DO NOT MERGE: Testing https://github.com/containers/image/pull/2321

[mtrmac]

Do not merge this

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mtrmac

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [mtrmac]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[mtrmac]

@Luap99 @edsantiago Here I see tests failing on

[FAIL] Podman run [It] podman run and decrypt from local registry
/var/tmp/go/src/github.com/containers/podman/test/e2e/run_test.go:2187
[FAIL] Podman pull podman pull and decrypt [It] From oci
/var/tmp/go/src/github.com/containers/podman/test/e2e/pull_test.go:618

where an image is pushed encrypted, removed locally, and then we test that a pull without an encryption key fails.

It is the kind of thing that might well be broken by the work I am testing, but I don’t see this failing when testing locally, and I can’t currently see a code path that could cause an unexpected reuse.

Is it possible that this is newly being triggered by a race in tests? I’m afraid I’m only vaguely aware of the test changes in Podman.

[mtrmac]

Is it possible that this is newly being triggered by a race in tests?

Trying now with more unique image names, which might explain this.

[edsantiago]

Like you, I'm unable to reproduce locally. Even with CI_USE_REGISTRY_CACHE=1 (which was a long shot anyway).

For reference, this is the (correct) output from a recent run on another PR:

           Trying to pull localhost:5006/my-alpine:latest...
           Getting image source signatures
           Copying blob sha256:da4dd051a6bdde5e43f55eafc0cd715657f54b80f88af6742a53971eb71e4a39
           Error: writing blob: adding layer with blob "sha256:da4dd051a6bdde5e43f55eafc0cd715657f54b80f88af6742a53971eb71e4a39": unpacking failed (error: exit status 1; output: archive/tar: invalid tar header)
           exhausting input failed (error: archive/tar: invalid tar header)

(that is also what I see on my f40 laptop).

And this is what we see in CI for this PR:

           Trying to pull localhost:5006/my-alpine-podman-run-and-decrypt:latest...
           Getting image source signatures
           Copying blob sha256:937f71f790005574ab9b667290dbfe40df78b0b200fa42631e755f212ddd73be
           Copying config sha256:4819930274ea2bd6ab611972f9928e07b84edcbfe1d2462fb2941957308dfae2
           Writing manifest to image destination

           [FAILED] Failure recorded during attempt 1:
           Command exited with status 0 (expected 125)

I'm confused too.

[mtrmac]

I’m sorry, this is actually directly related to the c/image changes I’m testing. It does not reproduce in isolation, the failure happens because the BlobInfoCache has a record of a previous, unrelated, push of the same image.

[edsantiago]

Thank you for the followup!

[mtrmac]

I have split the Podman-side test fixes into #23379; this now tests the combination of #23379 with the c/image PR.

[mtrmac]

containers/image#2321 was merged.