Bug 2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8"
Summary: openshift-sync does not synchronise in "ose-jenkins:v4.8"
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Jenkins
Version: 4.8
Hardware: x86_64
OS: Linux
high
medium
Target Milestone: ---
: 4.10.0
Assignee: Alice Rum
QA Contact: Jitendar Singh
URL:
Whiteboard:
Depends On:
Blocks: 2037346
TreeView+ depends on / blocked
 
Reported: 2021-10-20 17:43 UTC by Simon Krenger
Modified: 2022-03-10 16:21 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:21:07 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift jenkins pull 1358 0 None open Bug 2016058: Bump openshift-sync-plugin to 1.0.51 and various dependant plugins 2021-12-16 13:14:25 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:21:22 UTC

Comment 15 Priti Kumari 2021-12-17 13:41:14 UTC
Verified with https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1830329 
and openshift-sync plugin

==================
$ oc version
Client Version: 4.4.0-0.ci-2020-02-26-215902
Server Version: 4.10.0-0.nightly-2021-12-14-083101
Kubernetes Version: v1.22.1+6859754

pkumari$ oc rsh jenkins-1-2km7f
sh-4.4$ cat /var/lib/jenkins/plugins/openshift-sync/META-INF/MANIFEST.MF |grep Implementation-Version
Implementation-Version: 1.0.51
sh-4.4$ exit
exit
----------

Started a build with maven-pipeline

pkumari$ oc get builds
NAME                            TYPE              FROM     STATUS     STARTED          DURATION
openshift-jee-sample-1          JenkinsPipeline            Complete   11 minutes ago   
openshift-jee-sample-docker-1   Docker            Binary   Complete   10 minutes ago   1m19s
openshift-jee-sample-3          JenkinsPipeline            Complete   4 minutes ago    
openshift-jee-sample-4          JenkinsPipeline            Complete   7 minutes ago    
openshift-jee-sample-docker-2   Docker            Binary   Complete   6 minutes ago    1m11s
openshift-jee-sample-docker-3   Docker            Binary   Complete   3 minutes ago    1m1s

Comment 16 Priti Kumari 2021-12-17 14:03:17 UTC
more Verification steps required

Comment 17 Priti Kumari 2021-12-19 08:42:46 UTC
I have also created secrets before jenkins was brought up and the secrets being successfully synced into the jenkins credential.

pkumari$ oc -n jenkins-test create secret docker-registry push-secret --docker-server=quay.io --docker-username=<username> --docker-password=<password> --docker-email=<email>
secret/push-secret created

pkumari$ oc label secret push-secret credential.sync.jenkins.openshift.io=true
secret/push-secret labeled

$ oc import-image --confirm jenkins-pkumari --from=quay.io/pkumari/jenkins_priti:latest 
imagestream.image.openshift.io/jenkins-pkumari imported
[...]

$ oc new-app jenkins-ephemeral -p NAMESPACE=$(oc project -q) -p JENKINS_IMAGE_STREAM_TAG=jenkins-pkumari:latest
--> Deploying template "openshift/jenkins-ephemeral" to project jenkins-test
[...]
--> Success
    Access your application via route 'jenkins-jenkins-test.apps.ci-ln-3ctjj5k-76ef8.origin-ci-int-aws.dev.rhcloud.com' 
    Run 'oc status' to view your app.

$ oc get pods
NAME               READY   STATUS      RESTARTS   AGE
jenkins-1-deploy   0/1     Completed   0          2m3s
jenkins-1-lkskx    1/1     Running     0          119s

$ oc get routes
NAME      HOST/PORT                                                                         PATH   SERVICES   PORT    TERMINATION     WILDCARD
jenkins   jenkins-jenkins-test.apps.ci-ln-3ctjj5k-76ef8.origin-ci-int-aws.dev.rhcloud.com          jenkins    <all>   edge/Redirect   None

$ oc rsh jenkins-1-lkskx
sh-4.4$ cat /var/lib/jenkins/plugins/openshift-sync/META-INF/MANIFEST.MF |grep Implementation-Version
Implementation-Version: 1.0.51
sh-4.4$ exit
exit
-----------------------------

I have also restarted the pod and checked the synced credential it was mapped successfully.

