New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gzip error executing on windows host #93

daryn-kerr opened this Issue Sep 13, 2016 · 6 comments


None yet
3 participants

daryn-kerr commented Sep 13, 2016

Cookbook version

'audit', '~> 0.14.4'

Chef-client version


Platform Details

MS Windows 2012 R2


Simply running the audit cookbook in a recipe.

Steps to Reproduce:

nothing fancy, running the cookbook with the below attributes:

default['audit']['server'] = 'https://servername/api'
default['audit']['collector'] = 'chef-compliance'
default['audit']['token'] = 'token_here'
default['audit']['owner'] = 'owner'
default['audit']['quiet'] = true
default['audit']['profiles']['base/windows'] = true

Expected Result:

Cookbook to run compliance against the node with the base/windows compliance profile.

Actual Result:

Error below:
[2016-09-13T11:24:33+01:00] INFO: Executing: c:/chef/cache/compliance/base_windows.tgz

Error executing action execute on resource 'compliance_profile[windows]'


not in gzip format

Cookbook Trace:

c:/chef/cache/cookbooks/audit/libraries/profile.rb:128:in block (2 levels) in <class:ComplianceProfile>' c:/chef/cache/cookbooks/audit/libraries/profile.rb:111:inblock in class:ComplianceProfile'

Resource Declaration:

In c:/chef/cache/cookbooks/audit/recipes/default.rb

78: compliance_profile p do
79: owner o
80: formatter formatter
81: server server
82: token lazy { node['audit']['token'] }
83: insecure node['audit']['insecure'] unless node['audit']['insecure'].nil?
84: path path unless path.nil?
85: quiet node['audit']['quiet'] unless node['audit']['quiet'].nil?
86: only_if { profile_overdue_to_run?(p, interval_seconds) }
87: action [:fetch, :execute]
88: notifies :touch, "file[#{compliance_cache_directory}/#{p}]", :immediately
89: end
90: end

Compiled Resource:

Declared in c:/chef/cache/cookbooks/audit/recipes/default.rb:78:in `block in from_file'

compliance_profile("windows") do
action [:fetch, :execute]
updated true
retries 0
retry_delay 2
default_guard_interpreter :default
declared_type :compliance_profile
cookbook_name "audit"
recipe_name "default"
owner "base"
formatter "json-min"
server ""
token #Chef::DelayedEvaluator:0x0000000526fcf0@c:/chef/cache/cookbooks/audit/recipes/default.rb:82
quiet true
profile "windows"
only_if { #code block }



[2016-09-13T11:24:34+01:00] INFO: Running queued delayed notifications before re-raising exception
[2016-09-13T11:24:34+01:00] ERROR: Running exception handlers
[2016-09-13T11:24:34+01:00] ERROR: Exception handlers complete
[2016-09-13T11:24:34+01:00] INFO: Sending resource update report (run-id: d940188d-1693-46df-b5e8-184adf24092f)
[2016-09-13T11:24:34+01:00] FATAL: Stacktrace dumped to c:/chef/cache/chef-stacktrace.out
[2016-09-13T11:24:34+01:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2016-09-13T11:24:34+01:00] FATAL: Zlib::GzipFile::Error: compliance_profile[windows](audit::default line 78) had an error: Zlib::GzipFile::Error: not in gzip format
ERROR: Failed to execute command on return code 1


This comment has been minimized.

daryn-kerr commented Sep 13, 2016

not sure if I'm doing something silly here but would appreciate any help you guys may have.


This comment has been minimized.

daryn-kerr commented Sep 14, 2016

sorted by @alexpop thanks Alex!

@daryn-kerr daryn-kerr closed this Sep 14, 2016


This comment has been minimized.


chris-rock commented Sep 14, 2016

@alexpop Can you add the solution here?


This comment has been minimized.


alexpop commented Sep 14, 2016

We suspect that the token expired and the API call to download the profile resulted in a blank file(not in gzip format).

We switched to a permanent refresh_token authentication and set the attribute audit/insecure to true. Converges worked after that.

The final change was to switch to the chef-server collector. This allowed us to remove the server, refresh_token and insecure attributes.


This comment has been minimized.

daryn-kerr commented Sep 14, 2016

@alexpop from a layman's perspective it would have been helpful to have the error be a bit more descriptive around the authentication. The gzip error was quite misleading for us.

thanks again for the quick response and help guys!


This comment has been minimized.


alexpop commented Sep 14, 2016

Totally agree on that.
We could use this ticket or create a new one to improve on the error being reported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment