search

containers / udica

This repository contains a tool for generating SELinux security profiles for containers
GNU General Public License v3.0
488 stars 47 forks source link

Meta task silently fails with permission error #65

Closed cevich closed 4 years ago

cevich commented 4 years ago

Describe the bug

/usr/local/bin/entrypoint.sh |& ${_TIMESTAMP}
[01:18:08] START - All [+xxxx] lines that follow are relative to right now.
[+0001s] Activated service account credentials for: [imgts-654@SECRET.iam.gserviceaccount.com]
[+0003s] ERROR: (gcloud.compute.images.update) HTTPError 403: Required 'compute.images.get' permission for 'projects/SECRET/global/images/fedora-32-podman-6530021898584064'
[+0004s] ERROR: (gcloud.compute.images.update) HTTPError 403: Required 'compute.images.get' permission for 'projects/SECRET/global/images/fedora-31-podman-6530021898584064'
[01:18:12] END - [+0004s] total duration since START

To Reproduce

  1. Submit pull request or merge pull request

Expected behavior

The meta task should never fail, and probably shouldn't fail silently (my fault).

Additional context

I checked the permissions of the service account, and they appear to have 'compute.images.get' access.

cevich commented 4 years ago

I will investigate and have this fixed sometime in the next few days.