Description of problem: Setup a schedule to run a smartstate scan on all container images. When the schedule goes to run, there is an error thrown for each container: [----] I, [2018-03-22T04:00:12.683789 #13523:10b9130] INFO -- : MIQ(MiqSchedule#invoke_actions) [help3] invoking action: [scan] for target: [jboss-fuse-6/fis-karaf-openshift] [----] E, [2018-03-22T04:00:12.688682 #13523:10b9130] ERROR -- : MIQ(MiqSchedule#invoke_actions) [help3] Attempting to run action [action_scan] on target [jboss-fuse-6/fis-karaf-openshift], undefined method `userid' for nil:NilClass I am able to manually scan a container image by selecting Configuration => Perform SmartState Analysis: [----] I, [2018-03-22T10:23:39.935838 #13541:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#start) Getting inspector-admin secret for pod [management-infra/manageiq-img-scan-3f2dc] [----] I, [2018-03-22T10:23:40.034000 #13541:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#start) Creating pod [management-infra/manageiq-img-scan-3f2dc] to analyze docker image [registry.access.redhat.com/cloudforms46-beta/cfme-openshift-app-ui@sha256:d739ef04ba67266e29642b01e97b48c82beb3a943f313406a01c17f571cd3bc7] [{"apiVersion":"v1","kind":"Pod","metadata":{"name":"manageiq-img-scan-3f2dc","namespace":"management-infra","labels":{"name":"manageiq-img-scan-3f2dc","manageiq.org":"true"},"annotations":{"manageiq.org/hostname":"dhcp145-173.rdu.redhat.com","manageiq.org/guid":"f5a39ba7-d2d0-4d72-baae-a0ee35d3c5ae","manageiq.org/image":"registry.access.redhat.com/cloudforms46-beta/cfme-openshift-app-ui@sha256:d739ef04ba67266e29642b01e97b48c82beb3a943f313406a01c17f571cd3bc7","manageiq.org/jobid":"3f2dcd41-923e-45ab-9a14-429d7517ea50"}},"spec":{"restartPolicy":"Never","containers":[{"name":"image-inspector","image":"registry.access.redhat.com/openshift3/image-inspector:2.1","imagePullPolicy":"Always","command":["/usr/bin/image-inspector","--chroot","--image=registry.access.redhat.com/cloudforms46-beta/cfme-openshift-app-ui@sha256:d739ef04ba67266e29642b01e97b48c82beb3a943f313406a01c17f571cd3bc7","--scan-type=openscap","--serve=0.0.0.0:8080","--dockercfg=/var/run/secrets/kubernetes.io/inspector-admin-secret-inspector-admin-dockercfg-d9f6c/.dockercfg"],"ports":[{"containerPort":8080}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/var/run/docker.sock","name":"docker-socket"},{"name":"inspector-admin-secret-inspector-admin-dockercfg-d9f6c","mountPath":"/var/run/secrets/kubernetes.io/inspector-admin-secret-inspector-admin-dockercfg-d9f6c","readOnly":true}],"env":[],"readinessProbe":{"initialDelaySeconds":15,"periodSeconds":5,"httpGet":{"path":"/healthz","port":8080}}}],"volumes":[{"name":"docker-socket","hostPath":{"path":"/var/run/docker.sock"}},{"name":"inspector-admin-secret-inspector-admin-dockercfg-d9f6c","secret":{"secretName":"inspector-admin-dockercfg-d9f6c"}}]}}] [----] I, [2018-03-22T10:23:40.128445 #13541:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(MiqQueue.put) Message id: [1000000006994], id: [], Zone: [default], Role: [smartstate], Server: [], Ident: [generic], Target id: [], Instance id: [1000000000006], Task id: [3f2dcd41-923e-45ab-9a14-429d7517ea50], Command: [Job.signal], Timeout: [600], Priority: [20], State: [ready], Deliver On: [], Data: [], Args: [:pod_wait] [----] I, [2018-03-22T10:23:40.128871 #13541:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(MiqQueue#delivered) Message id: [1000000006993], State: [ok], Delivered in [0.267993119] seconds [----] I, [2018-03-22T10:23:40.936082 #13977:10b9130] INFO -- : MIQ(ManageIQ::Providers::Openshift::ContainerManager::EventCatcher::Runner#queue_event) EMS [openshift.rickkyy.quicklab.rdu2.cee.redhat.com] as [] Queuing event [{:timestamp=>"2018-03-22T14:23:37Z", :kind=>"Pod", :name=>"manageiq-img-scan-3f2dc", :namespace=>"management-infra", :reason=>"Scheduled", :message=>"Successfully assigned manageiq-img-scan-3f2dc to node-2.rickkyy.quicklab.rdu2.cee.redhat.com", :uid=>"9c99c813-2ddc-11e8-8743-fa163e0aac70", :container_group_name=>"manageiq-img-scan-3f2dc", :container_namespace=>"management-infra", :event_type=>"POD_SCHEDULED"}] [----] I, [2018-03-22T10:23:45.933713 #13533:10b9130] INFO -- : MIQ(MiqPriorityWorker::Runner#get_message_via_drb) Message id: [1000000006994], MiqWorker id: [1000000000003], Zone: [default], Role: [smartstate], Server: [], Ident: [generic], Target id: [], Instance id: [1000000000006], Task id: [3f2dcd41-923e-45ab-9a14-429d7517ea50], Command: [Job.signal], Timeout: [600], Priority: [20], State: [dequeue], Deliver On: [], Data: [], Args: [:pod_wait], Dequeued in: [5.816464858] seconds [----] I, [2018-03-22T10:23:45.934140 #13533:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(MiqQueue#deliver) Message id: [1000000006994], Delivering... [----] I, [2018-03-22T10:23:45.978055 #13533:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#pod_wait) waiting for pod management-infra/manageiq-img-scan-3f2dc to be available [----] I, [2018-03-22T10:23:46.054399 #13533:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#pod_wait) pod management-infra/manageiq-img-scan-3f2dc is not ready [----] I, [2018-03-22T10:23:46.072199 #13533:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(MiqQueue.put) Message id: [1000000006998], id: [], Zone: [default], Role: [smartstate], Server: [], Ident: [generic], Target id: [], Instance id: [1000000000006], Task id: [3f2dcd41-923e-45ab-9a14-429d7517ea50], Command: [Job.signal], Timeout: [600], Priority: [20], State: [ready], Deliver On: [2018-03-22 14:23:56 UTC], Data: [], Args: [:pod_wait] [----] I, [2018-03-22T10:23:46.072610 #13533:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(MiqQueue#delivered) Message id: [1000000006994], State: [ok], Delivered in [0.138514636] seconds [----] I, [2018-03-22T10:23:46.076800 #13533:10b9130] INFO -- : Q-task_id([job_dispatcher]) MIQ(MiqQueue#m_callback) Message id: [1000000006994], Invoking Callback with args: ["ok", "Message delivered successfully", "#<MiqQueue id: 1000000006998, target_id: nil, priority: 20, method_name: \"signal\", state: \"ready\", created_on: \"2018-03-22 14:23:46\", updated_on: \"2018-03-22 14:23:46\", lock_version: 0, task_id: \"3f2dcd41-923e-45ab-9a14-429d7517ea50\", deliver_on: \"2018-03-22 14:23:56\", queue_name: \"generic\", class_name: \"Job\", instance_id: 1000000000006, args: [:pod_wait], miq_callback: {:class_name=>\"ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job\", :instance_id=>1000000000006, :method_name=>:q..."] Version-Release number of selected component (if applicable): CFME 5.9.0.22 OpenShift 3.7 How reproducible: always Steps to Reproduce: 1. Setup a schedule to perform container image analysis 2. 3. Actual results: Schedule does not perform scans on the container images Expected results: Expect schedule to perform scans on the container images Additional info: Appliance demonstrating this: 10.13.145.173 admin:smartvm
Einat can you describe the steps to set the schedule?
Reporter, for the sake of my sanity check, how exactly are you scheduling the scan?
PR: https://github.com/ManageIQ/manageiq-providers-kubernetes/pull/244
Created attachment 1457274 [details] SSA schedule Verified on 5.10.0.3.20180705151325_ce4d2b5. Add new Schedule on Configuration => Settings => Schedules. For the schedule I have the following settings: Action: Container Image Analysis Filter : Container Image : Name = "dotnet/dotnetcore-10-rhel7" And I had the schedule to run once on Sun Jul 08 12:25:00 UTC 2018. SSA Run with no problem. See attached screenshots on a zip file.
*** Bug 1626458 has been marked as a duplicate of this bug. ***
undoing flags set as result of merging a duplicate bug. this BZ already is solved on master and 5.9.