Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed double slash in secret breaking db insert #4392

Merged
merged 1 commit into from Nov 20, 2020
Merged

Fixed double slash in secret breaking db insert #4392

merged 1 commit into from Nov 20, 2020

Conversation

Spaceman1984
Copy link
Contributor

Description

Fixes: #4147

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)

Screenshots (if appropriate):

How Has This Been Tested?

From the front end, add RBD primary storage pool with a secrect with 2 slashes next to each other - no error.

@Spaceman1984
Copy link
Contributor Author

@blueorangutan package

@blueorangutan
Copy link

@Spaceman1984 a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

@blueorangutan
Copy link

Packaging result: ✔centos7 ✔centos8 ✔debian. JID-2154

@Spaceman1984 Spaceman1984 marked this pull request as draft October 12, 2020 04:45
@Spaceman1984
Copy link
Contributor Author

Needs end to end testing

@rohityadavcloud rohityadavcloud added this to the 4.15.0.0 milestone Oct 12, 2020
@rohityadavcloud
Copy link
Member

rohityadavcloud commented Oct 12, 2020
edited

Does this happen on Primate too @Spaceman1984 or just a UI issue, than backend issue? (related to secret input for adding ceph/rbd pool)

@Spaceman1984
Copy link
Contributor Author

Spaceman1984 commented Oct 12, 2020
edited

I'll check Primate.

@Spaceman1984
Copy link
Contributor Author

Spaceman1984 commented Oct 12, 2020
edited

@rhtyd I don't see RBD as an option on Primate for primary storage, my fix was for the UI, but I can't be sure if this works as expected, we need a working back end to test. Not testing end to end is the reason for the "Draft PR".

@rohityadavcloud rohityadavcloud marked this pull request as ready for review October 28, 2020 10:36
@rohityadavcloud
Copy link
Member

Note - Needs testing

@rohityadavcloud
Copy link
Member

Looks like this only affects the old UI, if we're not getting it in 4.15 we may want to check Primate and then close this. cc @sureshanaparti @DaanHoogland et al

@DaanHoogland
Copy link
Contributor

DaanHoogland commented Nov 6, 2020
edited

We can keep this open or merge it. old UI so no real consequences.
edit: not relevant if we do. mixing things up here Do we have heavy rdb users?

GabrielBrascher
GabrielBrascher approved these changes Nov 6, 2020
View reviewed changes
Copy link
Member

@GabrielBrascher GabrielBrascher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM

@GabrielBrascher
Copy link
Member

I have seen this issue to register RBD pool via UI inded in case "/" appear in Rados secret. Quite a corner case to have "/" on the secret, thus not really noticed I guess.

@DaanHoogland
Copy link
Contributor

@GabrielBrascher can you test whether you have this issue in primate?

@GabrielBrascher
Copy link
Member

@DaanHoogland @Spaceman1984 I just tested it. The same exception as the one presented at #4147 happens when adding RBD pool via the Primate UI.

A password containing multiple multiple '/' (e.g. 1234//1234) resulted on the following exception; the same password with just one '/' does not preset this exception.

Output with dummy values for adding a RBD pool with double slashes:
Failed to add data store: DB Exception on: com.mysql.cj.jdbc.ClientPreparedStatement: INSERT INTO storage_pool (storage_pool.id, storage_pool.name, storage_pool.uuid, storage_pool.pool_type, storage_pool.created, storage_pool.update_time, storage_pool.data_center_id, storage_pool.pod_id, storage_pool.used_bytes, storage_pool.capacity_bytes, storage_pool.status, storage_pool.storage_provider_name, storage_pool.host_address, storage_pool.path, storage_pool.port, storage_pool.user_info, storage_pool.cluster_id, storage_pool.scope, storage_pool.managed, storage_pool.capacity_iops, storage_pool.hypervisor, storage_pool.parent) VALUES (0, _binary'test2', _binary'e28b680f-cb21-3089-84e3-584bf549f062', 'RBD', '2020-11-10 12:53:57', null, 1, 1, 0, 0, 'Initialized', _binary'DefaultPrimary', null, _binary'12334@10.2.3.4/pool', 0, null, 1, null, 0, null, null, 0)

@GabrielBrascher
Copy link
Member

Maybe this should be addressed on the backend.

@DaanHoogland
Copy link
Contributor

@GabrielBrascher I don't see a double slash in that output, what is the problematic field, and what was the input value?

@DaanHoogland DaanHoogland modified the milestones: 4.15.0.0, 4.13.2.0 Nov 10, 2020
@DaanHoogland DaanHoogland changed the base branch from master to 4.13 November 10, 2020 19:25
@DaanHoogland DaanHoogland changed the base branch from 4.13 to master November 10, 2020 19:25
@DaanHoogland DaanHoogland modified the milestones: 4.13.2.0, 4.15.0.0 Nov 10, 2020
@DaanHoogland
Copy link
Contributor

@Spaceman1984 the issue is reported on 4.13. can you rebase?

@GabrielBrascher
Copy link
Member

@DaanHoogland sorry, I did not provide all the details on the test.

What happens is that the double slashes break the input. For instance, I configured a RBD pool with a password of 1234//12334, the user as user, rados monitor address of 10.2.3.4, and pool named as pool; however, instead of having the expectedf user@10.2.3.4/pool the log presents a broken user with the second part of the password after "//": 12334@10.2.3.4/pool. Via the UI the error presented is the one that I pasted here. The INSERT (as far as I checked) due to null value that should not be null.

From the management server side it is possible to check the API request as:

zoneid=d3bcf0c7-4886-44d8-a6a1-5952c430e235
scope=cluster
name=test2
provider=DefaultPrimary
podid=9d3126c1-4309-4e32-b989-df7b11b7e020
clusterid=27754861-5aeb-488a-b679-0133e1689186
url=rbd:%2F%2Fuser:1234_%2F12334@10.2.3.4%2Fpool
command=createStoragePool
response=json

Note that the url had scaped one "/" (%2F) between 1234 and 12334 . URL: rbd:%2F%2Fuser:1234_%2F12334@10.2.3.4%2Fpool.

Full log:

