Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Missing profile results in misleading error message in chef_gate log #144

Closed
jwr0 opened this issue Nov 3, 2016 · 8 comments

Comments

Projects
None yet
3 participants
@jwr0
Copy link

commented Nov 3, 2016

Cookbook version

[0.14.1]

Chef-client version

[12.13.37]

Platform Details

[RHEL 7.2 on AWS]

Scenario:

[When you run the audit cookbook for a profile that does not exist, the chef_gate log will say Authentication failed. Please check your system's clock. This is misleading because the problem is a missing profile, not any authentication or problem with the clock.]

Steps to Reproduce:

[Run the audit cookbook for a profile that doesn't exist, then look at your chef_gate current log.]

Expected Result:

[If an error is because of a missing profile, the error message should state that the profile is missing.]

Actual Result:

[chef_gate current log will say Authentication failed. Please check your system's clock.]

@chris-rock

This comment has been minimized.

Copy link
Contributor

commented Nov 3, 2016

@ricksebak This error should only come up if the authentication between Chef Server and Chef Compliance is not working. Are you able to retrieve available profiles?

@chris-rock

This comment has been minimized.

Copy link
Contributor

commented Nov 3, 2016

In addition we are closely to finalizing the 2.0 version of this cookbook. Could you update the cookbook and verify that this issue still exists with the latest version? Be aware that we changed the syntax for defining profiles https://github.com/chef-cookbooks/audit#configure-node

@jwr0

This comment has been minimized.

Copy link
Author

commented Nov 3, 2016

@chris-rock After I upload the missing profile, audit works fine. Other aspects of authentication also work as expected (such as logging in using the "other provider" link.).

The readme suggests that 2.0 is unreleased. Are you suggesting testing with 2.0? Or the latest currently released version (1.1, apparently)?

@chris-rock

This comment has been minimized.

Copy link
Contributor

commented Nov 3, 2016

Work on 2.0 is finalized and we do the latest testing. It will be released tomorrow.

@chris-rock

This comment has been minimized.

Copy link
Contributor

commented Nov 7, 2016

@ricksebak Is this still valid for 2.0?

@jwr0

This comment has been minimized.

Copy link
Author

commented Nov 14, 2016

I was out all last week, so I haven't tried this yet. We're working on moving to audit 2.1 this week. I'll report back. Thanks.

@jwr0

This comment has been minimized.

Copy link
Author

commented Nov 14, 2016

Unfortunately this misleading error message still does appear in the chef_gate log even when using audit 2.1. When I use a profile named "doesntexist" I can see the "check your clock" error.

When I use a profile that does exist, those profiles work correctly.

@chris-rock

This comment has been minimized.

Copy link
Contributor

commented Apr 26, 2017

We added better error output in https://github.com/chef-cookbooks/audit/pull/208/files#diff-ac3f30b2c66fd1ec1b818a9707a4066dR120 This will highlight that a profile could not be fetched. Therefore I am going to close this issue. Please reopen if this continues to be an issue.

@chris-rock chris-rock closed this Apr 26, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.