fedora-infrastructure

Clone
Source Code
GIT

#11941 coreos-koji-tagger: koji-keytab fails
Closed: Fixed 23 days ago by c4rt0. Opened 24 days ago by c4rt0.

Closed: Fixed
Reopen Issue

Describe what you would like us to do:

When running coreos-koji-tagger, PLAY RECAP returns an error:

$ sudo rbac-playbook -C openshift-apps/coreos-koji-tagger.yml
.
.
.
TASK [keytab/service : Set keytab permissions] ******************************************************************
Wednesday 22 May 2024  15:22:46 +0000 (0:00:00.353)       0:00:29.688 ********* 
Wednesday 22 May 2024  15:22:46 +0000 (0:00:00.353)       0:00:29.687 ********* 
ok: [os-control01.iad2.fedoraproject.org]
fatal: [os-control01.stg.iad2.fedoraproject.org]: FAILED! => {"changed": false, "msg": "file (/etc/openshift_apps/coreos-koji-tagger/koji-keytab.kt) is absent, cannot continue", "path": "/etc/openshift_apps/coreos-koji-tagger/koji-keytab.kt", "state": "absent"}
.
.
.
PLAY RECAP ******************************************************************************************************
os-control01.iad2.fedoraproject.org : ok=17   changed=0    unreachable=0    failed=0    skipped=54   rescued=0    ignored=0   
os-control01.stg.iad2.fedoraproject.org : ok=20   changed=13   unreachable=0    failed=1    skipped=32   rescued=0    ignored=0

I am not sure what's behind this. I would be grateful if someone could look at this.

When do you need this to be done by?

This isn't pressing, I do not have any particular date in mind.

So you are using -C there, but this project isn't deployed in staging at all yet, so there's no dir.

So, either run without -C, or disable staging here. :)

Thanks @kevin . I ran the above without -C and the result was similar:

  fatal: [os-control01.stg.iad2.fedoraproject.org]: FAILED! => {"changed": true, "cmd": "oc -n coreos-koji-tagger apply --validate=strict -f /etc/openshift_apps/coreos-koji-tagger/egresspolicy.yml", "delta": "0:00:01.757248", "end": "2024-05-22 21:07:51.595297", "msg": "non-zero return code", "rc": 1, "start": "2024-05-22 21:07:49.838049", "stderr": "error: resource mapping not found for name: \"default\" namespace: \"\" from \"/etc/openshift_apps/coreos-koji-tagger/egresspolicy.yml\": no matches for kind \"EgressNetworkPolicy\" in version \"network.openshift.io/v1\"\nensure CRDs are installed first", "stderr_lines": ["error: resource mapping not found for name: \"default\" namespace: \"\" from \"/etc/openshift_apps/coreos-koji-tagger/egresspolicy.yml\": no matches for kind \"EgressNetworkPolicy\" in version \"network.openshift.io/v1\"", "ensure CRDs are installed first"], "stdout": "", "stdout_lines": []}
.
.
.
PLAY RECAP *******************************************************************************
os-control01.iad2.fedoraproject.org : ok=19   changed=1    unreachable=0    failed=0    skipped=52   rescued=0    ignored=0   
os-control01.stg.iad2.fedoraproject.org : ok=19   changed=19   unreachable=0    failed=1    skipped=16   rescued=0    ignored=0

ah yes, we dropped egres policy when we switched away from SDN networking recently.

I've fixed that now, can you retry?

Metadata Update from @zlopez:
- Issue assigned to kevin
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: medium-gain, medium-trouble, ops
23 days ago

Thank you!
I can confirm that running the above is now successful.

Metadata Update from @c4rt0:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)
23 days ago

Log in to comment on this ticket.

Metadata

medium-trouble ops medium-gain

None
None
Waiting on Assignee
Boards 1
ops Status: Backlog
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.