-
Bug
-
Resolution: Done
-
Normal
-
ACM. 2.12
-
None
-
Quality / Stability / Reliability
-
2
-
False
-
-
False
-
-
-
GRC Sprint 2025-12, GRC Sprint 2025-13
-
Moderate
-
?
-
None
Description of problem:
For some Policies, when calling "policytools template-resolver", the binary panics:
$ policytools --version release-2.12-eb7e711 $ cat policy.yaml apiVersion: policy.open-cluster-management.io/v1 kind: Policy metadata: name: example-debug-policy namespace: debug spec: disabled: false policy-templates: - objectDefinition: apiVersion: policy.open-cluster-management.io/v1 kind: ConfigurationPolicy metadata: name: example-debug-policy spec: object-templates: - complianceType: musthave objectDefinition: apiVersion: v1 kind: test metadata: name: test spec: replicas: 5 remediationAction: inform severity: low remediationAction: inform $ policytools template-resolver policy.yaml panic: cannot deep copy int goroutine 1 [running]: k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1ad7860?, 0x30caf68?}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:639 +0x26e k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc0003197d0}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319770}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319740}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1aa87e0?, 0xc00032f128?}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:633 +0x1e5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319710}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc0003196b0}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319680}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5 k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1aa87e0?, 0xc00032f188?}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:633 +0x1e5 k8s.io/apimachinery/pkg/apis/meta/v1/unstructured.NestedSlice(0x1eb1728?, {0xc000113918, 0x2, 0x2}) /remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/apis/meta/v1/unstructured/helpers.go:161 +0x5a github.com/stolostron/go-template-utils/v6/cmd/template-resolver/utils.processPolicyTemplate(0xc0005193a0, 0xc0006a5e80) /remote-source/policy-cli/deps/gomod/pkg/mod/github.com/stolostron/go-template-utils/v6@v6.3.1/cmd/template-resolver/utils/resolver_utils.go:232 +0x90 github.com/stolostron/go-template-utils/v6/cmd/template-resolver/utils.ProcessTemplate({0xc00025c000, 0x2b9, 0x380}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}) /remote-source/policy-cli/deps/gomod/pkg/mod/github.com/stolostron/go-template-utils/v6@v6.3.1/cmd/template-resolver/utils/resolver_utils.go:195 +0x11bb github.com/stolostron/go-template-utils/v6/cmd/template-resolver/utils.(*TemplateResolver).resolveTemplates(0xc0003191d0, 0xc0002d0608, {0xc000304de0?, 0x0?, 0x0?}) /remote-source/policy-cli/deps/gomod/pkg/mod/github.com/stolostron/go-template-utils/v6@v6.3.1/cmd/template-resolver/utils/resolver_client.go:88 +0x16c github.com/spf13/cobra.(*Command).execute(0xc0002d0608, {0xc000304db0, 0x1, 0x1}) /remote-source/policy-cli/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:985 +0xaaa github.com/spf13/cobra.(*Command).ExecuteC(0xc0002d0308) /remote-source/policy-cli/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:1117 +0x3ff github.com/spf13/cobra.(*Command).Execute(...) /remote-source/policy-cli/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:1041 github.com/stolostron/policy-cli/pkg/policytools.Execute() /remote-source/policy-cli/app/pkg/policytools/policytools.go:43 +0x18 main.main() /remote-source/policy-cli/app/cmd/policytools/main.go:10 +0x13
There are no templates and it isn't even a valid policy/resource but usually it should just print out the policy itself again. The issue seems to be the integer value for "replicas". When setting it as a string it works as expected:
$ cat policy-fixed.yaml apiVersion: policy.open-cluster-management.io/v1 kind: Policy metadata: name: example-debug-policy namespace: debug spec: disabled: false policy-templates: - objectDefinition: apiVersion: policy.open-cluster-management.io/v1 kind: ConfigurationPolicy metadata: name: example-debug-policy spec: object-templates: - complianceType: musthave objectDefinition: apiVersion: v1 kind: test metadata: name: test spec: replicas: "5" remediationAction: inform severity: low remediationAction: inform $ policytools template-resolver policy-fixed.yaml apiVersion: policy.open-cluster-management.io/v1 kind: Policy metadata: name: example-debug-policy namespace: debug spec: disabled: false policy-templates: - objectDefinition: apiVersion: policy.open-cluster-management.io/v1 kind: ConfigurationPolicy metadata: name: example-debug-policy spec: object-templates: - complianceType: musthave objectDefinition: apiVersion: v1 kind: test metadata: name: test spec: replicas: "5" remediationAction: inform severity: low remediationAction: inform
Version-Release number of selected component (if applicable):
policytools --version release-2.12-eb7e711
How reproducible:
Always
Steps to Reproduce:
- Create a policy file with the above content (note that "replicas: 5" is set).
- Run `policytools template-resolver` on the policy file
Actual results:
Program panics with the following error:
policytools template-resolver policy.yaml
panic: cannot deep copy int
goroutine 1 [running]:
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1ad7860?, 0x30caf68?})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:639 +0x26e
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc0003197d0})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319770})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319740})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1aa87e0?, 0xc00032f128?})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:633 +0x1e5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319710})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc0003196b0})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1bd56c0?, 0xc000319680})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:623 +0x2b5
k8s.io/apimachinery/pkg/runtime.DeepCopyJSONValue({0x1aa87e0?, 0xc00032f188?})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/runtime/converter.go:633 +0x1e5
k8s.io/apimachinery/pkg/apis/meta/v1/unstructured.NestedSlice(0x1eb1728?, {0xc000113918, 0x2, 0x2})
/remote-source/policy-cli/deps/gomod/pkg/mod/k8s.io/apimachinery@v0.31.1/pkg/apis/meta/v1/unstructured/helpers.go:161 +0x5a
github.com/stolostron/go-template-utils/v6/cmd/template-resolver/utils.processPolicyTemplate(0xc0005193a0, 0xc0006a5e80)
/remote-source/policy-cli/deps/gomod/pkg/mod/github.com/stolostron/go-template-utils/v6@v6.3.1/cmd/template-resolver/utils/resolver_utils.go:232 +0x90
github.com/stolostron/go-template-utils/v6/cmd/template-resolver/utils.ProcessTemplate({0xc00025c000, 0x2b9, 0x380}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0})
/remote-source/policy-cli/deps/gomod/pkg/mod/github.com/stolostron/go-template-utils/v6@v6.3.1/cmd/template-resolver/utils/resolver_utils.go:195 +0x11bb
github.com/stolostron/go-template-utils/v6/cmd/template-resolver/utils.(*TemplateResolver).resolveTemplates(0xc0003191d0, 0xc0002d0608, {0xc000304de0?, 0x0?, 0x0?})
/remote-source/policy-cli/deps/gomod/pkg/mod/github.com/stolostron/go-template-utils/v6@v6.3.1/cmd/template-resolver/utils/resolver_client.go:88 +0x16c
github.com/spf13/cobra.(*Command).execute(0xc0002d0608, {0xc000304db0, 0x1, 0x1})
/remote-source/policy-cli/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:985 +0xaaa
github.com/spf13/cobra.(*Command).ExecuteC(0xc0002d0308)
/remote-source/policy-cli/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:1117 +0x3ff
github.com/spf13/cobra.(*Command).Execute(...)
/remote-source/policy-cli/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:1041
github.com/stolostron/policy-cli/pkg/policytools.Execute()
/remote-source/policy-cli/app/pkg/policytools/policytools.go:43 +0x18
main.main()
/remote-source/policy-cli/app/cmd/policytools/main.go:10 +0x13
Expected results:
The same policy should be printed again.
Additional info:
-