1577247 – ansible-tower-setup installs several new non-Red Hat yum repositories

Bug 1577247 - ansible-tower-setup installs several new non-Red Hat yum repositories

Summary: ansible-tower-setup installs several new non-Red Hat yum repositories

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Appliance
Sub Component:
Version:	5.9.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	GA
Target Release:	5.9.3
Assignee:	Satoe Imaishi
QA Contact:	Dmitry Misharov
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1582757 (view as bug list)
Depends On:
Blocks:	1561041
TreeView+	depends on / blocked

Reported:	2018-05-11 14:34 UTC by Peter McGowan
Modified:	2022-07-09 09:52 UTC (History)
CC List:	12 users (show)
Fixed In Version:	5.9.3.1
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-07-12 13:14:18 UTC
Category:	---
Cloudforms Team:	CFME Core
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2018:2184	0	None	None	None	2018-07-12 13:15:04 UTC

Description Peter McGowan 2018-05-11 14:34:48 UTC

Description of problem:
The installation of ansible-tower-setup in a CFME 5.9.2 upgrade installs several non-Red Hat yum repositories such as epel-7, ansible-el7, pgdg-96-centos and jlaska-rabbitmq. If a subsequent yum update is performed then packages will be installed from these repositories, overwriting the correct and tested packages from the cf-me repository.

Version-Release number of selected component (if applicable):
5.9.2.4

How reproducible:
Every time

Steps to Reproduce:
1. Update a CFME 5.9.1 appliance to CFME 5.9.2
2. Perform a 'yum repolist', and notice the extra repositories
3. Perform a 'yum update' and notice that inappropriate packages such as 2.5.2-1.el7 would be installed

Expected results:
Additional repositories should not be installed.

Additional info:

Comment 2 Peter McGowan 2018-05-11 14:36:28 UTC

I meant to write "Ansible 2.5.2-1.el7 would be installed"

Comment 4 Graham Mainwaring 2018-05-11 15:16:16 UTC

This is the expected behavior of the Tower setup playbooks. CFME is supposed to pass skip-tags arguments to setup.sh to suppress this. Can we verify that those arguments are being passed?

Comment 5 Graham Mainwaring 2018-05-11 15:16:17 UTC

This is the expected behavior of the Tower setup playbooks. CFME is supposed to pass skip-tags arguments to setup.sh to suppress this. Can we verify that those arguments are being passed?

Comment 6 Graham Mainwaring 2018-05-11 15:16:36 UTC

This is the expected behavior of the Tower setup playbooks. CFME is supposed to pass skip-tags arguments to setup.sh to suppress this. Can we verify that those arguments are being passed?

Comment 7 Reartes Guillermo 2018-05-11 15:20:07 UTC

Hi,

Please review if a solution doc is needed for cfme appliances behind a Satellite. Since those repositories will not be available.

Cheers.

Comment 8 Shane McDonald 2018-05-11 15:46:57 UTC

In Tower 3.2.0 the installer was refactored and the tasks that install the yum repos were moved into a separate Ansible role.

From an old Slack conversation I can see that the argument currently being passed by CFME to the installer is: --skip-tags=packages.

I believe the solution is to apply the same --skip-tags tag CFME is using where this new role is included in the Tower installer.

Comment 10 Graham Mainwaring 2018-05-15 15:28:59 UTC

We have updated the Tower installer so that it will correctly respect --skip-tags=packages again.  The fix will be in Tower 3.1.7/3.2.5, which will be going out today or tomorrow.

Comment 11 Graham Mainwaring 2018-05-22 19:17:56 UTC

We have resolved build issues that prevented us from getting 3.1.7/3.2.5 in brew. 3.1.7 now exists and 3.2.5 will be in progress shortly. These versions should properly respect --skip-tags=packages again.

Comment 13 Satoe Imaishi 2018-06-07 02:13:10 UTC

*** Bug 1582757 has been marked as a duplicate of this bug. ***

Comment 14 Dmitry Misharov 2018-06-12 08:55:54 UTC

Fixed and verified in 5.9.3.1.20180606184006_8d120c0. ansible installer respects --skip-tags=packages. No additional repos is not added.

Comment 16 errata-xmlrpc 2018-07-12 13:14:18 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2184

Note You need to log in before you can comment on or make changes to this bug.