Closed setswei closed 9 months ago
Completed Unit Tests
Thanks a lot @setswei for your research and the fix!
We want to remove Ubuntu18
replacing with Ubuntu22
in the next StackStorm v3.9.0
release, so that's perfectly aligned 👍
However I think we have to release a security patch v3.8.1
for stackstorm/st2
core packages anyway (including U18), for those who v3.8.0 already installed in their systems (incl. Mongo).
I guess they could use previous Ansible-st2
version.
Hey @armab
no problem I will remove all references to ubuntu18. I didn’t do this initially incase it was still going to be supported for a bit.
I will have the updates committed later today
Makes sense!
TBH, I'm still completely not sure if we want to remove it this way. Alternative per https://www.mongodb.com/community/forums/t/mongo-db-4-0-gpg-key-expired-for-ubuntu-18-04/230854/4 is to use APT instructions like
deb [ arch=amd64 trusted=yes ]
for a bit more until adding a proper U22 support, but that seems to be more hacky in terms of security and official support.
I have made the changes that you asked for. Users who have already deployed the apt repos would still see errors when talking to the repository due to the expired keys. bypassing the certificates can be a classified as a security risk. We can put some additional notes in the readme about ubuntu 18.04 as this is a issue is not really related to ansible or stackstorm.
My apologies, ide search fail :P.
the roles meta files have been updated. Builds are running
No problem at all. I will see if I can assist with some of the other builds too.
Check st2-docker
project failures, there might be some dependencies https://github.com/StackStorm/st2-docker/actions/runs/6568617107/job/17843305116#step:6:8 like bats
to update. Relevant PR in another repo: https://github.com/StackStorm/stackstorm-k8s/pull/338
Hey @armab
I have found the issues with the ansible-st2 build process
There was an incompatibility with docker-py using the latest versions of the requests and urllib3 libraries. This caused issues with molecule talking to the docker API on the host machine. Installing the requests<=2.29.0 resolved this issue. More info located here -> https://github.com/docker/docker-py/issues/3113
After getting the build processes working again I found that Ubuntu 18.04 tests would fail. this is due to MongoDB allowing the apt key for MongoDB 4.0 to expire. From the looks of some of the forum posts on the MongoDB community, they are not going to fix this as Ubuntu 18.04 was EOL on May 31 2023. For now, I have removed Ubuntu 18.04 from the build process, to resolve the MongoDB installation issues the role would have to be modified to download the deb packages directly and then install them (which can easily be done) but the main question I would put forward is should ubuntu 18.04 continued to be supported when there will be no mainstream OS level patches and vendors are dropping support as well.
As you can see below the builds are now working (except for Ubuntu 18.04)
If you check my repository you will see subsequent builds that have been completed with ubuntu 18.04 excluded