Bug 1962884: Bump up etcd to version 3.2.32

[retroflexer]

A couple important security fixes were added to the latest etcd, and hence the need to bump up etcd version in 3.11

Security Fix(es):
etcd: Large slice causes panic in decodeRecord method (CVE-2020-15106)
etcd: DoS in wal/wal.go (CVE-2020-15112)

For more information, see errata: https://access.redhat.com/errata/RHSA-2021:1407

[openshift-ci]

@retroflexer: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

Bump up etcd to version 3 2 32

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@retroflexer: This pull request references Bugzilla bug 1962884, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (3.11.z) matches configured target release for branch (3.11.z)
• bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @geliu2016

In response to this:

Bug 1962884: Bump up etcd to version 3 2 32

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: geliu2016.

Note that only openshift members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

@retroflexer: This pull request references Bugzilla bug 1962884, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (3.11.z) matches configured target release for branch (3.11.z)
• bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @geliu2016

In response to this:

Bug 1962884: Bump up etcd to version 3 2 32

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[retroflexer]

/hold

The image is still not available on linux installations. Cancel the hold when the image becomes available.

[mtnbikenc]

/lgtm

Note: There are issues with the e2e-aws job currently which is effecting merge of all PRs.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mtnbikenc, retroflexer

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [mtnbikenc]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[mtnbikenc]

Waiting for 3.2.32 image to be published here.

[hexfusion]

@retroflexer @mtnbikenc any actions required on our side this still does not appear published. Do we have a general timeline?

[hexfusion]

/test e2e-aws

[retroflexer]

@retroflexer @mtnbikenc any actions required on our side this still does not appear published. Do we have a general timeline?

No. The Red Hat Linux release 7.9.z is slated to be published on June 8, 2021. Once it is published, the catalog should have the new image and then OCP 3.11 can pick it up.

[retroflexer]

/test e2e-aws

Looks like e2e-aws hasn't passed in a while on 3.11. Only one test appears to fail on all PRs:

template pod "e2e-aws" failed: the pod ci-op-jmxf83y6/e2e-aws failed after 16m57s (failed containers: setup): ContainerFailed one or more containers exited

Container setup exited with code 1, reason Error
---
parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
  from cryptography.exceptions import InvalidSignature
ci-op-jmxf83y6-e0b3b-master | CHANGED | rc=0 >>

/usr/lib/python2.7/site-packages/ansible/parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
  from cryptography.exceptions import InvalidSignature
ci-op-jmxf83y6-e0b3b-master | CHANGED => {
    "changed": true, 
    "checksum": "d57f4e5c66eecd7ed904ac150a5ebb6e8fb0c0aa", 
    "dest": "/tmp/auth_url", 
    "md5sum": "f576c29d9e62e3a00118997c5e8d86e4", 
    "remote_checksum": "d57f4e5c66eecd7ed904ac150a5ebb6e8fb0c0aa", 
    "remote_md5sum": null
}
error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving - verify you have provided the correct host and port and that the server is currently running.
error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving - verify you have provided the correct host and port and that the server is currently running.
error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving - verify you have provided the correct host and port and that the server is currently running.
error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving - verify you have provided the correct host and port and that the server is currently running.
error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving - verify you have provided the correct host and port and that the server is currently running.
error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving - verify you have provided the correct host and port and that the server is currently running.
cp: cannot stat '/tmp/.kube/config': No such file or directory

[mtnbikenc]

I've been working on fixing the e2e-aws job as I've had time. We use xip.io in CI and it appears that service is no longer responding. Investigating alternatives.

error: dial tcp: lookup 3.235.95.123.xip.io on 172.30.0.10:53: server misbehaving

[mtnbikenc]

This fixed the resolution issue, trying to get this other PR reviewed.
301754c

[mtnbikenc]

/retest

[mtnbikenc]

Waiting for 3.2.32 image to be published here.

etcd 3.2.32 image is published.
/hold cancel

[openshift-ci]

@retroflexer: All pull requests linked via external trackers have merged:

• openshift/openshift-ansible#12329

Bugzilla bug 1962884 has been moved to the MODIFIED state.

In response to this:

Bug 1962884: Bump up etcd to version 3.2.32

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.