Auto sync2gitlab import of sos-4.4-4.el8.src.rpm

sos-bz2130922-collect-ocp412.patch

@@ -0,0 +1,62 @@
+From 765f5f283bdb4747b0069f2f5d3381134b4b9a95 Mon Sep 17 00:00:00 2001
+From: Jake Hunsaker <jhunsake@redhat.com>
+Date: Thu, 15 Sep 2022 12:36:42 -0400
+Subject: [PATCH] [ocp] Add newly required labels to temp OCP namespace
+
+Newer OCP versions have a more restrictive default deployment
+configuration. As such, add the required labels to the temporary
+namespace/project we use for collections.
+
+Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
+---
+ sos/collector/clusters/ocp.py | 23 ++++++++++++++++++++++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/sos/collector/clusters/ocp.py b/sos/collector/clusters/ocp.py
+index 06301536f..92c4e04a2 100644
+--- a/sos/collector/clusters/ocp.py
++++ b/sos/collector/clusters/ocp.py
+@@ -142,12 +142,32 @@ def setup(self):
+             self.fmt_oc_cmd("new-project %s" % self.project)
+         )
+         if ret['status'] == 0:
++            self._label_sos_project()
+             return True
+ 
+         self.log_debug("Failed to create project: %s" % ret['output'])
+         raise Exception("Failed to create temporary project for collection. "
+                         "\nAborting...")
+ 
++    def _label_sos_project(self):
++        """Add pertinent labels to the temporary project we've created so that
++        our privileged containers can properly run.
++        """
++        labels = [
++            "security.openshift.io/scc.podSecurityLabelSync=false",
++            "pod-security.kubernetes.io/enforce=privileged"
++        ]
++        for label in labels:
++            ret = self.exec_primary_cmd(
++                self.fmt_oc_cmd(
++                    f"label namespace {self.project} {label} --overwrite"
++                )
++            )
++            if not ret['status'] == 0:
++                raise Exception(
++                    f"Error applying namespace labels: {ret['output']}"
++                )
++
+     def cleanup(self):
+         """Remove the project we created to execute within
+         """
+@@ -231,8 +251,9 @@ def get_nodes(self):
+             for node_name, node in self.node_dict.items():
+                 if roles:
+                     for role in roles:
+-                        if role == node['roles']:
++                        if role in node['roles']:
+                             nodes.append(node_name)
++                            break
+                 else:
+                     nodes.append(node_name)
+         else:

sos.spec

@@ -5,7 +5,7 @@
 Summary: A set of tools to gather troubleshooting information from a system
 Name: sos
 Version: 4.4
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group: Applications/System
 Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz
 Source1: sos-audit-%{auditversion}.tgz
@@ -25,6 +25,7 @@ Obsoletes: sos-collector
 Patch1: sos-bz2129038-relax-magic-dep.patch
 Patch2: sos-bz2100154-yum-legacy-links.patch
 Patch3: sos-bz2138173-clean-host-before-domain.patch
+Patch4: sos-bz2130922-collect-ocp412.patch
 
 
 %description
@@ -39,6 +40,7 @@ support technicians and developers.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 
 %build
@@ -107,6 +109,10 @@ of the system. Currently storage and filesystem commands are audited.
 %ghost /etc/audit/rules.d/40-sos-storage.rules
 
 %changelog
+* Thu Nov 03 2022 Pavel Moravec <pmoravec@redhat.com> = 4.4-4
+- [ocp] Add newly required labels to temp OCP namespace
+  Resolves: bz2130922
+
 * Fri Oct 28 2022 Pavel Moravec <pmoravec@redhat.com> = 4.4-3
 - [cleaner] Apply compile_regexes after a regular parse line
   Resolves: bz2138173