Katello-nightly-rpm-pipeline 2105 failed

Katello nightly pipeline failed:

https://ci.theforeman.org/job/katello-nightly-rpm-pipeline/2105/

foreman-pipeline-katello-rpm-nightly (failed) (remote job)

Looks like something is failing in updating the trust store. Because it’s only CentOS Stream 9 I suspect it’s an update in stream that’s actually a regression.

[2024-08-20T10:00:48.986Z]     Error 1: Puppet Exec resource 'update_system_certs' failed. Logs:
[2024-08-20T10:00:48.986Z]       /Stage[main]/Trusted_ca/Exec[update_system_certs]
[2024-08-20T10:00:48.986Z]         Starting to evaluate the resource (682 of 1348)
[2024-08-20T10:00:48.986Z]         'update-ca-trust enable && update-ca-trust' won't be executed because of failed check 'refreshonly'
[2024-08-20T10:00:48.986Z]         Failed to call refresh: 'update-ca-trust enable && update-ca-trust' returned 1 instead of one of [0]
[2024-08-20T10:00:48.986Z]         'update-ca-trust enable && update-ca-trust' returned 1 instead of one of [0]
[2024-08-20T10:00:48.986Z]         Evaluated in 0.02 seconds
[2024-08-20T10:00:48.986Z]       Exec[update_system_certs](provider=posix)
[2024-08-20T10:00:48.986Z]         Executing 'update-ca-trust enable && update-ca-trust'
[2024-08-20T10:00:48.986Z]       /Stage[main]/Trusted_ca/Exec[update_system_certs]/returns
[2024-08-20T10:00:48.986Z]         Error: Unknown command: enable
[2024-08-20T10:00:48.986Z]             Usage: /usr/bin/update-ca-trust [extract] [-o DIR|--output=DIR]
[2024-08-20T10:00:48.986Z]             Update the system trust store in /etc/pki/ca-trust/extracted.
[2024-08-20T10:00:48.986Z]             COMMANDS
[2024-08-20T10:00:48.987Z]         (absent/empty command): Same as the extract command described below.
[2024-08-20T10:00:48.987Z]             extract: Instruct update-ca-trust to scan the source configuration in
[2024-08-20T10:00:48.987Z]         /usr/share/pki/ca-trust-source and /etc/pki/ca-trust/source and produce
[2024-08-20T10:00:48.987Z]         updated versions of the consolidated configuration files stored below
[2024-08-20T10:00:48.987Z]         the /etc/pki/ca-trust/extracted directory hierarchy.
[2024-08-20T10:00:48.987Z]             EXTRACT OPTIONS
[2024-08-20T10:00:48.987Z]         -o DIR, --output=DIR: Write the extracted trust store into the given
[2024-08-20T10:00:48.987Z]         directory instead of updating /etc/pki/ca-trust/extracted.

I think this will fix it, but hasn’t made it to the mirrors yet:

Still, looks like enable is deprecated in favor of extract so we should update the module.

This seems related to https://issues.redhat.com/browse/SAT-26868 which was discovered during RHEL10 Anaconda testing.

Oh, that means it will also be an issue with the next RHEL 9 minor version.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.