Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1882556 - git:// protocol in origin tests is not currently proxied
Summary: git:// protocol in origin tests is not currently proxied
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Build
Version: 4.6
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.7.0
Assignee: Corey Daley
QA Contact: wewang
: 1927341 1936860 (view as bug list)
Depends On:
Blocks: 1936974
TreeView+ depends on / blocked
Reported: 2020-09-24 23:20 UTC by W. Trevor King
Modified: 2021-03-09 15:18 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
[sig-builds][Feature:Builds] build have source revision metadata started build should contain source revision information [Suite:openshift/conformance/parallel]
Last Closed: 2021-02-24 15:21:14 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift origin pull 25625 0 None closed Bug 1882556: Access git over https for tests 2021-02-18 10:32:24 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:22:07 UTC

Description W. Trevor King 2020-09-24 23:20:42 UTC
Description of problem:

Proxy CI jobs are currently failing like [1]:

  Sep 24 03:16:53.079: INFO: 2020-09-24T03:13:20.835804050Z Cloning "git://github.com/openshift/ruby-hello-world.git" ...
  2020-09-24T03:13:36.841370114Z WARNING: timed out waiting for git server, will wait 1m4s
  2020-09-24T03:14:40.928268255Z WARNING: timed out waiting for git server, will wait 4m16s
  2020-09-24T03:16:50.848349366Z error: fatal: unable to connect to github.com:
  2020-09-24T03:16:50.848349366Z github.com[0:]: errno=Connection timed out

Because our Proxy configuration allows for HTTP and HTTPS requests to be pointed at the egress proxy, but does not allow for Git's native protocol on port 9418 to be proxied out.

Comment 5 wewang 2020-10-29 01:39:33 UTC
Verified it using cluster-bot,will check in nightly build again when pr is merged.

Comment 7 W. Trevor King 2020-11-09 23:36:05 UTC
(In reply to W. Trevor King from comment #2)
> As part of fixing this bug, we should drop at least this skip [1].
> [1]: https://github.com/openshift/release/blob/4c9dd40104656afb73e609e3c3d39c0c86bc57b4/ci-operator/step-registry/openshift/e2e/aws/proxy/openshift-e2e-aws-proxy-workflow.yaml#L22

I've filed [1] to drop the skip.

[1]: https://github.com/openshift/release/pull/13503

Comment 8 W. Trevor King 2020-12-01 05:46:18 UTC
Hmm, although since we've dropped the skip (for all versions), 4.6 is back to failing on this [1], e.g. [2]:

  $ curl -s https://storage.googleapis.com/origin-ci-test/logs/periodic-ci-openshift-release-master-ocp-4.6-e2e-aws-proxy/1333561788121223168/build-log.txt | grep -A5 'Failing tests:' | head -n6
  Failing tests:

  [sig-api-machinery][Feature:APIServer][Late] kube-apiserver terminates within graceful termination period [Suite:openshift/conformance/parallel]
  [sig-arch] Managed cluster should have no crashlooping pods in core namespaces over four minutes [Suite:openshift/conformance/parallel]
  [sig-builds][Feature:Builds] build have source revision metadata  started build should contain source revision information [Suite:openshift/conformance/parallel]

Not clear to me if we want to backport the fix to 4.6, fork the skips to restore the skip only for 4.6, or just live with 4.6 always failing this step in CI...

[1]: https://testgrid.k8s.io/redhat-openshift-ocp-release-4.6-informing#periodic-ci-openshift-release-master-ocp-4.6-e2e-aws-proxy
[2]: https://prow.ci.openshift.org/view/gcs/origin-ci-test/logs/periodic-ci-openshift-release-master-ocp-4.6-e2e-aws-proxy/1333561788121223168

Comment 10 Antonio Ojea 2021-02-18 10:33:15 UTC
*** Bug 1927341 has been marked as a duplicate of this bug. ***

Comment 12 errata-xmlrpc 2021-02-24 15:21:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 13 Adam Kaplan 2021-03-09 15:14:54 UTC
Increasing severity to "medium" as this is impacting proxy tests in CI (and we are adding more of these tests).

Comment 14 Adam Kaplan 2021-03-09 15:17:05 UTC
*** Bug 1936860 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.