Bug 1577247 - ansible-tower-setup installs several new non-Red Hat yum repositories
Summary: ansible-tower-setup installs several new non-Red Hat yum repositories
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.9.0
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: GA
: 5.9.3
Assignee: Satoe Imaishi
QA Contact: Dmitry Misharov
URL:
Whiteboard:
: 1582757 (view as bug list)
Depends On:
Blocks: 1561041
TreeView+ depends on / blocked
 
Reported: 2018-05-11 14:34 UTC by Peter McGowan
Modified: 2018-07-12 13:15 UTC (History)
12 users (show)

Fixed In Version: 5.9.3.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-07-12 13:14:18 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:2184 0 None None None 2018-07-12 13:15:04 UTC

Description Peter McGowan 2018-05-11 14:34:48 UTC
Description of problem:
The installation of ansible-tower-setup in a CFME 5.9.2 upgrade installs several non-Red Hat yum repositories such as epel-7, ansible-el7, pgdg-96-centos and jlaska-rabbitmq. If a subsequent yum update is performed then packages will be installed from these repositories, overwriting the correct and tested packages from the cf-me repository.

Version-Release number of selected component (if applicable):
5.9.2.4

How reproducible:
Every time

Steps to Reproduce:
1. Update a CFME 5.9.1 appliance to CFME 5.9.2
2. Perform a 'yum repolist', and notice the extra repositories
3. Perform a 'yum update' and notice that inappropriate packages such as 2.5.2-1.el7 would be installed

Expected results:
Additional repositories should not be installed.

Additional info:

Comment 2 Peter McGowan 2018-05-11 14:36:28 UTC
I meant to write "Ansible 2.5.2-1.el7 would be installed"

Comment 4 Graham Mainwaring 2018-05-11 15:16:16 UTC
This is the expected behavior of the Tower setup playbooks. CFME is supposed to pass skip-tags arguments to setup.sh to suppress this. Can we verify that those arguments are being passed?

Comment 5 Graham Mainwaring 2018-05-11 15:16:17 UTC
This is the expected behavior of the Tower setup playbooks. CFME is supposed to pass skip-tags arguments to setup.sh to suppress this. Can we verify that those arguments are being passed?

Comment 6 Graham Mainwaring 2018-05-11 15:16:36 UTC
This is the expected behavior of the Tower setup playbooks. CFME is supposed to pass skip-tags arguments to setup.sh to suppress this. Can we verify that those arguments are being passed?

Comment 7 Reartes Guillermo 2018-05-11 15:20:07 UTC
Hi,

Please review if a solution doc is needed for cfme appliances behind a Satellite. Since those repositories will not be available.

Cheers.

Comment 8 Shane McDonald 2018-05-11 15:46:57 UTC
In Tower 3.2.0 the installer was refactored and the tasks that install the yum repos were moved into a separate Ansible role.

From an old Slack conversation I can see that the argument currently being passed by CFME to the installer is: --skip-tags=packages.

I believe the solution is to apply the same --skip-tags tag CFME is using where this new role is included in the Tower installer.

Comment 10 Graham Mainwaring 2018-05-15 15:28:59 UTC
We have updated the Tower installer so that it will correctly respect --skip-tags=packages again.  The fix will be in Tower 3.1.7/3.2.5, which will be going out today or tomorrow.

Comment 11 Graham Mainwaring 2018-05-22 19:17:56 UTC
We have resolved build issues that prevented us from getting 3.1.7/3.2.5 in brew. 3.1.7 now exists and 3.2.5 will be in progress shortly. These versions should properly respect --skip-tags=packages again.

Comment 13 Satoe Imaishi 2018-06-07 02:13:10 UTC
*** Bug 1582757 has been marked as a duplicate of this bug. ***

Comment 14 Dmitry Misharov 2018-06-12 08:55:54 UTC
Fixed and verified in 5.9.3.1.20180606184006_8d120c0. ansible installer respects --skip-tags=packages. No additional repos is not added.

Comment 16 errata-xmlrpc 2018-07-12 13:14:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2184


Note You need to log in before you can comment on or make changes to this bug.