=info msg="Not using native diff for overlay, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled"
I0215 12:50:57.623493       1 defaults.go:102] Defaulting to storage driver "overlay" with options [mountopt=metacopy=on].
Caching blobs under "/var/cache/blobs".
Trying to pull quay.io/pkumari/testing@sha256:5e6b2e85c6e2e97b79f2d96c174d71af98ba38242b8ed68e0a6467de64133598...
Adding transient rw bind mount for /run/secrets/rhsm
STEP 1/9: FROM quay.io/pkumari/testing@sha256:5e6b2e85c6e2e97b79f2d96c174d71af98ba38242b8ed68e0a6467de64133598
STEP 2/9: LABEL "io.openshift.build.image"="quay.io/pkumari/testing@sha256:5e6b2e85c6e2e97b79f2d96c174d71af98ba38242b8ed68e0a6467de64133598"       "io.openshift.build.commit.author"="Petr Hracek <phracek>"       "io.openshift.build.commit.date"="Mon Feb 7 13:11:36 2022 +0100"       "io.openshift.build.commit.id"="fdc9bd0d719a83c1cb61cafe72f6562a5aacff99"       "io.openshift.build.commit.ref"="master"       "io.openshift.build.commit.message"="Merge pull request #169 from sclorg/fix_build_and_push"       "io.openshift.build.source-location"="https://github.com/sclorg/nginx-container.git"       "io.openshift.build.source-context-dir"="1.20/test/test-app"
STEP 3/9: ENV OPENSHIFT_BUILD_NAME="nginx-container-1"     OPENSHIFT_BUILD_NAMESPACE="default"     OPENSHIFT_BUILD_SOURCE="https://github.com/sclorg/nginx-container.git"     OPENSHIFT_BUILD_COMMIT="fdc9bd0d719a83c1cb61cafe72f6562a5aacff99"
STEP 4/9: USER root
STEP 5/9: COPY upload/src /tmp/src
STEP 6/9: RUN chown -R 1001:0 /tmp/src
STEP 7/9: USER 1001
STEP 8/9: RUN /usr/libexec/s2i/assemble
---> Installing application source
---> Copying nginx.conf configuration file...
'./nginx.conf' -> '/etc/nginx/nginx.conf'
---> Copying nginx configuration files...
'./nginx-cfg/default.conf' -> '/opt/app-root/etc/nginx.d/default.conf'
---> Copying nginx default server configuration files...
'./nginx-default-cfg/alias.conf' -> '/opt/app-root/etc/nginx.default.d/alias.conf'
---> Copying nginx start-hook scripts...
STEP 9/9: CMD /usr/libexec/s2i/run
COMMIT temp.builder.openshift.io/default/nginx-container-1:8d33e774
time="2022-02-15T12:51:06Z" level=warning msg="Adding metacopy option, configured globally"
Getting image source signatures
Copying blob sha256:9eba3d93bf9f876a4ad4b370d50b428af0b857025df667b4c9f1fc9078453d84
Successfully tagged temp.builder.openshift.io/default/nginx-container-1:8d33e774

Pushing image image-registry.openshift-image-registry.svc:5000/default/nginx-container:latest ...
Getting image source signatures
Successfully pushed image-registry.openshift-image-registry.svc:5000/default/nginx-container@sha256:46eda5fd72f315e0e9c4733090b17cc271a7cc6b9e5fa1a8770a0fa01add851f
Push successful

Comment 7 errata-xmlrpc 2022-02-23 20:02:53 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.22 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.