action #159060
opencoordination #155182: [epic] Participate in alpha-testing of new version of velociraptor-client
Rollback/switch to officially installed velociraptor-client repo and server size:S
0%
Description
Motivation¶
#155179 is done. Crosscheck with the velociraptor-client development team and rollback our salt managed machines to use official packages and the non-development server again
Acceptance Criteria¶
- AC1: salt-controlled machines use the stable velociraptor repo
## Suggestions
- Look at https://gitlab.suse.de/openqa/salt-pillars-openqa/-/merge_requests/736 for previous changes
- Clarify which repo to use, see https://suse.slack.com/archives/C02NJAA1PEC/p1713696437484159
https://download.suse.de/ibs/SUSE:/Velociraptor/15.5/ only offers x86_64. I thought we should use that repo unconditionally but what about aarch64, s390x, ppc64le? Until we found a better place to install aarch64/ppc64le/s390x Leap 15.5 packages from I will revert to the official Leap repository content. Soon we will upgrade to Leap 15.6 anyway
- Check that we use the correct endpoint
Updated by okurz 14 days ago
- Copied from action #155179: Participate in alpha-testing of new version of velociraptor-client added
Updated by okurz 14 days ago
- Subject changed from Participate in alpha-testing of new version of velociraptor-client to Rollback to officially installed velociraptor-client repo and server
- Status changed from New to Feedback
- Target version changed from Tools - Next to future
https://suse.slack.com/archives/C02NJAA1PEC/p1713272166072159
(Oliver Kurz) Hi, can we switch the LSG QE machines back from https://download.opensuse.org/repositories/security:/sensor/15.5/ to official Leap packages and the server target URL accordingly?
(Marcela Mašláňová) All machines will need to install from IBS. We are just waiting for the official announcement
(Oliver Kurz) that sounds like a different problem but I will wait for such announcement then
Updated by okurz 11 days ago
- Subject changed from Rollback to officially installed velociraptor-client repo and server to Rollback/switch to officially installed velociraptor-client repo and server
- Target version changed from future to Ready
announcement was sent by Jeff Mahoney in https://suse.slack.com/archives/C02NJAA1PEC/p1713535789090039 pointing to https://confluence.suse.com/display/CS/Sensor+-+Linux+Endpoint+Protection+Agent with deployment instructions on https://gitlab.suse.de/linux-security-sensor/suse-client-deployment and https://confluence.suse.com/display/CS/Deploying+the+Sensor+Client
https://suse.slack.com/archives/C02NJAA1PEC/p1713537499171589
(Oliver Kurz) @Jeff Mahoney 1. "It includes virtual machines and systems that are subject to frequent redeployment, like those in […] test systems." So do the 1..10k automated openQA tests need to install velociraptor-client and report to the server during openQA test runs? […] 3. "any Linux servers maintained by BCL" and "must switch to the IBS release" is not possible for the openqa.opensuse.org infrastructure. I don't know how to fulfill such requirements
Updated by okurz 11 days ago
I checked the config mentioned on the documentation pages and could confirm that we are just expected to go back to https://sec-velociraptor.prg.suse.com:8000 so created https://gitlab.suse.de/openqa/salt-pillars-openqa/-/merge_requests/783 (merged)
Unfortunately we need to switch to an internal repo but ok:
https://gitlab.suse.de/openqa/salt-states-openqa/-/merge_requests/1160
Updated by livdywan 10 days ago
https://gitlab.suse.de/openqa/salt-states-openqa/-/jobs/2513164
ID: security-sensor.repo
Function: pkgrepo.managed
Result: False
Comment: Failed to configure repo 'security-sensor.repo': refresh_db() got multiple values for keyword argument 'root'
Started: 18:31:20.487570
Duration: 1268.534 ms
Changes:
Updated by okurz 9 days ago
https://suse.slack.com/archives/C02NJAA1PEC/p1713696437484159
(Oliver Kurz) https://download.suse.de/ibs/SUSE:/Velociraptor/15.5/ only offers x86_64. I thought we should use that repo unconditionally but what about aarch64, s390x, ppc64le? Until we found a better place to install aarch64/ppc64le/s390x Leap 15.5 packages from I will revert to the official Leap repository content. Soon we will upgrade to Leap 15.6 anyway
Updated by okurz about 13 hours ago
- Due date changed from 2024-05-05 to 2024-05-12
Asked in https://suse.slack.com/archives/C02NJAA1PEC/p1714397276453239 now again