Bug 1905909
| Summary: | Clean up dependencies to avoid invalid scan flagging | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Jakub Hadvig <jhadvig> |
| Component: | Management Console | Assignee: | Jakub Hadvig <jhadvig> |
| Status: | CLOSED ERRATA | QA Contact: | Yadan Pei <yapei> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 4.5 | CC: | aos-bugs, jokerman, yapei |
| Target Milestone: | --- | ||
| Target Release: | 4.5.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-01-20 05:49:28 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1892428 | ||
| Bug Blocks: | |||
# oc adm release info registry.ci.openshift.org/ocp/release:4.5.0-0.nightly-2021-01-05-230719 --pullspecs | grep console
console quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3f400f1e8f50bf1fba43d21168d5e50772eb4f3b21191f44ad36973bb9c004a5
console-operator quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:af9641f209aede384c27df240dbe6b7ca3e1f456d4767bc813601db9616b1a80
# oc image info quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3f400f1e8f50bf1fba43d21168d5e50772eb4f3b21191f44ad36973bb9c004a5 | grep commit
io.openshift.build.commit.id=df94fa8e60b16b97d55b03f47ccbb78b31e29971
io.openshift.build.commit.url=https://github.com/openshift/console/commit/df94fa8e60b16b97d55b03f47ccbb78b31e29971
[root@preserved-qe-ui-rhel-1 console]# git fetch origin
remote: Enumerating objects: 1577, done.
remote: Counting objects: 100% (1577/1577), done.
remote: Compressing objects: 100% (33/33), done.
remote: Total 2060 (delta 1544), reused 1564 (delta 1542), pack-reused 483
Receiving objects: 100% (2060/2060), 371.24 KiB | 0 bytes/s, done.
Resolving deltas: 100% (1663/1663), completed with 557 local objects.
From github.com:openshift/console
36558f2..61790f4 master -> origin/master
8eb625c..1ea1c4f release-4.6 -> origin/release-4.6
36558f2..61790f4 release-4.7 -> origin/release-4.7
36558f2..61790f4 release-4.8 -> origin/release-4.8
[root@preserved-qe-ui-rhel-1 console]# git checkout release-4.5
Switched to branch 'release-4.5'
[root@preserved-qe-ui-rhel-1 console]# git rebase origin/release-4.5
Current branch release-4.5 is up to date.
[root@preserved-qe-ui-rhel-1 console]# git checkout df94fa8e60b16b97d55b03f47ccbb78b31e29971
Note: checking out 'df94fa8e60b16b97d55b03f47ccbb78b31e29971'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b new_branch_name
HEAD is now at df94fa8... Merge pull request #7477 from jhadvig/BZ-
In commmit df94fa8e60b16b97d55b03f47ccbb78b31e29971 we can see #7477 is merged
# go mod graph
go: k8s.io/apiextensions-apiserver.2 requires
k8s.io/kube-openapi.0-20200121204235-bf4fb3bd569c requires
github.com/ghodss/yaml.0-20150909031657-73d445a93680: invalid version: git fetch --unshallow -f https://github.com/ghodss/yaml in /root/odev/pkg/mod/cache/vcs/5c75ad62eb9c289b6ed86c76998b4ab8c8545a841036e879d703a2bbc5fcfcea: exit status 128:
fatal: git fetch-pack: expected shallow list
`go mod graph` returns error
Moving back for further investigation
Yadan not sure the if the test is right. The fixing commit is '0dfbba35cdb19fddceaf3b150062db7965c9e719' Checked out the latest `release-4.5` branch. `go mod graph` command works as expected. Also the `runc` module is in the proper version, based on the `vendor/modules.txt` Can you please re-check. Thanks Jakub, I checked again and it's working [yapei@New_Mac console]$ git checkout df94fa8e60b16b97d55b03f47ccbb78b31e29971 Note: checking out 'df94fa8e60b16b97d55b03f47ccbb78b31e29971'. You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any commits you make in this state without impacting any branches by performing another checkout. If you want to create a new branch to retain commits you create, you may do so (now or later) by using -b with the checkout command again. Example: git checkout -b <new-branch-name> HEAD is now at df94fa8e6 Merge pull request #7477 from jhadvig/BZ- [yapei@New_Mac console]$ go mod graph | grep opencontainers/runc github.com/deislabs/oras.1 github.com/opencontainers/runc.1 github.com/Microsoft/hcsshim.7 github.com/opencontainers/runc.0-20190115041553-12f6a991201f github.com/openshift/library-go.0-20200424095618-2aeb4725dadf github.com/opencontainers/runc.0-20191031171055-b133feaeeb2e [yapei@New_Mac console]$ go list -m all | grep opencontainers/runc github.com/opencontainers/runc v0.1.1 => github.com/opencontainers/runc v1.0.0-rc8.0.20190926150303-84373aaa560b [yapei@New_Mac console]$ go list -m all | grep openshift/library-go github.com/openshift/library-go v0.0.0-20200424095618-2aeb4725dadf Moving to VERIFIED Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.5.27 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:0033 |
# oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.24-x86_64 --pullspecs | grep console console quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e0a4721b2093737e13a1b18ec60eabc52b5913b91e454985ad9c4b7a07563e8e console-operator quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:904dfa6b13281aa52212ab36e1f4897fca911ce90a0d0c06ec94b0fcb1edbf92 # oc image info quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e0a4721b2093737e13a1b18ec60eabc52b5913b91e454985ad9c4b7a07563e8e | grep commit io.openshift.build.commit.id=b98c074346e2b8133e3b38961132aede34d306d9 io.openshift.build.commit.url=https://github.com/openshift/console/commit/b98c074346e2b8133e3b38961132aede34d306d9 change path to console repo and release-4.5 branch [yapei@New_Mac console]$ git checkout -b release-4.5 -t origin/release-4.5 Checking out files: 100% (5609/5609), done. Branch 'release-4.5' set up to track remote branch 'release-4.5' from 'origin'. Switched to a new branch 'release-4.5' [yapei@New_Mac console]$ git checkout b98c074346e2b8133e3b38961132aede34d306d9 // specific commit(the one we got from previous step) Note: checking out 'b98c074346e2b8133e3b38961132aede34d306d9'. You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any commits you make in this state without impacting any branches by performing another checkout. If you want to create a new branch to retain commits you create, you may do so (now or later) by using -b with the checkout command again. Example: git checkout -b <new-branch-name> HEAD is now at b98c07434 Merge pull request #7178 from openshift-cherrypick-robot/cherry-pick-7172-to-release-4.5 [yapei@New_Mac console]$ git log | grep '#7477' // nothing returned PR7477 is not included in 4.5.24 yet