Skip to content

fix: update container images to use quay.io for consistency and security #2069

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kaovilai wants to merge 1 commit into
base: oadp-dev
Choose a base branch
from
Open

fix: update container images to use quay.io for consistency and security #2069

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion tests/e2e/sample-applications/minimal-8csivol/minimal-3csivol.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ spec:
limits:
cpu: 100m
memory: 100Mi
image: alpine
image: quay.io/migtools/alpine:latest
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
Expand Down
2 changes: 1 addition & 1 deletion tests/e2e/sample-applications/minimal-8csivol/minimal-8csivol.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ spec:
limits:
cpu: 100m
memory: 100Mi
image: alpine
image: quay.io/migtools/alpine:latest
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
Expand Down
8 changes: 4 additions & 4 deletions tests/e2e/sample-applications/mongo-persistent/mongo-persistent-block.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ items:
# Used to format the block device (put filesystem on it).
# This allows Mongo to use the filesystem which lives on block device.
initContainers:
- image: docker.io/library/mongo:7.0
- image: quay.io/migtools/mongo:7.0.28
imagePullPolicy: IfNotPresent
securityContext:
privileged: true
Expand Down Expand Up @@ -102,7 +102,7 @@ items:
- name: block-volume-pv
devicePath: /dev/xvdx
containers:
- image: docker.io/library/mongo:7.0
- image: quay.io/migtools/mongo:7.0.28
name: mongo
securityContext:
privileged: true
Expand Down Expand Up @@ -165,7 +165,7 @@ items:
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 12 # 12x10sec = 2min before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
name: curl-tool
command: ["/bin/sleep", "infinity"]
volumes:
Expand Down Expand Up @@ -236,7 +236,7 @@ items:
periodSeconds: 5
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
Copy link

Copilot AI Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The init container command uses curl but the UBI8 base image does not include curl by default. This will cause the init container to fail. Either install curl in the init container or use a different connectivity check method like /usr/bin/nc (which is available in UBI8) instead of curl.

Suggested change
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w2 mongo 27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']

Copilot uses AI. Check for mistakes.
Comment on lines +239 to 240
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Init container will fail: UBI8 base image does not include curl.

The init-myservice container command uses curl to check MongoDB connectivity, but registry.access.redhat.com/ubi8/ubi:latest does not include curl by default. This will cause the init container to fail with command not found, preventing the pod from starting.

Consider one of these alternatives:

  1. Use an image that includes curl (e.g., registry.access.redhat.com/ubi8/ubi-minimal with curl installed, or keep the original curl image)
  2. Replace curl with a tool available in UBI8, such as using bash's /dev/tcp for port checking
🐛 Option 2: Replace curl with bash /dev/tcp 
          initContainers:
          - name: init-myservice
            image: registry.access.redhat.com/ubi8/ubi:latest
-            command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
+            command: ['bash', '-c', 'sleep 30; max_attempts=180; attempt=0; until timeout 2 bash -c "</dev/tcp/mongo/27017" 2>/dev/null || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['bash', '-c', 'sleep 30; max_attempts=180; attempt=0; until timeout 2 bash -c "</dev/tcp/mongo/27017" 2>/dev/null || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
🤖 Prompt for AI Agents 
In `@tests/e2e/sample-applications/mongo-persistent/mongo-persistent-block.yaml`
around lines 239 - 240, The init container uses curl but the chosen base image
(image: registry.access.redhat.com/ubi8/ubi:latest) does not include curl,
causing the init command (command: ['sh', '-c', 'sleep 30; ... curl -s
--connect-timeout 2 mongo:27017 ...']) to fail; fix by either switching the init
container image to one that includes curl (or to an image where you can install
curl) or replace the curl-based connectivity check with a shell-native probe
(e.g., using bash /dev/tcp or netcat) inside the same init container command so
the port check succeeds on the UBI8 image.

