Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix conflict on heredoc temp files #5721

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix conflict on heredoc temp files #5721

wants to merge 1 commit into from

Conversation

kmichel-aiven
Copy link

What type of PR is this?

/kind bug

What this PR does / why we need it:

If two image builds start concurrently and they both use an heredoc with the same EOF marker, then they will use the same filename and overwrite each other.

It's possible for concurrent builds to either use the wrong heredoc content or to fail because the file of one build is deleted by the other, leading to this error message:

STEP 13/21: COPY <<EOF /file.conf

Error: building at STEP "COPY <<EOF /file.conf": reading "/var/tmp/EOF": copier: get: globs [/EOF] matched nothing (0 filtered out): no such file or directory

How to verify it

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?

@kmichel-aiven
Fix conflict on heredoc temp files
aba0beb 
If two image builds start concurrently and they both use an heredoc with the same EOF marker, then they will use the same filename and overwrite each other.

It's possible for concurrent builds to either use the wrong heredoc content or to fail because the file of one build is deleted by the other, leading to this error message:

```
STEP 13/21: COPY <<EOF /file.conf

Error: building at STEP "COPY <<EOF /file.conf": reading "/var/tmp/EOF": copier: get: globs [/EOF] matched nothing (0 filtered out): no such file or directory
```

Signed-off-by: Kevin Michel <[email protected]>
@openshift-ci openshift-ci bot added do-not-merge/work-in-progress kind/bug Categorizes issue or PR as related to a bug. labels Sep 5, 2024
@kmichel-aiven
Copy link
Author

I would like to add tests but I'm not familiar with the project, what would be the best place to add these ?

(I've tried adding to bud.bats but run_buildah doesn't seem ready to test concurrent operations.)

@kmichel-aiven kmichel-aiven marked this pull request as ready for review September 5, 2024 08:32
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 6, 2024

A friendly reminder that this PR had no activity for 30 days.

@github-actions github-actions bot added stale-pr and removed stale-pr labels Oct 6, 2024
@TomSweeneyRedHat
Copy link
Member

@edsantiago thoughts on tests ?

@edsantiago
Copy link
Member

I see no reason for tests. However, @kmichel-aiven , could you please clean up your git commit, and rebase?

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 4, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: kmichel-aiven
Once this PR has been reviewed and has the lgtm label, please assign tomsweeneyredhat for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@TomSweeneyRedHat TomSweeneyRedHat added the No New Tests Allow PR to proceed without adding regression tests label Nov 20, 2024
@TomSweeneyRedHat
Copy link
Member

@flouthoc if you get a minute to look at this one, I'd appreciate it.

@nalind
Copy link
Member

nalind commented Nov 21, 2024
edited
Loading

This isn't going to work as intended when the destination for a COPY with a heredoc is a directory - the destination file's name should be the same as the delimiter, and os.CreateTemp() will create a file with a name that has a suffix added to ensure that it's unique. If it used os.MkdirTemp(), and placed the file in the resulting directory (deferring removal of the directory as well as the file), I think it would work as intended.
The "bud build with heredoc content" integration test should suffice to catch that, so I'll add the no-new-tests-needed label so that it can be run.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. No New Tests Allow PR to proceed without adding regression tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kmichel-aiven @TomSweeneyRedHat @edsantiago @nalind