IndexError in add_rbac_roles

Bug #1904767 reported by Kevin W Monroe on 2020-11-18
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Kubernetes Master Charm
Kevin W Monroe

Bug Description

If the migration from known_tokens.csv to k8s secrets fails just right, we'll attempt to parse a csv file that no longer has csv data. This leads to an index error:

Traceback (most recent call last):
  File "/var/lib/juju/agents/unit-kubernetes-master-0/.venv/lib/python3.6/site-packages/charms/reactive/", line 74, in main
  File "/var/lib/juju/agents/unit-kubernetes-master-0/.venv/lib/python3.6/site-packages/charms/reactive/", line 379, in dispatch
  File "/var/lib/juju/agents/unit-kubernetes-master-0/.venv/lib/python3.6/site-packages/charms/reactive/", line 359, in _invoke
  File "/var/lib/juju/agents/unit-kubernetes-master-0/.venv/lib/python3.6/site-packages/charms/reactive/", line 181, in invoke
  File "/var/lib/juju/agents/unit-kubernetes-master-0/charm/reactive/", line 260, in check_for_upgrade_needed
  File "/var/lib/juju/agents/unit-kubernetes-master-0/charm/reactive/", line 307, in add_rbac_roles
    if record[2] == 'admin' and len(record) == 3:
IndexError: list index out of range

This could also happen if a user tries to downgrade to a k8s-master charm revision that predates authn with k8s secrets (before the 1.19 release).

Regardless of how we get there, the k8s-master charm should handle this better.

Changed in charm-kubernetes-master:
milestone: none → 1.19+ck1
assignee: nobody → Kevin W Monroe (kwmonroe)
status: New → In Progress
importance: Undecided → Critical
Kevin W Monroe (kwmonroe) wrote :
tags: added: review-needed
Cory Johns (johnsca) wrote :
Changed in charm-kubernetes-master:
status: In Progress → Fix Committed
tags: removed: review-needed
tags: added: backport-needed
tags: removed: backport-needed
Changed in charm-kubernetes-master:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers