Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-8905

New certificate download code breaks autosigning workflow

    Details

    • Type: CI Blocker
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 6.0.0
    • Component/s: None
    • Labels:
      None
    • Release Notes:
      Not Needed
    • QA Risk Assessment:
      Needs Assessment

      Description

      Autosigning appears to be broken with the new certificate download code (PUP-8652). When using an autosigning workflow, the first agent run fails with

      Error: Could not request certificate: Error 400 on SERVER: pto1to2xvyajwdw.delivery.puppetlabs.net already has a signed certificate; ignoring certificate request
      

      It seems that the agent is re-submitting a CSR even though it has successfully downloaded the signed host certificate. This could be related to some weird interaction between remaining indirector code and the code.

      This issue appears to be affecting both Puppetserver's beaker acceptance tests (whose pre-suites use autosigning to set up their environment) and PuppetDB's clojure integration tests.

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  maggie Maggie Dreyer
                  Reporter:
                  maggie Maggie Dreyer
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: