action #125141
Updated by mkittler over 1 year ago
## Observation ``` ID: security-sensor.repo Function: pkgrepo.managed Result: False Comment: Failed to configure repo 'security-sensor.repo': Zypper command failure: Repository 'security-sensor.repo' is invalid. [security-sensor.repo|https://download.opensuse.org/repositories/security:/sensor/15.4] Valid metadata not found at specified URL History: - Signature verification failed for repomd.xml - Can't provide /repodata/repomd.xml Please check if the URIs defined for this repository are pointing to a valid repository. Skipping repository 'security-sensor.repo' because of the above error. Could not refresh the repositories because of errors.Forcing raw metadata refresh Retrieving repository 'security-sensor.repo' metadata [.......... Warning: File 'repomd.xml' from repository 'security-sensor.repo' is unsigned. Note: Signing data enables the recipient to verify that no modifications occurred after the data were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system and in extreme cases even to a system compromise. Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the whole repo. Warning: We can't verify that no one meddled with this file, so it might not be trustworthy anymore! You should not continue unless you know it's safe. File 'repomd.xml' from repository 'security-sensor.repo' is unsigned, continue? [yes/no] (no): no error] Started: 09:39:50.917365 Duration: 9775.41 ms Changes: ---------- ID: security-sensor.repo Function: pkg.latest Name: velociraptor-client Result: False Comment: One or more requisite failed: security_sensor.security-sensor.repo Started: 09:40:00.699471 Duration: 0.011 ms Changes: … Summary for tumblesle -------------- Succeeded: 231 (changed=1) Failed: 2 -------------- Total states run: 233 ``` (https://gitlab.suse.de/openqa/salt-pillars-openqa/-/jobs/1427053/raw) ## Suggestions * Find out what the host "tumblesle" is -> a VM on qamaster.qa.suse.de (according to https://racktables.suse.de/index.php?page=object&tab=default&object_id=1300), the full domain is tumblesle.qa.suse.de * Check whether the problem persists -> no the repo can be refreshed (on tumblesle) * Check whether the error handling (retries) is in accordance with how other repos are configured -> we use `pkgrepo.managed: - retry: attempts: 5` for our own devel repos, maybe the same would make sense for `security:sensor` as well; we don't have a retry for all repos configured via `pkgrepo.managed` so far, though ## Remarks * Likely not specific to "tumblesle". * Looks like a temporary signing problem of security-sensor.repo (and not like a network issue). So maybe a one-time issue and we don't need to introduce a retry.