From df2cf645cbfd0789e859a8da94278b4a0fc29734 Mon Sep 17 00:00:00 2001 From: Pavel Moravec Date: Thu, 3 Nov 2022 21:41:27 +0100 Subject: [PATCH] sos updates to 9.2 Resolves: bz2130976 Signed-off-by: Pavel Moravec --- sos-bz2130976-collect-ocp412.patch | 62 ++++++++++++++++++++++++++++++ sos.spec | 8 +++- 2 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 sos-bz2130976-collect-ocp412.patch diff --git a/sos-bz2130976-collect-ocp412.patch b/sos-bz2130976-collect-ocp412.patch new file mode 100644 index 0000000..14a85f5 --- /dev/null +++ b/sos-bz2130976-collect-ocp412.patch @@ -0,0 +1,62 @@ +From 765f5f283bdb4747b0069f2f5d3381134b4b9a95 Mon Sep 17 00:00:00 2001 +From: Jake Hunsaker +Date: Thu, 15 Sep 2022 12:36:42 -0400 +Subject: [PATCH] [ocp] Add newly required labels to temp OCP namespace + +Newer OCP versions have a more restrictive default deployment +configuration. As such, add the required labels to the temporary +namespace/project we use for collections. + +Signed-off-by: Jake Hunsaker +--- + sos/collector/clusters/ocp.py | 23 ++++++++++++++++++++++- + 1 file changed, 22 insertions(+), 1 deletion(-) + +diff --git a/sos/collector/clusters/ocp.py b/sos/collector/clusters/ocp.py +index 06301536f..92c4e04a2 100644 +--- a/sos/collector/clusters/ocp.py ++++ b/sos/collector/clusters/ocp.py +@@ -142,12 +142,32 @@ def setup(self): + self.fmt_oc_cmd("new-project %s" % self.project) + ) + if ret['status'] == 0: ++ self._label_sos_project() + return True + + self.log_debug("Failed to create project: %s" % ret['output']) + raise Exception("Failed to create temporary project for collection. " + "\nAborting...") + ++ def _label_sos_project(self): ++ """Add pertinent labels to the temporary project we've created so that ++ our privileged containers can properly run. ++ """ ++ labels = [ ++ "security.openshift.io/scc.podSecurityLabelSync=false", ++ "pod-security.kubernetes.io/enforce=privileged" ++ ] ++ for label in labels: ++ ret = self.exec_primary_cmd( ++ self.fmt_oc_cmd( ++ f"label namespace {self.project} {label} --overwrite" ++ ) ++ ) ++ if not ret['status'] == 0: ++ raise Exception( ++ f"Error applying namespace labels: {ret['output']}" ++ ) ++ + def cleanup(self): + """Remove the project we created to execute within + """ +@@ -231,8 +251,9 @@ def get_nodes(self): + for node_name, node in self.node_dict.items(): + if roles: + for role in roles: +- if role == node['roles']: ++ if role in node['roles']: + nodes.append(node_name) ++ break + else: + nodes.append(node_name) + else: diff --git a/sos.spec b/sos.spec index 0e6ad84..18eaea3 100644 --- a/sos.spec +++ b/sos.spec @@ -5,7 +5,7 @@ Summary: A set of tools to gather troubleshooting information from a system Name: sos Version: 4.4 -Release: 3%{?dist} +Release: 4%{?dist} Group: Applications/System Source0: https://github.com/sosreport/sos/archive/%{version}/sos-%{version}.tar.gz Source1: sos-audit-%{auditversion}.tgz @@ -26,6 +26,7 @@ Obsoletes: sos-collector <= 1.9 Patch1: sos-bz2126089-relax-magic-dep.patch Patch2: sos-bz2125499-yum-legacy-links.patch Patch3: sos-bz2138174-clean-host-before-domain.patch +Patch4: sos-bz2130976-collect-ocp412.patch %description @@ -40,6 +41,7 @@ support technicians and developers. %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 %build %py3_build @@ -107,6 +109,10 @@ of the system. Currently storage and filesystem commands are audited. %changelog +* Thu Nov 03 2022 Pavel Moravec = 4.4-4 +- [ocp] Add newly required labels to temp OCP namespace + Resolves: bz2130976 + * Fri Oct 28 2022 Pavel Moravec = 4.4-3 - [cleaner] Apply compile_regexes after a regular parse line Resolves: bz2138174