Description of problem: PG::ForeignKeyViolation: ERROR is shown when trying to create an ACS via hammer and providing non-existent index for --ssl-ca-cert-id, --ssl-client-cert-id, --ssl-client-key-id argument. The same error is shown for Simplified ACS creation, where these args are not applicable. Version-Release number of selected component (if applicable): 6.13.0 snap 5 How reproducible: always Steps to Reproduce: 1. Have a Satellite with some Prods and Capsules you could refer to in 2. 2. Try to create an ACS: # hammer alternate-content-source create --alternate-content-source-type simplified --name "Test SACS" --smart-proxy-ids 1,2 --product-ids 1 --content-type yum --ssl-ca-cert-id 2 # hammer alternate-content-source create --alternate-content-source-type simplified --name "Test SACS" --smart-proxy-ids 1,2 --product-ids 1 --content-type yum --ssl-client-cert-id 2 # hammer alternate-content-source create --alternate-content-source-type simplified --name "Test SACS" --smart-proxy-ids 1,2 --product-ids 1 --content-type yum --ssl-client-key-id 2 Note: No content-credential with id=2 exists on the Satellite. Actual results: Could not create the Alternate Content Source.: PG::ForeignKeyViolation: ERROR: insert or update on table "katello_alternate_content_sources" violates foreign key constraint "katello_alternate_content_sources_ssl_client_cert_id" DETAIL: Key (ssl_client_cert_id)=(2) is not present in table "katello_content_credentials". Expected results: Some wrapping error message for Custom ACS, in case of Simplified ACS some validation and same message as we have for the other not-applicable args (Validation failed: Ssl ca cert must be blank)
Created redmine issue https://projects.theforeman.org/issues/36051 from this bug
This is in progress.
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/36051 has been resolved.
Tested with latest snap and there is now an error message instead of a SQL error for content credential that does not exist. # hammer alternate-content-source create --alternate-content-source-type simplified --name "Test SACS" --smart-proxy-ids 1 --product-ids 1 --content-type yum --ssl-ca-cert-id 2 Could not create the Alternate Content Source.: Validation failed: Ssl ca cert must be blank hammer alternate-content-source create --alternate-content-source-type simplified --name "Test SACS" --smart-proxy-ids 1 --product-ids 1 --content-type yum --ssl-client-cert-id 2 Could not create the Alternate Content Source.: Validation failed: Ssl client cert must be blank hammer alternate-content-source create --alternate-content-source-type simplified --name "Test SACS" --smart-proxy-ids 1 --product-ids 1 --content-type yum --ssl-client-key-id 2 Could not create the Alternate Content Source.: Validation failed: Ssl client key must be blank Marking as VERIFIED
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Satellite 6.13 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:2097