Skip to content

Bug: ImageV2 creation fails with permission denied #143

Open
Open
Bug: ImageV2 creation fails with permission denied#143
@rperez95

Description

@rperez95
rperez95
opened on Jul 2, 2025

Description

When creating an ImageV2 resource using the imageSourceUrl parameter, the provider-openstack controller fails with a permission error. The provider attempts to download the image to a default cache directory before uploading it to OpenStack. The process fails because it tries to create a directory in the the filesystem (//.terraform), and seems it is not writable. This leads to a permission denied error.

Steps to Reproduce

  • Apply the following ImageV2 manifest:
apiVersion: images.openstack.crossplane.io/v1alpha1
kind: ImageV2
metadata:
  annotations:
    meta.upbound.io/example-id: images/v1alpha1/imagev2
  labels:
    testing.upbound.io/example-name: rancheros
  name: rancheros
spec:
  forProvider:
    containerFormat: bare
    diskFormat: qcow2
    imageSourceUrl: https://releases.rancher.com/os/latest/rancheros-openstack.img
    name: RancherOS
    properties:
      key: value
  • The following error is reported
Events:
  Type     Reason                        Age   From                                                           Message
  ----     ------                        ----  ----                                                           -------
  Normal   CreatedExternalResource       9s    managed/images.openstack.crossplane.io/v1alpha1, kind=imagev2  Successfully requested creation of external resource
  Warning  CannotUpdateExternalResource  3s    managed/images.openstack.crossplane.io/v1alpha1, kind=imagev2  async create failed: failed to create the resource: [{0 Error opening file for Image: unable to create dir //.terraform/image_cache: mkdir //.terraform: permission denied  []}]

Workaround

A temporary workaround is to explicitly set the imageCachePath to /tmp:

apiVersion: images.openstack.crossplane.io/v1alpha1
kind: ImageV2
metadata:
  annotations:
    meta.upbound.io/example-id: images/v1alpha1/imagev2
  labels:
    testing.upbound.io/example-name: rancheros
  name: rancheros
spec:
  forProvider:
    imageCachePath: /tmp 
    containerFormat: bare
    diskFormat: qcow2
    imageSourceUrl: https://releases.rancher.com/os/latest/rancheros-openstack.img
    name: RancherOS
    properties:
      key: value

Environment

  • Crossplane version: 1.20.0
  • Provider Openstack Version: 0.7.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions