zaza.model.ActionFailed: Run of action "retrofit-image" with parameters "{'force': False, 'source-image': ''}" on "octavia-diskimage-retrofit/0" failed with "/var/lib/juju/agents/unit-octavia-diskimage-retrofit-0/.venv/lib/python3.10/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so: undefined symbol: FIPS_mode"
This issue can be recreated by deploying the jammy-yoga bundle from charmed-openstack-tester.
ubuntu@juju-3786d8-zaza-d2d97a26f602-14:/var/lib/juju/agents/unit-octavia-diskimage-retrofit-0/charm/wheelhouse$ /var/lib/juju/agents/unit-octavia-diskimage-retrofit-0/.venv/bin/pip3 freeze|grep cryptography
cryptography==3.3.2
ubuntu@juju-3786d8-zaza-d2d97a26f602-14:/var/lib/juju/agents/unit-octavia-diskimage-retrofit-0/.venv/lib/python3.10/site-packages/cryptography$ grep -r FIPS_mode
hazmat/backends/openssl/backend.py: fips_mode = getattr(self._lib, "FIPS_mode", lambda: 0)
grep: hazmat/backends/openssl/__pycache__/backend.cpython-310.pyc: binary file matches
grep: hazmat/bindings/openssl/__pycache__/_conditional.cpython-310.pyc: binary file matches
hazmat/bindings/openssl/_conditional.py: "FIPS_mode_set",
hazmat/bindings/openssl/_conditional.py: "FIPS_mode",
grep: hazmat/bindings/_openssl.abi3.so: binary file matches
130 corey@corey-ThinkPad-T450:/tmp/cryptography$ git branch
* (HEAD detached at 3.3.2)
main
corey@corey-ThinkPad-T450:/tmp/cryptography$ grep -r FIPS_mode
src/_cffi_src/openssl/fips.py:int FIPS_mode_set(int);
src/_cffi_src/openssl/fips.py:int FIPS_mode(void);
src/_cffi_src/openssl/fips.py:int (*FIPS_mode_set)(int) = NULL;
src/_cffi_src/openssl/fips.py:int (*FIPS_mode)(void) = NULL;
src/cryptography/hazmat/backends/openssl/backend.py: fips_mode = getattr(self._lib, "FIPS_mode", lambda: 0)
src/cryptography/hazmat/bindings/openssl/_conditional.py: "FIPS_mode_set",
src/cryptography/hazmat/bindings/openssl/_conditional.py: "FIPS_mode",
Very similar error seen at https:/ /bugs.gentoo. org/814773 that says "Bump to 37.x sorted this".