Bug 1966872
| Summary: | podman's image index corrupted during WAN emulation tests | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Flavio Percoco <fpercoco> | |
| Component: | podman | Assignee: | Jindrich Novy <jnovy> | |
| Status: | CLOSED ERRATA | QA Contact: | Yuhui Jiang <yujiang> | |
| Severity: | high | Docs Contact: | ||
| Priority: | urgent | |||
| Version: | 8.4 | CC: | akrzos, bbaude, dornelas, dwalsh, jligon, jnovy, lfriedma, lsm5, mheon, mko, nalin, pthomas, rfreiman, tsweeney, umohnani, vrothber, ypu, yujiang | |
| Target Milestone: | rc | Keywords: | Triaged, ZStream | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | podman-3.2.3-0.8.el8 or newer | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1972343 (view as bug list) | Environment: | ||
| Last Closed: | 2021-11-09 17:38:22 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1972343 | |||
|
Description
Flavio Percoco
2021-06-02 06:03:31 UTC
Fixed in podman 3.2 @Tom: I posted all relevant links already and it's addressed in all relevant versions. The PR for v3.0.1 (merged): https://github.com/containers/podman/pull/10637 The PR for v3.2 (merged): https://github.com/containers/podman/pull/10636 Valentin, do you mind merging it to master too to avoid regression? (we are currently consuming podman from master in 8.5.0 and RHEL-9 which is why your change is not visible there) (In reply to Jindrich Novy from comment #26) > Valentin, do you mind merging it to master too to avoid regression? (we are > currently consuming podman from master in 8.5.0 and RHEL-9 which is why your > change is not visible there) Already done (see comment #5): https://github.com/containers/common/pull/609 This version of containers/common has not been merged into Podman yet but will eventually. We need to mark this MODIFIED and add it to advisory only after it's been vendored into podman, otherwise the fix is obviously missing in podman. (In reply to Jindrich Novy from comment #28) > We need to mark this MODIFIED and add it to advisory only after it's been > vendored into podman, otherwise the fix is obviously missing in podman. The fix *is* in v3.0.1 (which this bug is filed against. It is also in Podman v3.2 which is scheduled for RHEL. The fix *is not yet* in the main branch of Podman since it had to be fixed in containers/common which it is. Hence, the fix *is* in Podman. Valentin, note this bug is targeted at 8.5.0 where buildah, podman, is consumed from upstream master branch at the moment so the code is just not there :-) I can't switch this to MODIFIED and attach this bug to advisory as QE can't (pre)test fix which is missing in 8.5.0. The v3.2 branch isn't v3.2-rhel so it's not supposed to be consumed in RHEL? (as in v3.0 is not going to RHEL but v3.0.1-rhel does) It is needed to communicate which branch should go to RHEL and when with me in advance. So far I have no information which branch is the future 8.5 - it is master for now. Still having this in any branch first then master sounds like a regression to me. The bug for 8.4.0.2 is #1972343 - which I can commit to dist-git after 8.4.0.1 is GA - this is where v3.0.1-rhel branch goes. Tom, Laurie, can you please clarify and let me know if RHEL branches (and which ones of these) are ready and if I should switch to these and when for 8.5.0. Thanks! @jnovy I don't know enough about upstream and branching to answer this question. Hopefully @tsweeney can help. RHEL 8.5 branches are created for container-tools in git but you already know that so I don't think that answers your question. (In reply to Jindrich Novy from comment #30) > Valentin, note this bug is targeted at 8.5.0 where buildah, podman, is > consumed from upstream master branch at the moment so the code is just not > there :-) I can't switch this to MODIFIED and attach this bug to advisory as > QE can't (pre)test fix which is missing in 8.5.0. Thanks for clarifying. In this case, we need to wait until c/common is vendored into the main branch of Podman. > The v3.2 branch isn't v3.2-rhel so it's not supposed to be consumed in RHEL? I *think* that there will be -rhel branch at some point. Matt will know. > Still having this in any branch first then master sounds like a regression > to me. It was fixed in containers/common first. *After* it was merged, I opened PRs for v3.0.1-rhel and did the necessary backports for v3.2. I didn't open a vendor PR into Podman's main branch since these are happening regularly in any case and no code change in Podman was needed. Note that the fix for v3.0.1-rhel was substantially different due to the major rewrite in the image