TQE::modify-image should fail early to avoid false positive
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tripleo |
Invalid
|
High
|
Unassigned | ||
Bug Description
An issue has been identified with how we're modifying images in CI. We're not detecting a failure early enough, which allows a corrupted/invalid IPA image to be used by subsequent deployment steps. In this case it causes introspection to fail, with the impact of taking out nearly all OVB jobs across all release pipelines.
This specific LP issue tracks identifying failures of this class. The example used here has a fix in testing now (https:/
https:/
Reproducing specifics here for clarity.
---
When running this:
```
- name: Run script on image
shell: >
mv {{ mount_tempdir }}/etc/
echo -e "nameserver 8.8.8.8\nnameserver 8.8.4.4" > {{ mount_tempdir }}/etc/resolv.conf;
cp {{ modify_script }} {{ mount_tempdir }}/tmp/{{ modify_
{% if initramfs_
set -o pipefail && chroot {{ mount_tempdir }} /bin/bash /tmp/{{ modify_
{{ timestamper_cmd }} > {{ working_dir }}/{{ modify_
mv -f {{ mount_tempdir }}/etc/
```
the following was happening in the chroot:
```
+ sudo rm -rf '/etc/yum.
+ sudo rm -rf '/etc/yum.
+ sudo yum clean all
error: Failed to initialize NSS library
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:
cannot import name ts
Please install a package which provides this module, or
verify that the module is installed correctly.
It's possible that the above module doesn't match the
current version of Python, which is:
2.7.5 (default, Apr 11 2018, 07:36:10)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
If you cannot solve this problem yourself, please go to
the yum faq at:
http://
```
---
We should be failing at this step and identifying that the chroot operation failed.
marking this as "high" importance as it's effectively a false positive from this step, which has a cost multiplier. However as we don't know this is happening apart from the issues linked above, "medium" might make more sense.
thoughts?
| summary: |
- TQE:modify-image should fail early if failure occurs + TQE:modify-image should fail early to avoid false positive |
| summary: |
- TQE:modify-image should fail early to avoid false positive + TQE::modify-image should fail early to avoid false positive |
| Changed in tripleo: | |
| milestone: | none → rocky-2 |
| Changed in tripleo: | |
| milestone: | rocky-2 → rocky-3 |
| Changed in tripleo: | |
| milestone: | rocky-3 → rocky-rc1 |
| Changed in tripleo: | |
| milestone: | rocky-rc1 → stein-1 |
| Changed in tripleo: | |
| milestone: | stein-1 → stein-2 |
| Changed in tripleo: | |
| milestone: | stein-2 → stein-3 |
| Juan Antonio Osorio Robles (juan-osorio-robles) wrote | #1 |
| Changed in tripleo: | |
| milestone: | stein-3 → stein-rc1 |
| Changed in tripleo: | |
| milestone: | stein-rc1 → train-1 |
| Changed in tripleo: | |
| milestone: | train-1 → train-2 |
| Changed in tripleo: | |
| milestone: | train-2 → train-3 |
| Changed in tripleo: | |
| milestone: | train-3 → ussuri-1 |
| Changed in tripleo: | |
| milestone: | ussuri-1 → ussuri-2 |
| Changed in tripleo: | |
| status: | Triaged → Invalid |
Is this still needed?