Skip to content

OCPBUGS-55489: removes unintended exec permissions#1285

Merged
openshift-merge-bot[bot] merged 2 commits intoopenshift:mainfrom
aguidirh:ocpbugs-55489
Oct 14, 2025
Merged

OCPBUGS-55489: removes unintended exec permissions#1285
openshift-merge-bot[bot] merged 2 commits intoopenshift:mainfrom
aguidirh:ocpbugs-55489

Conversation

@aguidirh
Copy link
Contributor

@aguidirh aguidirh commented Oct 2, 2025
edited
Loading

Description

Some files (digest and delete files) created by oc-mirror had unintended exec permissions and also during the archive the exec permission was being added on some files, changing in this way the original permissions of the files.

Limitations of the PR: the artifacts generated by go-containerregistry (graph image and filtered catalog) are generated with exec permissions as shown below:

find ./alex-tests/ocpbugs-55489/ -type f -executable -exec ls {} +
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/blobs/sha256/8d923108fe704ab06bd261497dad225138faea6ee75a111aea54b386694263e2
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/index.json
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/oci-layout
./alex-tests/ocpbugs-55489/working-dir/operator-catalogs/redhat-operator-index/f194f18577dac4c8952d8e3413e4677ff389e35cb281fa4573b0258a0f7c4daf/filtered-catalogs/710634675b9d5cc86a6fab0deb415b5f/filtered-catalog-image/blobs/sha256/06c3dcb16e59efcc413433291e0b60b38b9a42c400803bbf68715abad2c7c693

The limitation above is going to be covered in a separate PR (CLID-463).

Github / Jira issue: OCPBUGS-55489

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

With the following image set config:

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v2alpha1
mirror:
  platform:
    channels:
    - name: stable-4.17
      minVersion: 4.17.0
      maxVersion: 4.17.0
    graph: true
  operators:
    - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.20
      packages:
       - name: aws-load-balancer-operator
         channels:
           - name: stable-v1
  additionalImages: 
   - name: registry.redhat.io/ubi8/ubi:latest
  helm:
    repositories:
      - name: podinfo
        url: https://stefanprodan.github.io/podinfo
        charts:
          - name: podinfo
            version: 5.0.0
      - name: sbo
        url: https://redhat-developer.github.io/service-binding-operator-helm-chart/
      - name: cosigned
        url: https://sigstore.github.io/helm-charts
        charts:
          - name: cosigned
            version: 0.1.23

m2d/d2m and m2m

Expected Outcome

The filtered catalog should run without issues:

podman pull localhost:5000/redhat/redhat-operator-index:v4.20 --tls-verify=false

Trying to pull localhost:5000/redhat/redhat-operator-index:v4.20...
Getting image source signatures
Copying blob 826fb35fe302 done   | 
Copying blob 38c7eb68cd95 skipped: already exists  
Copying blob 25c75c34b2e2 skipped: already exists  
Copying blob 04ef00d712bf done   | 
Copying blob 3357f22ae62e done   | 
Copying blob b767765d861c done   | 
Copying blob 8c14660ccaa0 done   | 
Copying config 6c07f79e3e done   | 
Writing manifest to image destination
6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

podman run 6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

time="2025-10-02T17:21:04Z" level=warning msg="unable to set termination log path" error="open /dev/termination-log: permission denied"
time="2025-10-02T17:21:04Z" level=info msg="starting pprof endpoint" address="localhost:6060"
time="2025-10-02T17:21:04Z" level=info msg="cache directory is empty, using preferred backend" backend=pogreb.v1 cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="building cache" cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="serving registry" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051
time="2025-10-02T17:21:04Z" level=info msg="stopped caching cpu profile data" address="localhost:6060"
^Ctime="2025-10-02T17:21:37Z" level=info msg="shutting down server" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051

@aguidirh
OCPBUGS-55489: removes unintended exec permissions
89e4f26 
Some files created by oc-mirror had unintended exec permissions and also
during the archive the exec permission was being added on some files,
changing in this way the original permissions of the files.

