Bug 2165906
| Summary: | inconsistent metadata expiration times cause patch jobs to return no updates available | |||
|---|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Taft Sanders <tasander> | |
| Component: | Candlepin | Assignee: | ojanus | |
| Status: | CLOSED ERRATA | QA Contact: | Gaurav Talreja <gtalreja> | |
| Severity: | high | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 6.12.1 | CC: | ahumbe, bbuckingham, cdonnell, chrobert, gpayelka, iballou, jlenz, jpasqual, msunil, nmoumoul, ojanus, onerleka, pcreech, pdwyer, pmoravec, rlavi, sadas, wpinheir | |
| Target Milestone: | 6.14.0 | Keywords: | Triaged | |
| Target Release: | Unused | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | candlepin-4.1.22-1, candlepin-4.2.14-1 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 2172535 2172537 2172538 2211963 (view as bug list) | Environment: | ||
| Last Closed: | 2023-11-08 14:18:18 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 2172535, 2172537, 2172538 | |||
| Bug Blocks: | ||||
Is this a regression from 6.11? Thanks! Brad, This has been there since 6.0 After discussion with Candlepin team and rjerrido, setting component to Candlepin. For standalone Candlepin, metadataExpire should be getting set to 1 during manifest import. This was fixed in Candlepin 4.2. A note on this: Once you upgrade to a candlepin version with the fix for this, you will need to refresh your manifest for the metadataexpire value in the database to change Is there a version of candlepin 4.3.z that this fix is in? Patrick- I'm not sure. Nikos would know better.. @nmoumoul (In reply to Patrick Creech from comment #10) > Is there a version of candlepin 4.3.z that this fix is in? This fix should be in all 4.3.z versions (starting with 4.3.0), since it was fixed before the bump to 4.3. I would recommend using the latest as of now (4.3.6) Verified.
Tested on Satellite 6.14.0 Snap 6.0
Version: candlepin-4.3.1-1.el8sat.noarch
Steps:
1. Imported manifest, enabled few repositories, created and publish CV, Create AK with this CV
2. Register a client with AK create above and check /etc/yum.repos.d/redhat.repo for metadata_expire
# cat /etc/yum.repos.d/redhat.repo | grep metadata_expire
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
metadata_expire = 1
3. Also tried checking the candlepin DB for cp2_content table and there's also metadata_expire set 1
# sudo -u postgres psql -d candlepin -c "select distinct(metadataexpire) from cp2_content;"
could not change directory to "/root": Permission denied
metadataexpire
----------------
1
(1 row)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Satellite 6.14 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:6818 |
Description of problem: Inconsistency in repo metadata expiration times causes invalid false positives on Satellite when updating hosts. Version-Release number of selected component (if applicable): candlepin-4.1.15-1.el8sat.noarch satellite-6.12.0-4.el8sat.noarch How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Satellite clients are likely to miss updates on patching because of recently updated content views and clients still holding old repodata they still consider to be valid. Expected results: Satellite client's metadata_expire value should default to "1" and should be a customizable time in seconds on the content page of the Satellite settings for any user that wishes to set the time to anything else. Additional info: from satellite 6.12 fresh install: [root@bombsat612 ~]# sudo -u postgres psql -d candlepin -c "select count(metadataexpire) from cp2_content where metadataexpire != 1;" could not change directory to "/root": Permission denied count ------- 5331 (1 row) [root@bombsat612 ~]# sudo -u postgres psql -d candlepin -c "select count(metadataexpire) from cp2_content where metadataexpire = 1;" could not change directory to "/root": Permission denied count ------- 3512 (1 row) [root@bombsat612 ~]# sudo -u postgres psql -d candlepin -c "select distinct(metadataexpire) from cp2_content;" could not change directory to "/root": Permission denied metadataexpire ---------------- 1 86400 (2 rows) Here are 2 ruby functions where we set the time (i believe if the product is not set by default): /usr/share/gems/gems/katello-4.5.0.20/app/lib/actions/candlepin/product/content_create.rb:24: metadataExpire: 1, /usr/share/gems/gems/katello-4.5.0.20/app/lib/actions/candlepin/product/content_update.rb:28: metadataExpire: 1, Looking at the manifest on the 6.12 satellite and comparing with another from 2022: tasander at xbox in /t/e/products ↪ for i in $(ls -1);cat $i | jq | grep metadataExpiration ; end | sort | uniq -c 8018 "metadataExpiration": 86400, 8018 "metadataExpiration": 86400, [root@bombsat610 products]# for i in $(ls -1); do cat $i | json_reformat | grep metadataExpiration ; done | sort | uniq -c 1310 "metadataExpiration": 86400, 4 "metadataExpiration": 86401, 4 "metadataExpiration": 86402,