Bug 1570968 - Jenkins image enabled htb repository but OSD does not allow to enable it.
Summary: Jenkins image enabled htb repository but OSD does not allow to enable it.
Keywords:
Status: CLOSED CANTFIX
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Release
Version: 3.7.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.10.0
Assignee: Adam Haile
QA Contact: Wei Sun
URL:
Whiteboard:
: 1330852 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-23 21:28 UTC by jooho lee
Modified: 2018-04-25 18:50 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-04-25 18:50:33 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description jooho lee 2018-04-23 21:28:31 UTC
Description of problem:
If a customer wants to install any package on top of Jenkins image, it will try to enable htb repository but OpenShift Dedicate node does not allow that. Therefore, build process fail.

In order to avoid this, a client should disable the htb repository before installing any package in Dockerfile. Can we disable the repository when the image built?

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.oc project test
2.git clone https://github.com/Jooho/jenkins-test-dockerbuild.git;cd jenkins-test-test-dockerbuild
3.oc new-build .

Actual results:
....
  Installing : epel-release-7-11.noarch                                     1/1https://cdn.redhat.com/content/htb/rhel/server/7/x86_64/os/repodata/repomd.xml:  [Errno 14] HTTPS Error 403 - Forbidden
Trying other mirror.
To address this issue please refer to the below knowledge base article

https://access.redhat.com/solutions/69319 
...

Expected results:
Build successfully without any issues.

Additional info:

Comment 2 Ben Parees 2018-04-23 21:53:49 UTC
Justin or Brenton do you have any idea where this repo is coming from?  Our dockerfile does not install or enable it.  Nor do i see it in /etc/yum.repos.d for the image.

https://github.com/openshift/jenkins/blob/master/2/Dockerfile.rhel7

Comment 3 Brenton Leanhardt 2018-04-24 12:14:58 UTC
I'd bet anything this is an artifact from the base image or something the build system is injecting automatically.

Comment 5 Ben Parees 2018-04-24 16:45:08 UTC
Can you attempt to recreate this using a different FROM image, such as the "rhel7" base image?  We are trying to determine if the issue is really specific to the Jenkins image since nothing in the jenkins image references the htb repository.

Comment 6 Justin Pierce 2018-04-24 18:03:14 UTC
If I pull the current image, the only repo file is /etc/yum.conf.d/redhat.repo - which is as it should be. I'm guessing you can bypass this by disabling the subscription-manager plugin.

Can you try using --disableplugin='*' on your yum operation?

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-yum_plugins

Comment 7 jooho lee 2018-04-25 13:37:50 UTC
it occurs the same errors even if I change FROM image so I bet the repos are enabled by something else like host repos. 

From this doc[1], I understand a subscription of host will be loaded to containter but I am still wondering where those repositories are coming from. I feel those repos are default one if we don't specify.(guess).


[1]https://access.redhat.com/solutions/1443553

Comment 8 Ben Parees 2018-04-25 18:48:22 UTC
*** Bug 1330852 has been marked as a duplicate of this bug. ***

Comment 9 Ben Parees 2018-04-25 18:50:09 UTC
My understanding is that the resolution to this is to have the HTB repos disabled on the dedicated nodes.  We can't fix this, tickets need to be opened w/ the ops team to get the repos disabled.


Note You need to log in before you can comment on or make changes to this bug.