Skip to content

Audit and Resolution of Pipeline Failures Across LitmusChaos Repositories #4605

New issue
New issue
Closed
Closed
Audit and Resolution of Pipeline Failures Across LitmusChaos Repositories#4605
litmuschaos/test-tools
#495
 (+2)
Labels
bug
@uditgaurav

Description

@uditgaurav
uditgaurav
opened on Apr 25, 2024

Issue Description

We are currently facing multiple issues across different LitmusChaos repositories which are causing pipeline failures. This issue aims to consolidate all known problems and potential improvements into a single audit report to streamline resolution efforts.

Affected Repositories and Identified Issues

  • chaos-operator
  • chaos-exporter
  • chaos-runner
  • litmus-go
  • test-tools
  • chaos-charts
  • litmus
  • litmus-docs
  • litmusctl
  • litmus-helm
  • litmus-e2e

Common Across All Repos:

  • BetterCodeHub Tool Retirement:
    • The BetterCodeHub tool is retired, and we need to migrate to an alternative, such as Sigrid, for maintaining our code quality checks.

Specific Repository Issues

  1. Chaos-Operator:

    • Snyk Integration:
      • The Snyk check is currently non-functional and redundant as we are using Trivy along with Dependabot.
    • E2E Pipeline:
      • The E2E pipeline is failing due to issues with the kind cluster. Once the kind cluster issue is resolved, additional problems may arise that will require further attention.

  2. Chaos-Exporter:

    • Snyk Integration:
      • Similar to chaos-operator, the Snyk check is unnecessary.
    • Security Scan - Trivy:
      • Trivy scan failing due to incorrect Dockerfile path.
    • Build Pipeline:
      • Failing due to a vulnerability in the 'net' package.
      • Security scans are incorrectly passing despite existing vulnerabilities.

  3. Chaos-Runner:

    • Build Pipeline:
      • Failing due to a vulnerability in the 'net' package.

  4. Litmus-Go:

    • Build and E2E Pipelines:
      • Build pipeline failing due to Trivy issues.
      • E2E pipeline tests failed.
    • Snyk Integration:
      • Redundant Snyk checks as Trivy and Dependabot are already in use.
    • Security Scan - Trivy:
      • Failing due to incorrect Dockerfile path.

  5. Chaos-Charts:

    • Workflow Optimization:
      • The dispatch workflow for releases seems redundant and can be removed.

  6. Litmus:

    • E2E Pipeline:
      • The E2E check is not functioning properly.

  7. Litmusctl:

    • License Compliance - FOSSA:
      • The FOSSA license check is failing due to an issue with a GPL license.

  8. Litmus-Helm:

    • E2E Redundancy:
      • E2E tests for chaoscenter & core seem redundant and can be removed.

  9. Litmus-e2e:

    • Repository Maintenance:
      • Work is required to re-enable this repository.

Proposed Actions

  • Fix identified vulnerabilities and incorrect configurations.
  • Decommission redundant checks and workflows.
  • Transition from retired tools to suitable alternatives.

Request

  • A collaborative effort from all development and operations teams is required to address these issues promptly.
  • Individual repository maintainers are requested to provide updates on the status of their respective fixes.

Conclusion

This issue serves as a centralised point for tracking and resolving all pipeline-related issues across the LitmusChaos repositories to enhance our operational efficiency and maintain the integrity of our pipelines.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions