Uploaded image for project: 'R10K'
  1. R10K
  2. RK-220

Vague Error Message when Private Key Permissions are Incorrect

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: r10k 2.2.0
    • Component/s: None
    • Labels:
    • Template:
    • Story Points:
      3
    • Sprint:
      CODEMGMT 2016-02-24
    • Release Notes:
      Not Needed
    • Release Notes Summary:
      Hide
      When r10k was using rugged and Git SSH remotes with pubkey
      authentication, r10k didn't check if the specified SSH key was readable
      and let rugged do that checking. However rugged's error messaging around
      this was less than clear when the private key was missing or unreadable
      which users found confusing. This commit remedies the error messaging by
      doing the check inside of r10k and failing early with a more readable
      message.
      Show
      When r10k was using rugged and Git SSH remotes with pubkey authentication, r10k didn't check if the specified SSH key was readable and let rugged do that checking. However rugged's error messaging around this was less than clear when the private key was missing or unreadable which users found confusing. This commit remedies the error messaging by doing the check inside of r10k and failing early with a more readable message.

      Description

      Description

      If a user specifies a private key that does not have sufficient permissions for Code Manager to access the file a vague error message is logged after deployment:

      2015-11-06 19:06:03,664 INFO  [qtp2024767009-71] [p.r.h.m.authentication] Authenticated subject 39d95ce8-2225-4fab-b902-321a1f356d03 via authentication token
      2015-11-06 19:06:51,232 INFO  [qtp2024767009-75] [p.r.h.m.authentication] Authenticated subject 39d95ce8-2225-4fab-b902-321a1f356d03 via authentication token
      2015-11-06 19:06:51,249 INFO  [qtp2024767009-75] [p.c.app] Queuing deploy for environment production
      2015-11-06 19:06:51,414 INFO  [deploy-pool-1] [p.c.core] Attempting to deploy environment 'production'...
      2015-11-06 19:06:57,650 ERROR [deploy-pool-1] [p.c.core] Errors while deploying environment 'production' (exit code: 1):
      ERROR    -> Unable to determine current branches for Git source 'puppet' (/etc/puppetlabs/code-staging/environments)
      Original exception:
      Failed to authenticate SSH session: Unable to extract public key from private key file: Unable to open private key file at /opt/puppetlabs/server/data/code-manager/worker-caches/deploy-pool-1/git@github.com-puppetlabs-codemgmt-92.git
       
      2015-11-06 19:06:57,650 INFO  [deploy-pool-1] [p.c.core] Finished deploy attempt for environment 'production'.

      Attachments

      • Answer file

      Repro Steps

      1. Copy the PE tarball to the SUT and extract the contents to the "/tmp" directory.
      2. Navigate to the extracted installer directory.
      3. Copy the appropriate SSH private key to the SUT to access the control repo.
      4. Copy the attached answer file to the SUT.
      5. Install the PE master using the provided answer file:

        ./puppet-enterprise-installer -a all-in-one.answers.txt

      6. Create a new user in the PE console
      7. Create an auth token for the new user:

        puppet access login ryan --service-url https://centos7.vm:4433/rbac-api

      8. Deploy the environment via Code Manager:

        curl -k -X POST -H 'Content-Type: application/json' -H "X-Authentication: `puppet access show`" https://cento
        s7.vm:8170/code-manager/v1/deploys -d '{"environments": ["production"]}'

      9. Verify that environment deployed:

        tail /var/log/puppetlabs/puppetserver/puppetserver.log

      Expect

      The log should indicate a successful deployment of the "production" environment.

      Actual

      The log contains the following confusing error message:

      2015-11-06 19:06:03,664 INFO  [qtp2024767009-71] [p.r.h.m.authentication] Authenticated subject 39d95ce8-2225-4fab-b902-321a1f356d03 via authentication token
      2015-11-06 19:06:51,232 INFO  [qtp2024767009-75] [p.r.h.m.authentication] Authenticated subject 39d95ce8-2225-4fab-b902-321a1f356d03 via authentication token
      2015-11-06 19:06:51,249 INFO  [qtp2024767009-75] [p.c.app] Queuing deploy for environment production
      2015-11-06 19:06:51,414 INFO  [deploy-pool-1] [p.c.core] Attempting to deploy environment 'production'...
      2015-11-06 19:06:57,650 ERROR [deploy-pool-1] [p.c.core] Errors while deploying environment 'production' (exit code: 1):
      ERROR    -> Unable to determine current branches for Git source 'puppet' (/etc/puppetlabs/code-staging/environments)
      Original exception:
      Failed to authenticate SSH session: Unable to extract public key from private key file: Unable to open private key file at /opt/puppetlabs/server/data/code-manager/worker-caches/deploy-pool-1/git@github.com-puppetlabs-codemgmt-92.git
       
      2015-11-06 19:06:57,650 INFO  [deploy-pool-1] [p.c.core] Finished deploy attempt for environment 'production'.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              qa qa
              Reporter:
              ryan.gard Ryan Gard
              QA Contact:
              Zach Reichert
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support