Bug #23232

Foreman should validate host associations are in the host's taxonomies

Added by Chris Duryee 2 months ago. Updated 7 days ago.

Status:Closed
Priority:Normal
Assigned To:Stephen Benjamin
Category:Organizations and Locations
Target version:-
Difficulty: Bugzilla link:1566166
Found in release: Pull request:https://github.com/theforeman/foreman/pull/5494
Story points-
Velocity based estimate-
Release1.19.0Release relationshipAuto

Description

If you register a brand-new client to a new capsule on a new katello using bootstrap.py without https://github.com/Katello/katello-client-bootstrap/issues/248, you will get this error:

Validation failed: Name must not include periods

repro steps:

  • vagrant up centos7-katello-3.6
  • vagrant up centos7-foreman-proxy-3.6
  • vagrant up centos7 for use as test client

on katello server:

hammer ping
hammer -u admin -p changeme activation-key create --name MYAK --organization-id 1
hammer -u admin -p changeme hostgroup create --name MYHG

on client:

yum install subscription-manager (bootstrap will need it)
  1. ensure you are using a bootstrap.py without https://github.com/Katello/katello-client-bootstrap/issues/248
    curl http://centos7-foreman-proxy-3-6.dhcp129-144.example.com/pub/bootstrap.py > ./bootstrap.py
    python bootstrap.py -s centos7-foreman-proxy-3-6.dhcp129-144.example.com -g MYHG -a MYAK

(this will error that the HG needs an OS and location, we'll fix that)

back on katello server:

hammer -u admin -p changeme os list
hammer -u admin -p changeme location list
hammer -u admin -p changeme hostgroup list
hammer -u admin -p changeme hostgroup update --operatingsystem-id 1 --location-ids 2 --id 1

back on client again:

python bootstrap.py -s centos7-foreman-proxy-3-6.dhcp129-144.example.com -g MYHG -a MYAK --location "Default Location" --force

error!

Validation failed: Name must not include periods

production.log:

[app] [I] Started POST "/rhsm/consumers?owner=Default_Organization&activation_keys=MYAK" for 192.168.121.96 at 2018-04-11 16:10:34 +0000
[app] [I] Processing by Katello::Api::Rhsm::CandlepinProxiesController#consumer_activate as JSON
[app] [I] Parameters: {"facts"=>"[FILTERED]", "contentTags"=>[], "type"=>"system", "name"=>"client.dhcp129-144.example.com", "owner"=>"Default_Organization", "activation_keys"=>"MYAK"}
[app] [I] Current user: foreman_admin (administrator)
[app] [I] Current user: foreman_admin (administrator)
[katello/cp_proxy] [E] <Class> ActiveRecord::RecordInvalid
[katello/cp_proxy] [E] name: ["must not include periods"]
[app] [I] Completed 422 Unprocessable Entity in 808ms (Views: 0.1ms | ActiveRecord: 19.4ms)

It looks like the domain can't be found, which causes the shortname of the host to be its fqdn. Workaround:

hammer -u admin -p changeme domain update --id 1 --location-ids 2 --organization-ids 1

Note that this bug has a workaround in bootstrap.py. Ideally a more descriptive error message would be raised if the domain is not accessible in the org/location.

Associated revisions

Revision a525db23
Added by Stephen Benjamin 7 days ago

fixes #23232 - fix error when domain not in taxonomy

This ensures that if domain_id is set, but domain not found (for example
when domain is in another taxonomy), the shortname still removes the
domain from the host's FQDN.

History

#1 Updated by Chris Duryee 2 months ago

  • Bugzilla link set to 1566166

#2 Updated by Justin Sherrill 2 months ago

  • Release set to Katello 3.6.1
  • Category set to Hosts

#3 Updated by Chris Duryee 2 months ago

  • Description updated (diff)
  • Subject changed from unable to register client to freshly installed capsule on fresh katello to "Validation failed: Name must not include periods" if domain is not found during registration

#4 Updated by Stephen Benjamin 2 months ago

This is a weird one. bootstrap.py does an unscoped API query to retrieve the domain ID. It passes in that domain_id to the API for host create, which happily assigns it to the host.

If you look at the actual AR records with default scoping, host.domain is nil because it can't find a domain by that ID in the host's scope. Foreman's host name checking relies on host.domain to strip it out and check the "shortname" for periods, which causes the validation error we see.

There's at least a Foreman bug here, I don't think it should blindly accept ID's without checking taxonomic scope but that's a big bucket of worms to fix correctly.

#5 Updated by Stephen Benjamin about 1 month ago

  • Assigned To set to Stephen Benjamin
  • Category changed from Hosts to Organizations and Locations
  • Subject changed from "Validation failed: Name must not include periods" if domain is not found during registration to Foreman should validate host associations are in the host's taxonomies
  • Project changed from Katello to Foreman

Really a foreman issue, going to fix there.

#6 Updated by The Foreman Bot about 1 month ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5494 added

#7 Updated by Stephen Benjamin 7 days ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#8 Updated by Marek Hulán 7 days ago

  • Release changed from Katello 3.6.1 to 1.19.0

In fact, this was fixed in Foreman, resetting the release.

Also available in: Atom PDF