OPA v0.27.0 crashes with s3_signing configured #3255

anderseknert · 2021-03-11T22:00:40Z

OPA v0.27.0 crashes with s3_signing configured as the service credential. This is due to the new logger implementation not being instantiated in the NewClient call on the awsSigningAuthPlugin.

$ opa run --config-file config.yaml
INFO[0000] Starting bundle downloader.                   name=authz plugin=bundle
OPA 0.27.0 (commit , built at )

Run 'help' to see a list of commands and check for updates.

> panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x1661e6e]

goroutine 23 [running]:
github.com/open-policy-agent/opa/plugins/rest.(*awsSigningAuthPlugin).Prepare(0xc0003e7260, 0xc0000b4100, 0x3e00008, 0xc0003e7260)
	github.com/open-policy-agent/opa/plugins/rest/rest_auth.go:466 +0x2e
github.com/open-policy-agent/opa/plugins/rest.(*Config).authPrepare(0xc0001bb970, 0xc0000b4100, 0xc0003e8080, 0x0, 0x1)
	github.com/open-policy-agent/opa/plugins/rest/rest.go:101 +0x7d
github.com/open-policy-agent/opa/plugins/rest.Client.Do(0x0, 0x0, 0xc0002ebea0, 0x5, 0xc0001d8b40, 0x28, 0x0, 0x0, 0xc0002ebf20, 0x0, ...)
	github.com/open-policy-agent/opa/plugins/rest/rest.go:266 +0x70d
github.com/open-policy-agent/opa/download.(*Downloader).download(0xc00042a7e0, 0x1b1fa18, 0xc0000320c0, 0x1b25af8, 0xc00007e040, 0x0, 0x0, 0x0, 0x0, 0x0)
	github.com/open-policy-agent/opa/download/download.go:162 +0x1c5
github.com/open-policy-agent/opa/download.(*Downloader).oneShot(0xc00042a7e0, 0x1b1fa18, 0xc0000320c0, 0xc0000320c0, 0xc000074200)
	github.com/open-policy-agent/opa/download/download.go:148 +0x93
github.com/open-policy-agent/opa/download.(*Downloader).loop(0xc00042a7e0)
	github.com/open-policy-agent/opa/download/download.go:117 +0xb9
created by github.com/open-policy-agent/opa/download.(*Downloader).Start
	github.com/open-policy-agent/opa/download/download.go:100 +0x3f

Steps to Reproduce the Problem

config.yaml

services:
  repro:
    url: https://example.com/control-plane-api/v1
    credentials:
      s3_signing:
        environment_credentials: {}

bundles:
  authz:
    service: repro
    resource: bundles/http/example/authz.tar.gz

opa run --server --config-file config.yaml

The text was updated successfully, but these errors were encountered:

tsandall · 2021-03-12T01:53:08Z

Let's get this fixed ASAP and cut a point release.

This was caused by new logger not getting properly initialized in NewClient call. Fixes open-policy-agent#3255 Signed-off-by: Anders Eknert <[email protected]>

This was caused by new logger not getting properly initialized in NewClient call. Fixes #3255 Signed-off-by: Anders Eknert <[email protected]>

anderseknert changed the title ~~OPA v0.27.0 crashes with s3_signing configured~~ OPA v0.27.0 crashes with s3_signing configured Mar 11, 2021

tsandall added the bug label Mar 12, 2021

anderseknert mentioned this issue Mar 12, 2021

Fix crash in v0.27.0 when s3_signing is configured #3256

Merged

srenatus closed this as completed in #3256 Mar 12, 2021

srenatus pushed a commit that referenced this issue Mar 12, 2021

Fix crash in v0.27.0 when s3_signing is configured (#3256)

83a7079

This was caused by new logger not getting properly initialized in NewClient call. Fixes #3255 Signed-off-by: Anders Eknert <[email protected]>

ashutosh-narkar added this to Open Policy Agent Aug 5, 2024

ashutosh-narkar moved this to Done in Open Policy Agent Aug 5, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OPA v0.27.0 crashes with s3_signing configured #3255

OPA v0.27.0 crashes with s3_signing configured #3255

anderseknert commented Mar 11, 2021

tsandall commented Mar 12, 2021

OPA v0.27.0 crashes with s3_signing configured #3255

OPA v0.27.0 crashes with s3_signing configured #3255

Comments

anderseknert commented Mar 11, 2021

Steps to Reproduce the Problem

tsandall commented Mar 12, 2021