path: root/apex/builders/
diff options
authorTim Rozet <>2018-12-15 13:41:31 -0500
committerTim Rozet <>2018-12-19 11:16:53 -0500
commite1d286e89e04577bda2569a5909dfe8182d953ba (patch)
tree147a69fc7fd5b448e3a469c06a05f639cf05d2ca /apex/builders/
parent32b3b5dd6290ae5c33edee2860a3edd9f3044d43 (diff)
Attempting to fix NFS issues
Issues still persist where sometimes instances fail to start due to a failure with os.utime to read the file path. This could be some bad race condition between qemu/nova while copying images on the NFS. This patch adds more ports to open in firewall, and changes initial directory owner to nfsnobody. Also, includes a patch to fix an apparent race condition when nova sends a remote call to the privsep helper daemon to modify the time of the base file owned by qemu: Includes another fix for patching container images where the docker image was not being detected correctly because the full gerrit project name including 'openstack/' prefix was being used to search tripleo docker images. Additionally, there were more bugs around patching openstack python containers where the patch was not being applied correctly. JIRA: APEX-654 Change-Id: I1d011035486298d5906038922e69d478c383c3f7 Signed-off-by: Tim Rozet <>
Diffstat (limited to 'apex/builders/')
1 files changed, 35 insertions, 8 deletions
diff --git a/apex/builders/ b/apex/builders/
index 7627ae3..59af94c 100644
--- a/apex/builders/
+++ b/apex/builders/
@@ -62,12 +62,13 @@ def project_to_path(project, patch=None):
def project_to_docker_image(project, docker_url):
Translates OpenStack project to OOO services that are containerized
- :param project: name of OpenStack project
+ :param project: short name of OpenStack project
:return: List of OOO docker service names
# Fetch all docker containers in docker hub with tripleo and filter
# based on project
+"Checking for docker images matching project: {}".format(
+ project))
hub_output = utils.open_webpage(
'?page_size=1024'), timeout=10)
@@ -85,6 +86,8 @@ def project_to_docker_image(project, docker_url):
for result in results:
if result['name'].startswith("centos-binary-{}".format(project)):
# add as docker image shortname (just service name)
+ logging.debug("Adding docker image {} for project {} for "
+ "patching".format(result['name'], project))
docker_images.append(result['name'].replace('centos-binary-', ''))
return docker_images
@@ -184,8 +187,16 @@ def add_upstream_patches(patches, image, tmp_dir,
if docker_tag and 'python' in project_path:
# Projects map to multiple THT services, need to check which
# are supported
- ooo_docker_services = project_to_docker_image(patch['project'],
+ project_short_name = os.path.basename(patch['project'])
+ ooo_docker_services = project_to_docker_image(project_short_name,
+ if not ooo_docker_services:
+ logging.error("Did not find any matching docker containers "
+ "for project: {}".format(project_short_name))
+ raise exc.ApexCommonBuilderException(
+ 'Unable to find docker services for python project in '
+ 'patch')
+ # Just use the first image to see if patch was promoted into it
docker_img = ooo_docker_services[0]
ooo_docker_services = []
@@ -200,24 +211,38 @@ def add_upstream_patches(patches, image, tmp_dir,
if patch_diff and not patch_promoted:
patch_file = "{}.patch".format(patch['change-id'])
+ patch_file_paths = []
# If we found services, then we treat the patch like it applies to
# docker only
if ooo_docker_services:
os_version = default_branch.replace('stable/', '')
for service in ooo_docker_services:
docker_services = docker_services.union({service})
+ # We need to go root to be able to install patch and then
+ # switch back to previous user. Some containers that
+ # have the same name as the project do not necessarily
+ # contain the project code. For example
+ # novajoin-notifier does not contain nova package code.
+ # Therefore we must try to patch and unfortunately
+ # ignore failures until we have a better way of checking
+ # this
docker_cmds = [
"WORKDIR {}".format(project_path),
+ "USER root",
+ "RUN yum -y install patch",
"ADD {} {}".format(patch_file, project_path),
- "RUN patch -p1 < {}".format(patch_file)
+ "RUN patch -p1 < {} || echo "
+ "'Patching failed'".format(patch_file),
src_img_uri = "{}:8787/tripleo{}/centos-binary-{}:" \
"{}".format(uc_ip, os_version, service,
oc_builder.build_dockerfile(service, tmp_dir, docker_cmds,
- patch_file_path = os.path.join(tmp_dir, 'containers',
- patch_file)
+ patch_file_paths.append(os.path.join(
+ tmp_dir, "containers/{}".format(service), patch_file))
patch_file_path = os.path.join(tmp_dir, patch_file)
@@ -227,8 +252,10 @@ def add_upstream_patches(patches, image, tmp_dir,
project_path, patch_file)}])"Adding patch {} to {}".format(patch_file,
- with open(patch_file_path, 'w') as fh:
- fh.write(patch_diff)
+ patch_file_paths.append(patch_file_path)
+ for patch_fp in patch_file_paths:
+ with open(patch_fp, 'w') as fh:
+ fh.write(patch_diff)
else:"Ignoring patch:\n{}".format(patch))
if len(virt_ops) > 1: