Bug #25649
closed
Foreman Proxy does not remove Salt key for a host that has been deleted
Description
Proxy logs shows a finger on the key when deleting a host from foreman, but the salt key remains.
Proxy log log during delete routine that is not removing key:
D, [2018-12-07T11:47:31.919152 ] DEBUG -- : close: 10.250.8.10:40258
D, [2018-12-07T11:50:11.589170 ] DEBUG -- : accept: 10.250.8.10:40388
D, [2018-12-07T11:50:11.591587 ] DEBUG -- : Rack::Handler::WEBrick is invoked.
D, [2018-12-07T11:50:11.592141 04d43316] DEBUG -- : Found salt-key at /usr/bin/salt-key
D, [2018-12-07T11:50:11.592223 04d43316] DEBUG -- : Found salt at /usr/bin/salt
D, [2018-12-07T11:50:11.592284 04d43316] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2018-12-07T11:50:11.592331 04d43316] DEBUG -- : Executing /usr/bin/sudo u root /usr/bin/salt-key --finger-all --output=json : 10.250.8.10 - - [07/Dec/2018:11:50:12 -0500] "GET /salt/key HTTP/1.1" 200 165789 0.5832
I, [2018-12-07T11:50:12.175202 04d43316] INFO -
Removing the salt-key for this host manually through the UI triggers the correct function.
D, [2018-12-07T11:50:42.166010 ] DEBUG -- : Rack::Handler::WEBrick is invoked.
D, [2018-12-07T11:50:42.166687 04d43316] DEBUG -- : Found salt-key at /usr/bin/salt-key
D, [2018-12-07T11:50:42.166773 04d43316] DEBUG -- : Found salt at /usr/bin/salt
D, [2018-12-07T11:50:42.166836 04d43316] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2018-12-07T11:50:42.166918 04d43316] DEBUG -- : about to execute: ["/usr/bin/sudo", "-u", "root", "/usr/bin/salt-key", "--yes", "-d", "test55"]
I, [2018-12-07T11:50:42.651034 04d43316] INFO -- : Result: The following keys are going to be deleted:
Accepted Keys:
test55
Key for minion test deleted.
I, [2018-12-07T11:50:42.651457 04d43316] INFO -- : 10.250.8.10 - - [07/Dec/2018:11:50:42 -0500] "DELETE /salt/key/test55 HTTP/1.1" 200 - 0.4850
Updated by Joe Collette about 6 years ago
- Subject changed from Foreman Proxy does not remove Salt key for a has that has been deleted to Foreman Proxy does not remove Salt key for a host that has been deleted
Updated by Ewoud Kohl van Wijngaarden over 5 years ago
- Project changed from Smart Proxy to Salt
- Category set to Smart Proxy
I think this is part of the salt plugin, not the smart-proxy.
Updated by Bernhard Suttner over 5 years ago
Tested on current foreman-salt + smart-proxy-salt and couldn't reproduce the issue.
I will think about adding a test.
Updated by Joe Collette over 5 years ago
Reproduced on Foreman 1.19.1 where host was using salt proxy version foreman-proxy-1.20.2-1.el7.noarch.
019-06-26T11:28:26 7df3b9cd [I] Started GET /key
2019-06-26T11:28:26 7df3b9cd [D] Found salt-key at /usr/bin/salt-key
2019-06-26T11:28:26 7df3b9cd [D] Found salt at /usr/bin/salt
2019-06-26T11:28:26 7df3b9cd [D] Found sudo at /usr/bin/sudo
2019-06-26T11:28:26 7df3b9cd [D] Executing /usr/bin/sudo -u root /usr/bin/salt-key --finger-all --output=json
2019-06-26T11:28:26 7df3b9cd [I] Finished GET /key with 200 (466.33 ms)
Updated by Joe Collette over 5 years ago
Same problem with salt proxy foreman-proxy-1.22.0-1.el7.noarch.
2019-06-26T11:54:32 7df3b9cd [I] Started GET /key
2019-06-26T11:54:32 7df3b9cd [D] Found salt-key at /usr/bin/salt-key
2019-06-26T11:54:32 7df3b9cd [D] Found salt at /usr/bin/salt
2019-06-26T11:54:32 7df3b9cd [D] Found sudo at /usr/bin/sudo
2019-06-26T11:54:32 7df3b9cd [D] Executing /usr/bin/sudo -u root /usr/bin/salt-key --finger-all --output=json
2019-06-26T11:54:33 7df3b9cd [I] Finished GET /key with 200 (469.92 ms)
2019-06-26T11:54:33 [D] close: 10.250.8.10:37184
Updated by Joe Collette over 5 years ago
This is working in foreman 1.22.
19-07-02T10:12:04 d0224663 [D] Found sudo at /usr/bin/sudo
2019-07-02T10:12:04 d0224663 [D] about to execute: ["/usr/bin/sudo", "-u", "root", "/usr/bin/salt-key", "--yes", "-d", "caconsul3"]
2019-07-02T10:12:04 d0224663 [I] Result: The following keys are going to be deleted:
Accepted Keys:
caconsul3
Key for minion caconsul3 deleted.
2019-07-02T10:12:04 d0224663 [I] Finished DELETE /key/caconsul3 with 200 (462.43 ms)
2019-07-02T10:12:04 [D] close: 10.250.8.10:60864