search

kyma-project / test-infra

Test infrastructure for the Kyma project.
https://status.build.kyma-project.io/
Apache License 2.0
37 stars 180 forks source link

Too many debug messages from "gcloud compute ssh" #4293

Closed adamwalach closed 3 years ago

adamwalach commented 3 years ago

Description

Recently I noticed that some of our jobs contain a lot of debug information:

WARNING: <LoginProfile
 name: '117798148653314453801'
 posixAccounts: [<PosixAccount
 accountId: 'sap-kyma-prow'
 gid: 3059577806
 homeDirectory: '/home/sa_117798148653314453801'
 name: 'users/sa-vm-kyma-integration@sap-kyma-prow.iam.gserviceaccount.com/projects/sap-kyma-prow'
 operatingSystemType: OperatingSystemTypeValueValuesEnum(LINUX, 1)
 primary: True
 uid: 3059577806
 username: 'sa_117798148653314453801'>]
 sshPublicKeys: <SshPublicKeysValue
 additionalProperties: [<AdditionalProperty
 key: '63bdb765c684d555a9ca80b56da6b9f1bf6764cc52837b500ddb5ff669468fb9'
 value: <SshPublicKey
 fingerprint: '63bdb765c684d555a9ca80b56da6b9f1bf6764cc52837b500ddb5ff669468fb9'
 key: 'ssh-rsa

Example: https://storage.googleapis.com/kyma-prow-logs/pr-logs/pull/kyma-project_cli/1020/pre-cli-integration-kyma-1/1446388320262164480/build-log.txt

This is probably caused by recent updates of our bootrap image. We also updated the Cloud SDK version: https://github.com/kyma-project/test-infra/pull/4195/files#diff-28da18d91dc26bc1e4d9becde5e2ac5714a9ecf843fb4e95ed816b0a596e9bc4L37

My guess is that they changed default verbosity level. Other jobs that use the integration image (it has an older version of Cloud SDK) looks normal.

Expected result

No debug messages

Steps to reproduce

Check any pre-cli-integration-kyma-1 job

dekiel commented 3 years ago

This entries are WARNING severity. This is the default log level for gcloud compute ssh. It can be changed with --verbosity flag. https://cloud.google.com/sdk/gcloud/reference#--verbosity

adamwalach commented 3 years ago

Maybe they changed severity level of this particular message, it was not there before the update. We can check if the root cause can be fixed or just increase the default verbosity in the gcloud command invocation

dekiel commented 3 years ago

@adamwalach You mean change source code of gcloud-compute-ssh to log this message with INFO severity?

adamwalach commented 3 years ago

No, by the "root cause" I mean this problem:

Failed to add the host to the list of known hosts (/root/.ssh/google_compute_kno

I suspect this is the reason for the warning message. But, as I said, we could also modify our shell script and override the default severity level to "error"

dekiel commented 3 years ago

We have this warning because gcloud is trying to create file on a readonly filesystem.

root@f9f667a0-2b5a-11ec-be5e-ea5028dd2a63:~/.ssh# touch test
touch: cannot touch 'test': Read-only file system
root@f9f667a0-2b5a-11ec-be5e-ea5028dd2a63:~/.ssh# pwd
/root/.ssh
root@f9f667a0-2b5a-11ec-be5e-ea5028dd2a63:~/.ssh#

It’s read only because it’s mounted from secret.

dekiel commented 3 years ago

As a permanent solution we can mount secret with ssh keys in different location and point gcloud to this location with --ssh-key-file=SSH_KEY_FILE. That will make /root/.ssh writable for gcloud compute ssh.