kayobe

prometheus_bcrypt_salt generated by 2023.1 is not accepted by 2023.2

Bug #2067478 reported by Martin Ananda Boeker on 2024-05-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	kayobe	Invalid	Undecided	Unassigned
	kolla-ansible	Invalid	Undecided	Grzegorz Koper

Bug Description

Running kayobe service deploy using 2023.2 fails with this:

TASK [prometheus : Check that prometheus_bcrypt_salt is correctly set] *********************************************************************************************************************************************task path: /home/ubuntu/venvs/kolla-ansible/share/kolla-ansible/ansible/roles/prometheus/tasks/precheck.yml:28
Wednesday 29 May 2024 12:46:34 +0000 (0:00:00.455) 0:01:24.976 *********
fatal: [AIOTEST01]: FAILED! => changed=false
  assertion: prometheus_bcrypt_salt | length == 22
  evaluated_to: false
  msg: Assertion failed
fatal: [AIOTEST02]: FAILED! => changed=false
  assertion: prometheus_bcrypt_salt | length == 22
  evaluated_to: false
  msg: Assertion failed
fatal: [AIOTEST03]: FAILED! => changed=false
  assertion: prometheus_bcrypt_salt | length == 22
  evaluated_to: false
  msg: Assertion failed

I just checked, and the passwords.yml that was generated by genpwd from 2023.1 set this:

prometheus_bcrypt_salt: D9KS4bm7YHXUovt8aLGe3rNpqpWk28pVDanMI41U

Why would 2023.2 fail with the salt length generated by 2023.1, especially since it's longer!?

Revision history for this message

Pierre Riteau (priteau) wrote on 2024-06-20:

This looks like an issue with kolla-ansible rather than kayobe itself.

Grzegorz Koper (koperg) on 2024-06-24

Changed in kolla-ansible:
status:	New → Triaged

Revision history for this message

Grzegorz Koper (koperg) wrote on 2024-06-24:

Hello,

It looks like prometheus_bcrypt_salt was generated before this change got merged:
https://review.opendev.org/c/openstack/kolla-ansible/+/828695

and backported to 2023.1 with:

https://github.com/stackhpc/kolla-ansible/pull/476/files

Regenerating with genpwd from latest 2023.1 will always results in 22 long salt:

>>> from ansible.utils.encrypt import random_salt
>>> len(random_salt(22))
22
>>> len(random_salt(22))
22
>>> len(random_salt(22))
22
>>> len(random_salt(22))
22
>>> len(random_salt(22))
22
>>> len(random_salt(22))
22
>>> len(random_salt(22))
22

Closing as support request.

Changed in kolla-ansible:
assignee:	nobody → Grzegorz Koper (koperg)
status:	Triaged → Invalid
Changed in kayobe:
status:	New → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.