Skip to content

rorfs for cacheless lacks write access to /tmp/ to generate cache #3640

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 5, 2025
Merged

rorfs for cacheless lacks write access to /tmp/ to generate cache #3640

merged 2 commits into from
Sep 5, 2025

Conversation

grokspawn
Copy link
Contributor

@grokspawn grokspawn commented Sep 2, 2025
edited
Loading

Description of the change:
when we are using extractContent, but w/o extractContent.CacheDir, ensure that we have write permissions to /tmp/ by creating an emptydir volume there.

Motivation for the change:
When there is no provided CacheDir, our recent changes to set SecurityContext{ReadOnlyFilesystem: ptr.To(true)} will not allow writing to /tmp/. However, opm will need to generate a cache and cannot be told another directory to use.

Architectural changes:

Testing remarks:
#3614 passed CI with no errors, both unit which covered ExtractContent functionality including w/o CacheDir.

This is because while the unit tests validated the shape of the resulting pods but not the pods' viability in a cluster (i.e. could the pods walk the initcontainer chain successfully and bring the GRPC service up).

ginkgo test "gRPC address catalog source" does evaluate catsrc pod viability using extractContent, but never as cacheless.

Reviewer Checklist

  • Implementation matches the proposed design, or proposal is updated to match implementation
  • Sufficient unit test coverage
  • Sufficient end-to-end test coverage
  • Bug fixes are accompanied by regression test(s)
  • e2e tests and flake fixes are accompanied evidence of flake testing, e.g. executing the test 100(0) times
  • tech debt/todo is accompanied by issue link(s) in comments in the surrounding code
  • Tests are comprehensible, e.g. Ginkgo DSL is being used appropriately
  • Docs updated or added to /doc
  • Commit messages sensible and descriptive
  • Tests marked as [FLAKE] are truly flaky and have an issue
  • Code is properly formatted

@grokspawn
rorfs for cacheless lacks write access to /tmp/ to generate cache
acdd77f 
Signed-off-by: grokspawn <jordan@nimblewidget.com>
joelanford
joelanford reviewed Sep 2, 2025
View reviewed changes
@grokspawn
review updates
c757434 
Signed-off-by: grokspawn <jordan@nimblewidget.com>
@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Sep 5, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Sep 5, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: perdasilva

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 5, 2025
@openshift-merge-bot openshift-merge-bot bot merged commit f631348 into operator-framework:master Sep 5, 2025
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joelanford joelanford joelanford left review comments

@perdasilva perdasilva perdasilva approved these changes

@camilamacedo86 camilamacedo86 Awaiting requested review from camilamacedo86

@oceanc80 oceanc80 Awaiting requested review from oceanc80

Assignees

@perdasilva perdasilva

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@grokspawn @joelanford @perdasilva