2020-11-10 13:53:57,682 DEBUG [c.c.a.ApiServlet] (qtp477376212-967:ctx-4a0a2d92) (logid:44629add) ===START===  127.0.0.1 -- GET  scope=cluster&zoneid=d3bcf0c7-4886-44d8-a6a1-5952c430e235&name=test2&provider=DefaultPrimary&podid=9d3126c1-4309-4e32-b989-df7b11b7e020&clusterid=27754861-5aeb-488a-b679-0133e1689186&url=rbd:%2F%2Fuser:1234_%2F12334@10.2.3.4%2Fpool&command=createStoragePool&response=json
2020-11-10 13:53:57,702 DEBUG [o.a.c.s.d.l.CloudStackPrimaryDataStoreLifeCycleImpl] (qtp477376212-967:ctx-4a0a2d92 ctx-287b0e56) (logid:44629add) createPool Params @ scheme - rbd storageHost - null hostPath - /12334@10.2.3.4/pool port - -1
2020-11-10 13:53:57,707 DEBUG [c.c.u.d.T.Transaction] (qtp477376212-967:ctx-4a0a2d92 ctx-287b0e56) (logid:44629add) Rolling back the transaction: Time = 2 Name =  qtp477376212-967; called by -TransactionLegacy.rollback:888-TransactionLegacy.removeUpTo:831-TransactionLegacy.close:655-TransactionContextInterceptor.invoke:36-ReflectiveMethodInvocation.proceed:175-ExposeInvocationInterceptor.invoke:95-ReflectiveMethodInvocation.proceed:186-JdkDynamicAopProxy.invoke:212-$Proxy61.persist:-1-PrimaryDataStoreHelper.createPrimaryDataStore:135-CloudStackPrimaryDataStoreLifeCycleImpl.initialize:364-StorageManagerImpl.createPool:738
2020-11-10 13:53:57,709 DEBUG [c.c.s.StorageManagerImpl] (qtp477376212-967:ctx-4a0a2d92 ctx-287b0e56) (logid:44629add) Failed to add data store: DB Exception on: com.mysql.cj.jdbc.ClientPreparedStatement: INSERT INTO storage_pool (storage_pool.id, storage_pool.name, storage_pool.uuid, storage_pool.pool_type, storage_pool.created, storage_pool.update_time, storage_pool.data_center_id, storage_pool.pod_id, storage_pool.used_bytes, storage_pool.capacity_bytes, storage_pool.status, storage_pool.storage_provider_name, storage_pool.host_address, storage_pool.path, storage_pool.port, storage_pool.user_info, storage_pool.cluster_id, storage_pool.scope, storage_pool.managed, storage_pool.capacity_iops, storage_pool.hypervisor, storage_pool.parent) VALUES (0, _binary'test2', _binary'e28b680f-cb21-3089-84e3-584bf549f062', 'RBD', '2020-11-10 12:53:57', null, 1, 1, 0, 0, 'Initialized', _binary'DefaultPrimary', null, _binary'12334@10.2.3.4/pool', 0, null, 1, null, 0, null, null, 0)
com.cloud.utils.exception.CloudRuntimeException: DB Exception on: com.mysql.cj.jdbc.ClientPreparedStatement: INSERT INTO storage_pool (storage_pool.id, storage_pool.name, storage_pool.uuid, storage_pool.pool_type, storage_pool.created, storage_pool.update_time, storage_pool.data_center_id, storage_pool.pod_id, storage_pool.used_bytes, storage_pool.capacity_bytes, storage_pool.status, storage_pool.storage_provider_name, storage_pool.host_address, storage_pool.path, storage_pool.port, storage_pool.user_info, storage_pool.cluster_id, storage_pool.scope, storage_pool.managed, storage_pool.capacity_iops, storage_pool.hypervisor, storage_pool.parent) VALUES (0, _binary'test2', _binary'e28b680f-cb21-3089-84e3-584bf549f062', 'RBD', '2020-11-10 12:53:57', null, 1, 1, 0, 0, 'Initialized', _binary'DefaultPrimary', null, _binary'12334@10.2.3.4/pool', 0, null, 1, null, 0, null, null, 0)
        at com.cloud.utils.db.GenericDaoBase.persist(GenericDaoBase.java:1450)
        at org.apache.cloudstack.storage.datastore.db.PrimaryDataStoreDaoImpl.persist(PrimaryDataStoreDaoImpl.java:273)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:566)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)

@PaulAngus PaulAngus modified the milestones: 4.15.0.0, 4.16.0.0 Nov 13, 2020
@rohityadavcloud rohityadavcloud modified the milestones: 4.16.0.0, 4.15.0.0 Nov 20, 2020
rohityadavcloud
rohityadavcloud approved these changes Nov 20, 2020
View reviewed changes
Copy link
Member

@rohityadavcloud rohityadavcloud left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, let's merge since old UI will be removed in next milestone; the PR is strictly UI only change.

@rohityadavcloud rohityadavcloud merged commit 2ad60d0 into apache:master Nov 20, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rohityadavcloud rohityadavcloud rohityadavcloud approved these changes

@GabrielBrascher GabrielBrascher GabrielBrascher approved these changes

@wido wido Awaiting requested review from wido

@DaanHoogland DaanHoogland Awaiting requested review from DaanHoogland

@sureshanaparti sureshanaparti Awaiting requested review from sureshanaparti

Assignees
No one assigned
Labels
component:UI type:bug
Projects
None yet
Milestone
4.15.0.0
Development

Successfully merging this pull request may close these issues.

RBD primary storage Rados secret does not support multiple '/'
7 participants
@Spaceman1984 @blueorangutan @rohityadavcloud @DaanHoogland @GabrielBrascher @PaulAngus @ACSGitBot