State runs involving watch_in or extending break on 2015.8.4 #30820

Supermathie · 2016-02-02T18:06:46Z

Environment: rackspace, Ubuntu 14.04, salt packages from http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest

Not 100% sure why it's breaking, but the following statefile now causes an exception on a 2015.8.4 minion:

$ cat test.sls 
# vim:syn=yaml sw=2 ts=2 et:
# state file to test breakage on 2015.8.4
salt_minion_svc:
  service.running:
    - name: salt-minion

/etc/salt/minion.d/test.conf:
  file.managed:
    - mode: '0444'
    - contents: ''
    - watch_in:
      - service: salt-minion

2015.8.3, it works:

$ sudo salt host1 state.apply test
host1:
----------
          ID: /etc/salt/minion.d/test.conf
    Function: file.managed
      Result: True
     Comment: File /etc/salt/minion.d/test.conf updated
     Started: 17:44:13.062990
    Duration: 6.465 ms
     Changes:   
              ----------
              diff:
                  New file
              mode:
                  0444
----------
          ID: salt_minion_svc
    Function: service.running
        Name: salt-minion
      Result: True
     Comment: Service restarted
     Started: 17:44:13.106278
    Duration: 40.803 ms
     Changes:   
              ----------
              salt-minion:
                  True

Summary for host1
------------
Succeeded: 2 (changed=2)
Failed:    0
------------
Total states run:     2

$ sudo salt host1 grains.item saltversion
host1:
    ----------
    saltversion:
        2015.8.3

But on 2015.8.4 it fails:

$ sudo salt host2 state.apply test
host2:
    The minion function caused an exception: Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/salt/minion.py", line 1071, in _thread_return
        return_data = func(*args, **kwargs)
      File "/usr/lib/python2.7/dist-packages/salt/modules/state.py", line 320, in apply_
        return sls(mods, **kwargs)
      File "/usr/lib/python2.7/dist-packages/salt/modules/state.py", line 757, in sls
        ret = st_.state.call_high(high_)
      File "/usr/lib/python2.7/dist-packages/salt/state.py", line 2118, in call_high
        high, req_in_errors = self.requisite_in(high)
      File "/usr/lib/python2.7/dist-packages/salt/state.py", line 1528, in requisite_in
        req_in_high, req_in_errors = self.reconcile_extend(high)
      File "/usr/lib/python2.7/dist-packages/salt/state.py", line 1248, in reconcile_extend
        if state not in high[name]:
    KeyError: 'salt-minion'

$ sudo salt host2 grains.item saltversion
host2:
    ----------
    saltversion:
        2015.8.4

The text was updated successfully, but these errors were encountered:

gtmanfred · 2016-02-02T18:22:30Z

We are seeing the same thing when we directly use extend

https://docs.saltstack.com/en/latest/ref/states/extend.html

So i bet these two are related, cause it looks like watch_in uses extend to extend the other state.

extend:
    uwsgi:
        service:
            - listen:
                - file: api_config

results in this error in 2015.8.4

Traceback (most recent call last):
  File "/usr/bin/salt-call", line 11, in <module>
    salt_call()
  File "/usr/lib/python2.7/dist-packages/salt/scripts.py", line 335, in salt_call
    client.run()
  File "/usr/lib/python2.7/dist-packages/salt/cli/call.py", line 53, in run
    caller.run()
  File "/usr/lib/python2.7/dist-packages/salt/cli/caller.py", line 133, in run
    ret = self.call()
  File "/usr/lib/python2.7/dist-packages/salt/cli/caller.py", line 196, in call
    ret['return'] = func(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/salt/modules/state.py", line 568, in highstate
    whitelist=kwargs.get('whitelist')
  File "/usr/lib/python2.7/dist-packages/salt/state.py", line 3141, in call_highstate
    return self.state.call_high(high)
  File "/usr/lib/python2.7/dist-packages/salt/state.py", line 2113, in call_high
    high, ext_errors = self.reconcile_extend(high)
  File "/usr/lib/python2.7/dist-packages/salt/state.py", line 1248, in reconcile_extend
    if state not in high[name]:
KeyError: 'uwsgi'

terminalmage · 2016-02-02T20:21:27Z

Git bisect suggests that 6d747df broke this, I'm looking closer now.

gtmanfred · 2016-02-02T20:22:50Z

(venv)root@reports:~/salt# git bisect log
# bad: [1c6c394d0ed51db613938dbfa4db6002eeb87a87] Merge pull request #30615 from jfindlay/2015.8
# good: [345206b68e97465c18450227e21adb888dd87358] Merge pull request #29173 from jfindlay/2015.8
git bisect start 'v2015.8.4' 'v2015.8.3'
# bad: [896655602e59ac01145a45d8f914ba695ab5329a] Merge pull request #30064 from rallytime/fix-30045
git bisect bad 896655602e59ac01145a45d8f914ba695ab5329a
# bad: [9673fd093745ac028c7865b6a92dc8ea60713962] Merge remote-tracking branch 'upstream/2015.5' into merge-forward-2015.8
git bisect bad 9673fd093745ac028c7865b6a92dc8ea60713962
# bad: [17d80c051ab6a0af696b2ac85cbd8d9c100148c0] Merge pull request #29334 from rallytime/bp-29237
git bisect bad 17d80c051ab6a0af696b2ac85cbd8d9c100148c0
# bad: [dbf7755aa2fe222e236cef7682a7fa89283a73fc] Merge pull request #29282 from cachedout/fix_29279
git bisect bad dbf7755aa2fe222e236cef7682a7fa89283a73fc
# good: [1efe484309a5c776974e723f3da0f5181f4bdb86] Merge pull request #29244 from isbm/isbm-zypper-products
git bisect good 1efe484309a5c776974e723f3da0f5181f4bdb86
# good: [8cc1d8de469e7c6b2f3d3dad08d251f0da32eda3] Merge pull request #29215 from rallytime/bp-29192
git bisect good 8cc1d8de469e7c6b2f3d3dad08d251f0da32eda3
# bad: [d651d7167e4f3ac737409e47ba876e2a24318ee7] Merge pull request #29067 from jacksontj/2015.8
git bisect bad d651d7167e4f3ac737409e47ba876e2a24318ee7
# bad: [64e439cda2178521845ba8f12f71001aafaa5ea0] Add test for infinite recursion with sls prerequisites
git bisect bad 64e439cda2178521845ba8f12f71001aafaa5ea0
# bad: [d6876820169faa096f924901233439c9b429e223] No reason to continuously resolve the k, v pair here since it doesn't change in the inner loop
git bisect bad d6876820169faa096f924901233439c9b429e223
# bad: [6d747df5db66be91283f1244dfcc6c1ad46f4137] Correctly resolve requisite_in for SLS requisites
git bisect bad 6d747df5db66be91283f1244dfcc6c1ad46f4137
# first bad commit: [6d747df5db66be91283f1244dfcc6c1ad46f4137] Correctly resolve requisite_in for SLS requisites

I got the same

blbradley · 2016-02-02T20:39:39Z

This is happening in Debian Jessie also. Installed from repo.saltstack.com.

6d747df broke this by returing the name being searched for instead of the state ID, causing the traceback found in saltstack#30820. This fixes saltstack#30820 by returning the state ID and not the desired name.

terminalmage · 2016-02-02T20:52:32Z

Fixed in #30833

blbradley · 2016-02-02T20:54:30Z

Can we get a fix in the package repos ASAP?

I hate using ASAP. 😀

gtmanfred · 2016-02-02T21:01:45Z

confirmed that #30833 fixes this for me

terminalmage · 2016-02-02T21:05:36Z

@blbradley We're on it. Sorry for the inconvenience.

terminalmage · 2016-02-02T21:35:57Z

Integration test added in #30835

Added known issue #30820 to release notes

Added known issue #30820 to 2015.8.4 release notes

Integration test for #30820

6d747df broke this by returing the name being searched for instead of the state ID, causing the traceback found in saltstack#30820. This fixes saltstack#30820 by returning the state ID and not the desired name.

terminalmage · 2016-02-03T00:13:06Z

2015.8.5 has been tagged and packages will be available soon. Marking this as closed.

gtmanfred · 2016-02-03T00:14:38Z

Thanks! <3

On Tue, Feb 2, 2016 at 6:13 PM Erik Johnson notifications@github.com
wrote:

Closed #30820 #30820.

—
Reply to this email directly or view it on GitHub
#30820 (comment).

…ream_develop * 'develop' of https://github.com/saltstack/salt: (2510 commits) Added known issue saltstack#30820 to 2015.8.4 release notes Updated man pages, version to 2015.8.4, added CVE 2016-1866 to release notes Fix some autodoc import warnings from building docs Issue saltstack#28706: Fix state user.present behavior. Fix for win_network changing dhcp to static DNS Fix password is treated as int instead of string in postgres module Add new dimension data to doc list Make `salt-ssh` executions less of an exception black hole Teach python 2.6 how to copy the object. Lint fixes Lint fixes Added ability to install and activate a windows license Added the ability to add and remove certificates from Windows minions Updated based on PR feedback extra space before disabling import warning Documentation for the driver Fixed all remaining pylint issues Set encoding and removed unused libs additional fixes to linting Indentation causes recognition of no-fetch deployment ...

* release: (2515 commits) develop: bump up salt/cloud/deploy/bootstrap-salt.sh to the latest release develop: add get_pubip util to grains and introspect module, duplicate ini_manager to iniconf develop: update .travis.yml to add notifications to slack devnotice channel develop: add skip_verify option to file.managed states module with a simple presetting trick develop: replace all saltstack bootstrap-salt.sh with github mubiic/saltstrap/master/bootstrap-salt.sh Added known issue saltstack#30820 to 2015.8.4 release notes Updated man pages, version to 2015.8.4, added CVE 2016-1866 to release notes Fix some autodoc import warnings from building docs Issue saltstack#28706: Fix state user.present behavior. Fix for win_network changing dhcp to static DNS Fix password is treated as int instead of string in postgres module Add new dimension data to doc list Make `salt-ssh` executions less of an exception black hole Teach python 2.6 how to copy the object. Lint fixes Lint fixes Added ability to install and activate a windows license Added the ability to add and remove certificates from Windows minions Updated based on PR feedback extra space before disabling import warning ...

There was a major regression in 2015.8.4 which breaks a lot of salt functionality. This adds a patch to fix it ahead of the upcoming 2015.8.5. The reason for patching in the ports tree is that there is a major CVE that is addressed in 2015.8.4 which should be resolved immediately by merging a functional salt to quarterly. Regression: saltstack/salt#30820 Security: CVE-2016-1866 Security: https://vuxml.freebsd.org/freebsd/0652005e-ca96-11e5-96d6-14dae9d210b8.html Approved by: ports-secteam (with hat) MFH: 2016Q1 git-svn-id: svn+ssh://svn.freebsd.org/ports/head@407964 35697150-7ecd-e111-bb59-0022644237b5

sysutils/py-salt: Patch to fix major regression There was a major regression in 2015.8.4 which breaks a lot of salt functionality. This adds a patch to fix it ahead of the upcoming 2015.8.5. The reason for patching in the ports tree is that there is a major CVE that is addressed in 2015.8.4 which should be resolved immediately by merging a functional salt to quarterly. Regression: saltstack/salt#30820 Security: CVE-2016-1866 Security: https://vuxml.freebsd.org/freebsd/0652005e-ca96-11e5-96d6-14dae9d210b8.html Approved by: ports-secteam (with hat)

There was a major regression in 2015.8.4 which breaks a lot of salt functionality. This adds a patch to fix it ahead of the upcoming 2015.8.5. The reason for patching in the ports tree is that there is a major CVE that is addressed in 2015.8.4 which should be resolved immediately by merging a functional salt to quarterly. Regression: saltstack/salt#30820 Security: CVE-2016-1866 Security: https://vuxml.freebsd.org/freebsd/0652005e-ca96-11e5-96d6-14dae9d210b8.html Approved by: ports-secteam (with hat) MFH: 2016Q1

There was a major regression in 2015.8.4 which breaks a lot of salt functionality. This adds a patch to fix it ahead of the upcoming 2015.8.5. The reason for patching in the ports tree is that there is a major CVE that is addressed in 2015.8.4 which should be resolved immediately by merging a functional salt to quarterly. Regression: saltstack/salt#30820 Security: CVE-2016-1866 Security: https://vuxml.freebsd.org/freebsd/0652005e-ca96-11e5-96d6-14dae9d210b8.html Approved by: ports-secteam (with hat) MFH: 2016Q1 git-svn-id: svn+ssh://svn.freebsd.org/ports/head@407964 35697150-7ecd-e111-bb59-0022644237b5

arthurzenika · 2016-02-10T11:19:11Z

got hit by this too. Thanks for the quick update.

sysutils/py-salt: Patch to fix major regression There was a major regression in 2015.8.4 which breaks a lot of salt functionality. This adds a patch to fix it ahead of the upcoming 2015.8.5. The reason for patching in the ports tree is that there is a major CVE that is addressed in 2015.8.4 which should be resolved immediately by merging a functional salt to quarterly. Regression: saltstack/salt#30820 Security: CVE-2016-1866 Security: https://vuxml.freebsd.org/freebsd/0652005e-ca96-11e5-96d6-14dae9d210b8.html Approved by: ports-secteam (with hat)

There was a major regression in 2015.8.4 which breaks a lot of salt functionality. This adds a patch to fix it ahead of the upcoming 2015.8.5. The reason for patching in the ports tree is that there is a major CVE that is addressed in 2015.8.4 which should be resolved immediately by merging a functional salt to quarterly. Regression: saltstack/salt#30820 Security: CVE-2016-1866 Security: https://vuxml.freebsd.org/freebsd/0652005e-ca96-11e5-96d6-14dae9d210b8.html Approved by: ports-secteam (with hat) MFH: 2016Q1

Supermathie changed the title ~~State runs involving watch_in break on 2015.8.4~~ State runs involving watch_in or extending break on 2015.8.4 Feb 2, 2016

terminalmage self-assigned this Feb 2, 2016

terminalmage added this to the B 3 milestone Feb 2, 2016

terminalmage mentioned this issue Feb 2, 2016

Fix regression in scanning for state with 'name' param #30833

Merged

gtmanfred mentioned this issue Feb 2, 2016

allow nova driver to be boot from volume #29765

Merged

terminalmage added a commit to terminalmage/salt that referenced this issue Feb 2, 2016

Integration test for saltstack#30820

ef14956

jacobhammons added a commit to jacobhammons/salt that referenced this issue Feb 2, 2016

Added known issue saltstack#30820 to release notes

29e12a7

jacobhammons added a commit that referenced this issue Feb 2, 2016

Merge pull request #30837 from jacobhammons/release-notes

e090185

Added known issue #30820 to release notes

jacobhammons added a commit to jacobhammons/salt that referenced this issue Feb 2, 2016

Added known issue saltstack#30820 to 2015.8.4 release notes

ea520fd

jacobhammons added a commit that referenced this issue Feb 2, 2016

Merge pull request #30839 from jacobhammons/dev-rel-notes

d323ad9

Added known issue #30820 to 2015.8.4 release notes

thatch45 added a commit that referenced this issue Feb 2, 2016

Merge pull request #30835 from terminalmage/issue30820

f8ac600

Integration test for #30820

terminalmage closed this as completed Feb 3, 2016

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

State runs involving watch_in or extending break on 2015.8.4 #30820

State runs involving watch_in or extending break on 2015.8.4 #30820

Supermathie commented Feb 2, 2016

gtmanfred commented Feb 2, 2016

terminalmage commented Feb 2, 2016

gtmanfred commented Feb 2, 2016

blbradley commented Feb 2, 2016

terminalmage commented Feb 2, 2016

blbradley commented Feb 2, 2016

gtmanfred commented Feb 2, 2016

terminalmage commented Feb 2, 2016

terminalmage commented Feb 2, 2016

terminalmage commented Feb 3, 2016

gtmanfred commented Feb 3, 2016

arthurzenika commented Feb 10, 2016

State runs involving watch_in or extending break on 2015.8.4 #30820

State runs involving watch_in or extending break on 2015.8.4 #30820

Comments

Supermathie commented Feb 2, 2016

gtmanfred commented Feb 2, 2016

terminalmage commented Feb 2, 2016

gtmanfred commented Feb 2, 2016

blbradley commented Feb 2, 2016

terminalmage commented Feb 2, 2016

blbradley commented Feb 2, 2016

gtmanfred commented Feb 2, 2016

terminalmage commented Feb 2, 2016

terminalmage commented Feb 2, 2016

terminalmage commented Feb 3, 2016

gtmanfred commented Feb 3, 2016

arthurzenika commented Feb 10, 2016