Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1592651

Summary: 3.10.1-1 prerequisites playbook fails citing htpasswd error... even when htpasswd auth is *not* enabled
Product: OpenShift Container Platform Reporter: Nicholas Schuetz <nick>
Component: InstallerAssignee: Vadim Rutkovsky <vrutkovs>
Status: CLOSED NOTABUG QA Contact: Johnny Liu <jialiu>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.10.0CC: aos-bugs, jokerman, mmccomas, nick, vrutkovs
Target Milestone: ---   
Target Release: 3.10.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-06-19 15:27:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
error
none
ansible-inventory-file none

Description Nicholas Schuetz 2018-06-19 05:15:41 UTC 
TASK [Run variable sanity checks] *********************************************************************************************************************************************************************************
fatal: [master01.ocp.nicknach.net]: FAILED! => {"failed": true, "msg": "last_checked_host: master01.ocp.nicknach.net, last_checked_var: openshift_master_manage_htpasswd;string indices must be integers"}

I am only able to get a clean install after enabling htpasswd over LDAP (IPA).  I dont want to use htpasswd at all.


Screenshot attached.
Comment 1 Nicholas Schuetz 2018-06-19 05:16:12 UTC 
Created attachment 1452809 [details]
error
Comment 2 Nicholas Schuetz 2018-06-19 05:17:18 UTC 
Created attachment 1452810 [details]
ansible-inventory-file
Comment 3 Vadim Rutkovsky 2018-06-19 11:53:04 UTC 
The installation stops because the value cannot be parsed into a list of dicts: bool values need to be quoted too. This is why its recommended to place complex vars into a separate YAML - e.g. inventory/group_vars/OSEv3

Sanity checks show incorrect last_checked_var, as it checks that htpasswd file is in correct location if openshift_master_manage_htpasswd is set (and its set to True by default). 

The latter would be fixed in https://github.com/openshift/openshift-ansible/pull/8846. It also would ensure openshift_master_identity_providers is properly parsed into a string - and throw exception early if its not.

Nick, could you verify that setting 

openshift_master_identity_providers=[{"name":"myipa","challenge":"true","login":"true","kind":"LDAPPasswordIdentityProvider","attributes":{"id":["dn"],"email":["mail"],"name":["cn"],"preferredUsername":["uid"]},"bindDN":"","bindPassword":"","ca":"my-ldap-ca-bundle.crt","insecure":"false","url":"ldap://gw.home.nicknach.net/cn=users,cn=accounts,dc=home,dc=nicknach,dc=net?uid"}]

works fine?
Comment 4 Nicholas Schuetz 2018-06-19 15:14:16 UTC 
That worked.  I made sure to properly quote all the booleans and i got a clean install.  

-Nick