Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 panic in config patch merger #8005

Closed
Tracked by #7561
Unix4ever opened this issue Nov 29, 2023 · 0 comments · Fixed by #8022
Closed
Tracked by #7561

🐛 panic in config patch merger #8005

Unix4ever opened this issue Nov 29, 2023 · 0 comments · Fixed by #8022
Assignees
@DmitriyMV

Comments

@Unix4ever
Copy link
Member

Unix4ever commented Nov 29, 2023
edited
Loading

Config patch example:

cluster:
  apiServer:
    admissionControl:
    - name: PodSecurity
      configuration:
        apiVersion: pod-security.admission.config.k8s.io/v1alpha1
        defaults:
          audit: restricted
          audit-version: latest
          enforce: baseline
          enforce-version: latest
          warn: restricted
        warn-version: latest
        exemptions:
        namespaces: #typo is here
          - rook-ceph
        kind: PodSecurityConfiguration

Fails when merged with:

cluster:
  apiServer:
    admissionControl:
    - name: PodSecurity
      configuration:
        apiVersion: pod-security.admission.config.k8s.io/v1alpha1
        defaults:
          audit: restricted
          audit-version: latest
          enforce: baseline
          enforce-version: latest
          warn: restricted
          warn-version: latest
        exemptions:
          namespaces:
            - kube-syste,
        kind: PodSecurityConfiguration

Stack trace:

goroutine 376 [running]:
runtime/debug.Stack()
	/usr/local/go/src/runtime/debug/stack.go:24 +0x5e
github.com/cosi-project/runtime/pkg/controller/runtime.(*adapter).runOnce.func2()
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/adapter.go:521 +0x58
panic({0x2a71800?, 0xc00485b110?})
	/usr/local/go/src/runtime/panic.go:914 +0x21f
reflect.Value.typeSlow({0x0?, 0x0?, 0x195?})
	/usr/local/go/src/reflect/value.go:2634 +0x113
reflect.Value.Type(...)
	/usr/local/go/src/reflect/value.go:2629
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2a9dfc0, 0xc00485b090, 0x195}, {0x2a9dfc0?, 0xc00485ae08?, 0x2a9dfc0?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:117 +0x10b3
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2badcc0, 0xc00485b090, 0x199}, {0x2badcc0?, 0xc00485ae08?, 0x2badcc0?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:162 +0xcd4
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2cb5720, 0xc00485b080, 0x199}, {0x2cb5720?, 0xc00485adf8?, 0x4d3f75?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:162 +0xcd4
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2c8fc00, 0xc00485b080, 0x16}, {0x2c8fc00?, 0xc00485adf8?, 0x18?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:71 +0x494
github.com/siderolabs/talos/pkg/machinery/config/merge.Merge({0x2c8fc00?, 0xc00485b080?}, {0x2c8fc00?, 0xc00485adf8?})
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:31 +0xd5
github.com/siderolabs/talos/pkg/machinery/config/types/v1alpha1.(*AdmissionPluginConfigList).mergeConfig(0xc002a16558, 0xc00485adf8)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/types/v1alpha1/v1alpha1_types.go:1170 +0x147
github.com/siderolabs/talos/pkg/machinery/config/types/v1alpha1.(*AdmissionPluginConfigList).Merge(0x2b1ca00?, {0x2b1ca00?, 0xc00485b0f8?})
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/types/v1alpha1/v1alpha1_types.go:1150 +0xb3
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2b1ca00, 0xc002a16558, 0x197}, {0x2b1ca00?, 0xc002a16158?, 0x2b1ca00?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:56 +0xa25
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2ed1780, 0xc002a16500, 0x199}, {0x2ed1780?, 0xc002a16100?, 0x2a9e380?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:162 +0xcd4
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2e591c0, 0xc004f554c8, 0x196}, {0x2e591c0?, 0xc00326f3a8?, 0x2e591c0?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:71 +0x494
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x3006be0, 0xc004f55440, 0x199}, {0x3006be0?, 0xc00326f320?, 0xc00213fbb8?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:162 +0xcd4
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2fe9580, 0xc005a2cc28, 0x196}, {0x2fe9580?, 0xc0030fd9d8?, 0x2fe9580?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:71 +0x494
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2e135c0, 0xc005a2cc00, 0x199}, {0x2e135c0?, 0xc0030fd9b0?, 0x1?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:162 +0xcd4
github.com/siderolabs/talos/pkg/machinery/config/merge.merge({0x2e592e0, 0xc005a2cc00, 0x16}, {0x2e592e0?, 0xc0030fd9b0?, 0x3077c4f?}, 0x0)
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:71 +0x494
github.com/siderolabs/talos/pkg/machinery/config/merge.Merge({0x2e592e0?, 0xc005a2cc00?}, {0x2e592e0?, 0xc0030fd9b0?})
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/merge/merge.go:31 +0xd5
github.com/siderolabs/talos/pkg/machinery/config/configpatcher.StrategicMerge({0x523b490?, 0xc002950dc0?}, {{0x523b490?, 0xc002950ac0?}})
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/configpatcher/strategic.go:48 +0x234
github.com/siderolabs/talos/pkg/machinery/config/configpatcher.Apply({0x51f6aa0?, 0xc005a2c420?}, {0xc002950b00?, 0x4, 0xc002610310?})
	/go/pkg/mod/github.com/siderolabs/talos/pkg/[email protected]/config/configpatcher/apply.go:101 +0x1b8
github.com/siderolabs/omni/internal/backend/runtime/omni/controllers/omni.clusterMachineConfigControllerHelper.generateConfig({}, 0xc00383da20, 0xc0032bf970, 0x5207d90?, 0xc0032bfc38?, 0x419d33?, 0x8000?, 0xc004c0ee70, {0x0, 0x0, ...})
	/src/internal/backend/runtime/omni/controllers/omni/cluster_machine_config.go:307 +0x895
github.com/siderolabs/omni/internal/backend/runtime/omni/controllers/omni.NewClusterMachineConfigController.func2({0x521c6c8, 0xc0031df180}, {0x7f986ca8c658, 0xc0005d8c80}, 0x7f98b3a135b8?, 0xc00383da20, 0xc004c0ebb0)
	/src/internal/backend/runtime/omni/controllers/omni/cluster_machine_config.go:155 +0xd4d
github.com/cosi-project/runtime/pkg/controller/generic/transform.NewController[...].func2({0x7f986cc87a80, 0xc0005d8c80}, 0xb0?, 0x2c78b80, 0xc0017f0a88?)
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/generic/transform/controller.go:119 +0x85
github.com/cosi-project/runtime/pkg/controller/generic/transform.(*Controller[...]).processInputs.func1()
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/generic/transform/controller.go:311 +0x93
github.com/cosi-project/runtime/pkg/controller/generic/transform.(*Controller[...].func2()
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/safe/writer.go:23 +0x31
github.com/cosi-project/runtime/pkg/state.coreWrapper.UpdateWithConflicts({{0x522f3b8?, 0xc000147c40?}}, {0x521c6c8, 0xc0031df180}, {0x5207d90, 0xc00383dd98}, 0xc003a4dad0, {0xc0082d2a98, 0x1, 0x1})
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/state/wrap.go:45 +0x1e8
github.com/cosi-project/runtime/pkg/controller/runtime.(*adapter).modify(0xc0005d8c80, {0x521c6c8, 0xc0031df180}, {0x5208720, 0xc00383dd90}, 0xc003a4dad0)
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/adapter.go:329 +0x6b1
github.com/cosi-project/runtime/pkg/controller/runtime.(*adapter).Modify(0x6dff9a0?, {0x521c6c8?, 0xc0031df180?}, {0x5208720?, 0xc00383dd90?}, 0xc0031df180?)
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/adapter.go:287 +0x27
github.com/cosi-project/runtime/pkg/safe.WriterModify[...](...)
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/safe/writer.go:17
github.com/cosi-project/runtime/pkg/controller/generic/transform.(*Controller[...]).processInputs(0x5253860, {0x521c6c8, 0xc0031df180?}, {0x523c220?, 0xc0005d8c80?}, 0xc00047d3b0?, 0xc0021419f8, {{0xc151fd8e2b218fa8, 0x268b4db9f8944, 0x6dc9760}, ...})
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/generic/transform/controller.go:310 +0xb0e
github.com/cosi-project/runtime/pkg/controller/generic/transform.(*Controller[...]).Run(0x5253860, {0x521c6c8, 0xc00020e870?}, {0x523c220?, 0xc0005d8c80}, 0xc00047d3b0)
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/generic/transform/controller.go:235 +0x473
github.com/cosi-project/runtime/pkg/controller/runtime.(*adapter).runOnce(0xc0005d8c80, {0x521c6c8, 0xc00020e870}, 0xc00047d3b0)
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/adapter.go:527 +0x11a
github.com/cosi-project/runtime/pkg/controller/runtime.(*adapter).run(0xc0005d8c80, {0x521c6c8, 0xc00020e870})
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/adapter.go:479 +0x191
github.com/cosi-project/runtime/pkg/controller/runtime.(*Runtime).Run.func1.1()
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/runtime.go:179 +0x5b
created by github.com/cosi-project/runtime/pkg/controller/runtime.(*Runtime).Run.func1 in goroutine 226
	/go/pkg/mod/github.com/cosi-project/[email protected]/pkg/controller/runtime/runtime.go:169 +0x245

