Bug 1418406

Summary: Bad ueber cert data can potentially occur after applying previous cleanup patches
Product: Red Hat Satellite Reporter: Barnaby Court <bcourt>
Component: CandlepinAssignee: vritant <vrjain>
Status: CLOSED ERRATA QA Contact: Jan Hutaƙ <jhutar>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2.6CC: bbuckingham, bcourt, candlepin-bugs, crog, ehelms, jcallaha, jhutar, jjansky, katello-qa-list, mstead, redakkan, skallesh
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: candlepin-2.1.13-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1418376
: 1531106 1533140 (view as bug list) Environment:
Last Closed: 2018-02-21 16:54:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1418376, 1531107    
Bug Blocks: 1533140    

Description Barnaby Court 2017-02-01 18:44:21 UTC 
+++ This bug was initially created as a clone of Bug #1418376 +++

A user had reported that they couldn't perform a capsule sync on satellite. Upon further investigation, their ueber cert data was not in the correct state, even after applying the cleanup that was released with an update.

The reported error was along the lines of:

2017-02-01 12:14:14,368 [thread=http-nio-8443-exec-10] [req=5c42b668-c68c-45cc-b2eb-a7a2b321f64c, org=admin] ERROR org.candlepin.model.UeberCertificateGenerator - Problem generating ueber cert for owner: admin
org.hibernate.NonUniqueResultException: query did not return a unique result: 2
	at org.hibernate.internal.AbstractQueryImpl.uniqueElement(AbstractQueryImpl.java:914) ~[hibernate-core-4.2.5.Final.jar:4.2.5.Final]
	at org.hibernate.internal.CriteriaImpl.uniqueResult(CriteriaImpl.java:396) ~[hibernate-core-4.2.5.Final.jar:4.2.5.Final]
	at org.candlepin.model.PoolCurator.findUeberPool(PoolCurator.java:337) ~[classes/:]
	at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:58) ~[guice-persist-3.0.jar:na]
	at org.candlepin.model.UeberCertificateGenerator.generate(UeberCertificateGenerator.java:110) ~[classes/:]
	at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:66) ~[guice-persist-3.0.jar:na]


The cleanup queries supplied in previous candlepin updates missed some of the bad ueber pools because they didn't account for candlepin's loose product references in 0.9.54 (cp_pool.product_id is not a foreign_key). Because of this, an ueber pool can exist in the DB without the actual ueber product being there. The cleanup queries unfortunately relied on this relationship when deleting the bad data.

While the product/pool relationship should always be present, older bugs in ueber cert generation and/or cleanup patches, could potentially allow the pool to exist without the product.


Steps to Reproduce:
I was unable to determine the steps to reproduce from an installed candlepin, however, there is a way to manually put candlepin in the bad state to test the fix.

Once the patch is in github, I'll post the testing setup details here.
Comment 18 vritant 2018-01-11 12:04:54 UTC 
Note, the following upgrades were already working:
candlepin-0.9.54.17-1 ( or 0.9.54.X-1 where X < 18 ) to candlepin-0.9.54.26-1 ( latest build for satellite 6.2 )

the PRs for this bug fixes following upgrade path which was broken:
candlepin-0.9.54.X-1 ( where X < 18 ) to candlepin-2.3.0 and
candlepin-0.9.54.X-1 ( where X < 18 ) to candlepin-2.1.0 .
Comment 19 Satellite Program 2018-02-21 16:54:17 UTC 
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.
> 
> For information on the advisory, and where to find the updated files, follow the link below.
> 
> If the solution does not work for you, open a new bug report.
> 
> https://access.redhat.com/errata/RHSA-2018:0336