Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RHEL gating tests: more journald exceptions #8714

Merged
merged 1 commit into from
Dec 14, 2020
Merged

RHEL gating tests: more journald exceptions #8714

merged 1 commit into from
Dec 14, 2020

Conversation

edsantiago
Copy link
Member

Followup to #8284, due to my not having noticed #8096.

RHEL gating tests are failing again due to rhbz#1895105, the
one where we can't run journalctl rootless on RHEL. #8284 fixed
this for some RHEL builds of older podman, but I missed #8096
which added yet another logs test.

This brings us to three journalctl exceptions, which means
it gets complicated because I have to refactor it all.

THIS IS NOT SUSTAINABLE. We need some way to have a similar
setup in CI, with a permission-less rootless login, so we don't
add yet another logs test some day and discover, months later,
that it doesn't work on RHEL and then have to go into crisis
mode.

Signed-off-by: Ed Santiago [email protected]

@edsantiago
RHEL gating tests: more journald exceptions
4d7e05f 
Followup to containers#8284, due to my not having noticed containers#8096.

RHEL gating tests are failing again due to rhbz#1895105, the
one where we can't run journalctl rootless on RHEL. containers#8284 fixed
this for some RHEL builds of older podman, but I missed containers#8096
which added yet another logs test.

This brings us to three journalctl exceptions, which means
it gets complicated because I have to refactor it all.

**THIS IS NOT SUSTAINABLE**. We need some way to have a similar
setup in CI, with a permission-less rootless login, so we don't
add yet another logs test some day and discover, months later,
that it doesn't work on RHEL and then have to go into crisis
mode.

Signed-off-by: Ed Santiago <[email protected]>
@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: edsantiago

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 14, 2020
@edsantiago
Copy link
Member Author

@jnovy FYI

@rhatdan
Copy link
Member

rhatdan commented Dec 14, 2020

LGTM

@edsantiago
Copy link
Member Author

@containers/podman-maintainers PTAL. Suggestions welcome on how we can catch this sort of problem earlier.

I tested the new code on a RHEL VM, and the journal tests are indeed skipped when run rootless.

@mheon
Copy link
Member

mheon commented Dec 14, 2020

LGTM

@mheon
Copy link
Member

mheon commented Dec 14, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Dec 14, 2020
@mheon
Copy link
Member

mheon commented Dec 14, 2020

Would podman-in-a-container catch the journald case? We wouldn't have access to the host systemd, so I presume journald would blow up.

@openshift-merge-robot openshift-merge-robot merged commit 2854cdc into containers:master Dec 14, 2020
@edsantiago
Copy link
Member Author

Hmmm. Looks like we lost in_podman testing when we switched to CI v2. @cevich was that intentional?

@mheon I'm not sure how to test, but my gut feel is that P-in-P would not catch this: the symptom we're looking for is:

$ journalctl -n 1
Hint: You are currently not seeing messages from other users and the system.
      Users in the 'systemd-journal' group can see all messages. Pass -q to
      turn off this notice.
No journal files were opened due to insufficient permissions.

This happens when journalctl is run as rootless on RHEL on an account that is not in wheel or other special magic groups. IIRC, even when we were doing P-in-P testing, the tests ran as root inside the container so any journalctl error would be different, I think?

@edsantiago edsantiago mentioned this pull request Dec 14, 2020
Closed
@cevich
Copy link
Member

cevich commented Dec 15, 2020

Looks like we lost in_podman testing when we switched to CI v2.

It's there, just has a new name, container_integration_test...errr, where is container_system_test? I swore it was there...huh...apparently only in my imagination. Okay I'll add it...must have got lost in the shuffle.

@cevich cevich mentioned this pull request Dec 15, 2020
Closed
@mheon mheon mentioned this pull request Jan 5, 2021
Merged
cevich added a commit to cevich/podman that referenced this pull request Jan 11, 2021
@cevich
Cirrus: Implement containerized system testing
fe29126 
containers#8714 (comment)

Signed-off-by: Chris Evich <[email protected]>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@mheon mheon

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@edsantiago @openshift-ci-robot @rhatdan @mheon @cevich @openshift-merge-robot