Signed-off-by: Alex Guidi <aguidi@redhat.com>
@openshift-ci-robot openshift-ci-robot added jira/severity-low Referenced Jira bug's severity is low for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. labels Oct 2, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Oct 2, 2025

@aguidirh: This pull request references Jira Issue OCPBUGS-55489, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.21.0) matches configured target version for branch (4.21.0)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @nidangavali

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Description

Some files (digest and delete files) created by oc-mirror had unintended exec permissions and also during the archive the exec permission was being added on some files, changing in this way the original permissions of the files.

Limitations of the PR: the artifacts generated by go-containerregistry (graph image and filtered catalog) are generated with exec permissions as shown below:

find ./alex-tests/ocpbugs-55489/ -type f -executable -exec ls {} +
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/blobs/sha256/8d923108fe704ab06bd261497dad225138faea6ee75a111aea54b386694263e2
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/index.json
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/oci-layout
./alex-tests/ocpbugs-55489/working-dir/operator-catalogs/redhat-operator-index/f194f18577dac4c8952d8e3413e4677ff389e35cb281fa4573b0258a0f7c4daf/filtered-catalogs/710634675b9d5cc86a6fab0deb415b5f/filtered-catalog-image/blobs/sha256/06c3dcb16e59efcc413433291e0b60b38b9a42c400803bbf68715abad2c7c693

The limitation above is going to be covered in a separate PR.

Github / Jira issue: OCPBUGS-55489

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

With the following image set config:

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v2alpha1
mirror:
 platform:
   channels:
   - name: stable-4.17
     minVersion: 4.17.0
     maxVersion: 4.17.0
   graph: true
 operators:
   - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.20
     packages:
      - name: aws-load-balancer-operator
        channels:
          - name: stable-v1
 additionalImages: 
  - name: registry.redhat.io/ubi8/ubi:latest
 helm:
   repositories:
     - name: podinfo
       url: https://stefanprodan.github.io/podinfo
       charts:
         - name: podinfo
           version: 5.0.0
     - name: sbo
       url: https://redhat-developer.github.io/service-binding-operator-helm-chart/
     - name: cosigned
       url: https://sigstore.github.io/helm-charts
       charts:
         - name: cosigned
           version: 0.1.23

m2d/d2m and m2m

Expected Outcome

The filtered catalog should run without issues:

podman pull localhost:5000/redhat/redhat-operator-index:v4.20 --tls-verify=false

Trying to pull localhost:5000/redhat/redhat-operator-index:v4.20...
Getting image source signatures
Copying blob 826fb35fe302 done   | 
Copying blob 38c7eb68cd95 skipped: already exists  
Copying blob 25c75c34b2e2 skipped: already exists  
Copying blob 04ef00d712bf done   | 
Copying blob 3357f22ae62e done   | 
Copying blob b767765d861c done   | 
Copying blob 8c14660ccaa0 done   | 
Copying config 6c07f79e3e done   | 
Writing manifest to image destination
6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

podman run 6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

time="2025-10-02T17:21:04Z" level=warning msg="unable to set termination log path" error="open /dev/termination-log: permission denied"
time="2025-10-02T17:21:04Z" level=info msg="starting pprof endpoint" address="localhost:6060"
time="2025-10-02T17:21:04Z" level=info msg="cache directory is empty, using preferred backend" backend=pogreb.v1 cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="building cache" cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="serving registry" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051
time="2025-10-02T17:21:04Z" level=info msg="stopped caching cpu profile data" address="localhost:6060"
^Ctime="2025-10-02T17:21:37Z" level=info msg="shutting down server" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested review from nidangavali and r4f4 October 2, 2025 18:21
@openshift-ci
Copy link

openshift-ci bot commented Oct 2, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aguidirh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 2, 2025
@aguidirh aguidirh changed the title OCPBUGS-55489: removes unintended exec permissions WIP: OCPBUGS-55489: removes unintended exec permissions Oct 2, 2025
@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 2, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Oct 3, 2025

@aguidirh: This pull request references Jira Issue OCPBUGS-55489, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.21.0) matches configured target version for branch (4.21.0)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @nidangavali

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Description

Some files (digest and delete files) created by oc-mirror had unintended exec permissions and also during the archive the exec permission was being added on some files, changing in this way the original permissions of the files.

Limitations of the PR: the artifacts generated by go-containerregistry (graph image and filtered catalog) are generated with exec permissions as shown below:

find ./alex-tests/ocpbugs-55489/ -type f -executable -exec ls {} +
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/blobs/sha256/8d923108fe704ab06bd261497dad225138faea6ee75a111aea54b386694263e2
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/index.json
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/oci-layout
./alex-tests/ocpbugs-55489/working-dir/operator-catalogs/redhat-operator-index/f194f18577dac4c8952d8e3413e4677ff389e35cb281fa4573b0258a0f7c4daf/filtered-catalogs/710634675b9d5cc86a6fab0deb415b5f/filtered-catalog-image/blobs/sha256/06c3dcb16e59efcc413433291e0b60b38b9a42c400803bbf68715abad2c7c693

The limitation above is going to be covered in a separate PR (CLID-463).

Github / Jira issue: OCPBUGS-55489

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

With the following image set config:

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v2alpha1
mirror:
 platform:
   channels:
   - name: stable-4.17
     minVersion: 4.17.0
     maxVersion: 4.17.0
   graph: true
 operators:
   - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.20
     packages:
      - name: aws-load-balancer-operator
        channels:
          - name: stable-v1
 additionalImages: 
  - name: registry.redhat.io/ubi8/ubi:latest
 helm:
   repositories:
     - name: podinfo
       url: https://stefanprodan.github.io/podinfo
       charts:
         - name: podinfo
           version: 5.0.0
     - name: sbo
       url: https://redhat-developer.github.io/service-binding-operator-helm-chart/
     - name: cosigned
       url: https://sigstore.github.io/helm-charts
       charts:
         - name: cosigned
           version: 0.1.23

m2d/d2m and m2m

Expected Outcome

The filtered catalog should run without issues:

podman pull localhost:5000/redhat/redhat-operator-index:v4.20 --tls-verify=false

Trying to pull localhost:5000/redhat/redhat-operator-index:v4.20...
Getting image source signatures
Copying blob 826fb35fe302 done   | 
Copying blob 38c7eb68cd95 skipped: already exists  
Copying blob 25c75c34b2e2 skipped: already exists  
Copying blob 04ef00d712bf done   | 
Copying blob 3357f22ae62e done   | 
Copying blob b767765d861c done   | 
Copying blob 8c14660ccaa0 done   | 
Copying config 6c07f79e3e done   | 
Writing manifest to image destination
6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

podman run 6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

time="2025-10-02T17:21:04Z" level=warning msg="unable to set termination log path" error="open /dev/termination-log: permission denied"
time="2025-10-02T17:21:04Z" level=info msg="starting pprof endpoint" address="localhost:6060"
time="2025-10-02T17:21:04Z" level=info msg="cache directory is empty, using preferred backend" backend=pogreb.v1 cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="building cache" cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="serving registry" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051
time="2025-10-02T17:21:04Z" level=info msg="stopped caching cpu profile data" address="localhost:6060"
^Ctime="2025-10-02T17:21:37Z" level=info msg="shutting down server" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@aguidirh
ignoring gosec for files which requires read perm
5d4493a 
Signed-off-by: Alex Guidi <aguidi@redhat.com>
@aguidirh aguidirh changed the title WIP: OCPBUGS-55489: removes unintended exec permissions OCPBUGS-55489: removes unintended exec permissions Oct 3, 2025
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 3, 2025
@openshift-ci
Copy link

openshift-ci bot commented Oct 3, 2025

@aguidirh: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/okd-scos-e2e-aws-ovn 5d4493a link false /test okd-scos-e2e-aws-ovn

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

r4f4
r4f4 reviewed Oct 6, 2025
View reviewed changes
Copy link
Contributor

@r4f4 r4f4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 6, 2025
@MayXuQQ
Copy link

