Bug 1846679

Summary: satellite-installer/capsule-certs-generate can not handle '-S' in the argument
Product: Red Hat Satellite Reporter: Amar Huchchanavar <ahuchcha>
Component: InstallationAssignee: Ewoud Kohl van Wijngaarden <ekohlvan>
Status: CLOSED ERRATA QA Contact: Devendra Singh <desingh>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.7.0CC: egolov, ekohlvan, pcreech, saydas, zhunting
Target Milestone: 6.9.0Keywords: Triaged
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-04-21 13:14:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Amar Huchchanavar 2020-06-12 15:56:50 UTC 
Description of problem: capsule-certs-generate and satellite-installer fail immediately if any of the provided argument contains '-S'.

Example:
1]--server-ca-cert "/root/certs/A-STest.crt"  

#capsule-certs-generate --foreman-proxy-fqdn "capsule.fqdn.here"   --certs-tar  "~/capsule-certs.tar"  --server-cert "/root/ssl-build/capsule.fqdn.here/capsule_cert.pem"  --server-key "/root/ssl-build/capsule.fqdn.here/capsule_cert_key.pem"  --server-ca-cert "/root/certs/A-STest.crt"

ERROR: Scenario (/usr/share/foreman-installer/katello-certs/scenarios.d/Test.crt.yaml) was not found, can not continue

2] --certs-server-cert "/etc/pki/katello/certs/katello-S-apache.crt" 

#satellite-installer --scenario satellite                      --certs-server-cert "/etc/pki/katello/certs/katello-S-apache.crt"                       --certs-server-key "/etc/pki/katello/private/katello-apache.key"                       --certs-server-ca-cert "/etc/pki/katello/certs/katello-server-ca.crt"
[ INFO 2020-06-12T21:13:23 verbose] Executing hooks in group pre_migrations
[ INFO 2020-06-12T21:13:23 verbose] All hooks in group pre_migrations finished
[ERROR 2020-06-12T21:13:23 verbose] You are trying to replace existing installation with different scenario. This may lead to unpredictable states. Use --force to override. You can use --compare-scenarios to see the differences
[ INFO 2020-06-12T21:13:23 verbose] Log was be written to /var/log/foreman-installer/satellite.log
[ INFO 2020-06-12T21:13:23 verbose] Logs flushed



Version-Release number of selected component (if applicable):
Satellite 6.5/6.6/6.7

How reproducible:
Always

Steps to Reproduce:
1. #capsule-certs-generate --foreman-proxy-fqdn "capsule.fqdn.here"   --certs-tar  "~/capsule-certs.tar"  --server-cert "/root/ssl-build/capsule.fqdn.here/capsule_cert.pem"  --server-key "/root/ssl-build/capsule.fqdn.here/capsule_cert_key.pem"  --server-ca-cert "/root/certs/A-STest.crt"

2.#satellite-installer --scenario satellite                      --certs-server-cert "/etc/pki/katello/certs/katello-S-apache.crt"                       --certs-server-key "/etc/pki/katello/private/katello-apache.key"                       --certs-server-ca-cert "/etc/pki/katello/certs/katello-server-ca.crt"

3.# satellite-installer --help |grep "-S"
grep: invalid option -- 'S'
Usage: grep [OPTION]... PATTERN [FILE]...
Try 'grep --help' for more information.
/usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:139:in `write': Broken pipe - <STDOUT> (Errno::EPIPE)
	from /usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:139:in `puts'
	from /usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:139:in `puts'
	from /usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:139:in `rescue in run'
	from /usr/share/gems/gems/clamp-1.1.2/lib/clamp/command.rb:132:in `run'
	from /usr/share/gems/gems/kafo-4.0.1/lib/kafo/kafo_configure.rb:162:in `run'
	from /usr/sbin/satellite-installer:8:in `<main>'



Actual results:
Fails with the above-mentioned errors.

Expected results:
It should not fail.

Additional info:
#capsule-certs-generate --help
    -S, --scenario SCENARIO       Use installation scenario

#satellite-installer --help
    -S, --scenario SCENARIO       Use installation scenario
Comment 1 Ewoud Kohl van Wijngaarden 2020-06-25 15:36:24 UTC 
Note that for grep you should use grep -- -S.

Upstream a minimal reproducer in develop is:

foreman-proxy-certs-generate --server-ca-cert A-ST

The problem is a bad regex here:
https://github.com/theforeman/kafo/blob/68ae1ad760f4073a6fedc9ce8cfe4f6ddd1a85e8/lib/kafo/scenario_manager.rb#L81
Comment 2 Bryan Kearney 2020-06-25 20:04:53 UTC 
Upstream bug assigned to ekohlvan
Comment 3 Bryan Kearney 2020-06-25 20:04:55 UTC 
Upstream bug assigned to ekohlvan
Comment 4 Bryan Kearney 2020-07-04 20:05:03 UTC 
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/30218 has been resolved.
Comment 5 Brad Buckingham 2020-11-13 19:44:50 UTC 
Fix is in Satellite 6.9 SNAP 1 with tfm-rubygem-kafo-6.0.0-1.el7sat.noarch
Comment 12 Devendra Singh 2021-01-06 13:24:38 UTC 
FailedQA.

Version tested: Satellite 6.9.0 Snap 7
Comment 17 Devendra Singh 2021-03-16 16:23:04 UTC 
Verified on 6.9 Snap 17
Comment 20 errata-xmlrpc 2021-04-21 13:14:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.9 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:1313