code. Jindrich, the fix from Valentin: https://github.com/containers/common/pull/612/files in upstream on c/common made it into the c/common v0.40.0 release. That is being vendored into upstream Podman now with this PR: https://github.com/containers/podman/pull/10690, but it's having issues passing CI. Once that is merged, we can pull from Podman upstream to do RHEL 8.5 and 9.0 testing with the fix in play. Valentin, it looks like the version of c/common in the RHEL V3.2 branch is set to c/common v0.38.9, NOT v0.40.0. In c/common v0.38.9, you had this commit https://github.com/containers/common/commit/2686c15b7b23f95af63b780d28376e5e1d8e5bf8 which was similar to, but not the same as https://github.com/containers/common/pull/612 noted in this comment: https://bugzilla.redhat.com/show_bug.cgi?id=1966872#c7. The fix in #612 also checked for the image being nil and also different error handling. So given that, do we need to make adjustments in v3.2 too? The v3.2 branch will be the one used from RHEL 8.4.0.2. It's not named with a '-rhel' yet Jindrich, I'm not sure if Matt is planning to add that or not, I hope so as I find it easier to track. FYI @mheon (In reply to Tom Sweeney from comment #33) > [...] > Valentin, it looks like the version of c/common in the RHEL V3.2 branch is > set to c/common v0.38.9, NOT v0.40.0. That is right. c/common v0.38 is used in v3.2 and v0.38.9 has the fixes for this BZ for v3.2. Not sure why the v0.40 would matter for v3.2 since we want to keep the dependencies stable. > In c/common v0.38.9, you had this > commit > https://github.com/containers/common/commit/ > 2686c15b7b23f95af63b780d28376e5e1d8e5bf8 which was similar to, but not the > same as https://github.com/containers/common/pull/612 noted in this comment: > https://bugzilla.redhat.com/show_bug.cgi?id=1966872#c7. The fix in #612 > also checked for the image being nil and also different error handling. > > So given that, do we need to make adjustments in v3.2 too? Those are two different commits [1,2] with the second being a follow-up fix which is also mentioned in the commit message. The two commits are in both c/common branches (main, v0.38). Can we move on with the bug? I am happy to answer more questions but am also surprised that the conversations in this BZ consumed more time than the actual fix and backpots. [1] https://github.com/containers/common/commit/28e45551d6a37d1b4a10ee4f42de305695dcdf53 [2] https://github.com/containers/common/commit/2686c15b7b23f95af63b780d28376e5e1d8e5bf8 Valentin, Welcome to a little glimpse of my BZ herding world! ;^) You're right, c/common v0.40.0 does not matter for Podman v3.2. However, I missed the fact that your second fix was in both upstream and the c/common v0.38 branch. I did not see it in the notes for the release when I first asked the question. So given that, I think Jindrich will need to be sure to grab the c/common v0.38 branch and use that after grabbing Podman v3.2 when he's building the containter-tools module for RHEL 8.4.0.2. For the upcoming RHEL 8.5 container-tools module build that Jindrich will need to do, we need to get c/common v0.40.0 merged into upstream Podman by June 29. There's a PR in-flight for that. I think the confusion comes in with all the versions flying around and the numbering being somewhat similar. Thanks for hanging in with us Valentin! Jindrich, I think you have the info that you need for this, especially after the c/common v0.40.0 PR merges into Podman. If not, please let me know. (In reply to Tom Sweeney from comment #35) > [...] > So given that, I think Jindrich will need to be sure to > grab the c/common v0.38 branch and use that after grabbing Podman v3.2 when > he's building the containter-tools module for RHEL 8.4.0.2. I made sure of that already. v0.38 is in Podman v3.2.1. > I think the confusion comes in with all the versions flying around and the > numbering being somewhat similar. Thanks for hanging in with us Valentin! I will make sure to make the version matrix more explicit in the future. Thank you all for the hard work here. @jnovy would you mind letting me know when there's a package we can test? I would like to make sure we are using the right package when doing tests for WAN emulation. Unless @vrothber thinks otherwise, I don't think we need to create a new BZ for the case when someone is using corrupted json @yujiang . I think in that case, they get whatever they get. We might be nice and tell them the json is corrupted, but that's sometimes not easy. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:4154 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days |