Wednesday, 2019-06-26

*** ianychoi has quit IRC		00:12
*** ianychoi has joined #airshipit		00:14
*** ianychoi has quit IRC		00:20
*** DougSchv has joined #airshipit		00:20
*** ianychoi has joined #airshipit		00:21
*** ianychoi has quit IRC		00:30
*** ianychoi has joined #airshipit		00:31
*** sthussey has joined #airshipit		00:41
*** DougSchv has quit IRC		00:45
*** ianychoi has quit IRC		01:03
*** ian-pittwood has joined #airshipit		01:04
*** ianychoi has joined #airshipit		01:04
*** ian-pittwood has left #airshipit		01:05
*** kskels has quit IRC		01:10
*** DougSchv has joined #airshipit		01:17
*** DougSchv has quit IRC		01:24
*** kskels has joined #airshipit		01:26
*** DougSchv has joined #airshipit		01:58
*** DougSchv has quit IRC		02:05
*** ianychoi has quit IRC		02:14
*** ianychoi has joined #airshipit		02:16
*** DougSchv has joined #airshipit		02:16
*** DougSchv has quit IRC		02:25
*** ianychoi has quit IRC		02:38
*** ianychoi has joined #airshipit		02:40
*** sthussey has quit IRC		02:51
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Uplift Promenade https://review.opendev.org/664467	03:33
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Align java_opts parameter for elasticsearch https://review.opendev.org/666473	03:33
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Separate fluentbit and fluentd charts https://review.opendev.org/667236	03:33
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Uplift all components https://review.opendev.org/664469	03:33
*** nishantkr has quit IRC		03:43
*** jhesketh has quit IRC		04:19
*** jhesketh has joined #airshipit		04:19
openstackgerrit	Kudaka Poorna Rajesh proposed airship/promenade master: Enable probes and mount config for etcd https://review.opendev.org/659863	04:28
openstackgerrit	Kudaka Poorna Rajesh proposed airship/promenade master: Enable probes and mount config for etcd https://review.opendev.org/659863	04:32
openstackgerrit	Kudaka Poorna Rajesh proposed airship/promenade master: Enable probes config for etcd https://review.opendev.org/659863	04:34
*** jamesgu_ has quit IRC		05:08
*** cheng1 has quit IRC		05:36
*** cheng1 has joined #airshipit		05:41
*** kskels has quit IRC		05:50
*** DougSchv has joined #airshipit		06:04
*** DougSchv has quit IRC		06:09
*** pgaxatte has joined #airshipit		06:30
*** ianychoi has quit IRC		06:34
*** ianychoi has joined #airshipit		06:41
*** DougSchv has joined #airshipit		07:18
*** DougSchv has quit IRC		07:22
*** ianychoi has quit IRC		07:59
*** ianychoi has joined #airshipit		08:01
*** pkaralis has joined #airshipit		08:14
*** DougSchv has joined #airshipit		08:29
*** DougSchv has quit IRC		08:34
*** ianychoi has quit IRC		09:07
*** ianychoi has joined #airshipit		09:10
*** DougSchv has joined #airshipit		09:39
*** DougSchv has quit IRC		09:44
*** DougSchv has joined #airshipit		10:26
*** DougSchv has quit IRC		10:31
*** DougSchv has joined #airshipit		10:37
*** DougSchv has quit IRC		10:41
*** DougSchv has joined #airshipit		11:11
*** DougSchv has quit IRC		11:21
openstackgerrit	Merged airship/maas master: Add release uuid annotation to POD spec https://review.opendev.org/666418	11:23
openstackgerrit	Merged airship/deckhand master: Add release uuid annotation to POD spec https://review.opendev.org/666420	11:26
*** happyhemant has joined #airshipit		11:28
openstackgerrit	Merged airship/armada master: Add release uuid annotation to POD spec https://review.opendev.org/665747	11:32
*** alexanderhughes has joined #airshipit		11:35
*** ianychoi has quit IRC		11:40
*** roman_g has joined #airshipit		11:43
*** ianychoi has joined #airshipit		11:45
*** ianychoi has quit IRC		12:14
*** ianychoi has joined #airshipit		12:22
*** aaronsheffield has joined #airshipit		12:27
*** gkadam has joined #airshipit		12:43
openstackgerrit	Matt McEuen proposed airship/election master: Add 2019 TC Nominees https://review.opendev.org/667601	12:50
openstackgerrit	Matt McEuen proposed airship/election master: Add 2019 TC Nominees https://review.opendev.org/667601	12:58
openstackgerrit	Scott Hussey proposed airship/promenade master: Allow etcd anchor to recover from bad state https://review.opendev.org/667378	12:58
openstackgerrit	Merged airship/election master: Add 2019 TC Nominees https://review.opendev.org/667601	13:00
*** DougSchv has joined #airshipit		13:01
*** DougSchv has quit IRC		13:05
*** sthussey has joined #airshipit		13:19
openstackgerrit	Merged airship/promenade master: Add release uuid annotation to POD spec https://review.opendev.org/666421	13:33
*** DougSchv has joined #airshipit		13:34
*** DougSchv has quit IRC		13:39
*** howell has joined #airshipit		13:40
*** mloza has quit IRC		13:47
openstackgerrit	Merged airship/shipyard master: Add realease uuid annotation to POD spec https://review.opendev.org/665745	13:54
*** nishantkr has joined #airshipit		14:05
*** DougSchv has joined #airshipit		14:08
*** DougSchv has quit IRC		14:12
openstackgerrit	Scott Hussey proposed airship/airshipctl master: [WIP] Some basic Go checks https://review.opendev.org/667628	14:20
*** amalrajgenocidex has joined #airshipit		14:21
openstackgerrit	Scott Hussey proposed airship/airshipctl master: [WIP] Some basic Go checks https://review.opendev.org/667628	14:22
amalrajgenocidex	After enormous help from mattmceuen and kskels , I was able to succesfully deploy the airsloop with default settings. But I'm unable to access the horizon interface.	14:23
amalrajgenocidex	How can I access horizon in case of airsloop?	14:23
openstackgerrit	Alexander Hughes proposed airship/election master: Amending nomination with company affiliation https://review.opendev.org/667629	14:24
openstackgerrit	Merged airship/election master: Amending nomination with company affiliation https://review.opendev.org/667629	14:26
openstackgerrit	Scott Hussey proposed airship/airshipctl master: [WIP] Some basic Go checks https://review.opendev.org/667628	14:32
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	14:37
alexanderhughes	roman_g sthussey are you two coordinating on the go gates for airshipctl? looks like some overlap	14:38
roman_g	alexanderhughes: no, we don't	14:38
roman_g	I've just noticed PS from Scott.	14:38
sthussey	You can toss mine, I was just doing it as I reviewed the code to see how the new stuff is built.	14:39
sthussey	Was just basing it on the existing methods used for go code in airship	14:40
openstackgerrit	Scott Hussey proposed airship/airshipctl master: [WIP] Some basic Go checks https://review.opendev.org/667628	14:42
*** cheng1 has quit IRC		14:49
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	14:50
*** cheng1 has joined #airshipit		14:50
*** jamesgu has joined #airshipit		14:51
*** jamesgu has quit IRC		14:52
*** DougSchv has joined #airshipit		14:54
openstackgerrit	Scott Hussey proposed airship/airshipctl master: [WIP] Some basic Go checks https://review.opendev.org/667628	14:56
*** michael-beaver has quit IRC		15:00
*** DougSchv has quit IRC		15:03
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	15:14
*** kskels has joined #airshipit		15:30
*** pgaxatte has quit IRC		15:49
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	15:54
*** DougSchv has joined #airshipit		15:56
amalrajgenocidex	Hi kskels I was able to add a new nic by editing some yaml files and deployments was able to install the essential services after that.	15:59
kskels	awesome!!	15:59
amalrajgenocidex	But I still see 2 failed steps when I check 'tools/airship shipyard get actions' . But don't see anything suspicious.	15:59
amalrajgenocidex	compute node is also added to the node list when I checked	16:00
amalrajgenocidex	NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIMEairsloop-compute-1 Ready <none> 4h v1.11.6 10.185.167.182 <none> Ubuntu 16.04.6 LTS 4.4.0-137-generic docker://17.3.3airsloop-control-1 Ready <none> 6d v	16:00
amalrajgenocidex	1.11.6 10.185.167.181 <none> Ubuntu 16.04.6 LTS 4.4.0-151-generic docker://17.3.3	16:00
kskels	great! that's a good milestone to get the bare-metal parts deployed and joining k8s	16:00
kskels	can you list 'sudo kubectl get pods --all-namespaces -o wide \|grep -v Completed'	16:01
kskels	just to see how far you got..	16:01
*** DougSchv has quit IRC		16:01
openstackgerrit	Scott Hussey proposed airship/airshipctl master: [WIP] Some basic Go checks https://review.opendev.org/667628	16:21
openstackgerrit	Alexander Hughes proposed airship/airshipctl master: Add gitreview file to airshipctl https://review.opendev.org/667674	16:24
sthussey	@alexanderhughes https://review.opendev.org/667364	16:25
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	16:25
alexanderhughes	thanks sthussey didn't notice it	16:26
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	16:39
openstackgerrit	Ian Pittwood proposed airship/spyglass master: Use data objects for document generation https://review.opendev.org/661092	16:41
*** amalrajgenocidex has quit IRC		16:41
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	16:45
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	16:45
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	16:48
sthussey	Looks like everyone is zuul'ing up airshipctl. I'll stop updating mine, but I'd recommend using containers for the Go build environment	16:51
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	16:51
sthussey	It is clean and the community containers come with all the tooling installed	16:51
*** amalrajgenocidex has joined #airshipit		16:51
sthussey	I'm not sure why zuul is failing while I can run the same thing locally and it works fine	16:51
sthussey	https://www.irccloud.com/pastebin/afIAbz9P/	16:53
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	16:53
amalrajgenocidex	Hi kskels , I ran the deploy again and followed armada logs. This error was showing frequently.	16:53
amalrajgenocidex	2019-06-26 16:42:56.255 7 INFO armada.api.middleware [-] user=- request_id=008b11f0-3d14-4a0b-ba84-684589a7688a ext_ctx=- end_user=- Response: GET http://armada-api.ucp.svc.cluster.local:8000/ 404 Not Found2019-06-26 16:45:39.247 8 ERROR armada.handlers.tiller [-] Error while installing release airship-osh-infra-radosgw: grpc._channel._Rendezvous:	16:53
amalrajgenocidex	<_Rendezvous of RPC that terminated with:status = StatusCode.UNAVAILABLEdetails = "Socket closed"debug_error_string = "{"created":"@1561567538.827723047","description":"Error received from peer","file":"src/core/lib/surface/call.cc","file_line":1017,"grpc_message":"Socket closed","grpc_status":14}">	16:53
amalrajgenocidex	http://paste.openstack.org/show/753458/	16:56
*** DougSchv has joined #airshipit		16:58
roman_g	Is Ian here?	16:58
sthussey	@howell not sure if he listens	16:58
openstackgerrit	Ian Pittwood proposed airship/spyglass master: Use data objects for document generation https://review.opendev.org/661092	17:04
*** DougSchv has quit IRC		17:16
*** gkadam has quit IRC		17:30
*** DougSchv has joined #airshipit		17:31
*** gkadam has joined #airshipit		17:35
*** DougSchv has quit IRC		17:41
*** DougSchv has joined #airshipit		17:41
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Uplift Promenade https://review.opendev.org/664467	17:48
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Align java_opts parameter for elasticsearch https://review.opendev.org/666473	17:48
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Separate fluentbit and fluentd charts https://review.opendev.org/667236	17:48
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Uplift all components https://review.opendev.org/664469	17:48
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Refactor seaworthy and airsloop Jenkins jobs https://review.opendev.org/667692	17:48
*** DougSchv has quit IRC		17:54
*** amalrajgenocidex has quit IRC		17:54
*** altlogbot_0 has quit IRC		17:55
*** altlogbot_0 has joined #airshipit		17:55
*** altlogbot_0 has quit IRC		17:57
openstackgerrit	Merged airship/promenade master: Allow etcd anchor to recover from bad state https://review.opendev.org/667378	17:58
openstackgerrit	Roman Gorshunov proposed airship/airshipctl master: [WIP] Add basic gates and docs build https://review.opendev.org/667393	18:00
*** altlogbot_0 has joined #airshipit		18:02
*** DougSchv has joined #airshipit		18:05
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	18:13
*** DougSchv has quit IRC		18:15
howell	roman_g: sthussey: sorry, I haven't gotten IRCCloud yet and weechat doesn't notify	18:20
sthussey	no worries. I think roman_g just wanted to bring attention to a PS he has open for zuul stuffs in airshipctl	18:21
sthussey	I've abandoned mine as I overlooked the existing Makefile, so it was duplicate. My only comment was I recommend a containerized build system for golang.	18:22
openstackgerrit	Sean Eagan proposed airship/armada master: Fix statefulset wait null pointer scenario https://review.opendev.org/667702	18:23
*** DougSchv has joined #airshipit		18:35
openstackgerrit	Scott Hussey proposed airship/promenade master: (fix) haproxy anchor runs as root https://review.opendev.org/667705	18:44
*** michael-beaver has joined #airshipit		18:44
*** DougSchv has quit IRC		18:48
openstackgerrit	Roman Gorshunov proposed airship/treasuremap master: Fix: git module requires user to exist https://review.opendev.org/667707	18:55
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	19:11
roman_g	Anyone, Kaspars found a problem: pegleg container stopped to work properly, when Git (GitPython) module is used (e.g. site collect), because inside pegleg container the user under which pegleg process is run does not exist (e.g. uid:gid 1000:1000).	19:13
roman_g	I've found a workaround https://review.opendev.org/667707, that if we set USER variable - everything works.	19:14
sthussey	Is it Git or ssh?	19:14
roman_g	But I feel that this is not the right way to do it.	19:14
roman_g	sthussey: I don't know.	19:14
roman_g	Kaspars didn't tell. kskels	19:14
alexanderhughes	can you copy/paste the collect command being used and the error?	19:15
roman_g	https://www.irccloud.com/pastebin/KJEBmHif/ - error	19:15
roman_g	https://github.com/gitpython-developers/GitPython/blame/master/git/util.py#L326	19:15
roman_g	https://github.com/python/cpython/blame/master/Lib/getpass.py#L162	19:15
roman_g	https://github.com/python/cpython/blame/master/Modules/pwdmodule.c#L180	19:15
*** DougSchv has joined #airshipit		19:16
roman_g	Python code and GitPython code in this places hasn't changed for quite some time, for years	19:16
roman_g	My workaround above is based on this https://github.com/python/cpython/blame/master/Lib/getpass.py#L162	19:17
roman_g	But I feel it should be resolved here https://github.com/gitpython-developers/GitPython/blame/master/git/util.py#L326	19:17
roman_g	I might be mistaken.	19:17
roman_g	And still don't understand why we caught this only now.	19:18
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	19:18
alexanderhughes	quay.io/airshipit/pegleg:fb2f62d25a11374435d99d9f59049d5799ccab73-ubuntu_xenial is the image being used yeah??	19:18
roman_g	yeah	19:19
alexanderhughes	I just jumped into that container, it put me as root by default, and ran commands that cloned the downstream repos via ssh without any issue	19:19
sthussey	what does tools/airship actually run?	19:20
roman_g	alexanderhughes: of course, because root exists in /etc/passwd	19:20
roman_g	docker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target -v /home/vagrant/.ssh:/target/.ssh --env-file /tmp/tmp.brW11TZ21A quay.io/airshipit/pegleg:fb2f62d25a11374435d99d9f59049d5799ccab73-ubuntu_xenial pegleg site -r /target collect airsloop -s collect	19:20
roman_g	something like this	19:20
sthussey	There is the issue	19:21
sthussey	` -u, --user string Username or UID (format: <name\|uid>[:<group\|gid>]`	19:21
roman_g	But we never had user with any UID:GID before	19:22
roman_g	I've checked in container which is 2 months old	19:22
roman_g	pegleg container	19:22
sthussey	could be a base image change	19:22
sthussey	not sure	19:22
sthussey	we've seen taht before	19:22
alexanderhughes	we recently changed Pegleg image from python:3.6 to ubuntu:16.04 both of them had the -ubuntu_xenial tag	19:24
roman_g	e.g. ocker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target -v /home/vagrant/.ssh:/target/.ssh quay.io/airshipit/pegleg:latest /bin/sh -c "id; grep 1000 /etc/passwd \|\| echo Fail; pegleg site -r /target collect airsloop -s collect"	19:24
roman_g	oops	19:25
roman_g	docker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target -v /home/vagrant/.ssh:/target/.ssh quay.io/airshipit/pegleg:latest /bin/sh -c "id; grep 1000 /etc/passwd \|\| echo Fail; pegleg site -r /target collect airsloop -s collect"	19:25
roman_g	this ^^^^^^^^^ will run 2 months old image, and it has same problem	19:25
roman_g	(yes, :latest is 2 months old, I need quay credentials to remove that tag)	19:25
openstackgerrit	Merged airship/armada master: Fix statefulset wait null pointer scenario https://review.opendev.org/667702	19:27
roman_g	so	19:27
roman_g	what would be a good way to get it fixed?	19:27
roman_g	GitPython?	19:27
roman_g	and when did this problem arise? we haven't had it before	19:27
alexanderhughes	I'll check this closer after this call, first I'm hearing of it. seems like changing the user passed in docker run is an option, or creating the user in the container are the easiest solutions	19:29
alexanderhughes	how did the other projects handle this issue? did they just export a user/create one?	19:30
roman_g	> seems like changing the user passed in docker run is an option	19:31
roman_g	to root? - No	19:31
roman_g	no other user exists	19:31
roman_g	> creating the user in the container are the easiest solutions	19:31
roman_g	that's what I'm leaning to	19:31
sthussey	the problem is if you need to access any host mounts, anything but root is going to cause issues	19:32
sthussey	because you want have read access	19:32
sthussey	won't	19:32
sthussey	jeez, can't type today	19:32
roman_g	so, only via sudo?	19:33
roman_g	or only run as root?	19:33
sthussey	either you can require any host volumes have world readable permissions	19:33
sthussey	or you run the container as root	19:34
*** sreejithp has joined #airshipit		19:43
*** altlogbot_0 has quit IRC		19:46
*** altlogbot_0 has joined #airshipit		19:46
roman_g	sthussey, when we map volumes and also use '-u' to specify user, then whatever is created by process inside the container on the volume we mount gets uid:gid of local user, and that works fine	19:48
sthussey	right	19:49
roman_g	we don't really write to inside of the container as user. only to mounted volumes	19:49
sthussey	assuming the volume is writable by uid 1000	19:49
sthussey	And assuming you don't want to read something that is not readable by uid 1000	19:50
sthussey	I'm not sure if setting uid to 1000 is going to work if someone needs to use their SSH private key to access a git repo for instance	19:50
sthussey	Maybe it does	19:50
sthussey	I already don't use my private key w/ pegleg because it doesn't appear to support encrypted keys	19:51
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Refactor seaworthy and airsloop Jenkins jobs https://review.opendev.org/667692	19:51
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Uplift Promenade https://review.opendev.org/664467	19:51
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Align java_opts parameter for elasticsearch https://review.opendev.org/666473	19:51
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Separate fluentbit and fluentd charts https://review.opendev.org/667236	19:51
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Uplift all components https://review.opendev.org/664469	19:51
* roman_g would prefer ssh certificates for corporate use anyway		19:52
roman_g	sthussey: why would we expect someone to work with site documents as a root user?	19:52
sthussey	I don't	19:53
roman_g	>> sthussey> or you run the container as root	19:53
sthussey	There was no real concern prior to all the external access from pegleg	19:54
sthussey	But now that do things like mount SSH keys into it, you'll have to decide path forward	19:54
roman_g	host volume does not need to be world writable, uid:gid of pegleg process is (normally) identical to uid:gid of a user launching pegleg container (because we use -u flag), so pegleg writes what is needed without problems.	19:55
roman_g	e.g. this works perfectly:	19:57
roman_g	treasuremap$ docker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target -v /home/vagrant/.ssh:/target/.ssh --env "USER=sthussey" quay.io/airshipit/pegleg:fb2f62d25a11374435d99d9f59049d5799ccab73-ubuntu_xenial pegleg site -r /target collect airsloop -s collect	19:57
roman_g	of course sthussey never existed in pegleg container, but collect/ directory with proper content and permissions would be created	19:58
roman_g	on host	19:59
openstackgerrit	Ian Pittwood proposed airship/spyglass master: Add site_config.yaml back into examples https://review.opendev.org/667719	20:01
sthussey	are you sourcing any repos from git?	20:04
sthussey	I don't know what airsloop looks like	20:04
roman_g	no, it's part of treasuremap repo	20:05
sthussey	then you likely won't run into the same issues	20:05
sthussey	if you do something like `-u $UID:1000 -v /etc/passwd:/etc/passwd` then you can likely over come any issues w/o using root	20:09
roman_g	> then you likely won't run into the same issues	20:10
sthussey	assuming that nothing in the container image has restricted permissions	20:10
roman_g	I do still run	20:10
roman_g	treasuremap$ docker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target quay.io/airshipit/pegleg:fb2f62d25a11374435d99d9f59049d5799ccab73-ubuntu_xenial pegleg site -r /target collect seaworthy -s collect	20:11
roman_g	^^^^ this drops an error when run as user	20:11
roman_g	from freshly cloned treasuremap repo	20:12
sthussey	you should be able to use your USER environment variable and run as uid 1000	20:13
sthussey	since you don't need to access any host files like a private key	20:13
roman_g	If I run workaroud I've described (with USER variable set to something), it works	20:13
roman_g	reasuremap$ docker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target --env "USER=someone" quay.io/airshipit/pegleg:fb2f62d25a11374435d99d9f59049d5799ccab73-ubuntu_xenial pegleg site -r /target collect seaworthy -s collect	20:13
roman_g	yes, that's correct.	20:13
sthussey	but that doesn't work if you want to use ssh-based git repos for pulling documents	20:14
roman_g	so what would be a good generic way to get it fixed?	20:14
roman_g	fix GitPython?	20:14
roman_g	so that it doesn't require valid user in passwd?	20:14
sthussey	as far as I know, ssh still does	20:15
roman_g	well, yes. but in this case with local site documents ssh is not used	20:15
*** altlogbot_0 has quit IRC		20:15
sthussey	sure, so your current method seems fine	20:16
*** altlogbot_0 has joined #airshipit		20:18
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	20:19
*** DougSchv has quit IRC		20:19
alexanderhughes	I'm confused if we're using local documents then neither ssh nor git is used so we shouldn't be getting userid issues right?	20:25
sthussey	You can use git w/ local repos	20:26
sthussey	And you can use ssh but need access to local files, e.g. your SSH key	20:26
alexanderhughes	is git still used if you pass the -e flags to preserve the local repos ?	20:27
sthussey	I'm not sure, but you can put a local path in the site definition YAML and git is used I believe	20:28
sthussey	I think you're right about -e	20:28
alexanderhughes	yeah if you don't pass overrides with -e it'll look at site definition, call process repositories and make sure right revision of the repos is used	20:28
sthussey	I don't recall seeing git log messages for it	20:29
alexanderhughes	but with overrides I can't remember if process repos does anything if it already has that exact revision path/revision already	20:29
alexanderhughes	worth trying, digging through source code to check ordering on the various calls - we have 14 or so from the CLI. but quick solution might just be to mount the repos into container (site, global, secrets) and then during the command use -e global=/path/to/global -e secrets=/path/to/secrets	20:32
sthussey	That is what I do locally	20:33
openstackgerrit	Ian Howell proposed airship/airshipctl master: Zuul: Initial airshipctl checks https://review.opendev.org/667680	20:36
*** altlogbot_0 has quit IRC		20:43
*** altlogbot_1 has joined #airshipit		20:44
alexanderhughes	nah even with the -e flags if you turn on verbose (-v) repos cloned to host and mounted into containers still get some of the git code called against them	20:47
alexanderhughes	so we're back to Roman's solution, pass env with pegleg is a dirty way to solve it. more appropriate is probably to just create a pegleg user in the container like Armada does https://opendev.org/airship/armada/src/branch/master/images/armada/Dockerfile.ubuntu_bionic#L39	20:49
sthussey	the problem w/ that is the user in the container, say uid 1000, may not be able to read host mounts	20:51
sthussey	back to the private key issue, possibly other host files	20:52
openstackgerrit	Merged airship/airship-in-a-bottle master: (logging) Add Pod YAML to debug logs https://review.opendev.org/667180	20:54
roman_g	> still get some of the git code called against them	20:55
roman_g	problem arises only if repository is dirty	20:56
sthussey	how would pegleg know if it doesn't call git to find out?	20:56
