Description of problem: deploy "https" download package to app via REST API failed, https protocol should be supported Version-Release number of selected component (if applicable): devenv_5041 How reproducible: always Steps to Reproduce: 1. create one app rhc app create php php-5.3 2. create another app rhc app create php2 php-5.3 3. snapshot save the second app with "--deployment" rhc snapshot save php2 --deployment 4. move the second app tar file to its repo and git push mv php2.tar.gz php2 cd php2; git add .; git commit -amp; git push 5. deploy the second "https" download package to the first app curl -k -H "Content-Type: application/json" -u gusun+1:* https://$server/broker/rest/application/53db7f5e6cec0ef884001e72/deployments -d '{"artifact_url":"https://php2-gusun1.*.rhcloud.com/php2.tar.gz"}' -X POST | json_reformat curl -k -H "Accept: application/xml" -u gusun+1:* https://$server/broker/rest/application/53db7f5e6cec0ef884001e72/deployments -d artifact_url="https://php2-gusun1.*.rhcloud.com/php2.tar.gz" -X POST 3. check the result to expect the success message Actual results: The deployment is failed. ################## [guoleis@localhost php2]$ curl -k -H "Content-Type: application/json" -u gusun+1:* https://$server/broker/rest/application/53db7f5e6cec0ef884001e72/deployments -d '{"artifact_url":"https://php2-gusun1.*.rhcloud.com/php2.tar.gz"}' -X POST | json_reformat { "api_version": 1.7, "data": null, "messages": [ { "exit_code": 2, "field": null, "index": null, "severity": "debug", "text": "Unable to extract deployment archive using command: /usr/bin/curl https://php2-gusun1.*.rhcloud.com/php2.tar.gz | /bin/tar -xz" }, { "exit_code": 2, "field": null, "index": null, "severity": "error", "text": "Unable to complete the requested operation due to: An invalid exit code (2) was returned from the server $server. This indicates an unexpected problem during the execution of your request.\nReference ID: 23794d15b1795fd237ef6abb4fad1dc7" } ], "status": "internal_server_error", "supported_api_versions": [ 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7 ], "type": null, "version": "1.7" } [guoleis@localhost php2]$ curl -k -H "Accept: application/xml" -u gusun+1:* https://$server/broker/rest/application/53db7f5e6cec0ef884001e72/deployments -d artifact_url="https://php2-gusun1.*.rhcloud.com/php2.tar.gz" -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>internal_server_error</status> <type nil="true"></type> <data> <datum nil="true"></datum> </data> <messages> <message> <severity>debug</severity> <text>Unable to extract deployment archive using command: /usr/bin/curl https://php2-gusun1.*.rhcloud.com/php2.tar.gz | /bin/tar -xz</text> <exit-code>2</exit-code> <field nil="true"></field> <index nil="true"></index> </message> <message> <severity>error</severity> <text>Unable to complete the requested operation due to: An invalid exit code (2) was returned from the server $server. This indicates an unexpected problem during the execution of your request. Reference ID: d173bed5024c04fb9ea6f4ae785e981b</text> <exit-code>2</exit-code> <field nil="true"></field> <index nil="true"></index> </message> </messages> <version>1.7</version> <api-version>1.7</api-version> <supported-api-versions> <supported-api-version>1.0</supported-api-version> <supported-api-version>1.1</supported-api-version> <supported-api-version>1.2</supported-api-version> <supported-api-version>1.3</supported-api-version> <supported-api-version>1.4</supported-api-version> <supported-api-version>1.5</supported-api-version> <supported-api-version>1.6</supported-api-version> <supported-api-version>1.7</supported-api-version> </supported-api-versions> </response> ################## Expected results: The deployment should be succeed. Additional info: Both xml and json are unavailable. Below command should work with "-k". But we should consider the ssl security. curl -k $url | tar -zx
Commits pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/0110818ab94c1e3e0ff10901db3d868b75e12ad4 deployments.rb: Changes :err to be visible to user Using the REST api for binary deployments could result in errors with the node using the curl command, however the user would not be able to see why or how the curl command failed. Changes the :out and :err streams sent to the node to be nil, so that the error output is sent back to the user as part of the text variable. Also changes the corresponding test. Bug 1126836 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1126836 https://github.com/openshift/origin-server/commit/d88d40f04cad557adb04af1d8dedc2c2dc139a4e Merge pull request #6317 from thrasher-redhat/bug1126836 Merged by openshift-bot
QA, Please verify that users should now be able to see more accurate responses in the 'text' field of the returned json. The steps to reproduce should still fail, however it there will be information on why the failure happened. 1. The results from the reproduction steps should result in a failure with the error from the command shown in the 'text' field, similar to the result below: $ curl -k -H "Content-Type: application/json" -u gusun+1:* https://$server/broker/rest/application/53db7f5e6cec0ef884001e72/deployments -d '{"artifact_url":"https://php2-gusun1.*.rhcloud.com/php2.tar.gz"}' -X POST | json_reformat { "api_version": 1.7, "data": null, "messages": [ { "exit_code": 2, "field": null, "index": null, "severity": "debug", "text": "Unable to extract deployment archive using command: /usr/bin/curl https://php2-gusun1.*.rhcloud.com/php2.tar.gz | /bin/tar -xz" }, { "exit_code": 2, "field": null, "index": null, "severity": "error", "text": "Unable to extract deployment archive using command: /usr/bin/curl https://php2-gusun.dev.rhcloud.com/php2.tar.gz | /bin/tar -xz\n\n\ncurl: (60) Peer certificate cannot be authenticated with known CA certificates\nMore details here: http://curl.haxx.se/docs/sslcerts.html\n\ncurl performs SSL certificate verification by default, using a \"bundle\"\n of Certificate Authority (CA) public keys (CA certs). If the default\n bundle file isn't adequate, you can specify an alternate file\n using the --cacert option.\nIf this HTTPS server uses a certificate signed by a CA represented in\n the bundle, the certificate verification probably failed due to a\n problem with the certificate (it might be expired, or the name might\n not match the domain name in the URL).\nIf you'd like to turn off curl's verification of the certificate, use\n the -k (or --insecure) option.\n\ngzip: stdin: unexpected end of file\n/bin/tar: Child returned status 1\n/bin/tar: Error is not recoverable: exiting now\n", :exitcode=>2, :addtl_params=>nil } } ], "status": "internal_server_error", "supported_api_versions": [ 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7 ], "type": null, "version": "1.7" }
Checked on build devenv_5746, we can got the detail info as describe in #comment 4, so move the bug to verified. # server=<ifno...hide...here> # curl -k -H "Accept: application/xml" -u lxia:* https://$server/broker/rest/domains/lxiad/applications/php/deployments -d artifact_url="https://php2-lxiad.dev.rhcloud.com/php2.tar.gz" -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>internal_server_error</status> <type nil="true"></type> <data> <datum nil="true"></datum> </data> <messages> <message> <severity>debug</severity> <text>Unable to extract deployment archive using command: /usr/bin/curl https://php2-lxiad.dev.rhcloud.com/php2.tar.gz | /bin/tar -xz curl: (60) Peer certificate cannot be authenticated with known CA certificates More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. gzip: stdin: unexpected end of file /bin/tar: Child returned status 1 /bin/tar: Error is not recoverable: exiting now </text> <exit-code>2</exit-code> <field nil="true"></field> <index nil="true"></index> </message> <message> <severity>error</severity> <text>Unable to complete the requested operation due to: An invalid exit code (2) was returned from the server ip-172-18-7-171. This indicates an unexpected problem during the execution of your request. Reference ID: 3a30f5413ced160f3957c056da75a2bb</text> <exit-code>2</exit-code> <field nil="true"></field> <index nil="true"></index> </message> </messages> <version>1.7</version> <api-version>1.7</api-version> <supported-api-versions> <supported-api-version>1.0</supported-api-version> <supported-api-version>1.1</supported-api-version> <supported-api-version>1.2</supported-api-version> <supported-api-version>1.3</supported-api-version> <supported-api-version>1.4</supported-api-version> <supported-api-version>1.5</supported-api-version> <supported-api-version>1.6</supported-api-version> <supported-api-version>1.7</supported-api-version> </supported-api-versions> </response>
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause.