Update container base images to rhel-els 9.6#619
Conversation
AI-attribution: AIA,Entirely human-created,v1.0 For more information on AI attribution statements, see: https://aiattribution.github.io/
AI-attribution: AIA,Entirely human-created,v1.0 For more information on AI attribution statements, see: https://aiattribution.github.io/
WalkthroughRHEL base images in .konflux/Dockerfile were updated from 9.4 to 9.6. The build and runtime rpm lockfiles were migrated to RHEL 9.6 repositories for aarch64 and x86_64, updating package URLs, versions (evr), checksums, sizes, and sourcerpm metadata. No build logic or exported/public APIs changed. Changes
Sequence Diagram(s)Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested labels
Suggested reviewers
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.konflux/Dockerfile(2 hunks).konflux/lock-build/rpms.lock.yaml(1 hunks).konflux/lock-runtime/rpms.lock.yaml(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
- GitHub Check: Red Hat Konflux / recert-4-21-on-pull-request
- GitHub Check: build
| - url: https://cdn.redhat.com/content/dist/rhel9/9.6/x86_64/appstream/os/Packages/g/glibc-devel-2.34-168.el9_6.23.x86_64.rpm | ||
| repoid: rhel-9-for-x86_64-appstream-rpms | ||
| size: 34295 | ||
| checksum: sha256:0fa11752abf8ee80658e10017c62f7c0301bcae4008e4716fe6f114a7b9e3977 | ||
| name: glibc-devel | ||
| evr: 2.34-168.el9_6.23 | ||
| sourcerpm: glibc-2.34-168.el9_6.23.src.rpm | ||
| - url: https://cdn.redhat.com/content/dist/rhel9/9.6/x86_64/appstream/os/Packages/g/glibc-headers-2.34-168.el9_6.23.x86_64.rpm |
There was a problem hiding this comment.
Investigate incorrect rpm size metadata.
Line 209 records glibc-devel-2.34-168.el9_6.23.x86_64 with a size of only 34295, but the adjacent aarch64 build is ~563 020 bytes and the x86_64 rpm from the 9.6 repositories is likewise ~500–600 KB. This looks like a truncated value from the lockfile regeneration. Konflux uses these fields for integrity checks, so leaving this mismatch will likely break the locked build when the rpm is fetched. Please rerun the lockfile tooling (or manually correct the size/checksum tuple) before merging.
🤖 Prompt for AI Agents
.konflux/lock-build/rpms.lock.yaml around lines 207 to 214: the recorded size
for glibc-devel-2.34-168.el9_6.23.x86_64 (34295) is incorrect and will fail
integrity checks; rerun the konflux lockfile generation tool against the RHEL
9.6 x86_64 AppStream repo (or fetch the specific RPM directly) and update the
size and checksum fields to the actual values for that RPM, ensuring the url,
repoid, name and evr remain correct; after updating, re-run any local
verification (e.g., checksum verify or a test fetch) to confirm the tuple is
correct before committing.
|
/cc @rauhersu |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: fontivan, rauhersu The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-merge-bot
bot
merged commit c0ccecf
into
rh-ecosystem-edge:main
|
/cherry-pick release-4.20 |
|
@rauhersu: only rh-ecosystem-edge org members may request cherry picks. If you are already part of the org, make sure to change your membership to public. Otherwise you can still do the cherry-pick manually. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherry-pick release-4.20 |
|
@fontivan: #619 failed to apply on top of branch "release-4.20": DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
Backported via #620 instead of cherry pick |
|
/cherry-pick release-4.19 |
|
@fontivan: #619 failed to apply on top of branch "release-4.19": DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
3 participants
Summary by CodeRabbit