From 7aa817853c1ba4cb2d97bfc14c2657a5ff54da99 Mon Sep 17 00:00:00 2001 From: Joe Lanford Date: Wed, 9 Sep 2020 14:53:19 -0400 Subject: [PATCH 1/2] Fix an issue in `run packagemanifests` where the registry server writes files in locations that require root. --- .../fragments/run-pkgmnfs-writable-dir.yaml | 5 +++++ .../operator/registry/configmap/deployment.go | 19 +++++++++---------- 2 files changed, 14 insertions(+), 10 deletions(-) create mode 100644 changelog/fragments/run-pkgmnfs-writable-dir.yaml diff --git a/changelog/fragments/run-pkgmnfs-writable-dir.yaml b/changelog/fragments/run-pkgmnfs-writable-dir.yaml new file mode 100644 index 0000000000..7dbae3a846 --- /dev/null +++ b/changelog/fragments/run-pkgmnfs-writable-dir.yaml @@ -0,0 +1,5 @@ +entries: + - description: > + Fix an issue in `run packagemanifests` where the registry server + writes files in locations that require root. + kind: bugfix diff --git a/internal/olm/operator/registry/configmap/deployment.go b/internal/olm/operator/registry/configmap/deployment.go index 70a0e4cfe6..ece5e4dcab 100644 --- a/internal/olm/operator/registry/configmap/deployment.go +++ b/internal/olm/operator/registry/configmap/deployment.go @@ -31,11 +31,12 @@ const ( registryBaseImage = "quay.io/operator-framework/upstream-registry-builder:latest" // The port registry-server will listen on within a container. registryGRPCPort = 50051 - // Path of the bundle database generated by initializer. - regisryDBName = "bundle.db" - // Path of the log file generated by registry-server. - // TODO(estroz): have this log file in an obvious place, ex. /var/log. - registryLogFile = "termination.log" + // Path of the bundle database generated by initializer. Use /tmp since it is + // typically world-writable. + registryDBName = "/tmp/bundle.db" + // Path of the log file generated by registry-server. Use /tmp since it is + // typically world-writable. + registryLogFile = "/tmp/termination.log" ) func getRegistryServerName(pkgName string) string { @@ -102,12 +103,10 @@ func withContainerVolumeMounts(volName string, paths ...string) func(*appsv1.Dep // 1. Runs a database initializer on the manifests in the /registry // directory. // 2. Runs an operator-registry server serving the bundle database. -// The database must be in /registry directory. func getDBContainerCmd(dbPath, logPath string) string { - cdCmd := "cd /registry" - initCmd := fmt.Sprintf("/bin/initializer -o %s", dbPath) + initCmd := fmt.Sprintf("/bin/initializer -o %s -m %s", dbPath, containerManifestsDir) srvCmd := fmt.Sprintf("/bin/registry-server -d %s -t %s", dbPath, logPath) - return fmt.Sprintf("%s && %s && %s", cdCmd, initCmd, srvCmd) + return fmt.Sprintf("%s && %s", initCmd, srvCmd) } // withRegistryGRPCContainer returns a function that appends a container @@ -121,7 +120,7 @@ func withRegistryGRPCContainer(pkgName string) func(*appsv1.Deployment) { Args: []string{ "-c", // TODO(estroz): grab logs and print if error - getDBContainerCmd(regisryDBName, registryLogFile), + getDBContainerCmd(registryDBName, registryLogFile), }, Ports: []corev1.ContainerPort{ {Name: "registry-grpc", ContainerPort: registryGRPCPort}, From d821002adfaf30437b1a8c38a0d961b4a069c3de Mon Sep 17 00:00:00 2001 From: Joe Lanford Date: Thu, 10 Sep 2020 20:05:10 -0400 Subject: [PATCH 2/2] registry pod: set workingDir to /tmp --- internal/olm/operator/registry/configmap/deployment.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/internal/olm/operator/registry/configmap/deployment.go b/internal/olm/operator/registry/configmap/deployment.go index ece5e4dcab..067169a98f 100644 --- a/internal/olm/operator/registry/configmap/deployment.go +++ b/internal/olm/operator/registry/configmap/deployment.go @@ -114,9 +114,10 @@ func getDBContainerCmd(dbPath, logPath string) string { // pod template spec. func withRegistryGRPCContainer(pkgName string) func(*appsv1.Deployment) { container := corev1.Container{ - Name: getRegistryServerName(pkgName), - Image: registryBaseImage, - Command: []string{"/bin/sh"}, + Name: getRegistryServerName(pkgName), + Image: registryBaseImage, + WorkingDir: "/tmp", + Command: []string{"/bin/sh"}, Args: []string{ "-c", // TODO(estroz): grab logs and print if error