tripleo

rhel8 containers not being tagged w/ _arch suffix

Bug #1847664 reported by Rafael Folco
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Critical
Rafael Folco
tripleo ussuri-1

Bug Description

Partially fixed in https://review.opendev.org/#/c/687665/

Description
-----------
Now the issue is that rhel uses podman push. Podman does not support tokens and cannot use docker_login module [1]. When kolla builds and pushes, rhel8 are tagges with full_hash only (without _arch suffix). Then retag task runs and should tag w/ _arch and repush. This is not happening and rhel8 containers are not tagged properly, which breaks promotions for rhel.

What is expected as a fix for this bug?
---------------------------------------
Solution: find a way to call podman push [2] w/ auth credentials/secret.

Tests
-----
This has been tested in [3].

[1] https://github.com/rdo-infra/review.rdoproject.org-config/blob/master/playbooks/tripleo-ci-periodic-base/containers-push-registry-login.yaml#L10

[2] https://github.com/openstack/tripleo-ci/blob/master/roles/build-containers/tasks/tag.yaml#L8

[3] https://review.rdoproject.org/r/#/c/23066/

Rafael Folco (rafaelfolco)
Changed in tripleo:
assignee: Mari Iros (marios) → Rafael Folco (rafaelfolco)
Revision history for this message
Rafael Folco (rafaelfolco) wrote :

Assigning to myself...
The idea is to:
- break down retag/push [1] into separate steps. Retag remains in tripleo-ci role, while push will be moved to rdo-infra/config.
- the new push on rdo-infra/config will have 2 separate tasks: one for docker, which relies on docker_login step, and another one for buildah. The push will be similiar to tag.yaml [1] but will be push.yaml, and should be a similar loop to [2].
- push.yaml should have a podman task for pushing retagged images w/ --creds, as docker_login is out of play here.

[1] https://github.com/openstack/tripleo-ci/blob/master/roles/build-containers/tasks/tag.yaml#L8
[2] https://github.com/openstack/tripleo-ci/blob/master/roles/build-containers/tasks/main.yaml#L182-L201
[3] https://github.com/rdo-infra/review.rdoproject.org-config/blob/30b062263aa05baae3072574633748665f3ee108/playbooks/tripleo-ci-periodic-base/containers-push-podman-login-push.yaml#L23

Revision history for this message
Marios Andreou (marios-b) wrote :

https://review.opendev.org/687665 + also that https://review.opendev.org/688433

but now can be closed i think moving to fix-released move back if you disagree

Changed in tripleo:
status: Triaged → Fix Released
Revision history for this message
Rafael Folco (rafaelfolco) wrote :

https://review.rdoproject.org/r/#/c/23339/ should fix it.

Changed in tripleo:
status: Fix Released → In Progress
Revision history for this message
Marios Andreou (marios-b) wrote :

moving back fix-released https://review.rdoproject.org/r/#/c/23339/

please change if you disagree but lgtm today had 2 green runs on containers-build-push and the scenarios are running green too (comment #1 https://bugs.launchpad.net/tripleo/+bug/1849096 I suspect/hope it is related to this - missing containers?)

Changed in tripleo:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.