search

kubernetes / git-sync

A sidecar app which clones a git repo and keeps it in sync with the upstream.
Apache License 2.0
2.14k stars 409 forks source link

Wrong path for check of local git hash #847

Closed MaksonHerson closed 7 months ago

MaksonHerson commented 7 months ago

Hello! In my instance I specify GITSYNC_ROOT = /bitnami/gitsync. According this all actions with git hash (change, update) must perform at the /bitnami/gitsync path. But I encountered with next problem: my gitsync instance try to work with git stuff files at /gitsync/ directory. So in logs I met circling errors:

{"logger":"","ts":"2023-12-08 11:54:49.235889","caller":{"file":"main.go","line":1624},"level":0,"msg":"worktree failed checks or was empty","path":"/gitsync/.worktrees/3abb97bee2cd587231968a0cbc6b3d700898b266"}

{"logger":"","ts":"2023-12-08 11:54:49.727507","caller":{"file":"main.go","line":1682},"msg":"can't change stale worktree mtime","error":"mkdir /gitsync: permission denied","path":"/gitsync/.worktrees/3abb97bee2cd587231968a0cbc6b3d700898b266"}

Logically these checks must perform at dir, specified at GITSYNC_ROOT variable. But it seems like it try to

Here is piece of it's manifest:

    sidecars:
      - name: git-sync
        image: registry.k8s.io/git-sync/git-sync:v4.1.0
        imagePullPolicy: IfNotPresent
        envFrom:
          - secretRef:
              name: kps-git-sync
        env:
          - name: GITSYNC_USERNAME
            value: kps-git-sync
          - name: GITSYNC_REPO
            value: https://git.example.org/file.git
          - name: GITSYNC_ROOT
            value: /bitnami/gitsync
          - name: GITSYNC_LINK
            value: /bitnami/wordpress/wp-content/themes/my-theme
          - name: GITSYNC_PERIOD
            value: "10s"
          - name: GITSYNC_MAX_FAILURES
            value: "-1"
        volumeMounts:
          - mountPath: /bitnami
            name: data
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          runAsNonRoot: true
          runAsUser: 1001

Gitsync works inside k8s sidecar and runs like none root user. User 1001 cant create nothing at / as he is none root user. And as I understand he does not need it at all (because /bitnami/gitsync is his workdir). Also have to say that gitsync works correct and I have the problem with this logs only.

What should I do to escape this error?

thockin commented 7 months ago

Can you run with -v 6 and post full logs, including the beginning (all the flags) and everything up to this error?

There is no place where "gitsync" is hardcoded, so something is mis-parsing.

thockin commented 7 months ago

Aha, I think I found the bug. Will have to think about how to fix it. Relative paths are hard :)

thockin commented 7 months ago

https://github.com/kubernetes/git-sync/pull/848