Ran the pipeline as well to verify the build process and it works as expected.

@gmontero @abenaiss @adkaplan could you please take a look once, if I have missed something.

Comment 18 Akram Ben Aissi 2021-12-20 09:50:13 UTC
Based also on our discussion on slack and the additional checks that you made in the logs, that looks ok to me.

Comment 19 Priti Kumari 2021-12-20 10:41:03 UTC
jenkins logs for secret events

pkumari$ oc get pods
NAME                                  READY   STATUS      RESTARTS   AGE
jenkins-1-9cn9f                       1/1     Running     0          28m
jenkins-1-deploy                      0/1     Completed   0          75m
openshift-jee-sample-1-deploy         0/1     Completed   0          36m
openshift-jee-sample-2-deploy         0/1     Completed   0          20m
openshift-jee-sample-2-q57vf          1/1     Running     0          20m
openshift-jee-sample-docker-1-build   0/1     Completed   0          37m
openshift-jee-sample-docker-2-build   0/1     Completed   0          21m

$ oc logs pod/jenkins-1-9cn9f
[...]
2021-12-20 10:08:57 INFO    hudson.WebAppMain$3 run Jenkins is fully up and running
2021-12-20 10:09:09 INFO    io.fabric8.jenkins.openshiftsync.BuildConfigInformer onAdd BuildConfig informer received add event for: {}openshift-jee-sample
2021-12-20 10:09:10 INFO    io.fabric8.jenkins.openshiftsync.SecretInformer onAdd Secret informer received add event for: {}push-secret
2021-12-20 10:09:10 INFO    io.fabric8.jenkins.openshiftsync.SecretManager insertOrUpdateCredentialFromSecret Upserting Secret with Uid 94acfb46-7590-4455-be28-1aff9803de45 with Name push-secret
2021-12-20 10:09:10 INFO    io.fabric8.jenkins.openshiftsync.SecretManager validSecret Validating Secret with Uid 94acfb46-7590-4455-be28-1aff9803de45 with Name push-secret
2021-12-20 10:09:11 INFO    io.fabric8.jenkins.openshiftsync.BuildInformer onAdd Build informer received add event for: {}openshift-jee-sample-1
2021-12-20 10:09:12 INFO    io.fabric8.jenkins.openshiftsync.BuildInformer onAdd Build informer received add event for: {}openshift-jee-sample-docker-1
2021-12-20 10:09:12 INFO    io.fabric8.jenkins.openshiftsync.CredentialsUtils insertOrUpdateCredentialsFromSecret Created credential jenkins-test-push-secret from Secret NamespaceName{jenkins-test:push-secret} with revision: 63093

[...]
2021-12-20 10:13:56 INFO    io.fabric8.jenkins.openshiftsync.JobProcessor createOrUpdateJob Updated job jenkins-test-openshift-jee-sample from BuildConfig NamespaceName{jenkins-test:openshift-jee-sample} with revision: 65265
2021-12-20 10:13:56 INFO    io.fabric8.jenkins.openshiftsync.SecretInformer onUpdate Secret informer received update event for: push-secret
2021-12-20 10:13:56 INFO    io.fabric8.jenkins.openshiftsync.SecretManager updateCredential Modifying Secret with Uid 94acfb46-7590-4455-be28-1aff9803de45 with Name push-secret
2021-12-20 10:13:56 INFO    io.fabric8.jenkins.openshiftsync.SecretManager validSecret Validating Secret with Uid 94acfb46-7590-4455-be28-1aff9803de45 with Name push-secret
[...]

Comment 25 errata-xmlrpc 2022-03-10 16:21:07 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.