From 2baebd82054e488f1f112239c6b1ff33c9e1102b Mon Sep 17 00:00:00 2001 From: David Caravello <119438707+dcaravel@users.noreply.github.com> Date: Wed, 10 Sep 2025 09:47:06 -0500 Subject: [PATCH 1/3] Bump Scanner deploy wait timeouts and fix testcase (#2149) --- .openshift-ci/pre_tests.py | 2 +- e2etests/testcase_test.go | 2 +- scripts/ci/deploy.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.openshift-ci/pre_tests.py b/.openshift-ci/pre_tests.py index 3039fd27f..355003c35 100644 --- a/.openshift-ci/pre_tests.py +++ b/.openshift-ci/pre_tests.py @@ -12,7 +12,7 @@ class Deployer: Deployer - Deploys Scanner and ScannerDB resources and port-forwards the necessary endpoints. """ - DEPLOY_TIMEOUT = 10 * 60 + DEPLOY_TIMEOUT = 20 * 60 def __init__(self, slim=False): self.slim = slim diff --git a/e2etests/testcase_test.go b/e2etests/testcase_test.go index 68aa264be..0c7d4deac 100644 --- a/e2etests/testcase_test.go +++ b/e2etests/testcase_test.go @@ -4028,7 +4028,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda Name: "tomcat", VersionFormat: component.JavaSourceType.String(), Version: "9.0.59", - FixedBy: "9.0.107", + FixedBy: "9.0.108", Location: "tomcat-embed-core-9.0.59.jar", Vulnerabilities: []apiV1.Vulnerability{ { diff --git a/scripts/ci/deploy.sh b/scripts/ci/deploy.sh index e527d0599..a4e360068 100755 --- a/scripts/ci/deploy.sh +++ b/scripts/ci/deploy.sh @@ -32,7 +32,7 @@ _wait_for_scanner() { kubectl -n stackrox get pod POD="$(kubectl -n stackrox get pod -o jsonpath='{.items[?(@.metadata.labels.app=="scanner")].metadata.name}')" [[ -n "${POD}" ]] - kubectl -n stackrox wait "--for=condition=Ready" "pod/${POD}" --timeout=10m + kubectl -n stackrox wait "--for=condition=Ready" "pod/${POD}" --timeout=20m kubectl -n stackrox get pod } From 4049598cc4e5f9f975a56a61a38f4a8105b045df Mon Sep 17 00:00:00 2001 From: Brad Lugo Date: Wed, 27 Aug 2025 12:49:45 -0700 Subject: [PATCH 2/3] fix(ci): add specific psql version to fix s390x (#2092) --- image/db/rhel/scripts/download.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/image/db/rhel/scripts/download.sh b/image/db/rhel/scripts/download.sh index e3de25475..065310e08 100755 --- a/image/db/rhel/scripts/download.sh +++ b/image/db/rhel/scripts/download.sh @@ -15,8 +15,11 @@ output_dir="/rpms" mkdir $output_dir if [[ "$arch" == "s390x" ]]; then + # TODO(ROX-30647): Builds are failing due to UBI9:latest not containing the + # necessary version of openssl-libs to build postgresql-contrib. + pg_build_version="0:16.8-1.module_el9+1209+bd6e4013.s390x" dnf module enable -y postgresql:16 - dnf install -y --downloadonly --downloaddir=/tmp postgresql postgresql-private-libs postgresql-server postgresql-contrib + dnf install -y --downloadonly --downloaddir=/tmp "postgresql-${pg_build_version}" "postgresql-private-libs-${pg_build_version}" "postgresql-server-${pg_build_version}" "postgresql-contrib-${pg_build_version}" mv /tmp/postgresql-contrib-*.rpm "${output_dir}/postgres-contrib.rpm" mv /tmp/postgresql-server-*.rpm "${output_dir}/postgres-server.rpm" mv /tmp/postgresql-private-libs-*.rpm "${output_dir}/postgres-libs.rpm" From 60ec275ef60761292ff2301dffca8035d5c32d8a Mon Sep 17 00:00:00 2001 From: David Caravello <119438707+dcaravel@users.noreply.github.com> Date: Wed, 10 Sep 2025 13:05:36 -0500 Subject: [PATCH 3/3] Bump deploy timeouts even more 20m was not enough for this version of scanner (worked OK for newer versions) --- .openshift-ci/pre_tests.py | 2 +- scripts/ci/deploy.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.openshift-ci/pre_tests.py b/.openshift-ci/pre_tests.py index 355003c35..4081b5cf1 100644 --- a/.openshift-ci/pre_tests.py +++ b/.openshift-ci/pre_tests.py @@ -12,7 +12,7 @@ class Deployer: Deployer - Deploys Scanner and ScannerDB resources and port-forwards the necessary endpoints. """ - DEPLOY_TIMEOUT = 20 * 60 + DEPLOY_TIMEOUT = 30 * 60 def __init__(self, slim=False): self.slim = slim diff --git a/scripts/ci/deploy.sh b/scripts/ci/deploy.sh index a4e360068..4ab028ddd 100755 --- a/scripts/ci/deploy.sh +++ b/scripts/ci/deploy.sh @@ -32,7 +32,7 @@ _wait_for_scanner() { kubectl -n stackrox get pod POD="$(kubectl -n stackrox get pod -o jsonpath='{.items[?(@.metadata.labels.app=="scanner")].metadata.name}')" [[ -n "${POD}" ]] - kubectl -n stackrox wait "--for=condition=Ready" "pod/${POD}" --timeout=20m + kubectl -n stackrox wait "--for=condition=Ready" "pod/${POD}" --timeout=30m kubectl -n stackrox get pod }