Bug 2227019

Summary: rhc fails to retrieve the system profile
Product: Red Hat Enterprise Linux 8 Reporter: Alba Hita <ahitacat>
Component: rhcAssignee: CSI Client Tools Bugs <csi-client-tools-bugs>
Status: MODIFIED --- QA Contact: CSI Client Tools Bugs <csi-client-tools-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.9CC: arpandey, cmarinea, csi-client-tools-bugs, qianzhan
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: rhc-0.2.4-1.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2227012 Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2227012    
Bug Blocks:    

Description Alba Hita 2023-07-27 13:05:55 UTC 
+++ This bug was initially created as a clone of Bug #2227012 +++

Description of problem:
When rhc cannot retrieve the profile it will debug this failure, but the execution will fail without any error.

rhc should not end with a 1 status if it is connected to rhsm and insights.



Version-Release number of selected component (if applicable):
rhc-0.2.2-1.el9

How reproducible:
Always


Actual results:
>>> rhc connect
Connecting localhost.localdomain to Red Hat.
This might take a few seconds.
● Connected to Red Hat Subscription Management
● Connected to Red Hat Insights
● Activated the Remote Host Configuration daemon
Successfully connected to Red Hat!
Manage your connected systems: https://red.ht/connector
The following errors were encountered during connect:
STEP ERROR 
Remote Host Configuration Cannot get the user profile: Get "https://subscription.rhsm.stage.redhat.com/redhat_access/r/insights/platform/config-manager/v2/profiles/current": x509: certificate signed by unknown authority
echo $?
1

Expected results:
>>> rhc connect
Connecting localhost.localdomain to Red Hat.
This might take a few seconds.
● Connected to Red Hat Subscription Management
● Connected to Red Hat Insights
● Activated the Remote Host Configuration daemon
Successfully connected to Red Hat!
Manage your connected systems: https://red.ht/connector
The following errors were encountered during connect:
STEP ERROR 
Remote Host Configuration Cannot get the user profile: Get "https://subscription.rhsm.stage.redhat.com/redhat_access/r/insights/platform/config-manager/v2/profiles/current": x509: certificate signed by unknown authority
echo $?
0
Comment 1 qianzhan 2023-08-01 07:13:36 UTC 
Pre-verification:

1. Provision RHEL-8.9.0-20230731.d.62-BaseOS-x86_64 in beaker.


2. Update rhc:

[root@dell-per740-68-vm-07 ~]# rpm -qa | grep rhc
rhc-0.2.2-1.el8.x86_64

 
[root@dell-per740-68-vm-07 ~]# dnf update --repoid=copr:copr.devel.redhat.com:ahitacat:rhc
…
…
Installed products updated.
Upgraded:
  rhc-1:0.2.4-0.3.git.4dc7e38.el8.x86_64
Complete!

[root@dell-per740-68-vm-07 ~]# rpm -qa | grep rhc
rhc-0.2.4-0.3.git.4dc7e38.el8.x86_64

 
3. Configure rhc to connect Stage:

[root@dell-per740-68-vm-07 ~]# cat /etc/rhc/config.toml 
# yggdrasil global configuration settings
broker = ["wss://connect.cloud.stage.redhat.com:443"]
data-host = "cert.cloud.stage.redhat.com"
log-level = "debug"
cert-file = "/etc/pki/consumer/cert.pem"
key-file = "/etc/pki/consumer/key.pem" 


[root@dell-per740-68-vm-07 ~]# subscription-manager config --server.hostname=subscription.rhsm.stage.redhat.com


4. To reproduce the 'x509: certificate signed by unknown authority' issue, make sure base_url is not specified:

[root@dell-per740-68-vm-07 ~]# cat /etc/insights-client/insights-client.conf | grep base_url
#base_url=cert-api.access.redhat.com:443/r/insights 


5. Connect the system by rhc:
[root@dell-per740-68-vm-07 ~]# rhc connect
Connecting dell-per740-68-vm-07.lab.eng.pek2.redhat.com to Red Hat.

This might take a few seconds.

Username: insights-qa

Password: 

● Connected to Red Hat Subscription Management

● Connected to Red Hat Insights

● Activated the rhc daemon

 

Successfully connected to Red Hat!

 

Manage your connected systems: https://red.ht/connector

 

STEP      DURATION  

rhsm      22.901s   

insights  40.006s   

rhc       22ms      

 

The following errors were encountered during connect:

 

TYPE  STEP  ERROR  

WARN  rhc   cannot get the user profile: Get "https://subscription.rhsm.stage.redhat.com/redhat_access/r/insights/platform/config-manager/v2/profiles/current": tls: failed to verify certificate: x509: certificate signed by unknown authority

[root@dell-per740-68-vm-07 ~]# echo $?

0


As per step 5, return code is 0 when the system is connected to both RHSM and insights. So set the bug verified:tested.