- apiVersion: v1
kind: Service
Expand Down
6 changes: 3 additions & 3 deletions tests/e2e/sample-applications/mongo-persistent/mongo-persistent-csi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ items:
spec:
serviceAccountName: mongo-persistent-sa
containers:
- image: docker.io/library/mongo:7.0
- image: quay.io/migtools/mongo:7.0.28
imagePullPolicy: IfNotPresent
name: mongo
securityContext:
Expand Down Expand Up @@ -122,7 +122,7 @@ items:
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 12 # 12x10sec = 2min before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
name: curl-tool
command: ["/bin/sleep", "infinity"]
volumes:
Expand Down Expand Up @@ -193,7 +193,7 @@ items:
periodSeconds: 5
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
Copy link

Copilot AI Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The init container command uses curl but the UBI8 base image does not include curl by default. This will cause the init container to fail. Either install curl in the init container or use a different connectivity check method like /usr/bin/nc (which is available in UBI8) instead of curl.

Suggested change
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w2 mongo 27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']

Copilot uses AI. Check for mistakes.
Comment on lines +196 to 197
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

curl is not available in the ubi8/ubi base image.

The init container command uses curl to check MongoDB connectivity, but registry.access.redhat.com/ubi8/ubi:latest does not include curl by default. This will cause the init container to fail with a "command not found" error.

Consider one of these alternatives:

  • Use registry.access.redhat.com/ubi8/ubi-minimal and install curl, or
  • Use a different connectivity check that doesn't require curl (e.g., bash's /dev/tcp), or
  • Use an image that includes curl
🐛 Proposed fix using bash /dev/tcp instead of curl 
          - name: init-myservice
            image: registry.access.redhat.com/ubi8/ubi:latest
-            command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
+            command: ['bash', '-c', 'sleep 30; max_attempts=180; attempt=0; until timeout 2 bash -c "cat < /dev/null > /dev/tcp/mongo/27017" 2>/dev/null || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['bash', '-c', 'sleep 30; max_attempts=180; attempt=0; until timeout 2 bash -c "cat < /dev/null > /dev/tcp/mongo/27017" 2>/dev/null || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
🤖 Prompt for AI Agents 
In `@tests/e2e/sample-applications/mongo-persistent/mongo-persistent-csi.yaml`
around lines 196 - 197, The init container uses curl in the command string while
the base image "registry.access.redhat.com/ubi8/ubi:latest" does not include
curl, causing a "command not found" failure; fix by either switching the image
to one that contains curl (or installing curl into the image), or replace the
curl check in the command (the long command starting with 'sleep 30;
max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 ...')
with a shell-native connectivity test such as bash /dev/tcp (or nc) so the
readiness loop works without curl. Ensure the chosen approach updates the image
line ("image: registry.access.redhat.com/ubi8/ubi:latest") or modifies the
command string accordingly.

- apiVersion: v1
kind: Service
Expand Down
6 changes: 3 additions & 3 deletions tests/e2e/sample-applications/mongo-persistent/mongo-persistent.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ items:
spec:
serviceAccountName: mongo-persistent-sa
containers:
- image: docker.io/library/mongo:7.0
- image: quay.io/migtools/mongo:7.0.28
imagePullPolicy: IfNotPresent
name: mongo
securityContext:
Expand Down Expand Up @@ -135,7 +135,7 @@ items:
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 12 # 12x10sec = 2min before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
name: curl-tool
command: ["/bin/sleep", "infinity"]
volumes:
Expand Down Expand Up @@ -206,7 +206,7 @@ items:
periodSeconds: 5
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
Copy link

Copilot AI Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The init container command uses curl but the UBI8 base image does not include curl by default. This will cause the init container to fail. Either install curl in the init container or use a different connectivity check method like /usr/bin/nc (which is available in UBI8) instead of curl.

Suggested change
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w2 mongo 27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']

Copilot uses AI. Check for mistakes.
Comment on lines +209 to 210
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

curl is not available in the ubi8/ubi base image.

Same issue as in mongo-persistent-csi.yaml — the init container command relies on curl, which is not installed in the base UBI image. This will break the init container.

🐛 Proposed fix using bash /dev/tcp instead of curl 
          - name: init-myservice
            image: registry.access.redhat.com/ubi8/ubi:latest
-            command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
+            command: ['bash', '-c', 'sleep 30; max_attempts=180; attempt=0; until timeout 2 bash -c "cat < /dev/null > /dev/tcp/mongo/27017" 2>/dev/null || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until curl -s --connect-timeout 2 mongo:27017 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['bash', '-c', 'sleep 30; max_attempts=180; attempt=0; until timeout 2 bash -c "cat < /dev/null > /dev/tcp/mongo/27017" 2>/dev/null || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mongo DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mongo after $max_attempts attempts"; exit 1; fi; echo "mongo DB port reachable"']
🤖 Prompt for AI Agents 
In `@tests/e2e/sample-applications/mongo-persistent/mongo-persistent.yaml` around
lines 209 - 210, The init container command uses curl but the image
registry.access.redhat.com/ubi8/ubi:latest does not include curl; update the
init container command (the command field in this manifest) to either install
curl (e.g., use microdnf to install curl before running the loop) or,
preferably, replace the curl check with a POSIX/bash TCP check using /dev/tcp
(e.g., use sh -c with a loop that tests </dev/tcp/host/port> or uses bash -c
'>/dev/tcp/mongo/27017' and checks the exit status) so the readiness loop in the
command string works without adding packages. Ensure you modify the command
string referenced in the diff accordingly (the command array that starts with
'sh', '-c', 'sleep 30; ...').

- apiVersion: v1
kind: Service
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/sample-applications/mysql-persistent/mysql-persistent-csi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ items:
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
name: curl-tool
command: ["/bin/sleep", "infinity"]
volumes:
Expand Down Expand Up @@ -226,7 +226,7 @@ items:
periodSeconds: 5
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
Comment on lines 228 to 230
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

find . -type f -name "*mysql-persistent-csi.yaml" | head -20

Repository: openshift/oadp-operator

Length of output: 141

🏁 Script executed:

cd tests/e2e/sample-applications/mysql-persistent 2>/dev/null && wc -l mysql-persistent-csi.yaml

Repository: openshift/oadp-operator

Length of output: 96

🏁 Script executed:

sed -n '225,235p' tests/e2e/sample-applications/mysql-persistent/mysql-persistent-csi.yaml

Repository: openshift/oadp-operator

Length of output: 804

🌐 Web query:

UBI 8 ubi latest image nmap-ncat nc binary availability default

💡 Result:

Short answer: UBI 8 images do NOT include the ncat/nc binary by default. You must install the nmap-ncat package from the UBI/RHEL repositories (using dnf in the standard UBI image or microdnf in UBI‑minimal) to get ncat/nc. [1][2]

Example (in ubi8/ubi-minimal):

  • podman run -it registry.access.redhat.com/ubi8/ubi-minimal /bin/bash
  • microdnf install nmap-ncat # then run ncat or ncat --version. [1][2]

Sources:

  • Red Hat UBI documentation (adding packages to UBI containers; microdnf/dnf usage). [1]
  • Package listings / RPMs for nmap-ncat (RHEL/CentOS/Alma repos showing nmap-ncat package). [2]

Init container will fail: /usr/bin/nc is not available in UBI 8 by default.

The command on line 230 uses /usr/bin/nc, but ubi:latest does not include the nmap-ncat package. The init container will fail immediately with a "command not found" error, blocking pod startup. Install nmap-ncat at startup or use an image that includes it.

Example fix (install nmap-ncat at startup) 
           initContainers:
           - name: init-myservice
             image: registry.access.redhat.com/ubi8/ubi:latest
+            securityContext:
+              runAsUser: 0
+              runAsGroup: 0
             command:
-              ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
+              ['bash', '-c', 'microdnf -y install nmap-ncat && sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
- name: init-myservice
image: registry.access.redhat.com/ubi8/ubi:latest
securityContext:
runAsUser: 0
runAsGroup: 0
command: ['bash', '-c', 'microdnf -y install nmap-ncat && sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
🤖 Prompt for AI Agents 
In `@tests/e2e/sample-applications/mysql-persistent/mysql-persistent-csi.yaml`
around lines 228 - 230, The init container "init-myservice" uses /usr/bin/nc
which is not present in the registry.access.redhat.com/ubi8/ubi:latest image;
update the init container command so nc is available by either installing the
nmap-ncat package at startup (e.g., run microdnf/apt install nmap-ncat before
using /usr/bin/nc) or switch the image to one that contains nc (or change the
probe to use a built-in tool like bash+>/dev/tcp or curl); ensure the change is
applied to the init container definition (name: init-myservice) and that the
readiness loop still exits with the same retry logic and exit codes.

- apiVersion: route.openshift.io/v1
kind: Route
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/sample-applications/mysql-persistent/mysql-persistent-twovol-csi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ items:
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
name: curl-tool
command: ["/bin/sleep", "infinity"]
Comment on lines +150 to 152
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

cat -n tests/e2e/sample-applications/mysql-persistent/mysql-persistent-twovol-csi.yaml | head -160

Repository: openshift/oadp-operator

Length of output: 5495

🏁 Script executed:

cat -n tests/e2e/sample-applications/mysql-persistent/mysql-persistent-twovol-csi.yaml | sed -n '140,240p'

Repository: openshift/oadp-operator

Length of output: 3761

🌐 Web query:

UBI 8 ubi latest image curl netcat included

💡 Result:

Short answer: The official UBI 8 "ubi" (standard) image does not include curl or netcat (nmap-ncat) by default, but both packages are available from the UBI 8 repositories and can be installed into the image (yum/dnf in the standard image; minimal/micro images may use microdnf or require enabling repos). [1][2][3]

How to verify / install:

  • Verify inside a running container: rpm -q curl nmap-ncat
  • Install (standard UBI): yum install -y curl nmap-ncat
  • Install (minimal/micro): microdnf install curl nmap-ncat (or use dnf if present).

Sources:

  1. Red Hat UBI image overview (what's included / base vs minimal). [Red Hat Ecosystem / UBI overview]. [1]
  2. UBI content and repositories (ubi-8-baseos-rpms / ubi-8-appstream-rpms). [2]
  3. UBI 8 image listing (redhat/ubi8). [3]

🏁 Script executed:

cat -n tests/e2e/sample-applications/mysql-persistent/mysql-persistent-twovol-csi.yaml | sed -n '226,228p'

Repository: openshift/oadp-operator

Length of output: 601

UBI 8 image lacks required tooling; netcat absence will prevent pod startup.

Both containers use registry.access.redhat.com/ubi8/ubi:latest, which does not include curl or netcat by default. Line 227-228 explicitly calls /usr/bin/nc in the init-myservice startup command—this will fail immediately, preventing the pod from starting. Line 150-152's curl-tool container will also lack curl if used for e2e testing. Either install the required tools (e.g., yum install -y curl nmap-ncat) in a custom image or switch to an image that includes them.

🤖 Prompt for AI Agents 
In
`@tests/e2e/sample-applications/mysql-persistent/mysql-persistent-twovol-csi.yaml`
around lines 150 - 152, The UBI8 image used for the curl-tool container and the
init-myservice startup relies on missing tooling (curl and nc); update the
manifest so the container image provides those binaries: either switch the
curl-tool and init container images to a distro image that includes curl and
netcat, or build/use a custom image that installs curl and nmap-ncat (e.g., via
yum install -y curl nmap-ncat) and reference that image in the container spec;
also verify the init-myservice startup command uses the correct nc path present
in the chosen image.

volumes:
Expand Down Expand Up @@ -224,7 +224,7 @@ items:
claimName: applog
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
Comment on lines 226 to 228
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

UBI8 ubi image netcat nc availability /usr/bin/nc

💡 Result:

Short answer: UBI8 images do not include /usr/bin/nc by default. You can add netcat using the RHEL packages (e.g., install nmap-ncat from AppStream) or the netcat package from EPEL — both provide an nc binary. Example install: dnf install -y nmap-ncat (or enable EPEL and install netcat). [1][2][3]

Sources:

  • UBI8 image info and types (no mention of nc in base files). [1]
  • nmap-ncat (RHEL/AppStream) provides /usr/bin/nc and /usr/bin/ncat. [2]
  • netcat (OpenBSD) RPM for EL8 provides /usr/bin/nc (available via EPEL). [3]

🏁 Script executed:

rg '/usr/bin/nc|nc -z' tests/

Repository: openshift/oadp-operator

Length of output: 2169

🏁 Script executed:

# Check if any of these files have dnf install or netcat installation commands
rg -A 5 -B 5 'init-myservice|dnf install|nmap-ncat|apt-get.*netcat' tests/e2e/sample-applications/mysql-persistent/

Repository: openshift/oadp-operator

Length of output: 4689

🏁 Script executed:

# Check if there's a custom image or Dockerfile that might install netcat
fd -e Dockerfile -e dockerfile tests/e2e/sample-applications/mysql-persistent/

Repository: openshift/oadp-operator

Length of output: 560

🏁 Script executed:

fd --full-path 'tests/e2e/sample-applications/mysql-persistent/.*Dockerfile'

Repository: openshift/oadp-operator

Length of output: 49

🏁 Script executed:

# Check for any installation of netcat in the init commands more carefully
rg 'dnf install|yum install|apt-get' tests/e2e/sample-applications/

Repository: openshift/oadp-operator

Length of output: 180

Install netcat or use an alternative approach to verify MySQL connectivity.

The init-myservice container uses /usr/bin/nc to check the MySQL port, but netcat is not included in the registry.access.redhat.com/ubi8/ubi:latest image by default. The init container will fail at startup.

Either install netcat in the init container command (e.g., dnf install -y nmap-ncat) before running the connectivity check, or use an alternative approach such as checking via shell redirection (/dev/tcp/mysql/3306) which doesn't require external tools.

🤖 Prompt for AI Agents 
In
`@tests/e2e/sample-applications/mysql-persistent/mysql-persistent-twovol-csi.yaml`
around lines 226 - 228, The init container "init-myservice" uses /usr/bin/nc
which is not present in the registry.access.redhat.com/ubi8/ubi:latest image;
update the init container command for "init-myservice" to either install netcat
before the connectivity loop (e.g., run dnf install -y nmap-ncat then proceed)
or replace the nc check with a shell-native check using /dev/tcp/mysql/3306 in
the command string so the readiness loop can run successfully without relying on
an external binary.

- apiVersion: route.openshift.io/v1
kind: Route
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/sample-applications/mysql-persistent/mysql-persistent.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ items:
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
name: curl-tool
command: ["/bin/sleep", "infinity"]
volumes:
Expand Down Expand Up @@ -239,7 +239,7 @@ items:
periodSeconds: 5
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
Comment on lines 240 to 243
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

UBI8 UBI image netcat nc nmap-ncat default packages included

💡 Result:

Short answer: UBI8 images do not include netcat (nc) / nmap-ncat by default. The UBI images ship a minimal set of packages (ubi, ubi-minimal, etc.) and provide Red Hat UBI BaseOS/AppStream repositories so you can install nmap-ncat (provided as the nmap-ncat package) with yum or microdnf. [1][2][3]

References

  • UBI image types / package behavior (microdnf in minimal; package counts). [1]
  • UBI images enable UBI BaseOS/AppStream repos so packages can be installed into the image. [2]
  • nmap-ncat (ncat) is packaged for EL8 (available as nmap-ncat RPM for RHEL/derivatives). [3]

🏁 Script executed:

# First, let's examine the actual file to understand the context better
cat -n tests/e2e/sample-applications/mysql-persistent/mysql-persistent.yaml | head -250 | tail -20

Repository: openshift/oadp-operator

Length of output: 1169

🌐 Web query:

Red Hat UBI8 ubi:latest image contents packages included

💡 Result:

Short answer: The UBI8 "ubi:latest" (standard) image is a small, supported subset of RHEL‑8 userland that includes a curated set of core GNU/Linux and system utilities (tar, gzip, vi, coreutils, glibc, openssl, yum/dnf tooling, etc.) and is preconfigured to use the UBI 8 BaseOS and AppStream repositories. The exact package list varies by image build/tag (Red Hat rebuilds periodically), so to get the authoritative list for the specific ubi:latest you pull, run rpm -qa inside the image or inspect the image manifest. [1][2][3]

How to see the exact packages yourself

  • Pull and run the image, then list installed RPMs:
    • docker pull registry.access.redhat.com/ubi8/ubi:latest
    • docker run --rm -it registry.access.redhat.com/ubi8/ubi:latest bash
    • rpm -qa
      This shows the image's installed packages. [1][4]

Why the list can change

  • Red Hat publishes UBI images on a cadence and rebuilds images with errata; repository metadata (and thus available/installed packages) can change between tags. For available RPMs and repo URLs see /etc/yum.repos.d/ubi.repo inside the container or browse the UBI repositories. [1][2]

References

  • Red Hat knowledgebase: Universal Base Images — repos, rpm commands and how to list packages. [1]
  • Red Hat Developer: UBI overview and what’s included; counts and flavors (ubi, ubi-minimal, ubi-micro). [2]
  • Red Hat Ecosystem Catalog (ubi8 image entry / tag info). [3]
  • RHEL docs: adding software to a UBI container (microdnf/yum usage and rpm -qa). [4]

Sources
[1] Red Hat Customer Portal — Universal Base Images (UBI): Images, repositories, packages, and source code.
[2] Red Hat Developer — Universal Base Images (what’s included, image flavors and package counts).
[3] Red Hat Ecosystem Catalog — Red Hat Universal Base Image 8 (ubi8) image entry.
[4] Red Hat documentation — Adding software to a UBI container (rpm -qa, yum/microdnf).

🏁 Script executed:

# Let's also check if there are any other test files or scripts that might shed light on this
find tests -name "*.yaml" -o -name "*.yml" | head -10

Repository: openshift/oadp-operator

Length of output: 887

Remove /usr/bin/nc dependency or include netcat in the image.

The init-myservice container uses /usr/bin/nc to verify MySQL connectivity, but ubi8/ubi:latest does not include netcat by default and must be installed separately. This will cause the initContainer to fail with "command not found", blocking the deployment.

Replace with a bash-native TCP check: /bin/bash -c 'echo > /dev/tcp/mysql/3306', or use an image that includes netcat (e.g., ubi8/ubi-init).

🤖 Prompt for AI Agents 
In `@tests/e2e/sample-applications/mysql-persistent/mysql-persistent.yaml` around
lines 240 - 243, The initContainer block (initContainers -> name:
init-myservice) currently calls /usr/bin/nc which isn't present in the ubi8/ubi
image; replace that dependency by changing the readiness check to a bash-native
TCP probe (use /bin/bash -c with a redirection test like echo >
/dev/tcp/mysql/3306 in the existing command loop) or switch the container image
to one that includes netcat (e.g., an image like ubi8/ubi-init) and update the
command accordingly so the initContainer no longer fails with "command not
found".

