1336183 – Smart State analysis fails - cannot analyze non docker images

Bug 1336183 - Smart State analysis fails - cannot analyze non docker images

Summary: Smart State analysis fails - cannot analyze non docker images

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	SmartState Analysis
Sub Component:
Version:	5.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	GA
Target Release:	5.6.0
Assignee:	Mooli Tayer
QA Contact:	Dave Johnson
Docs Contact:
URL:
Whiteboard:	ssa:container
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-05-15 11:45 UTC by Einat Pacifici
Modified:	2016-05-17 18:13 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-05-16 14:28:30 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
evm.log attached. (1.42 MB, application/x-gzip) 2016-05-15 11:45 UTC, Einat Pacifici	no flags	Details
View All

Description Einat Pacifici 2016-05-15 11:45:38 UTC

Created attachment 1157644 [details]
evm.log attached.

Description of problem:
Run smart state analysis on any container image

Version-Release number of selected component (if applicable):
5.6.

How reproducible:
Always

Steps to Reproduce:
1.Select container - container images
1.1. select a container image
2.Select Configuration - Smart State Analysis
3.Go to Tasks - All VM and container analysis tasks

Actual results:
Error is displayed: Cannot analyze non docker images

Expected results:
Task should be completed succesfully and package information should be provided for the selected container

Additional info:
EVM.log attached

Comment 2 Mooli Tayer 2016-05-16 14:28:14 UTC

Connecting to the the appliance I can see that one of the jobs for one of the containers failed with "Cannot analyze non docker images".

Inspecting that image, I can see it cannot grab the image, since the downstream image-inspector is not yet available[1]

Please follow the following step until then[2]

The other scans failed due to openshift not being reachable


[1] :containerStatuses=>[{:name=>"image-inspector", :state=>{:waiting=>{:reason=>"ImagePullBackOff", :message=>"Back-off pulling image \"registry.access.redhat.com/openshift3/image-inspector:2.0.0\""}}, :lastState=>{}, :ready=>false, :restartCount=>0, :image=>"registry.access.redhat.com/openshift3/image-inspector:2.0.0", :imageID=>""}

[2] 
Edit /var/www/miq/vmdb/config/initializers/override_containers_scanning_image.rb
Change
'registry.access.redhat.com/openshift3/image-inspector'
to
'docker.io/openshift/image-inspector:v2.0.z'

restart the service

Comment 3 Federico Simoncelli 2016-05-16 14:37:52 UTC

(In reply to Mooli Tayer from comment #2)
> Connecting to the the appliance I can see that one of the jobs for one of
> the containers failed with "Cannot analyze non docker images".

Mooli, isn't the error message misleading? If it's impossible to pull the image, can't we make the error more explanatory?

Comment 4 Mooli Tayer 2016-05-16 14:46:31 UTC

Sure we can improve. I wonder if this is an acceptable way:
during ssa if docker_id is empty && image_ref is empty simply give a different message, e.g "Image not available"?

Another issue I noticed is that for both these errors[1] we should also log them, like we log other errors. I will submit a patch.

[1] https://github.com/ManageIQ/manageiq/blob/master/app/models/manageiq/providers/kubernetes/container_manager/scanning/job.rb#L39

Note You need to log in before you can comment on or make changes to this bug.