Bug 1678337 - Failure in awx upgrade, Preflight check fails for rabbitmq password.
Summary: Failure in awx upgrade, Preflight check fails for rabbitmq password.
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.10.0
Hardware: x86_64
OS: Linux
high
high
Target Milestone: GA
: 5.11.0
Assignee: Nick Carboni
QA Contact: Md Nadeem
Red Hat CloudForms Documentation
URL:
Whiteboard:
Depends On:
Blocks: 1678489
TreeView+ depends on / blocked
 
Reported: 2019-02-18 14:45 UTC by Prasad Mukhedkar
Modified: 2022-03-13 17:00 UTC (History)
12 users (show)

Fixed In Version: 5.11.0.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1678489 (view as bug list)
Environment:
Last Closed: 2019-12-13 15:00:53 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Comment 1 Nick Carboni 2019-02-18 14:59:06 UTC
The issue here is that the find parameters in the migration used to fix the upgrade case of bug 1638009 were incorrect.

This lead to the authentication record not being updated when the migration was run and the failure of the playbook run.

We can create a new migration to fix this correctly, but in the mean time here are the steps to correct this manually.

1. Ensure all the tower processes are stopped and the embedded ansible role is turned off
2. Fix the password in the database with the following commands in a rails console:

require 'securerandom'
auth = Authentication.in_my_region.find_by(:authtype => "ansible_rabbitmq_auth")
auth.update_attributes!(:password => MiqPassword.encrypt(SecureRandom.hex(18)))

3. Force a re-run of the setup playbook the next time embedded ansible is enabled by running this command in a shell on the appliance which will have the role enabled:

vmdb
touch tmp/embedded_ansible_force_setup_run

4. Enable the embedded ansible role

Prasad, can you comment back with the results of these steps?

Comment 4 CFME Bot 2019-02-18 21:12:12 UTC
New commit detected on ManageIQ/manageiq-schema/master:

https://github.com/ManageIQ/manageiq-schema/commit/704586e5292ff2b0b718440c8274f27ac012f954
commit 704586e5292ff2b0b718440c8274f27ac012f954
Author:     Nick Carboni <ncarboni>
AuthorDate: Mon Feb 18 14:18:55 2019 -0500
Commit:     Nick Carboni <ncarboni>
CommitDate: Mon Feb 18 14:18:55 2019 -0500

    Create a new migration to fix special characters in the rabbitmq password

    Previously the arguments to the find_by call were incorrect so
    the migration would never find a record. The issue is that the
    userid was "tower" not "ansible".

    In the new version we only search by the type and authtype attributes
    which should never change and are clearly defined in the application code

    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1678337

 db/migrate/20181012160010_remove_special_characters_from_ansible_rabbitmq_password.rb | 24 +-
 db/migrate/20181012161000_remove_special_characters_from_ansible_rabbitmq_password_two.rb | 23 +
 spec/migrations/20181012160010_remove_special_characters_from_ansible_rabbitmq_password_spec.rb | 55 -
 spec/migrations/20181012161000_remove_special_characters_from_ansible_rabbitmq_password_two_spec.rb | 55 +
 4 files changed, 79 insertions(+), 78 deletions(-)


Note You need to log in before you can comment on or make changes to this bug.