MayXuQQ commented Oct 14, 2025

@aguidirh pre-merge with main@222b0713, merging: #1285 5d4493a
after m2d, the following files has executable flag , is it expected?
$ find ./test/ -type f -executable -exec ls {} + | xargs ls -la
-rwxr-xr-x. 1 fedora fedora 970 Oct 14 07:47 ./test/working-dir/graph-preparation/blobs/sha256/90671bf7c6039515bf7a25797fa4d4f0c82ced416ec29e54b55364b6ada14295
-rwxr-xr-x. 1 fedora fedora 340 Oct 14 07:47 ./test/working-dir/graph-preparation/index.json
-rwxr-xr-x. 1 fedora fedora 37 Oct 14 07:47 ./test/working-dir/graph-preparation/oci-layout
-rwxr-xr-x. 1 fedora fedora 901 Oct 14 07:48 ./test/working-dir/operator-catalogs/redhat-operator-index/160d4cb90c5d3a1c57858ae429fd31f731972a8a7697cae1a44192e52f5b7aee/filtered-catalogs/710634675b9d5cc86a6fab0deb415b5f/filtered-catalog-image/blobs/sha256/884eddff5a9b8701fe5d2cc817b049697cae7807be5acb08d3b77cc3b62824c2

@aguidirh
Copy link
Contributor Author

aguidirh commented Oct 14, 2025

@aguidirh pre-merge with main@222b0713, merging: #1285 5d4493a after m2d, the following files has executable flag , is it expected? $ find ./test/ -type f -executable -exec ls {} + | xargs ls -la -rwxr-xr-x. 1 fedora fedora 970 Oct 14 07:47 ./test/working-dir/graph-preparation/blobs/sha256/90671bf7c6039515bf7a25797fa4d4f0c82ced416ec29e54b55364b6ada14295 -rwxr-xr-x. 1 fedora fedora 340 Oct 14 07:47 ./test/working-dir/graph-preparation/index.json -rwxr-xr-x. 1 fedora fedora 37 Oct 14 07:47 ./test/working-dir/graph-preparation/oci-layout -rwxr-xr-x. 1 fedora fedora 901 Oct 14 07:48 ./test/working-dir/operator-catalogs/redhat-operator-index/160d4cb90c5d3a1c57858ae429fd31f731972a8a7697cae1a44192e52f5b7aee/filtered-catalogs/710634675b9d5cc86a6fab0deb415b5f/filtered-catalog-image/blobs/sha256/884eddff5a9b8701fe5d2cc817b049697cae7807be5acb08d3b77cc3b62824c2

This is expected @MayXuQQ. These are the limitations I mentioned in the description of the PR, they are going to be covered in a separate PR when we have time to work on CLID-463.

@aguidirh
Copy link
Contributor Author

aguidirh commented Oct 14, 2025

/cherry-pick release-4.20 release-4.19 release-4.18

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Oct 14, 2025

@aguidirh: once the present PR merges, I will cherry-pick it on top of release-4.20 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick release-4.20 release-4.19 release-4.18

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@MayXuQQ
Copy link

MayXuQQ commented Oct 14, 2025

/verified by @MayXuQQ
tested m2d d2m & m2m

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Oct 14, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Oct 14, 2025

@MayXuQQ: This PR has been marked as verified by @MayXuQQ.

Details

In response to this:

/verified by @MayXuQQ
tested m2d d2m & m2m

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-merge-bot openshift-merge-bot bot merged commit d2e93e0 into openshift:main Oct 14, 2025
9 of 10 checks passed
@openshift-ci-robot
Copy link

openshift-ci-robot commented Oct 14, 2025

@aguidirh: Jira Issue Verification Checks: Jira Issue OCPBUGS-55489
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-55489 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

Description

Some files (digest and delete files) created by oc-mirror had unintended exec permissions and also during the archive the exec permission was being added on some files, changing in this way the original permissions of the files.

