Bug 2021576 - traceback blocks reconciliation of helm repository hosted on AWS S3 storage
Summary: traceback blocks reconciliation of helm repository hosted on AWS S3 storage
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Advanced Cluster Management for Kubernetes
Classification: Red Hat
Component: App Lifecycle
Version: rhacm-2.3
Hardware: All
OS: All
unspecified
low
Target Milestone: ---
: rhacm-2.4.2
Assignee: Mike Ng
QA Contact: Ruici Hong
bswope@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-11-09 16:34 UTC by Felix Dewaleyne
Modified: 2022-03-03 23:20 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-02-22 21:58:13 UTC
Target Upstream Version:
Embargoed:
ruhong: qe_test_coverage+
bot-tracker-sync: rhacm-2.3.z+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github open-cluster-management backlog issues 17840 0 None None None 2021-11-09 17:28:18 UTC
Red Hat Product Errata RHSA-2022:0595 0 None None None 2022-02-22 21:58:53 UTC

Description Felix Dewaleyne 2021-11-09 16:34:04 UTC 
Description of the problem:
application synced using helm cannot reconcile due to a traceback

Release version:
2.3

Operator snapshot version:

OCP version:

Browser Info:

Steps to reproduce:
1. set up helm repo on S3 storage based on repo from additional info
2. set reconciliation to medium (15 minutes)
3.observe the management-ingress logs

Actual results:
2021-11-04T11:51:38.633326028Z 2021/11/04 11:51:38 [notice] 31#31: *15801 [lua] oauthproxy.lua:76: validate_access_token_or_exit(): Authorization header found. Attempt to extract token., client: 10.126.8.1, server: _, request: "GET /multicloud/common/applinks/ HTTP/1.1", host: "multicloud-console.apps.cmp-mgmt.example.com", referrer: "https://multicloud-console.apps.cmp-mgmt.example.com/multicloud/applications/sealed-secrets/sealed-secrets?apiVersion=app.k8s.io%2Fv1beta1"
2021-11-04T11:51:38.633326028Z 2021/11/04 11:51:38 [warn] 31#31: *15801 [lua] _G write guard:12: __newindex(): writing a global Lua variable ('_') which may lead to race conditions between concurrent requests, so prefer the use of 'local' variables
2021-11-04T11:51:38.633326028Z stack traceback:
2021-11-04T11:51:38.633326028Z  /opt/ibm/router/nginx//conf/oauthproxy.lua:77: in function 'validate_access_token_or_exit'
2021-11-04T11:51:38.633326028Z  access_by_lua(nginx.conf:810):4: in main chunk, client: 10.126.8.1, server: _, request: "GET /multicloud/common/applinks/ HTTP/1.1", host: "multicloud-console.apps.cmp-mgmt.example.com", referrer: "https://multicloud-console.apps.cmp-mgmt.example.com/multicloud/applications/sealed-secrets/sealed-secrets?apiVersion=app.k8s.io%2Fv1beta1"


Expected results:
reconciliation passes and changes to the application are brought forward

Additional info:
repo used is based on https://github.com/bitnami-labs/sealed-secrets/tree/main/helm/sealed-secrets
Comment 7 Ruici Hong 2022-01-28 16:30:13 UTC 
Tested and verified on
ACM - 2.4.2-DOWNSTREAM-2022-01-10-07-59-03
OCP - 4.8.2
Comment 8 Ruici Hong 2022-01-28 19:52:07 UTC 
RHACM4K-8954 - Application Lifecycle - HelmRelease should get re-installed/updated when package override values change in subscription
https://polarion.engineering.redhat.com/polarion/#/project/RHACM4K/workitem?id=RHACM4K-8954
Test case created.
Comment 16 errata-xmlrpc 2022-02-22 21:58:13 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Advanced Cluster Management 2.3.6 security updates and bug fixes), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0595
Note You need to log in before you can comment on or make changes to this bug.