1889787 – OCP is flooding the oVirt engine with auth errors

Bug 1889787 - OCP is flooding the oVirt engine with auth errors

Summary: OCP is flooding the oVirt engine with auth errors

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Cloud Compute
Sub Component:
Version:	4.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	---
Target Release:	4.7.0
Assignee:	Gal Zaidman
QA Contact:	michal
Docs Contact:
URL:
Whiteboard:
Depends On:	1889755
Blocks:
TreeView+	depends on / blocked

Reported:	2020-10-20 15:00 UTC by Gal Zaidman
Modified:	2021-02-24 15:27 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-02-24 15:26:59 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openshift cluster-api-provider-ovirt pull 75	None	closed	Bug 1897138: Port to machine-api-operator	2021-01-24 08:05:03 UTC
Github	openshift ovirt-csi-driver-operator pull 35	None	closed	bump go-ovirt to 2020-10-23	2021-01-24 08:05:03 UTC
Github	openshift ovirt-csi-driver pull 55	None	closed	bump go-ovirt and run make vendor	2021-01-24 08:05:45 UTC
Red Hat Product Errata	RHSA-2020:5633	None	None	None	2021-02-24 15:27:26 UTC

Description Gal Zaidman 2020-10-20 15:00:10 UTC

Description of problem:

OCP is flooding the oVirt engine with auth errors:

2020-10-20 16:22:29,343+03 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-95) [58191b5e] OAuthException invalid_grant: The provided authorization grant for the auth code has expired.
2020-10-20 16:22:29,396+03 INFO  [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-93) [] User admin@internal successfully logged in with scopes: ovirt-app-api ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access

The reason is due to an issue with the go ovirt sdk.

Openshift is not affected by that at all, this only effect the engine log

Version-Release number of selected component (if applicable):


How reproducible:
1. Deploy an OCP 4.6 on top of oVirt
2. tail -f /var/log/ovirt-engine/engine.log

Actual results:
engine log is filled with auth errors

Expected results:
-

Comment 3 michal 2020-12-29 11:58:34 UTC

verify on:
4.7.0-0.nightly-2020-12-21-131655 

steps:
1) Deploy an OCP 4.7 on top of oVirt
2) tail -f /var/log/ovirt-engine/engine.log

results: 
there are no errors message

Comment 5 errata-xmlrpc 2021-02-24 15:26:59 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633

Note You need to log in before you can comment on or make changes to this bug.