Fix rsyslog permission error in github ubuntu tests from apparmor

[AlanCoding]

SUMMARY

We see an issue in the container logs, and this test is meant to make it a failure. Something about the image build and the ubuntu runners, probably.

ISSUE TYPE

• Bug, Docs Fix or other nominal change

COMPONENT NAME

• API

[AlanCoding]

I added a step that runs sudo dmesg as suggested in #14259 and this confirmed we get repeated messages:

[  317.988954] audit: type=1400 audit(1734577552.024:221): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/var/lib/awx/rsyslog/rsyslog.conf" pid=8074 comm="rsyslogd" requested_mask="r" denied_mask="r" fsuid=1001 ouid=1001
[  317.997785] audit: type=1400 audit(1734577552.033:222): apparmor="DENIED" operation="open" class="file" profile="rsyslogd" name="/var/lib/awx/rsyslog/rsyslog.conf" pid=8075 comm="rsyslogd" requested_mask="r" denied_mask="r" fsuid=1001 ouid=1001

So that suggests that their solution will also work.

[AlanCoding]

Here we go!

• Download size of docker-compose-logs.zip 187 kB
• Download size before this patch 1,139 kB

Extracted sizes are 1.9 MB vs 39.5 MB, even more dramatic. Now the logs look like this:

[pid: 550|app: 0|req: 1/1] 172.18.0.1 () {36 vars in 378 bytes} [Thu Dec 19 03:25:23 2024] GET /api/v2/ping/ => generated 440 bytes in 26 msecs (HTTP/1.1 200) 13 headers in 399 bytes (1 switches on core 0)
�[36;1m2024-12-19 03:25:38,133 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 controller node chosen {"type": "projectupdate", "task_id": 1, "state": "controller_node_chosen", "work_unit_id": null, "task_name": "project-with-requirements", "controller_node": "awx-1"}�[0m
�[36;1m2024-12-19 03:25:38,133 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 execution node chosen {"type": "projectupdate", "task_id": 1, "state": "execution_node_chosen", "work_unit_id": null, "task_name": "project-with-requirements", "execution_node": "awx-1"}�[0m
�[36;1m2024-12-19 03:25:38,144 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 waiting {"type": "projectupdate", "task_id": 1, "state": "waiting", "work_unit_id": null, "task_name": "project-with-requirements"}�[0m
�[36;1m2024-12-19 03:25:38,216 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 pre run {"type": "projectupdate", "task_id": 1, "state": "pre_run", "work_unit_id": null, "task_name": "project-with-requirements"}�[0m
�[36;1m2024-12-19 03:25:38,230 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 preparing playbook {"type": "projectupdate", "task_id": 1, "state": "preparing_playbook", "work_unit_id": null, "task_name": "project-with-requirements"}�[0m
�[36;1m2024-12-19 03:25:38,247 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 running playbook {"type": "projectupdate", "task_id": 1, "state": "running_playbook", "work_unit_id": null, "task_name": "project-with-requirements"}�[0m
�[36;1m2024-12-19 03:25:38,254 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 work unit id received {"type": "projectupdate", "task_id": 1, "state": "work_unit_id_received", "work_unit_id": "awx1KwLhRjC5", "task_name": "project-with-requirements"}�[0m
�[36;1m2024-12-19 03:25:38,264 INFO     [-] awx.analytics.job_lifecycle projectupdate-1 work unit id assigned {"type": "projectupdate", "task_id": 1, "state": "work_unit_id_assigned", "work_unit_id": "awx1KwLhRjC5", "task_name": "project-with-requirements"}�[0m
WARNING 2024/12/19 03:26:12 Could not read in control service: read unix /var/run/awx-receptor/receptor.sock->@: use of closed network connection
WARNING 2024/12/19 03:26:12 Could not close connection: close unix /var/run/awx-receptor/receptor.sock->@: use of closed network connection
�[1m2024-12-19 03:26:12,104 INFO     [-] awx.main.commands.run_callback_receiver Starting EOF event processing for Job 1�[0m

This is so must more relevant, and is very task-oriented.

Next thing to do might be to remove ansi codes with the -t option, but seems to be fairly hard to get that in there.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud