It's misleading since it counts the amount of workers that have
registered to the current composer pods, it doesn't actually keep track
of the active workers.
Remove it and keep the worker-api stats as a proxy for active workers.
This commit fixes a warning from tar that the archive cannot contain
itself. It also makes any tar output a warning (maybe even an error?)
as we do not expect anything from the tar command. The test is updated
to also check this.
The RHEL-8 auxiliary key uses SHA-1 in its signature. To enable RHEL-8
cross-builds on RHEL-10, we can't include the RHEL-8 auxiliary key in
the repo definitions.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The RPM GPG release key used by Red Hat to sign its content used to be
signed using SHA-1. SHA-1 is no longer accepted on RHEL-10 / c10s and as
a result, such key can't be imported during image build. The RH GPG
release key has been resigned using SHA256 some time ago. Let's use this
version of the key for all RHEL repositories.
The key is taken from:
https://access.redhat.com/security/team/key
Specifically:
https://access.redhat.com/security/data/fd431d51.txt
The second key (auxiliary key 3) was not changed.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The `assert.Equal()` expects that the "expected" value is put
first. Which is not what I'm used to. It's also slightly inconsistent
because `assert.EqualError()` expects the "actual" err first and
then the expected string. But this commit is not about ranting :)
This commit fixes the order in the tests assert.Equal() so that
mismatches actually are displayed correctly.
This is an alternative/complementary fix for PR#4137. It is very
simple so should be uncontroverisal.
It fixes an issue that @schuellerf discovered, i.e. that when an error
interface is passed into clienterrors.Error.Details the details get
lost because the json.Marshaler will not know how to handler an
error interface.
To find the problematic uses of `error` a custom vet checker was
build in https://github.com/mvo5/osbuild-cvet. With that the
result is:
```
$ go run github.com/mvo5/osbuild-cvet@latest ./...
/home/mvogt/devel/osbuild/osbuild-composer/cmd/osbuild-worker/jobimpl-depsolve.go:93:26: do not pass 'error' to WorkerClientError() details, use error.Error() instead
/home/mvogt/devel/osbuild/osbuild-composer/cmd/osbuild-worker/jobimpl-osbuild.go:404:31: do not pass 'error' to WorkerClientError() details, use error.Error() instead
/home/mvogt/devel/osbuild/osbuild-composer/cmd/osbuild-worker/jobimpl-osbuild.go:519:31: do not pass 'error' to WorkerClientError() details, use error.Error() instead
/home/mvogt/devel/osbuild/osbuild-composer/cmd/osbuild-worker/jobimpl-osbuild.go:556:31: do not pass '[]error' to WorkerClientError() details, use []string instead
```
and once this commit is in no more errors.
Just like PR#4137 this is not perfect because it will not do a
recursive check for the passed argument.
Pass the mock logger directly to `run()` instead of mocking
`logrus.New`. Doing the later leads to a data race when multiple
parallel tests modify the (global) `var logrusNew logrus.New`.
Thanks to Tomas Hozza for reporting.
Do not use the global logger but pass instead the locally created
logger. This means the test output is silent again.
Sadly using the global logger is difficult because it is a global
resource so replacing it in tests means all tests (that are
potentially run in parallel) will write to it which makes testing
specific log output hard.
Note that gosec IMHO is a bit silly here, the heuristics used are
note very good, i.e. the code is already validating the external
inputs and it's not clear to me that "filepath.Clean()" will help
but it seems to supress the error. I hope gosec provides value
in other places, here it seems to be adding work :/
I also excluded "gosec" from any _test.go files, I do not see
why we should gosec tests?
EPEL-10 can't be installed on any of c10s and el10. Previously, the
script would try to install EPEL repositories package on el10 and fail.
In addition, use our "workaround" repository with c10s builds of some
packages (such as koji) also on el10.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