The merge shouldn't panic even if the config is invalid.
@Unix4ever Unix4ever changed the title 🐛 Crash in config patch merger 🐛 panic in config patch merger Nov 29, 2023
@smira smira mentioned this issue Nov 29, 2023
Closed
@DmitriyMV DmitriyMV self-assigned this Dec 4, 2023
DmitriyMV added a commit to DmitriyMV/talos that referenced this issue Dec 4, 2023
@DmitriyMV
fix: do not panic in merge.Merge if map value is nil.
bb15828 
Checking for `zeroValue` is not enough when accessing `map[string]any`.

Closes siderolabs#8005

Signed-off-by: Dmitriy Matrenichev <[email protected]>
@DmitriyMV DmitriyMV mentioned this issue Dec 4, 2023
Merged
DmitriyMV added a commit to DmitriyMV/talos that referenced this issue Dec 4, 2023
@DmitriyMV
fix: do not panic in merge.Merge if map value is nil
658689a 
Checking for `zeroValue` is not enough when accessing `map[string]any`.

Closes siderolabs#8005

Signed-off-by: Dmitriy Matrenichev <[email protected]>
smira pushed a commit to smira/talos that referenced this issue Dec 8, 2023
@DmitriyMV @smira
fix: do not panic in merge.Merge if map value is nil
ecee92c 
Checking for `zeroValue` is not enough when accessing `map[string]any`.

Closes siderolabs#8005

Signed-off-by: Dmitriy Matrenichev <[email protected]>
(cherry picked from commit 6329222)
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@DmitriyMV DmitriyMV

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: do not panic in merge.Merge if map value is nil. DmitriyMV/talos
2 participants
@Unix4ever @DmitriyMV