Skip to content

Cirrus: Temp. workaround VFS incompatible option #3239

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
cevich wants to merge 1 commit into from
Closed

Cirrus: Temp. workaround VFS incompatible option #3239

cevich wants to merge 1 commit into from

Conversation

@cevich
Copy link
Member

@cevich cevich commented May 30, 2019

There are many integration tests using the VFS storage driver. A
recent update to the containers-common package in Fedora added a new
mount option metacopy=on as it enhances security. However, this option
is not compatible with the VFS storage driver, causing those tests to
fail.

Until a better solution is realized, workaround this problem by forcing
"nodev" as the only mount option on all platforms. Also add a visible
note to the output flagging the change.

Signed-off-by: Chris Evich cevich@redhat.com

@openshift-ci-robot
Copy link
Collaborator

openshift-ci-robot commented May 30, 2019

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: cevich
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: giuseppe

If they are not already assigned, you can assign the PR to them by writing /assign @giuseppe in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cevich
Copy link
Member Author

cevich commented May 30, 2019

@mheon @edsantiago PTAL

@cevich cevich mentioned this pull request May 30, 2019
Merged
edsantiago
edsantiago suggested changes May 30, 2019
View reviewed changes
@cevich cevich mentioned this pull request May 30, 2019
Merged
@rhatdan
Copy link
Member

rhatdan commented May 31, 2019

This is covering up a real bug.
#3240
Should fix the bug.

@cevich
Copy link
Member Author

cevich commented May 31, 2019

@rhatdan I chatted with @mheon and @edsantiago about this yesterday morning. I believe Matt opened a containers/storage issue covering a good idea that Ed had:

[Thursday, May 30, 2019] [2:00:41 PM EDT] so, this is probably stupid, but there's a [storage.options.thinpool] section, why can't there be [storage.options.vfs] and [storage.options.overlay] ?

Though your idea in #3240 could be a compromise. My intention here is only a temporary fix, to be reverted later. This problem is blocking us from moving up to testing with Fedora 30. We also risk mass-breakage in F29 should they pick up the latest containers-common package.

I'll leave it up to y'all to work out, no worries if we just close this PR in favor of another fix.

@cevich
Copy link
Member Author

cevich commented May 31, 2019

/hold

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 31, 2019
@cevich
Copy link
Member Author

cevich commented May 31, 2019

Ugg, more workarounds needed for podman-in-podman as well. I'll attempt that, and --force push on the off-chance we actually need this PR.

@cevich
Cirrus: Temp. workaround VFS incompatible option
bfa8a46 
There are many integration tests using the VFS storage driver.  A
recent update to the containers-common package in Fedora added a new
mount option `metacopy=on` as it enhances security.  However, this option
is not compatible with the VFS storage driver, causing those tests to
fail.

Until a better solution is realized, workaround this problem by forcing
"nodev" as the only mount option on all platforms.  Also add a visible
note to the output flagging the change.

Signed-off-by: Chris Evich <cevich@redhat.com>
@cevich cevich closed this Jun 3, 2019
@cevich cevich deleted the hack_mountopt branch June 30, 2021 18:03
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@giuseppe giuseppe Awaiting requested review from giuseppe

@TomSweeneyRedHat TomSweeneyRedHat Awaiting requested review from TomSweeneyRedHat

1 more reviewer

@edsantiago edsantiago edsantiago requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cevich @openshift-ci-robot @rhatdan @edsantiago