roman_g	no problem to run _some_ git commands	20:57
roman_g	https://opendev.org/airship/pegleg/blame/branch/master/pegleg/engine/util/git.py#L101	20:57
sthussey	ah	20:57
roman_g	Here is a note from Felipe	20:58
*** DougSchv has joined #airshipit		20:58
roman_g	iw we wouldn't call repo.index.commit('Temporary Pegleg commit'), then everything is perfectly fine	20:58
roman_g	*if	20:58
sthussey	ah, so likely it should use stash instead of commit	20:59
sthussey	avoiding this issue entirely	20:59
*** altlogbot_1 has quit IRC		21:00
roman_g	looks good at a first sight	21:00
alexanderhughes	using -e ?	21:01
roman_g	no, I run without -e	21:01
alexanderhughes	oh with the env solution from earlier?	21:02
roman_g	treasuremap$ docker run --rm --net=host -it -u 1000:1000 -w /target -v /home/vagrant/1/treasuremap:/target quay.io/airshipit/pegleg:fb2f62d25a11374435d99d9f59049d5799ccab73-ubuntu_xenial pegleg -v site -r /target collect seaworthy -s collect	21:02
roman_g	^^^^^^^^ this will fail if cloned local treasuremap/ is dirty	21:02
*** DougSchv has quit IRC		21:03
roman_g	sthussey: untracked files will also make it fail	21:04
*** altlogbot_0 has joined #airshipit		21:04
sthussey	`git clean`	21:04
*** alexanderhughes has quit IRC		21:04
*** alexanderhughes has joined #airshipit		21:04
roman_g	or git add . amd then git stash?	21:04
sthussey	sure	21:05
sthussey	it looks like the code block is running against a replica of the repo	21:05
sthussey	So it seemingly doesn't matter	21:05
roman_g	ok	21:05
sthussey	Could just use `git reset --hard <refspec>`	21:05
roman_g	refspec could be empty	21:06
roman_g	or even would be empty	21:06
sthussey	That's fine	21:06
sthussey	assumes HEAD of the current branch	21:06
roman_g	sthussey: I will test and then submit a patsh to pegleg tomorrow. 23:07, I'm tired.	21:07
roman_g	sthussey: I'm very thankfull for your great help	21:07
roman_g	alexanderhughes: thank you too	21:07
alexanderhughes	thanks roman_g have a good evening!	21:08
openstackgerrit	Merged airship/airship-in-a-bottle master: multinode: Add Shipyard test site stage https://review.opendev.org/666650	21:08
roman_g	Night, 11:09pm. Need to get home :)	21:09
openstackgerrit	Drew Walters proposed airship/divingbell master: CI: Fix K8s deployment https://review.opendev.org/663392	21:16
*** alexanderhughes has quit IRC		21:21
*** DougSchv has joined #airshipit		21:22
*** ianychoi has quit IRC		21:23
openstackgerrit	Scott Hussey proposed airship/airship-in-a-bottle master: (multinode) Make disk layout flexible https://review.opendev.org/638040	21:26
openstackgerrit	Scott Hussey proposed airship/airship-in-a-bottle master: [WIP] Network enhancements for gate-multinode https://review.opendev.org/634837	21:26
*** DougSchv has quit IRC		21:27
*** ianychoi has joined #airshipit		21:28
*** DougSchv has joined #airshipit		21:36
openstackgerrit	Merged airship/drydock master: Add release uuid annotation to POD spec https://review.opendev.org/666419	21:37
*** howell has quit IRC		21:39
openstackgerrit	Ian Pittwood proposed airship/spyglass-plugin-xls master: [WIP] Testing for plugin https://review.opendev.org/667734	21:43
*** sreejithp has quit IRC		21:48
*** DougSchv has quit IRC		21:48
*** DougSchv has joined #airshipit		21:48
*** michael-beaver has quit IRC		22:04
*** DougSchv has quit IRC		22:05
*** DougSchv has joined #airshipit		22:06
*** DougSchv has quit IRC		22:10
*** DougSchv has joined #airshipit		22:39
*** DougSchv has quit IRC		22:50
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Uplift Promenade https://review.opendev.org/664467	23:03
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: Align java_opts parameter for elasticsearch https://review.opendev.org/666473	23:03
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Separate fluentbit and fluentd charts https://review.opendev.org/667236	23:03
openstackgerrit	Alexander Noskov proposed airship/treasuremap master: WIP Uplift all components https://review.opendev.org/664469	23:03
*** DougSchv has joined #airshipit		23:22
*** DougSchv has quit IRC		23:28
*** sthussey has quit IRC		23:29
*** aaronsheffield has quit IRC		23:36
*** DougSchv has joined #airshipit		23:42
*** DougSchv has quit IRC		23:47

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!