Limitations of the PR: the artifacts generated by go-containerregistry (graph image and filtered catalog) are generated with exec permissions as shown below:

find ./alex-tests/ocpbugs-55489/ -type f -executable -exec ls {} +
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/blobs/sha256/8d923108fe704ab06bd261497dad225138faea6ee75a111aea54b386694263e2
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/index.json
./alex-tests/ocpbugs-55489/working-dir/graph-preparation/oci-layout
./alex-tests/ocpbugs-55489/working-dir/operator-catalogs/redhat-operator-index/f194f18577dac4c8952d8e3413e4677ff389e35cb281fa4573b0258a0f7c4daf/filtered-catalogs/710634675b9d5cc86a6fab0deb415b5f/filtered-catalog-image/blobs/sha256/06c3dcb16e59efcc413433291e0b60b38b9a42c400803bbf68715abad2c7c693

The limitation above is going to be covered in a separate PR (CLID-463).

Github / Jira issue: OCPBUGS-55489

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

With the following image set config:

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v2alpha1
mirror:
 platform:
   channels:
   - name: stable-4.17
     minVersion: 4.17.0
     maxVersion: 4.17.0
   graph: true
 operators:
   - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.20
     packages:
      - name: aws-load-balancer-operator
        channels:
          - name: stable-v1
 additionalImages: 
  - name: registry.redhat.io/ubi8/ubi:latest
 helm:
   repositories:
     - name: podinfo
       url: https://stefanprodan.github.io/podinfo
       charts:
         - name: podinfo
           version: 5.0.0
     - name: sbo
       url: https://redhat-developer.github.io/service-binding-operator-helm-chart/
     - name: cosigned
       url: https://sigstore.github.io/helm-charts
       charts:
         - name: cosigned
           version: 0.1.23

m2d/d2m and m2m

Expected Outcome

The filtered catalog should run without issues:

podman pull localhost:5000/redhat/redhat-operator-index:v4.20 --tls-verify=false

Trying to pull localhost:5000/redhat/redhat-operator-index:v4.20...
Getting image source signatures
Copying blob 826fb35fe302 done   | 
Copying blob 38c7eb68cd95 skipped: already exists  
Copying blob 25c75c34b2e2 skipped: already exists  
Copying blob 04ef00d712bf done   | 
Copying blob 3357f22ae62e done   | 
Copying blob b767765d861c done   | 
Copying blob 8c14660ccaa0 done   | 
Copying config 6c07f79e3e done   | 
Writing manifest to image destination
6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

podman run 6c07f79e3e6044f645864427a0c75230efd1e6692601c391aaf0bd491fa9337a

time="2025-10-02T17:21:04Z" level=warning msg="unable to set termination log path" error="open /dev/termination-log: permission denied"
time="2025-10-02T17:21:04Z" level=info msg="starting pprof endpoint" address="localhost:6060"
time="2025-10-02T17:21:04Z" level=info msg="cache directory is empty, using preferred backend" backend=pogreb.v1 cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="building cache" cache=/tmp/opm-serve-cache-3597748308 configs=/configs
time="2025-10-02T17:21:04Z" level=info msg="serving registry" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051
time="2025-10-02T17:21:04Z" level=info msg="stopped caching cpu profile data" address="localhost:6060"
^Ctime="2025-10-02T17:21:37Z" level=info msg="shutting down server" cache=/tmp/opm-serve-cache-3597748308 configs=/configs port=50051

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Oct 14, 2025

@aguidirh: new pull request created: #1291

Details

In response to this:

/cherry-pick release-4.20 release-4.19 release-4.18

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Oct 14, 2025
Merged
@openshift-merge-robot
Copy link
Contributor

openshift-merge-robot commented Oct 15, 2025

Fix included in accepted release 4.21.0-0.nightly-2025-10-15-101012

This was referenced Jan 6, 2026
Open
Merged
@sebrandon1
Copy link
Member

sebrandon1 commented Jan 6, 2026

Update to Related PRs: The assisted-service PR has been recreated as openshift/assisted-service#8718 (replacing the previously linked #8716 which contained unrelated files).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r4f4 r4f4 r4f4 left review comments

@nidangavali nidangavali Awaiting requested review from nidangavali

Assignees

@r4f4 r4f4

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/severity-low Referenced Jira bug's severity is low for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@aguidirh @openshift-ci-robot @MayXuQQ @openshift-cherrypick-robot @openshift-merge-robot @sebrandon1 @r4f4