-
Notifications
You must be signed in to change notification settings - Fork 66
Lots of config errors on jenkins startup #2608
Lots of config errors on jenkins startup #2608
Comments
we do need to get this done, but might not be a SEV1 - i think it needs a bit more of a deep dive from build team to scope up. |
added to our backlog, @pradeepto feel free to prioritize, |
Copy pasting from MM. @lordofthejars mentioned :
|
Is there a commit you can point me to that made this change? It will be quite helpful to the future maintainers if I can add the link to the commit in the fix that I am making. |
@jfchevrette did we onboard any users after this change to the mount point was made? I wonder if the build succeeds or even jenkins starts for them at all since IIUC |
Status updateAfter reading the code a bit more I think I now understand how this is all supposed to work. I am not sure if this has been documented anywhere. I will add the doc to the PR. Existing implementationAs Jenkins bootstraps one of the things it does is to sync the configuration information from the configmap,
To ensure that these steps aren't repeated in the next boot, it deletes all files from the ReadOnly mount breaks the aboveBy making configuration readonly, for new users, it not only breaks the optimisation but also the expansion of templates which is critical and thus resulting in missing SolutionA solution to this would be to figure out a way to detect if the configmap has been updated or not and I am thinking of ...
@aslakknutsen @jfchevrette any thoughts ? Is there a simpler/better way to figure out if the configmap has been updated? |
@sthaha A ConfigMap has a Revision id you could use to detect change. |
Working on this as well here #2749 |
Reopening as the issue isn't closed. Somehow the issues get automatically closed when the PR is merged to master. |
@sthaha if the PR has |
@joshuawilson Thanks. The PR does fix the issue but I kept it open to indicate that it isn't released to prod. I guess I will track that elsewhere. |
@sthaha you should track it in https://github.com/openshiftio/openshift.io/projects/3 |
Yesterday an update to OpenShift went in to the the latest CVEs [1]. That update made secrets and configmaps mounts go read-only.
Presumably on startup jenkins tries to update the files mounted from configmap before it copies it to /var/lib/jenkins. That doesn't work anymore. The file from the configmap mount should be copied elsewhere and updated there.
[1] kubernetes/kubernetes#60814
The text was updated successfully, but these errors were encountered: