Bug 1501512

Summary: Broker does not return credentials on subsequent bind endpoint calls
Product: OpenShift Container Platform Reporter: Shawn Hurley <shurley>
Component: Service BrokerAssignee: Shawn Hurley <shurley>
Status: CLOSED ERRATA QA Contact: Weihua Meng <wmeng>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.7.0CC: aos-bugs, chezhang, jmatthew, shurley, wjiang
Target Milestone: ---   
Target Release: 3.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Broker overwrote the bind credentials on subsequent bind endpoint calls Consequence: Bind credentials were saved incorrectly Fix: save bind credentials for every call Result: works as expected
 Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-05 09:29:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Shawn Hurley 2017-10-12 17:02:44 UTC 
Description of problem:
The broker is receiving more than 1 bind call for a service that is a duplicate and not returning the credentials

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Call bind on the API end point for a service. this will return a 201 with the credentials in the json body
2. Call the same bind. This will return with a 200 with an empty json body.
3.

Actual results:
Empty Json Body

Expected results:
The already created credentials should also be in the body.

Additional info:
Comment 1 Shawn Hurley 2017-10-12 20:24:32 UTC 
Bug fixes with PR: https://github.com/openshift/ansible-service-broker/pull/486
Comment 3 Weihua Meng 2017-10-18 11:33:23 UTC 
Hi Shawn
Could you provide detailed commands for reproduce steps?
Thanks so much.
Comment 4 Shawn Hurley 2017-10-18 14:42:17 UTC 
Hello,

You will want to call: 

curl -XPUT -H "Authorization: Bearer $(oc whoami -t)" -H 'Content-Type: application/json' <broker_url>/ansible-service-broker/v2/service_instances/<service_instance of bindable app>/service_bindings/924015ad-2358-4a5c-8770-80c5d22ad118 -d '{"service_id":"<id of service>","plan_id":"<cluster service plan id that was used to provison service.","bind_resource":{"app_guid":"54651936-b408-11e7-8470-c85b76064d75"}}' 

You should call that twice once you provision the bindable APB.
Both calls should have the credentials.
Comment 5 weiwei jiang 2017-10-19 09:21:19 UTC 
Checked with ansible-service-broker-1.0.10-1.el7.x86_64, and found that 

# curl -sk -XPUT -H "Content-Type: application/json" -H Authorization:\ Bearer\ wcLa0qpVlpXfCVVmENPoPcleNvglerN9ogZmGzhOynw https://asb.ansible-service-broker.svc:1338/ansible-service-broker/v2/service_instances/03572d01-e7d5-4b30-8f35-179eda3aec0c/service_bindings/03572d01-e7d5-4b30-8f35-179eda3aec0c -d '{"service_id":"27793015fe45db2fbc1deb7372cc4036","plan_id":"9f90a44d8181941768273a684de50de5","bind_resource":{}}' -v
* About to connect() to asb.ansible-service-broker.svc port 1338 (#0)
*   Trying 172.30.187.252...
* Connected to asb.ansible-service-broker.svc (172.30.187.252) port 1338 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* 	subject: CN=asb.ansible-service-broker.svc
* 	start date: Oct 19 08:31:09 2017 GMT
* 	expire date: Oct 19 08:31:10 2019 GMT
* 	common name: asb.ansible-service-broker.svc
* 	issuer: CN=openshift-service-serving-signer@1508367498
> PUT /ansible-service-broker/v2/service_instances/03572d01-e7d5-4b30-8f35-179eda3aec0c/service_bindings/03572d01-e7d5-4b30-8f35-179eda3aec0c HTTP/1.1
> User-Agent: curl/7.29.0
> Host: asb.ansible-service-broker.svc:1338
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer wcLa0qpVlpXfCVVmENPoPcleNvglerN9ogZmGzhOynw
> Content-Length: 113
> 
* upload completely sent off: 113 out of 113 bytes
< HTTP/1.1 201 Created
< Content-Type: application/json
< Date: Thu, 19 Oct 2017 09:20:37 GMT
< Content-Length: 182
< 
{
  "credentials": {
    "DB_HOST": "postgresql",
    "DB_NAME": "admin",
    "DB_PASSWORD": "redhat",
    "DB_PORT": "5432",
    "DB_TYPE": "postgres",
    "DB_USER": "admin"
  }
}
* Connection #0 to host asb.ansible-service-broker.svc left intact
Comment 6 weiwei jiang 2017-10-19 09:30:29 UTC 
Checked with ansible-service-broker-1.0.10-1.el7.x86_64, and found asb will return the same result with the following op for multiple times.

# curl -sk -XPUT -H "Content-Type: application/json" -H Authorization:\ Bearer\ wcLa0qpVlpXfCVVmENPoPcleNvglerN9ogZmGzhOynw https://asb.ansible-service-broker.svc:1338/ansible-service-broker/v2/service_instances/03572d01-e7d5-4b30-8f35-179eda3aec0c/service_bindings/03572d01-e7d5-4b30-8f35-179eda3aec0c -d '{"service_id":"27793015fe45db2fbc1deb7372cc4036","plan_id":"9f90a44d8181941768273a684de50de5","bind_resource":{}}' -v
* About to connect() to asb.ansible-service-broker.svc port 1338 (#0)
*   Trying 172.30.187.252...
* Connected to asb.ansible-service-broker.svc (172.30.187.252) port 1338 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* 	subject: CN=asb.ansible-service-broker.svc
* 	start date: Oct 19 08:31:09 2017 GMT
* 	expire date: Oct 19 08:31:10 2019 GMT
* 	common name: asb.ansible-service-broker.svc
* 	issuer: CN=openshift-service-serving-signer@1508367498
> PUT /ansible-service-broker/v2/service_instances/03572d01-e7d5-4b30-8f35-179eda3aec0c/service_bindings/03572d01-e7d5-4b30-8f35-179eda3aec0c HTTP/1.1
> User-Agent: curl/7.29.0
> Host: asb.ansible-service-broker.svc:1338
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer wcLa0qpVlpXfCVVmENPoPcleNvglerN9ogZmGzhOynw
> Content-Length: 113
> 
* upload completely sent off: 113 out of 113 bytes
< HTTP/1.1 201 Created
< Content-Type: application/json
< Date: Thu, 19 Oct 2017 09:20:37 GMT
< Content-Length: 182
< 
{
  "credentials": {
    "DB_HOST": "postgresql",
    "DB_NAME": "admin",
    "DB_PASSWORD": "redhat",
    "DB_PORT": "5432",
    "DB_TYPE": "postgres",
    "DB_USER": "admin"
  }
}
* Connection #0 to host asb.ansible-service-broker.svc left intact
Comment 7 Weihua Meng 2017-10-27 08:16:28 UTC 
Hi, Shawn
Can you help?
Thanks.
Comment 8 Shawn Hurley 2017-10-27 13:58:32 UTC 
> Checked with ansible-service-broker-1.0.10-1.el7.x86_64, and found asb will return the same result with the following op for multiple times.

That appears to verify the bug was fixed.
Comment 9 Weihua Meng 2017-10-27 14:26:04 UTC 
Thanks.
According to above comments, it is fixed.
Comment 13 errata-xmlrpc 2018-04-05 09:29:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0636