Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Registration fails if octopus is uninstalled and reinstalled #53

Closed
spuder opened this issue Aug 17, 2016 · 3 comments
Closed

Registration fails if octopus is uninstalled and reinstalled #53

spuder opened this issue Aug 17, 2016 · 3 comments

Comments

@spuder
Copy link
Contributor

spuder commented Aug 17, 2016
edited
Loading

If you uninstall the tentacle and delete the cert, then try and run chef, the installation/registration will fail with error: See this gist for full chef error

Octopus logs

2016-08-16 20:09:47.2058      7 FATAL  No certificate has been generated for this Tentacle. Please run the new-certificate command before starting.

The octopus logs are a bit misleading since the cert has been generated, it just wasn't imported because the cert was generated with the -e flag.

 -e, --export-file=VALUE    Exports a new certificate to the specified file
                               as unprotected base64 text, but does not save it
                               to the Tentacle configuration; for use with the
                               import-certificate command

Cause

There are multiple factors that create the code path that causes this problem

  • Uninstalling octopus tentacle does not remove the windows service (it still shows up in services.msc, but is disabled. Possibly a bug in octopus msi)
  • The cookbook has 2 resources that generate and register a cert. The registration gets skipped because the service still exists, triggering guard interpreter: not_if { ::Win32::Service.exists?(service_name) }

https://github.com/cvent/octopus-deploy-cookbook/blob/master/providers/tentacle.rb#L131

  • Because the generate cert command uses the -e option, the cert is only generated, not registered.

Work Around

Manually delete windows service before attempting to run chef

Possible Solutions

  • Combine cert generate & cert register into 1 resource
  • Change the guard interpreter to something other than ::Win32::Service.exists?(service_name)
  • Avoid using the -e option so the cert is automatically registered when generated (might require reordering resources so the tentacle is created before cert is generated)
  • Ignore this problem & document the steps to avoid this code path.
spuder added a commit to spuder/octopus-deploy-cookbook that referenced this issue Aug 17, 2016
@spuder
Possible fix for cvent#53
419d445
@spuder spuder mentioned this issue Aug 17, 2016
Closed
@spuder
Copy link
Contributor Author

spuder commented Aug 17, 2016

I've opened a bug ticket with octopus.

http://help.octopusdeploy.com/discussions/problems/47072-uninstall-doesnt-remove-service

@brentm5
Copy link
Member

brentm5 commented Aug 17, 2016

I know with 3.2.24 which is the one that is in the test cookbook with windows 2008R2 this does in fact work as expected. Not sure if anything has changed between then and now or not.

@spuder
Copy link
Contributor Author

spuder commented Sep 7, 2016

According to octopus Uninstalling octopus tentacle does not remove the windows service is by design. See linked help article

@spuder spuder closed this as completed Sep 7, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spuder @brentm5