chore(deps): update dependency containers/automation_images to v20240513

[renovate]

This PR contains the following updates:

Package	Update	Change
containers/automation_images	major	20240506t132946z-f40f39d13 -> 20240513t140131z-f40f39d13

---

Release Notes

containers/automation_images (containers/automation_images)

v20240513t140131z-f40f39d13

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[Luap99]

All udp and sctp port forwarding tests are failing but tcp works? That seems like a weird problem. Given we test it with iptables, nftables and firewalld and they all are borken it seems unlikely that this is a issue with the firewall rules.

[edsantiago]

Package diffs:

• 20240320t153921z-f39f38d13
• 20240102t155643z-f39f38d13 ⇑

	debian	prior-fedora	fedora	fedora-aws	rawhide
base	13	38-1.6	39-1.5	?	41-0
					40-0 ⇑
kernel	6.7.9-2	6.7.9-100	6.7.10-200	6.7.9-200	6.9.0-0.rc0.20240318gitf6cef5f8c37f.10
aardvark-dns	1.4.0-5	1.10.0-1	1.10.0-1	1.10.0-1	1.10.0-1
			1.9.0-1 ⇑	1.9.0-1 ⇑	1.9.0-1 ⇑
netavark	1.4.0-4	1.10.3-1	1.10.3-1	1.10.3-1	1.10.3-2
			1.9.0-1 ⇑	1.9.0-1 ⇑	1.9.0-1 ⇑
buildah	1.33.5+ds1-4	1.34.0-1	1.35.1-1	1.35.0-1	1.35.0-1
	1.32.2+ds1-1 ⇑	1.33.2-1 ⇑	1.33.2-1 ⇑	1.33.2-1 ⇑	1.33.2-1 ⇑
conmon	2.1.10+ds1-1+b1	2.1.10-1	2.1.10-1	2.1.10-1	2.1.10-1
	2.1.6+ds1-1 ⇑	2.1.8-2 ⇑	2.1.8-2 ⇑	2.1.8-2 ⇑	2.1.8-2 ⇑
container-selinux	?	2.228.1-1	2.230.0-1	2.230.0-1	2.230.0-1
		2.226.0-1 ⇑	2.226.0-1 ⇑	2.226.0-1 ⇑	2.226.0-1 ⇑
containers-common	?	1-89	1-99	1-99	0.58.0-1
			1-95 ⇑	1-95 ⇑	1-101 ⇑
criu	3.17.1-3	3.18-1	3.19-2	3.19-2	3.19-4
					3.19-2 ⇑
crun	1.14.4-1	1.14.4-1	1.14.4-1	1.14.4-1	1.14.4-1
	1.12-1 ⇑	1.12-1 ⇑	1.12-1 ⇑	1.12-1 ⇑	1.12-1 ⇑
golang	2:1.22~3	1.21.8-1	1.21.8-1	1.21.8-1	1.22.1-1
	2:1.21~2 ⇑	1.20.12-1 ⇑	1.21.5-1 ⇑	1.21.5-1 ⇑	1.21.5-1 ⇑
gvisor-tap-vsock	?	0.7.3-1	0.7.3-1	0.7.3-1	0.7.3-2
		0.7.1-1 ⇑	0.7.1-1 ⇑	0.7.1-1 ⇑	0.7.1-1 ⇑
passt	2024-02-20	2024-03-20	2024-03-20	2024-03-20	2024-03-20
	2023-12-04 ⇑	2023-12-04 ⇑		2023-12-04 ⇑	2023-12-04 ⇑
podman	4.9.3+ds1-1	4.9.3-2	4.9.3-1	4.9.3-1	5.0.0~rc6-2
	4.7.2+ds1-2 ⇑	4.7.2-1 ⇑	4.8.2-1 ⇑	4.8.1-1 ⇑	4.8.1-1 ⇑
runc	1.1.12+ds1-2	1.1.12-1	1.1.12-1	1.1.12-1	1.1.12-3
	1.1.10+ds1-1 ⇑	1.1.8-1 ⇑	1.1.8-1 ⇑	1.1.8-1 ⇑	1.1.9-1 ⇑
skopeo	1.13.3+ds1-2	1.14.2-1	1.15.0-1	1.14.2-1	1.14.2-2
		1.14.0-1 ⇑	1.14.0-1 ⇑	1.14.0-1 ⇑	1.14.0-1 ⇑
slirp4netns	1.2.1-1+b1	1.2.2-1	1.2.2-1	1.2.2-1	1.2.2-2
	1.2.1-1 ⇑				1.2.2-1 ⇑
systemd	255.4-1+b1	253.15-2	254.10-1	254.10-1	255.4-1
	255.2-3 ⇑				255.1-1 ⇑
tar	1.34+dfsg-1.2+deb12u1	1.34-8	1.35-2	1.35-2	1.35-3
	1.35+dfsg-2 ⇑				1.35-2 ⇑

[Luap99]

@edsantiago mind checking the nmap-ncat version?

[edsantiago]

	debian	prior-fedora	fedora	fedora-aws	rawhide
nmap-ncat	?	7.93-2	7.94-1	7.94-1	7.94-1
			7.93-3 ⇑	7.93-3 ⇑	7.93-4 ⇑

[Luap99]

Ok perfect, I confirmed locally the ncat update is breaking the tests

[Luap99]

Reproducer
terminal 1 (listener)

nc -4 -u -l  -p 5000 </dev/null

terminal 2 (client)

echo test | nc -4 -u 127.0.0.1 5000

The import bit here is </dev/null, without it it prints the output on the listener side correctly. No idea why stdin influences the behaviour of nc here???

[edsantiago]

strace looks very similar with and without redirection, except for the very end:

--- </dev/null
+++ without redirection
- pselect6(4, [0 3], [], NULL, NULL, NULL) = 2 (in [0 3])
+ pselect6(4, [0 3], [], NULL, NULL, NULL) = 1 (in [3])

- read(0, "", 8192)                       = 0
+ recvfrom(3, "test\n", 8192, 0, NULL, NULL) = 5
+ write(1, "test\n", 5)                   = 5

Why the read(0)?? Next step, fetch and look at git repo.

[Luap99]

Yeah no idea, I don't really have time time to dig into it much but I skimmed the upstream bug reports quickly and think nmap/nmap#2685 could describe our issue.
The alternative for us is to switch our test to send no data and just use the client with -z and really on the exit code only.

[edsantiago]

Nice find. That seems to render nc pretty useless under udp.

Another alternative seems to be yes | nc -4 -u -l -p 5000 --recv-only but that may have other gotchas.

[cevich]

Curious why Renovate is including bumps to Cargo.toml in a CI VM image update PR. That seems to be the reason it keeps force-pushing "new" updates. Maybe there's a rust setting that needs to be turned off for these?

[cevich]

Oh! Nevermind, it's not, and I see this repo is set for:

"rebaseWhen": "behind-base-branch"

That's likely why all the pushes.

[packit-as-a-service]

Ephemeral COPR build failed. @containers/packit-build please check.

[Luap99]

Huh, kinda weird that renovate reopens a old closed PR to propose the next update.
Anyhow
/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Luap99, renovate[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [Luap99]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment