Closed panlinux closed 1 month ago
Jira: This PR is not related to a Jira item. (The PR title does not include a SC-#### reference)
GitHub Issues:
Launchpad Bugs: No Launchpad bugs are fixed by this PR. (No commits have LP: #### references)
Documentation: The changes in this PR do not require documentation changes.
👍 this comment to confirm that this is correct.
Hi @panlinux I still get one denial when running tox run -e behave -- features/attach_validtoken.feature:194
2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED begin
2024-05-22 10:57:05,623:WARNING:root:May 22 14:55:59 upro-behave-xenial-system-under-test-0522-105506864533 kernel: [ 30.686168] audit: type=1400 audit(1716389759.272:25): apparmor="DENIED" operation="ptrace" profile="ubuntu_pro_esm_cache_systemd_detect_virt" pid=3147 comm="systemd-detect-" requested_mask="trace" denied_mask="trace" peer="unconfined"
2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED end
Hi @panlinux I still get one denial when running
tox run -e behave -- features/attach_validtoken.feature:194
2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED begin 2024-05-22 10:57:05,623:WARNING:root:May 22 14:55:59 upro-behave-xenial-system-under-test-0522-105506864533 kernel: [ 30.686168] audit: type=1400 audit(1716389759.272:25): apparmor="DENIED" operation="ptrace" profile="ubuntu_pro_esm_cache_systemd_detect_virt" pid=3147 comm="systemd-detect-" requested_mask="trace" denied_mask="trace" peer="unconfined" 2024-05-22 10:57:05,623:WARNING:root:XXX apparmor DENIED end
Which ubuntu release?
Ah, xenial. Odd, because it should be covered:
ptrace read peer=unconfined,
{% if ubuntu_codename ["xenial"] %}
ptrace trace peer=unconfined,
{% endif %}
I'll check if that rule actually ended up in the xenial profile.
Ohh, typo!
{% if ubuntu_codename ["xenial"] %}
instead of the correct form:
{% if ubuntu_codename in ["xenial"] %}
Error connecting to /v1/context/machines/token: 500 ***"code":"internal server error","message":"pq: server login has been failing, try again later (server_login_retry)","traceId":"4aa7d99b-a398-4fa1-b66c-78f091fc3c23"***
server-side issues...
An air-gapped jammy test is stalling right after the "internet" is cut:
@uses.config.contract_token
183
Feature: Performing attach using ua-airgapped # features/airgapped.feature:2
184
Scenario Outline: Pro works with the airgapped contract server -- @1.1 ubuntu release # features/airgapped.feature:49
185
Given a `jammy` `lxd-container` machine with ubuntu-advantage-tools installed # features/steps/machines.py:167
186
Given a `jammy` `lxd-container` machine named `mirror` # features/steps/machines.py:35
187
When I run `add-apt-repository ppa:yellow/ua-airgapped -y` `with sudo` on the `mirror` machine # features/steps/shell.py:54
188
And I apt update on the `mirror` machine # features/steps/packages.py:48
189
And I apt install `apt-mirror get-resource-tokens ua-airgapped` on the `mirror` machine # features/steps/packages.py:92
190
And I download the service credentials on the `mirror` machine # features/steps/airgap.py:12
191
And I extract the `esm-infra` credentials from the `mirror` machine # features/steps/airgap.py:25
192
And I extract the `esm-apps` credentials from the `mirror` machine # features/steps/airgap.py:25
193
And I set the apt-mirror file for `jammy` with the `esm-infra,esm-apps` credentials on the `mirror` machine # features/steps/airgap.py:42
194
And I run `apt-mirror` `with sudo` on the `mirror` machine # features/steps/shell.py:54
195
And I serve the `esm-infra` mirror using port `8000` on the `mirror` machine # features/steps/airgap.py:90
196
And I serve the `esm-apps` mirror using port `9000` on the `mirror` machine # features/steps/airgap.py:90
197
And I create the contract config overrides file for `esm-infra,esm-apps` on the `mirror` machine # features/steps/airgap.py:111
198
And I generate the contracts-airgapped configuration on the `mirror` machine # features/steps/airgap.py:141
199
Given a `jammy` `lxd-container` machine named `contracts` # features/steps/machines.py:35
200
When I run `add-apt-repository ppa:yellow/ua-airgapped -y` `with sudo` on the `contracts` machine # features/steps/shell.py:54
201
And I apt update on the `contracts` machine # features/steps/packages.py:48
202
And I apt install `contracts-airgapped` on the `contracts` machine # features/steps/packages.py:92
203
And I run `apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4067E40313CB4B13` `with sudo` on the `contracts` machine # features/steps/shell.py:54
204
And I disable any internet connection on the `contracts` machine
This is already a retry, it happened before too.
Now we have just the stuck test. The other two that failed previously due to a server-side issue (returning 500), now passed.
Since the stuck test passed locally and we have no reason to believe this change will influence other tests in that suite, I'm merging.
Fixes: #3119
Why is this needed?
This PR solves all of our problems because...
Test Steps
Run behave lxd-vm tests on xenial and focal, which are the affected version from the linked github issue.
Checklist
Does this PR require extra reviews?