StarlingX

DC: admin endpoint certificate creation failed due to missing quotes around floating IP

Bug #1891904 reported by Andy
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Medium
Andy

Bug Description

Brief Description
-----------------
In the ansible admin endpoint certificate setup template (setup-sc-adminep-certs.yaml.j2), quotes is missed around controller_floating_address as the commonName. This causes ansible play to fail if the floating IP is IPv6 and has a trailing ":" at the end.

Severity
--------
Major

Steps to Reproduce
------------------
- Deploy a IPV6 SystemController, with the mgmt floating IP as something like "fd01:11::x::"
- Deploy a subcloud, with the mgmt floating IP as something like "fd01:11::x::"

Expected Behavior
------------------
The subcloud deployed successfully.

Actual Behavior
----------------
The subcloud deployment fails with error in ansible:

error converting YAML to JSON: yaml: line 10: mapping values are not allowed in this context

Reproducibility
---------------
100% reproducible

System Configuration
--------------------
Any

Branch/Pull Time/Commit
-----------------------
stx master

Last Pass
---------
Unknown

Timestamp/Logs
--------------
ansible.log:
"error parsing /tmp/adminep/setup-sc-adminep-certs.yaml: error converting YAML to JSON: yaml: line 13: mapping values are not allowed in this context"

Test Activity
-------------
Sanity

Workaround
----------
Manually edit /tmp/adminep/setup-sc-adminep-certs.yaml and run the playbook again.

Andy (andy.wrs)
Changed in starlingx:
assignee: nobody → Andy (andy.wrs)
Ghada Khalil (gkhalil)
Changed in starlingx:
importance: Undecided → Medium
status: New → Incomplete
status: Incomplete → Triaged
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to ansible-playbooks (master)

Fix proposed to branch: master
Review: https://review.opendev.org/746585

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
Ghada Khalil (gkhalil) wrote :

stx.5.0 / medium priority - issue w/ specific IPv6 format; easy workaround exists

tags: added: stx.5.0 stx.distcloud
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.opendev.org/746591

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on ansible-playbooks (master)

Change abandoned by Andy Ning (<email address hidden>) on branch: master
Review: https://review.opendev.org/746591
Reason: Abandon this accidentally created review.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/746585
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=0134e8ec49da5ad2f183044038ecc079759caf84
Submitter: Zuul
Branch: master

commit 0134e8ec49da5ad2f183044038ecc079759caf84
Author: Andy Ning <email address hidden>
Date: Mon Aug 17 14:09:50 2020 -0400

    Add missing quotation mark for admin endpoint certificate CN

    In the ansible admin endpoint certificate setup template
    (setup-sc-adminep-certs.yaml.j2), controller_floating_address as the
    commonName is not quoted. This causes ansible play to fail if the
    floating IP address is IPv6 and has a trailing ":" at the end.

    This change added the missing quotation mark around the
    controller_floating_address.

    This change also added missing quotation marks for
    the some variables in armada-overrides.yaml.j2.

    Change-Id: Ib46d76e19b13d2144e39d4598a7ccec2808988c6
    Closes-Bug: 1891904
    Signed-off-by: Andy Ning <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.