openSUSE Project Management Tool: Issueshttps://progress.opensuse.org/https://progress.opensuse.org/themes/openSUSE/favicon/favicon.ico?15829177842024-03-15T07:34:18ZopenSUSE Project Management Tool
Redmine openQA Tests - action #157306 (Workable): [security][QU] seahorse_sshkey fails to enable WE exten...https://progress.opensuse.org/issues/1573062024-03-15T07:34:18Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-15-SP5-Online-QR-x86_64-fips_env_mode_tests_crypt_x11@64bit fails in<br>
<a href="https://openqa.suse.de/tests/13708414/modules/seahorse_sshkey/steps/18" class="external">seahorse_sshkey</a></p>
<p>This was earlier attributed to <a href="https://bugzilla.suse.com/show_bug.cgi?id=1217071" class="external">https://bugzilla.suse.com/show_bug.cgi?id=1217071</a> but it has been reportedly fixed also in 15-SP5 now.</p>
openQA Tests - action #157138 (Workable): [security] SLE Micro 6.0 s390x tests do not start (cont...https://progress.opensuse.org/issues/1571382024-03-13T08:21:13Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-micro-6.0-Base-qcow-s390x-container_selinux@s390x-kvm fails in<br>
<a href="https://openqa.suse.de/tests/13756851/modules/disk_boot/steps/8" class="external">disk_boot</a></p>
<p>This has not been tried to be executed before. It is likely trying to boot with wrong modules and possibly wrong settings, comparison can be done to <a href="https://openqa.suse.de/tests/13756869" class="external">https://openqa.suse.de/tests/13756869</a> which boots the same image successfully.</p>
openQA Tests - action #156661 (Workable): [security][15-SP6] audit_remote_libvirt fails due to "S...https://progress.opensuse.org/issues/1566612024-03-05T12:50:05Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-15-SP6-Online-x86_64-cc_audit-remote-libvirt@64bit fails in<br>
<a href="https://openqa.suse.de/tests/13713040/modules/audit_remote_libvirt/steps/13" class="external">audit_remote_libvirt</a></p>
<p>This didn't happen here: <a href="https://openqa.suse.de/tests/12736098#step/audit_remote_libvirt/10" class="external">https://openqa.suse.de/tests/12736098#step/audit_remote_libvirt/10</a> where the fix from ticket <a class="issue tracker-4 status-3 priority-4 priority-default closed" title="action: [security][15-SP6] Update test audit_remote_libvirt for new libvirt behaviour (Resolved)" href="https://progress.opensuse.org/issues/137627">#137627</a> helped the test to finish with just one baseline test comparison failure.</p>
<a name="Acceptance-Criteria"></a>
<h2 >Acceptance Criteria<a href="#Acceptance-Criteria" class="wiki-anchor">¶</a></h2>
<ol>
<li>Make audit_remote_libvirt to pass on 15-SP6 (or, report product bug) without regressing on 15-SP5 (see ticket <a class="issue tracker-4 status-12 priority-4 priority-default" title="action: [security][QU] audit_remote_libvirt fails in 15-SP5 due to new libvirt behavior (Workable)" href="https://progress.opensuse.org/issues/156658">#156658</a> for its issue).</li>
</ol>
openQA Tests - action #156658 (Workable): [security][QU] audit_remote_libvirt fails in 15-SP5 due...https://progress.opensuse.org/issues/1566582024-03-05T12:43:14Ztjyrinki_susetjyrinki+redmine@suse.de
<p>This seems similar to ticket <a class="issue tracker-4 status-3 priority-4 priority-default closed" title="action: [security][15-SP6] Update test audit_remote_libvirt for new libvirt behaviour (Resolved)" href="https://progress.opensuse.org/issues/137627">#137627</a> which was at the time only done for 15-SP6.</p>
<p>openQA test in scenario sle-15-SP5-Online-QR-x86_64-cc_audit-remote-libvirt@64bit fails in<br>
<a href="https://openqa.suse.de/tests/13708530/modules/audit_remote_libvirt/steps/13" class="external">audit_remote_libvirt</a></p>
<p>Last good: <a href="https://openqa.suse.de/tests/13102161" class="external">127.10</a> (or more recent)</p>
<p>Always latest result in this scenario: <a href="https://openqa.suse.de/tests/latest?arch=x86_64&distri=sle&flavor=Online-QR&machine=64bit&test=cc_audit-remote-libvirt&version=15-SP5" class="external">latest</a></p>
<a name="Acceptance-Criteria"></a>
<h2 >Acceptance Criteria<a href="#Acceptance-Criteria" class="wiki-anchor">¶</a></h2>
<ol>
<li>Fix audit_remove_libvirt to pass also on 15-SP5.</li>
</ol>
openQA Tests - action #155260 (Resolved): [security][15-SP6] test fails in audit2allow in 15-SP6https://progress.opensuse.org/issues/1552602024-02-09T13:00:08Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-15-SP6-Online-x86_64-selinux@64bit fails in<br>
<a href="https://openqa.suse.de/tests/13458163/modules/audit2allow/steps/20" class="external">audit2allow</a></p>
<p>Fails since (at least) Build <a href="https://openqa.suse.de/tests/13086176" class="external">45.1</a></p>
<p>Last good: <a href="https://openqa.suse.de/tests/13004542" class="external">44.1</a> (or more recent)</p>
<p>Similar to otherwise unrelated ticket <a class="issue tracker-4 status-12 priority-4 priority-default" title="action: [security][15-SP6] logic of passphrase entering failed in autoyast_stig_remediation (Workable)" href="https://progress.opensuse.org/issues/155248">#155248</a>, this started in build 45.1. This time however older test commit does not help (<a href="https://openqa.suse.de/tests/13458163#comments" class="external">https://openqa.suse.de/tests/13458163#comments</a>), so is it maybe a product change or product bug, or something in our configuration?</p>
openQA Tests - action #155248 (Workable): [security][15-SP6] logic of passphrase entering failed ...https://progress.opensuse.org/issues/1552482024-02-09T10:42:00Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-15-SP6-Online-x86_64-autoyast_stig_remediation@64bit fails in<br>
<a href="https://openqa.suse.de/tests/13457092/modules/first_boot/steps/3" class="external">first_boot</a></p>
<p>It started in Build <a href="https://openqa.suse.de/tests/13085395" class="external">45.1</a></p>
<p>While it was still working in <a href="https://openqa.suse.de/tests/13003729" class="external">44.1</a> - over there the "boot_encrypt" module entered the passphrase, while now in boot_encrypt module it's still showing the grub authentication and thein fails in first_boot </p>
<p>If looking at the videos, even on 45.1 it does enter the grub passphrase, but then maybe (possibly, not necessarily) due to ticket <a class="issue tracker-4 status-3 priority-4 priority-default closed child" title="action: [security][15-SP6] GRUB now passes through unlocking, test needs to be changed (Resolved)" href="https://progress.opensuse.org/issues/152455">#152455</a> expects that it would be enough, while in this stig case it does not seem the pass-through is working anymore? Not sure why though, the password is the same but maybe it's part of stig logic to not allow pass-through?</p>
<a name="Further-details"></a>
<h2 >Further details<a href="#Further-details" class="wiki-anchor">¶</a></h2>
<p>Always latest result in this scenario: <a href="https://openqa.suse.de/tests/latest?arch=x86_64&distri=sle&flavor=Online&machine=64bit&test=autoyast_stig_remediation&version=15-SP6" class="external">latest</a></p>
<p>Automatic re-runs indicate git commit f69e77d29d96cab7c9a3e18c5cd2cfb73f371ee4 (from the time 44.1 build was done) still works for this test suite (<a href="https://openqa.suse.de/tests/13457092#comments" class="external">https://openqa.suse.de/tests/13457092#comments</a>).</p>
openQA Tests - action #153045 (Workable): [security] seahorse_sshkey test module should not add e...https://progress.opensuse.org/issues/1530452024-01-03T08:15:20Ztjyrinki_susetjyrinki+redmine@suse.de
<p>Adding modules should not be needed in maintenance.</p>
<p><a href="https://github.com/os-autoinst/os-autoinst-distri-opensuse/blob/master/tests/x11/seahorse_sshkey.pm#L20" class="external">https://github.com/os-autoinst/os-autoinst-distri-opensuse/blob/master/tests/x11/seahorse_sshkey.pm#L20</a></p>
<p>It started failing because the we module stopped being supported for 15-SP4, but the module was anyway included already in the HDD image being used when the module was available, so the adding was never needed.</p>
ALP - action #151558 (Resolved): [security] firstrun on sle-micro >= 6.0 should be ALPifiedhttps://progress.opensuse.org/issues/1515582023-11-28T06:58:19Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-micro-6.0-Default-encrypted-x86_64-container_selinux@uefi fails in<br>
<a href="https://openqa.suse.de/tests/12874494/modules/firstrun/steps/5" class="external">firstrun</a></p>
<p>Always latest result in this scenario: <a href="https://openqa.suse.de/tests/latest?arch=x86_64&distri=sle-micro&flavor=Default-encrypted&machine=uefi&test=container_selinux&version=6.0" class="external">latest</a></p>
<p>Firstrun is failing with distri sle-micro and version 6.0 - that is, ALP - in the encrypted flavor (that does not use ignition but uses firstrun wizard). This is likely due to it picking up the SLE Micro 5.x expections while it should now work as intended on ALP. There may or may not be difference between ALP Dolomite and ALP Marble in this regard, but likely it should be largely the same.</p>
<p>selinux_setup was updated to use is_alp || is_sle_micro('>=6.0'), jeos/firstrun should maybe using is_sle || is_sle_micro('<6.0') in some places and the former in other places, not sure what would be optimal.</p>
openQA Tests - action #135401 (Closed): [security] fips pattern missing because basesystem reposi...https://progress.opensuse.org/issues/1354012023-09-08T09:02:40Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-15-SP6-Online-x86_64-fips_env_stunnel_server@64bit fails in<br>
<a href="https://openqa.suse.de/tests/12036081/modules/fips_setup/steps/19" class="external">fips_setup</a></p>
<p>Fails since (at least) Build <a href="https://openqa.suse.de/tests/12036081" class="external">19.1</a> (current job)</p>
<p>Last good: <a href="https://openqa.suse.de/tests/11979771" class="external">16.1</a> (or more recent)</p>
<p>First thought to be a product problem, developer explained that <code><br>
as this you install with the Online medium, you need to enable the Basesystem Pool repository.</code></p>
<p>Comparing a <em>passing</em> run at <a href="https://openqa.suse.de/tests/11979771#settings" class="external">https://openqa.suse.de/tests/11979771#settings</a> to now <em>failing</em> run at <a href="https://openqa.suse.de/tests/12036081#settings" class="external">https://openqa.suse.de/tests/12036081#settings</a> , it seems the <em>failing</em> run is here where there are 50+ repository related settings that did not exist for the passing one.</p>
<p>Looking further back to 15-SP5 - <a href="https://openqa.suse.de/tests/11175701#settings" class="external">https://openqa.suse.de/tests/11175701#settings</a> - it seems the new case of having all of those settings would be the right way, but the question for this ticket is why it does not work?</p>
openQA Tests - action #135269 (Rejected): [security] test fails in system_preparehttps://progress.opensuse.org/issues/1352692023-09-06T18:08:00Ztjyrinki_susetjyrinki+redmine@suse.de
<p>openQA test in scenario sle-15-SP4-Server-DVD-Updates-s390x-mru-install-desktop-with-addons@s390x-kvm-sle12 fails in<br>
<a href="https://openqa.suse.de/tests/11970473/modules/system_prepare/steps/2" class="external">system_prepare</a></p>
<p>Fails since (at least) Build <a href="https://openqa.suse.de/tests/11970473" class="external">20230831-1</a> (current job)<br>
Last good: <a href="https://openqa.suse.de/tests/11942027" class="external">20230829-1</a> (or more recent)</p>
<p>Fails with "ssh: connect to host s390kvm082.suse.de port 22: No route to host".</p>
<p>Likely an infrastructure issue related to the moves, but should be seen if it can be workarounded or if something needs changing due to hardware moves.</p>
openQA Project - action #127238 (New): It's not possible to remove own force_result comments, and...https://progress.opensuse.org/issues/1272382023-04-05T06:42:05Ztjyrinki_susetjyrinki+redmine@suse.de
<p>Here is an example:</p>
<p><a href="https://openqa.suse.de/tests/10848924#comments" class="external">https://openqa.suse.de/tests/10848924#comments</a></p>
<p>The soft-fail forcing was done erronously, and would be wanted to be removed. However, when trying to remove the comment Forbidden message is given to the person who made the comment (the person is also Administrator).</p>
<p>This ticket looks like opposite of ticket <a class="issue tracker-4 status-1 priority-3 priority-lowest" title="action: It's possible to delete force_result comments (New)" href="https://progress.opensuse.org/issues/107239">#107239</a>, so I'm not sure what to do. However, in the recent months it feels there has been more related changes - now these un-deletable comments are also carried over automatically to new runs, and those carried over comments are also undeletable. If this kind of comment would happen in maintenance tests and couldn't be corrected (without availability of someone who has more direct rights than even Administrator has), it could mean even accidentally giving green light to an erronous update if the correction would be delayed.</p>
openQA Project - action #123724 (Resolved): auto_review not working despite ticket in openQA auto...https://progress.opensuse.org/issues/1237242023-01-27T07:20:44Ztjyrinki_susetjyrinki+redmine@suse.de
<a name="Observation"></a>
<h2 >Observation<a href="#Observation" class="wiki-anchor">¶</a></h2>
<p>Ticket #122215 seems not functional still, the affected tests do not get the softfail forcing still automatically but need to be set manually daily.</p>
<p>The ticket has:<br>
<code>auto_review:"Test result is NOT same as baseline":force_result:softfailed</code><br>
... at the end of the subject, and the ticket was moved to openQA auto review project.</p>
<p>The tests can be found at the 15-SP4 runs at <a href="https://openqa.suse.de/group_overview/429" class="external">https://openqa.suse.de/group_overview/429</a></p>
<a name="Acceptance-criteria"></a>
<h2 >Acceptance criteria<a href="#Acceptance-criteria" class="wiki-anchor">¶</a></h2>
<ul>
<li><strong>AC1</strong>: Result is changed to softfailed as specified in the title of the ticket</li>
</ul>
<a name="Suggestions"></a>
<h2 >Suggestions<a href="#Suggestions" class="wiki-anchor">¶</a></h2>
<ul>
<li>Verify that the regex valid/working e.g. <code>auto_review:"Test result is NOT same as baseline":force_result:softfailed</code>, maybe by putting the title in a unit test and seeing if that fails</li>
<li>Check that the ticket is filed correctly, i.e. using the force result tracker - this <strong>seems</strong> to be correct</li>
<li>Check the code in <a href="https://github.com/os-autoinst/scripts" class="external">https://github.com/os-autoinst/scripts</a></li>
</ul>
openQA Project - action #119467 (Resolved): "Internal server error" on opening any job group fron...https://progress.opensuse.org/issues/1194672022-10-27T06:00:25Ztjyrinki_susetjyrinki+redmine@suse.de
<a name="Observation"></a>
<h2 >Observation<a href="#Observation" class="wiki-anchor">¶</a></h2>
<p>Build specific pages etc work, but job group front page like <a href="https://openqa.suse.de/group_overview/268" class="external">https://openqa.suse.de/group_overview/268</a> does not.</p>
<a name="Acceptance-criteria"></a>
<h2 >Acceptance criteria<a href="#Acceptance-criteria" class="wiki-anchor">¶</a></h2>
<ul>
<li><strong>AC1:</strong> No obvious related regression on OSD</li>
<li><strong>AC2:</strong> Test coverage for the branding button code exists for both the job comments as well as job group comments</li>
</ul>
openQA Infrastructure - action #90275 (Resolved): Replacement openQA OSD aarch64 hardware (was: D...https://progress.opensuse.org/issues/902752021-03-18T10:29:54Ztjyrinki_susetjyrinki+redmine@suse.de
<a name="Motivation"></a>
<h2 >Motivation<a href="#Motivation" class="wiki-anchor">¶</a></h2>
<p>We have had a machine from orthos, but we need to renew the lease every now and then or lose it. It would be easier to have a more permanent solution for eg snapshot validations.</p>
<p>openQA tests aarch64 on KVM, this ticket would be about improving the baremetal aarch64 testing. We were not able to test RC1 on baremetal (non-rpi) aarch64 due to lack of access to hardware (eg problems on thunderx10)</p>
<a name="Acceptance-criteria"></a>
<h2 >Acceptance criteria<a href="#Acceptance-criteria" class="wiki-anchor">¶</a></h2>
<ul>
<li><strong>AC1</strong>: <strong>DONE</strong> Make new arm machines available</li>
<li><strong>AC2</strong>: openqaworker-arm-4 is salted and processing jobs</li>
<li><strong>AC3</strong>: openqaworker-arm-5 is salted and processing jobs</li>
</ul>
openQA Project - action #56789 (New): New needles from git repository not working with openqa-clo...https://progress.opensuse.org/issues/567892019-09-11T08:14:09Ztjyrinki_susetjyrinki+redmine@suse.de
<p>Use case:</p>
<p>To be able to test tests in production (openqa.opensuse.org or openqa.suse.de) before merging the needles and tests themselves, since results have proven to vary on those loaded machines compared to local openQA instance or VM.</p>
<p>It is currently working if there are no new needles involved, but this issue describes the problem with custom needles which would be theoretically supported by openqa-clone-custom-git-refspec but not working in practice.</p>
<p>Problem description:</p>
<p>First of all, documentation [1] says "Path to needles subdirectory to use, defaults to "needles" within PRODUCTDIR. Can be a git repository URL, comparable to CASEDIR", and CASEDIR states "for example <a href="mailto:git@github.com">git@github.com</a>:os-autoinst/os-autoinst-distri-opensuse.git#feature/test".</p>
<p>[1] <a href="https://github.com/os-autoinst/os-autoinst/blob/master/doc/backend_vars.asciidoc" class="external">https://github.com/os-autoinst/os-autoinst/blob/master/doc/backend_vars.asciidoc</a></p>
<p>However,</p>
<pre><code>openqa-clone-custom-git-refspec https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/8332 https://openqa.opensuse.org/tests/xxxxxxxx --apikey=XXX --apisecret=XXX NEEDLES_DIR=git@github.com:tjyrinki/os-autoinst-needles-opensuse.git#poo-12345
</code></pre>
<p>results in:</p>
<pre><code>Could not create directory '/var/lib/empty/.ssh'.
Host key verification failed.
fatal: Could not read from remote repository.
</code></pre>
<p>Using https instead (NEEDLES_DIR=<a href="https://github.com/tjyrinki/os-autoinst-needles-opensuse.git" class="external">https://github.com/tjyrinki/os-autoinst-needles-opensuse.git</a>) gets one further, but openQA complains about wrong needles location:</p>
<pre><code>init needles from /var/lib/openqa/pool/15/os-autoinst-needles-opensuse
Needle /var/lib/openqa/pool/15/os-autoinst-needles-opensuse/ssh-login-ok-20160813.json is not under project directory /var/lib/openqa/cache/xxx at /usr/lib/os-autoinst/needle.pm line 63.
</code></pre>
<p>Oliver Kurz suggested playing around with the PRODUCTDIR to try to workaround the forbidding use of (correctly checked out) needles dir which I did but it didn't get any better with trying to set that to eg pool/... directories, which also changes on every run.</p>