container image build consistent fails because of 'Error: invalid policy in "/etc/containers/policy.json": Unknown key "keyPaths"'
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Critical
|
Unassigned |
Bug Description
Description
===========
content provider jobs and standalone jobs building container images are currently broken
and fail when building container images.
example:
https:/
```
2022-09-01 22:07:21.144195 | primary | TASK [container-build : Deploy the content provider registry from quay.io/
2022-09-01 22:07:21.144217 | primary | Thursday 01 September 2022 22:07:21 +0000 (0:00:00.125) 0:09:50.691 ****
2022-09-01 22:07:23.190442 | primary | fatal: [undercloud]: FAILED! => {"changed": true, "cmd": "podman run -d --name docker_registry -p 5001:5001 -e REGISTRY_
2022-09-01 22:07:23.202916 | primary |
2022-09-01 22:07:23.202958 | primary | TASK [container-build : Deploy the content provider registry from trunk.registry.
2022-09-01 22:07:23.202998 | primary | Thursday 01 September 2022 22:07:23 +0000 (0:00:02.058) 0:09:52.750 ****
2022-09-01 22:07:24.956537 | primary | fatal: [undercloud]: FAILED! => {"changed": true, "cmd": "podman run -d --name docker_registry -p 5001:5001 -e REGISTRY_
2022-09-01 22:07:24.957977 | primary |
```
Changed in tripleo: | |
importance: | Undecided → Critical |
tags: | added: ci promotion-blocker |
Changed in tripleo: | |
milestone: | none → zed-1 |
Changed in tripleo: | |
status: | New → Fix Released |
The KeyPaths key is available since containers/image v5.22.0. while we have podman v4.
We somehow got that "unsupported" key which messed up the whole CI.
https:/ /github. com/containers/ image/commit/ d218ff3d4611d35 295615adf091335 2a76684220
In the failing build
https:/ /87ce4650c4c88c f6e719- b9786354af2400d 660edf4654debed e0.ssl. cf2.rackcdn. com/854307/ 1/gate/ tripleo- ci-centos- 9-content- provider/ 45ef710/ logs/undercloud /var/log/ extra/rpm- list.txt
ansible- collection- community- general- 4.0.0-1. el9s.noarch collection- containers- podman- 1.9.4-1. el9s.noarch 4.1.1-6. el9.x86_ 64
ansible-
podman-
https:/ /87ce4650c4c88c f6e719- b9786354af2400d 660edf4654debed e0.ssl. cf2.rackcdn. com/854307/ 1/gate/ tripleo- ci-centos- 9-content- provider/ 45ef710/ logs/undercloud /etc/containers /policy. json
=> this uses keyPath*s*
In the last successful build
https:/ /723be80a4a0e72 ac556e- dd6141d83323607 d90dfeb8c1a1341 84.ssl. cf5.rackcdn. com/855511/ 2/check/ tripleo- ci-centos- 9-content- provider/ c82a361/ logs/undercloud /var/log/ extra/rpm- list.txt
ansible- collection- community- general- 4.0.0-1. el9s.noarch collection- containers- podman- 1.9.4-1. el9s.noarch 4.1.1-6. el9.x86_ 64
ansible-
podman-
https:/ /723be80a4a0e72 ac556e- dd6141d83323607 d90dfeb8c1a1341 84.ssl. cf5.rackcdn. com/855511/ 2/check/ tripleo- ci-centos- 9-content- provider/ c82a361/ logs/undercloud /etc/containers /policy. json
=> this uses keyPath