Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1418406 - Bad ueber cert data can potentially occur after applying previous cleanup patches
Summary: Bad ueber cert data can potentially occur after applying previous cleanup pat...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Candlepin
Version: 6.2.6
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: Unspecified
Assignee: vritant
QA Contact: Jan Hutař
URL:
Whiteboard:
Depends On: 1418376 1531107
Blocks: 1533140
TreeView+ depends on / blocked
 
Reported: 2017-02-01 18:44 UTC by Barnaby Court
Modified: 2020-12-14 08:07 UTC (History)
12 users (show)

Fixed In Version: candlepin-2.1.13-1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1418376
: 1531106 1533140 (view as bug list)
Environment:
Last Closed: 2018-02-21 16:54:17 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Barnaby Court 2017-02-01 18:44:21 UTC 
+++ This bug was initially created as a clone of Bug #1418376 +++

A user had reported that they couldn't perform a capsule sync on satellite. Upon further investigation, their ueber cert data was not in the correct state, even after applying the cleanup that was released with an update.

The reported error was along the lines of:

2017-02-01 12:14:14,368 [thread=http-nio-8443-exec-10] [req=5c42b668-c68c-45cc-b2eb-a7a2b321f64c, org=admin] ERROR org.candlepin.model.UeberCertificateGenerator - Problem generating ueber cert for owner: admin
org.hibernate.NonUniqueResultException: query did not return a unique result: 2
	at org.hibernate.internal.AbstractQueryImpl.uniqueElement(AbstractQueryImpl.java:914) ~[hibernate-core-4.2.5.Final.jar:4.2.5.Final]
	at org.hibernate.internal.CriteriaImpl.uniqueResult(CriteriaImpl.java:396) ~[hibernate-core-4.2.5.Final.jar:4.2.5.Final]
	at org.candlepin.model.PoolCurator.findUeberPool(PoolCurator.java:337) ~[classes/:]
	at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:58) ~[guice-persist-3.0.jar:na]
	at org.candlepin.model.UeberCertificateGenerator.generate(UeberCertificateGenerator.java:110) ~[classes/:]
	at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:66) ~[guice-persist-3.0.jar:na]


The cleanup queries supplied in previous candlepin updates missed some of the bad ueber pools because they didn't account for candlepin's loose product references in 0.9.54 (cp_pool.product_id is not a foreign_key). Because of this, an ueber pool can exist in the DB without the actual ueber product being there. The cleanup queries unfortunately relied on this relationship when deleting the bad data.

While the product/pool relationship should always be present, older bugs in ueber cert generation and/or cleanup patches, could potentially allow the pool to exist without the product.


Steps to Reproduce:
I was unable to determine the steps to reproduce from an installed candlepin, however, there is a way to manually put candlepin in the bad state to test the fix.

Once the patch is in github, I'll post the testing setup details here.
Comment 18 vritant 2018-01-11 12:04:54 UTC 
Note, the following upgrades were already working:
candlepin-0.9.54.17-1 ( or 0.9.54.X-1 where X < 18 ) to candlepin-0.9.54.26-1 ( latest build for satellite 6.2 )

the PRs for this bug fixes following upgrade path which was broken:
candlepin-0.9.54.X-1 ( where X < 18 ) to candlepin-2.3.0 and
candlepin-0.9.54.X-1 ( where X < 18 ) to candlepin-2.1.0 .
Comment 19 Satellite Program 2018-02-21 16:54:17 UTC 
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.
> 
> For information on the advisory, and where to find the updated files, follow the link below.
> 
> If the solution does not work for you, open a new bug report.
> 
> https://access.redhat.com/errata/RHSA-2018:0336
Note You need to log in before you can comment on or make changes to this bug.