Chef provisioning fails if validation_cert not defined

Bug #960547 reported by Lorin Hochstein
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fix Released
Scott Moser
cloud-init (Ubuntu)
Fix Released

Bug Description

When using chef for provisioning, the suggests that you can define either a validation_key or validation_cert. However, if you only define a validation_key and not validation_cert, it fails with this error:

2012-03-20 19:09:42,953 -[WARNING]: Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cloudinit/CloudConfig/", line 108, in run_cc_modules
    cc.handle(name, run_args, freq=freq)
  File "/usr/lib/python2.7/dist-packages/cloudinit/CloudConfig/", line 72, in handle
    [ name, self.cfg,, cloudinit.log, args ])
  File "/usr/lib/python2.7/dist-packages/cloudinit/", line 309, in sem_and_run
  File "/usr/lib/python2.7/dist-packages/cloudinit/CloudConfig/", line 45, in handle
KeyError: 'validation_cert'

The problem seems to be in this code in

     43 if chef_cfg.has_key('validation_key') or chef_cfg.has_key('validation_cert'):
     44 validation_key = util.get_cfg_option_str(chef_cfg, 'validation_key',
     45 chef_cfg['validation_cert'])
     46 with open('/etc/chef/validation.pem', 'w') as validation_key_fh:
     47 validation_key_fh.write(validation_key)

Because Python doesn't have lazy evaluation, it evaluates chef_cfg['validation_cert'] in line 45, and blows up.

Related branches

Revision history for this message
Scott Moser (smoser) wrote :

fixed in revision 552.

Thank you for taking the time to file the bug.

Changed in cloud-init:
assignee: nobody → Scott Moser (smoser)
importance: Undecided → Medium
status: New → Fix Committed
Scott Moser (smoser)
Changed in cloud-init (Ubuntu):
status: New → Fix Released
Scott Moser (smoser)
Changed in cloud-init:
status: Fix Committed → Fix Released
Revision history for this message
James Falcon (falcojr) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.