- apiVersion: route.openshift.io/v1
kind: Route
Expand Down
2 changes: 1 addition & 1 deletion tests/e2e/sample-applications/nginx/nginx-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ items:
app: nginx
spec:
containers:
- image: bitnamisecure/nginx
- image: quay.io/migtools/nginx:latest
name: nginx
ports:
- containerPort: 8080
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/sample-applications/parks-app/manifest.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ items:
emptyDir: {}
initContainers:
- name: wait-for-mongodb
image: 'docker.io/library/mongo:7.0'
image: 'quay.io/migtools/mongo:7.0.28'
command:
- /bin/bash
- -c
Expand Down Expand Up @@ -267,7 +267,7 @@ items:
spec:
containers:
- name: mongodb-container
image: 'docker.io/library/mongo:7.0'
image: 'quay.io/migtools/mongo:7.0.28'
ports:
- containerPort: 27017
protocol: TCP
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/sample-applications/virtual-machines/fedora-todolist/fedora-todolist.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ items:
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
- image: docker.io/curlimages/curl:8.5.0
- image: registry.access.redhat.com/ubi8/ubi:latest
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n tests/e2e/sample-applications/virtual-machines/fedora-todolist/fedora-todolist.yaml | sed -n '140,210p'

Repository: openshift/oadp-operator

Length of output: 2780

🌐 Web query:

What tools are included in registry.access.redhat.com/ubi8/ubi latest image contents

💡 Result:

Short answer — the UBI8 "ubi" (standard) image is a small RHEL-based userland that includes package-management and common OS utilities. Notable tools shipped in the standard ubi8 image include:

  • yum (DNF front-end tools: yum, yum-config-manager, yumdownloader). [1]
  • systemd (init support in the standard image). [1]
  • Common GNU utilities: tar, gzip, vi, etc. [1][2]
  • Filesystem/ACL utilities: getfacl and other acl tools. [1]
  • Device/volume tools: dmsetup and related device-mapper utilities, dmidecode. [1]
  • Access to UBI yum repositories so you can install additional RPMs. [1][2]

Notes: the exact package list can change between image releases; for the authoritative, up‑to‑date contents check the Red Hat Ecosystem Catalog entry for ubi8 or inspect a pulled image (e.g., podman run --rm registry.access.redhat.com/ubi8/ubi rpm -qa). [2][3]

Sources: Red Hat container docs and UBI catalog. [1][2][3]

🌐 Web query:

does UBI8 base image include nc netcat curl tools by default

💡 Result:

Short answer: No—UBI8 images do not reliably include netcat (nc) by default, and whether curl is present depends on the variant.

  • ubi (standard) contains more utilities and is more likely to include curl; ubi-minimal/ubi-micro are intentionally slim and may not include curl by default. (developers.redhat.com)
  • Community/CI evidence shows some ubi8-minimal tags ship curl (so curl can appear in some builds), but netcat/nc is not listed as a default package in the minimal images. To confirm for a specific tag run: docker run --rm -it rpm -q curl nc (or docker run ... which nc). (gitlab.com)

If you want, tell me which UBI8 tag (ubi, ubi-minimal, ubi-micro, or exact image:tag) and I’ll check that tag specifically.

Citations:

🌐 Web query:

UBI8 ubi minimal vs standard image what packages included

💡 Result:

Short answer — difference and what’s included

  • UBI8 (standard, image name "ubi")

    • Full YUM/DNF stack, standard RHEL userland utilities (tar, gzip, vi, etc.), OpenSSL crypto stack and more complete OS tooling. Intended as a general-purpose base for most apps. (~190 packages in typical UBI8 standard image). [1][2][3]

  • UBI8 minimal (image name "ubi-minimal")

    • Minimized pre‑installed content set to keep image size small, no SUID binaries, and a tiny package manager (microdnf) instead of the full yum/dnf tooling. Omits systemd/init, many shell/utilities and Python runtime; intended when you add only the deps you need. (~100 packages; ~92 MB uncompressed vs ~215 MB for standard). [2][3][4]

  • (Related) UBI8 micro

    • Even smaller: essentially no package manager included (for maximal minimalism/multi‑stage builds). Use build tools on host. [1][2]

Sources: Red Hat/UBI docs and Red Hat Developer articles describing "ubi" vs "ubi-minimal" (package counts, size and included tooling). [1][2][3][4]

References
[1] Red Hat blog: Introducing Red Hat Universal Base Image.
[2] Red Hat Documentation — Building, running, and managing containers (UBI minimal description).
[3] Red Hat Developer article / UBI comparison (table with sizes and package counts).
[4] Red Hat Universal Base Image FAQ / Catalog.

The UBI8 base image does not include nc; the init container will fail.

The init-myservice container explicitly calls /usr/bin/nc to wait for MySQL availability. UBI8 standard does not ship netcat by default, so this init container will crash and block the Deployment. The curl-tool container will likewise be unusable. Install these tools via microdnf in the container command, or use an image that includes them.

Suggested remediation 
-          - image: registry.access.redhat.com/ubi8/ubi:latest
+          - image: registry.access.redhat.com/ubi8/ubi:latest
             name: curl-tool
-            command: ["/bin/sleep", "infinity"]
+            command: ['sh', '-c', 'microdnf install -y curl nmap-ncat && sleep infinity']
...
-          - name: init-myservice
-            image: registry.access.redhat.com/ubi8/ubi:latest
-            command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
+          - name: init-myservice
+            image: registry.access.redhat.com/ubi8/ubi:latest
+            command: ['sh', '-c', 'microdnf install -y nmap-ncat && sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']

Also applies to: 202-203

🤖 Prompt for AI Agents 
In
`@tests/e2e/sample-applications/virtual-machines/fedora-todolist/fedora-todolist.yaml`
at line 143, The UBI8 base image used for the containers (image:
registry.access.redhat.com/ubi8/ubi:latest) doesn't include netcat/curl, causing
the init container named init-myservice (which calls /usr/bin/nc) and the
curl-tool container to fail; fix by modifying the container spec(s) that
reference that image (init-myservice and curl-tool) to either use a different
image that bundles nc/curl or add a startup command that installs the missing
tools (e.g., run microdnf install -y nc curl or the appropriate package names
before using /usr/bin/nc or curl), ensuring the init container's wait command
and the curl-tool container can find the binaries.

name: curl-tool
command: ["/bin/sleep", "infinity"]
Copy link

Copilot AI Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The UBI8 base image (registry.access.redhat.com/ubi8/ubi:latest) does not include curl by default, which is required by the e2e test code that executes curl commands in the curl-tool container. The container name suggests it should have curl functionality. Consider using registry.access.redhat.com/ubi8/ubi-minimal:latest with curl installed, or ensure curl is installed at runtime.

Suggested change
command: ["/bin/sleep", "infinity"]
command:
- /bin/sh
- -c
- |
set -e
if ! command -v curl >/dev/null 2>&1; then
microdnf install -y curl && microdnf clean all
fi
exec /bin/sleep infinity

Copilot uses AI. Check for mistakes.
volumes:
Expand Down Expand Up @@ -199,7 +199,7 @@ items:
protocol: TCP
initContainers:
- name: init-myservice
image: docker.io/curlimages/curl:8.5.0
image: registry.access.redhat.com/ubi8/ubi:latest
command: ['sh', '-c', 'sleep 30; max_attempts=180; attempt=0; until /usr/bin/nc -z -w 1 mysql 3306 || [ $attempt -ge $max_attempts ]; do attempt=$((attempt+1)); echo "Attempt $attempt/$max_attempts: Trying to connect to mysql DB port"; sleep 5; done; if [ $attempt -ge $max_attempts ]; then echo "ERROR: Failed to connect to mysql after $max_attempts attempts"; exit 1; fi; echo "mysql DB port reachable"']
- apiVersion: route.openshift.io/v1
kind: Route
Expand Down