-
Notifications
You must be signed in to change notification settings - Fork 35
preflight failed #6
Comments
Hey thanks for reaching out. tl;dr
Why a trailing slash?This is the line in Santa that generates the URL of the first stage in the sync process with the SyncBaseURL value. If your eyes can take reading ObjectiveC, the function it's calling is NSURL's Request resolution logicFirst, as you may have seen in the curl response, the 302 redirect is sending you to a login page. This means that the App Engine config requires that request to be from an authenticated google user. santa-api shouldn't require this type of authentication since Santa clients won't have google account credentials. But it might be helpful to step back and go through the logic Upvote uses to resolve e.g. a santa_api request:
If the trailing slash isn't provided in SyncBaseURL, the URL pattern won't match "/api/santa/" so it will be routed to the default module which requires authentication and you will get a 302. If a URL that isn't valid in santa_api (like "/api/santa" itself), the webapp2 app won't match any routes and the request will fall through and return a 404. I'm not exactly sure why you're getting 404 in your santactl sync but the App Engine logs should be able to give some clues and if that doesn't work, you can check the system logs on the mac client. Regardless, let me know if you make any progress or figure out the issue and do feel free to report any other deployment issues you run into. Good luck :) |
Thanks a lot for such a full explanation. I've put the setting back to include the trailing slash (good to know that isn't a variable to worry about), and when I do that (and get the 404) I do feel entries in the App Engine logs: The URL is When I look at that error the back trace is:
Also, I can reach:
Thanks again. |
I believe this is due to the MachineID you're using not being a valid UUID. The routes in the santa-api require the machine identifier to match a UUID regex. As Santa's default machine IDs are the hardware UUID, the expectation that the identifiers be a UUID makes sense but Santa allows this to be anything an administrator wishes so it probably makes sense to drop the requirement that the identifier be a UUID, or at least make it configurable. |
Thank you. That is is definitely part of my problem. Also, the regex requires uppercase it seems (I generated a UUID with python's uuid.uuid4() which gave me lowercase, but that regex clearly only includes A-F for the letters). I'm now hitting: Unable to determine the current environment (/base/data/home/apps/d~/santa-api:auto.409459141396563161/upvote/gae/shared/common/settings_utils.py:87) I can't tell if this is an Upvote environment or something related to App Engine. |
Just a comment for anyone following this, the right thing to do to get the UUID on a Mac is |
You can also just not set the MachineID settings in Santa - it'll use the machine UUID by default. |
Thanks, that makes deployment much easier. The remaining issue was my misunderstanding the instructions when they say
I read that as applying to Bit9 (which we don't use), not any configuration. Once I did that the sync works. |
I'm having trouble getting machines to check in. I have tried to follow your setup instructions, and I have constructed a configuration profile for the santa client with
When I do this I get:
I have tried adding a trailing
/
, but that just gives me a 404 error. Looking at this in curl it does seem to be returning 302:But not really sure what mistake I might have made as it doesn't seem like any special settings on the app engine side are required.
The text was updated successfully, but these errors were encountered: