Closed panlinux closed 1 month ago
github-actions[bot]
commented
1 month ago Jira: This PR is not related to a Jira item. (The PR title does not include a SC-#### reference)
GitHub Issues:
Launchpad Bugs: No Launchpad bugs are fixed by this PR. (No commits have LP: #### references)
Documentation: The changes in this PR do not require documentation changes.
👍 this comment to confirm that this is correct.
orndorffgrant
commented
1 month ago Hi @panlinux I still get one denial when running tox run -e behave -- features/attach_validtoken.feature:194
2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED begin
2024-05-22 10:57:05,623:WARNING:root:May 22 14:55:59 upro-behave-xenial-system-under-test-0522-105506864533 kernel: [ 30.686168] audit: type=1400 audit(1716389759.272:25): apparmor="DENIED" operation="ptrace" profile="ubuntu_pro_esm_cache_systemd_detect_virt" pid=3147 comm="systemd-detect-" requested_mask="trace" denied_mask="trace" peer="unconfined"
2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED end
panlinux
commented
1 month ago Hi @panlinux I still get one denial when running
tox run -e behave -- features/attach_validtoken.feature:1942024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED begin 2024-05-22 10:57:05,623:WARNING:root:May 22 14:55:59 upro-behave-xenial-system-under-test-0522-105506864533 kernel: [ 30.686168] audit: type=1400 audit(1716389759.272:25): apparmor="DENIED" operation="ptrace" profile="ubuntu_pro_esm_cache_systemd_detect_virt" pid=3147 comm="systemd-detect-" requested_mask="trace" denied_mask="trace" peer="unconfined" 2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED end
Which ubuntu release?
panlinux
commented
1 month ago Ah, xenial. Odd, because it should be covered:
ptrace read peer=unconfined,
{% if ubuntu_codename ["xenial"] %}
ptrace trace peer=unconfined,
{% endif %}I'll check if that rule actually ended up in the xenial profile.
panlinux
commented
1 month ago Ohh, typo!
{% if ubuntu_codename ["xenial"] %}instead of the correct form:
{% if ubuntu_codename in ["xenial"] %}Error connecting to /v1/context/machines/token: 500 ***"code":"internal server error","message":"pq: server login has been failing, try again later (server_login_retry)","traceId":"4aa7d99b-a398-4fa1-b66c-78f091fc3c23"***server-side issues...
panlinux
commented
1 month ago An air-gapped jammy test is stalling right after the "internet" is cut:
@uses.config.contract_token
183
Feature: Performing attach using ua-airgapped # features/airgapped.feature:2
184
Scenario Outline: Pro works with the airgapped contract server -- @1.1 ubuntu release # features/airgapped.feature:49
185
Given a `jammy` `lxd-container` machine with ubuntu-advantage-tools installed # features/steps/machines.py:167
186
Given a `jammy` `lxd-container` machine named `mirror` # features/steps/machines.py:35
187
When I run `add-apt-repository ppa:yellow/ua-airgapped -y` `with sudo` on the `mirror` machine # features/steps/shell.py:54
188
And I apt update on the `mirror` machine # features/steps/packages.py:48
189
And I apt install `apt-mirror get-resource-tokens ua-airgapped` on the `mirror` machine # features/steps/packages.py:92
190
And I download the service credentials on the `mirror` machine # features/steps/airgap.py:12
191
And I extract the `esm-infra` credentials from the `mirror` machine # features/steps/airgap.py:25
192
And I extract the `esm-apps` credentials from the `mirror` machine # features/steps/airgap.py:25
193
And I set the apt-mirror file for `jammy` with the `esm-infra,esm-apps` credentials on the `mirror` machine # features/steps/airgap.py:42
194
And I run `apt-mirror` `with sudo` on the `mirror` machine # features/steps/shell.py:54
195
And I serve the `esm-infra` mirror using port `8000` on the `mirror` machine # features/steps/airgap.py:90
196
And I serve the `esm-apps` mirror using port `9000` on the `mirror` machine # features/steps/airgap.py:90
197
And I create the contract config overrides file for `esm-infra,esm-apps` on the `mirror` machine # features/steps/airgap.py:111
198
And I generate the contracts-airgapped configuration on the `mirror` machine # features/steps/airgap.py:141
199
Given a `jammy` `lxd-container` machine named `contracts` # features/steps/machines.py:35
200
When I run `add-apt-repository ppa:yellow/ua-airgapped -y` `with sudo` on the `contracts` machine # features/steps/shell.py:54
201
And I apt update on the `contracts` machine # features/steps/packages.py:48
202
And I apt install `contracts-airgapped` on the `contracts` machine # features/steps/packages.py:92
203
And I run `apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4067E40313CB4B13` `with sudo` on the `contracts` machine # features/steps/shell.py:54
204
And I disable any internet connection on the `contracts` machine This is already a retry, it happened before too.
panlinux
commented
1 month ago Now we have just the stuck test. The other two that failed previously due to a server-side issue (returning 500), now passed.
orndorffgrant
commented
1 month ago Since the stuck test passed locally and we have no reason to believe this change will influence other tests in that suite, I'm merging.
Fixes: #3119
Why is this needed?
This PR solves all of our problems because...
Test Steps
Run behave lxd-vm tests on xenial and focal, which are the affected version from the linked github issue.
Checklist
Does this PR require extra reviews?