search

containers / udica

This repository contains a tool for generating SELinux security profiles for containers
GNU General Public License v3.0
478 stars 47 forks source link

chore(deps): update dependency containers/automation_images to v20240529 - abandoned #139

Closed renovate[bot] closed 3 months ago

renovate[bot] commented 6 months ago

Mend Renovate

This PR contains the following updates:

Package Update Change
containers/automation_images major 20231208t193858z-f39f38d13 -> 20240529t141726z-f40f39d13

Release Notes

containers/automation_images (containers/automation_images) ### [`v20240529t141726z-f40f39d13`](https://togithub.com/containers/automation_images/compare/20240513t140131z-f40f39d13...20240529t141726z-f40f39d13) [Compare Source](https://togithub.com/containers/automation_images/compare/20240513t140131z-f40f39d13...20240529t141726z-f40f39d13) ### [`v20240513t140131z-f40f39d13`](https://togithub.com/containers/automation_images/compare/20240320t153921z-f39f38d13...20240513t140131z-f40f39d13) [Compare Source](https://togithub.com/containers/automation_images/compare/20240320t153921z-f39f38d13...20240513t140131z-f40f39d13) ### [`v20240320t153921z-f39f38d13`](https://togithub.com/containers/automation_images/compare/20240125t184057z-f39f38d13...20240320t153921z-f39f38d13) [Compare Source](https://togithub.com/containers/automation_images/compare/20240125t184057z-f39f38d13...20240320t153921z-f39f38d13) ### [`v20240125t184057z-f39f38d13`](https://togithub.com/containers/automation_images/compare/20240102t155643z-f39f38d13...20240125t184057z-f39f38d13) [Compare Source](https://togithub.com/containers/automation_images/compare/20240102t155643z-f39f38d13...20240125t184057z-f39f38d13) ### [`v20240102t155643z-f39f38d13`](https://togithub.com/containers/automation_images/compare/20231208t193858z-f39f38d13...20240102t155643z-f39f38d13) [Compare Source](https://togithub.com/containers/automation_images/compare/20231208t193858z-f39f38d13...20240102t155643z-f39f38d13)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

cevich commented 3 months ago

@wrabcak @janzarsky PTAL, seems like something is breaking after an update to Fedora 40.

cevich commented 3 months ago

Just took a look at the build script, we're installing fuse3 and fuse3-devel maybe something else is missing or was dropped?

vmojzis commented 3 months ago

@cevich Thank you for looking into it. Installing fuse-overlayfs seems to fix it (https://github.com/containers/udica/pull/140), just not sure why it's necessary. It should be installed as a weak dependency of podman.

renovate[bot] commented 3 months ago

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

vmojzis commented 3 months ago

@cevich I'll merge this and https://github.com/containers/udica/pull/133 if you don't have any objections.

cevich commented 3 months ago

It should be installed as a weak dependency of podman.

Ahh, I vaguely recall a change in this area. I'll followup with the team to confirm the dependencies are as intended.

I'm cool with #140 if you want to re-open and merge. It seems to fix the issue.

Edit: Nevermind, I see you added those changes here. The dependency was definitely removed between F39 and F40. I'm confirming with the team to see what we want to do here.

cevich commented 3 months ago

@wrabcak or @rhatdan either of you have an opinion here? I'm okay with installing the package to run the tests, but I wonder what's the user experience? Maybe should the Udica pckage(?) have a dependency added for fuse-overlayfs?

wrabcak commented 3 months ago

There should be no connection between fuse-overlayfs and udica packages. I believe this is dependency from podman.

renovate[bot] commented 3 months ago

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

vmojzis commented 3 months ago

Merged.

cevich commented 3 months ago

I believe this is dependency from podman.

That's exactly my concern. I believe it was dropped for podman.

vmojzis commented 3 months ago

@cevich Yes, but podman is using the dependency. It has nothing to do with udica (it was podman usage in the test that triggered the issue) so it doesn't make sense to add the dependency here. The commit removing the dependency from podman says that overlayfs is required by containers-common. The problem is that containers-common only "Suggests" it, while podman used to "Recommend" it and AFAIK hints are ignored by dnf by default.

cevich commented 3 months ago

it was podman usage in the test that triggered the issue

Oooohhh, that's the piece I was missing. Dan also looked into this and sounded okay with how things are currently setup. Sorry for the noise.