2142490 – tekton disk-virt-* containers are missing libguestfs appliance file

Bug 2142490 - tekton disk-virt-* containers are missing libguestfs appliance file

Summary: tekton disk-virt-* containers are missing libguestfs appliance file

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Container Native Virtualization (CNV)
Classification:	Red Hat
Component:	Infrastructure
Sub Component:
Version:	4.11.0
Hardware:	Unspecified
OS:	All
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Target Release:	4.11.3
Assignee:	Karel Šimon
QA Contact:	Geetika Kapoor
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-11-14 08:09 UTC by Karel Šimon
Modified:	2023-02-07 15:16 UTC (History)
CC List:	3 users (show)
Fixed In Version:	kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.2-1, kubevirt-tekton-tasks-disk-virt-customize-container-v4.11.2-1, kubevirt-tekton-tasks-operator-container-v4.11.3-7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-02-07 15:16:28 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	kubevirt kubevirt-tekton-tasks pull 202	None	Merged	allow setting of libguestfs paths from env variables	2022-11-18 10:19:34 UTC
Github	kubevirt tekton-tasks-operator pull 119	None	open	[release-v0.3] Update tekton tasks manifests to version v0.9.4	2023-01-24 06:01:29 UTC
Red Hat Issue Tracker	CNV-22458	None	None	None	2022-11-14 08:13:45 UTC
Red Hat Product Errata	RHEA-2023:0621	None	None	None	2023-02-07 15:16:38 UTC

Description Karel Šimon 2022-11-14 08:09:16 UTC

Description of problem:
tekton disk-virt-* containers are missing libguestfs appliance file. Due to that, disk-virt-* tasks are failing. This is caused by different us/ds path of libguestfs appliance file in kubevirt/libguestfs-tools container.

Version-Release number of selected component (if applicable):


How reproducible:
100%

Steps to Reproduce:
1. Run disk-virt-* tekton task.
2. Observe newly created task pod
3.

Actual results:
task run fails

Expected results:
task run passes

Additional info:

Comment 2 Geetika Kapoor 2023-01-09 00:03:06 UTC

Test Env:

$ oc get csv -n openshift-cnv
NAME                                       DISPLAY                       VERSION   REPLACES                                   PHASE
kubevirt-hyperconverged-operator.v4.11.2   OpenShift Virtualization      4.11.2    kubevirt-hyperconverged-operator.v4.11.1   Succeeded
openshift-pipelines-operator-rh.v1.8.2     Red Hat OpenShift Pipelines   1.8.2                                                Succeeded


Test Case 1: Run the pipelines and look for errors. No errors seen in existing pipelines.
Test Case 2: Run task disk-virt-customize.Failed with Below error.  Triggered by: kube:admin


failed to create task run pod "new-pipeline-1ti157-disk-virt-customize": pods "new-pipeline-1ti157-disk-virt-customize-pod" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, provider "pipelines-scc": Forbidden: not usable by user or serviceaccount, provider "containerized-data-importer": Forbidden: not usable by user or serviceaccount, spec.containers[0].securityContext.runAsUser: Invalid value: 0: must be in the ranges: [1000710000, 1000719999], provider "restricted": Forbidden: not usable by user or serviceaccount, provider "nonroot-v2": Forbidden: not usable by user or serviceaccount, spec.containers[0].securityContext.runAsUser: Invalid value: 0: running with the root UID is forbidden, provider "noobaa": Forbidden: not usable by user or serviceaccount, provider "noobaa-endpoint": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "kubevirt-controller": Forbidden: not usable by user or serviceaccount, provider "bridge-marker": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork-v2": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount, provider "ocs-metrics-exporter": Forbidden: not usable by user or serviceaccount, provider "hostpath-provisioner-csi": Forbidden: not usable by user or serviceaccount, provider "linux-bridge": Forbidden: not usable by user or serviceaccount, provider "kubevirt-handler": Forbidden: not usable by user or serviceaccount, provider "rook-ceph": Forbidden: not usable by user or serviceaccount, provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "rook-ceph-csi": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount]. Maybe missing or invalid Task openshift-cnv/disk-virt-customize

NeedInfo on TC 2.

Comment 4 Karel Šimon 2023-01-24 06:01:30 UTC

There is necessary another fix, which is currently open https://github.com/kubevirt/tekton-tasks-operator/pull/119

Comment 9 errata-xmlrpc 2023-02-07 15:16:28 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Virtualization 4.11.3 Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:0621

Note You need to log in before you can comment on or make changes to this bug.