Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authconfig with missing clientSecretRef causes gloo pod segv and crash loopback #3358

Closed
bdecoste opened this issue Jul 17, 2020 · 0 comments
Closed

authconfig with missing clientSecretRef causes gloo pod segv and crash loopback #3358

bdecoste opened this issue Jul 17, 2020 · 0 comments
Labels
Enterprise Issue is released in Enterprise Gloo only Type: Bug Something isn't working

Comments

@bdecoste
Copy link
Contributor

Describe the bug
If an authconfig with a missing clientSecretRef is enabled then the gloo pod will crash

To Reproduce
Steps to reproduce the behavior:

  1. Create virtualservice, etc.
  2. Create authconfig (below) and enable in the vs
  3. See error from gloo pod below
apiVersion: enterprise.gloo.solo.io/v1
kind: AuthConfig
metadata:
  name: oidc
  namespace: gloo-system
spec:
  configs:
  - oauth:
      appUrl: https://1.2.3.4
      callbackPath: /callback
      clientId: gloo
      issuerUrl: http://1.2.3.4/auth/realms/solo/

$ kubectl -n gloo-system logs gloo-cfc57488c-z7ndg
{"level":"info","ts":1595002079.7660098,"logger":"gloo-ee.v1.event_loop","caller":"v1/setup_event_loop.sk.go:57","msg":"event loop started","version":"1.4.4"}
{"level":"info","ts":1595002080.2144608,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop","caller":"v1/eds_event_loop.sk.go:57","msg":"event loop started","version":"1.4.4"}
{"level":"info","ts":1595002081.1981702,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.syncer","caller":"discovery/run.go:35","msg":"begin sync 361599043099859970 (35 upstreams)","version":"1.4.4"}
{"level":"info","ts":1595002081.1987927,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.syncer","caller":"discovery/discovery.go:188","msg":"Received first EDS update from plugin: *ec2.plugin","version":"1.4.4"}
{"level":"info","ts":1595002081.2987783,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.syncer","caller":"discovery/run.go:65","msg":"end sync 361599043099859970","version":"1.4.4"}
{"level":"info","ts":1595002081.300167,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.syncer","caller":"discovery/discovery.go:188","msg":"Received first EDS update from plugin: *kubernetes.plugin","version":"1.4.4"}
{"level":"info","ts":1595002081.3036044,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop","caller":"v1/api_event_loop.sk.go:57","msg":"event loop started","version":"1.4.4"}
{"level":"info","ts":1595002082.128371,"logger":"gloo-ee.v1.event_loop.gloo.metrics","caller":"runner/run.go:50","msg":"Starting metrics server","version":"1.4.4"}
{"level":"info","ts":1595002082.128508,"logger":"gloo-ee.v1.event_loop.gloo.metrics","caller":"runner/run.go:56","msg":"metrics server running in [gRPC] mode, listening at [:9966]","version":"1.4.4"}
{"level":"info","ts":1595002082.14194,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.envoyTranslatorSyncer","caller":"syncer/envoy_translator_syncer.go:77","msg":"begin sync 11905761251292807775 (1 proxies, 35 upstreams, 26 endpoints, 1 secrets, 12 artifacts, 1 auth configs)","version":"1.4.4"}
{"level":"info","ts":1595002082.2006752,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.envoyTranslatorSyncer.translator","caller":"translator/translator.go:131","msg":"computing envoy resources for listener: listener-::-8080","version":"1.4.4"}
{"level":"info","ts":1595002084.600382,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.envoyTranslatorSyncer.translator","caller":"translator/translator.go:131","msg":"computing envoy resources for listener: listener-::-8443","version":"1.4.4"}
{"level":"info","ts":1595002084.6265397,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.envoyTranslatorSyncer","caller":"syncer/envoy_translator_syncer.go:173","msg":"Setting xDS Snapshot","version":"1.4.4","key":"gloo-system~gateway-proxy","clusters":34,"listeners":1,"routes":1,"endpoints":34}
{"level":"info","ts":1595002084.6284351,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.envoyTranslatorSyncer","caller":"syncer/envoy_translator_syncer.go:188","msg":"end sync 11905761251292807775","version":"1.4.4"}
{"level":"info","ts":1595002084.6382704,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.rateLimitTranslatorSyncer","caller":"ratelimit/ratelimit_translator_syncer.go:70","msg":"begin sync 11905761251292807775 (1 proxies, 35 upstreams, 26 endpoints, 1 secrets, 12 artifacts, 1 auth configs)","version":"1.4.4"}
{"level":"info","ts":1595002084.638408,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.rateLimitTranslatorSyncer","caller":"ratelimit/ratelimit_translator_syncer.go:134","msg":"end sync 11905761251292807775","version":"1.4.4"}
{"level":"info","ts":1595002084.648239,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.extAuthTranslatorSyncer","caller":"extauth/extauth_translator_syncer.go:38","msg":"begin auth sync 11905761251292807775 (1 proxies, 35 upstreams, 26 endpoints, 1 secrets, 12 artifacts, 1 auth configs)","version":"1.4.4"}
{"level":"info","ts":1595002084.6484575,"logger":"gloo-ee.v1.event_loop.setup.v1.event_loop.extAuthTranslatorSyncer","caller":"runtime/panic.go:679","msg":"end auth sync 11905761251292807775","version":"1.4.4"}
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x2cdbe76]

goroutine 344 [running]:
github.com/solo-io/solo-projects/projects/gloo/pkg/plugins/extauth.translateOauth(0xc0004482c0, 0xc0004253b0, 0x0, 0x0, 0x0)
	/workspace/solo-projects/projects/gloo/pkg/plugins/extauth/translate.go:171 +0x96
github.com/solo-io/solo-projects/projects/gloo/pkg/plugins/extauth.translateConfig(0x3d84480, 0xc0012c7770, 0xc0004482c0, 0xc000f58fc0, 0x0, 0x0, 0x0)
	/workspace/solo-projects/projects/gloo/pkg/plugins/extauth/translate.go:63 +0x7fa
github.com/solo-io/solo-projects/projects/gloo/pkg/plugins/extauth.TranslateExtAuthConfig(0x3d84480, 0xc0012c7770, 0xc0004482c0, 0xc000888920, 0x0, 0x0, 0x0)
	/workspace/solo-projects/projects/gloo/pkg/plugins/extauth/translate.go:34 +0x478
github.com/solo-io/solo-projects/projects/gloo/pkg/syncer/extauth.(*helper).processAuthExtension(0xc0001dd6a8, 0x3d84480, 0xc0012c7770, 0xc0004482c0, 0xc001329470, 0xc001329230, 0x3d8d7c0, 0xc000e0a360, 0x0, 0x0)
	/workspace/solo-projects/projects/gloo/pkg/syncer/extauth/extauth_translator_syncer.go:147 +0x440
github.com/solo-io/solo-projects/projects/gloo/pkg/syncer/extauth.(*ExtAuthTranslatorSyncerExtension).SyncAndSet(0xc000c20520, 0x3d84480, 0xc0012c7770, 0xc0004482c0, 0x7f37345d1558, 0xc000cac1e0, 0x0, 0x0)
	/workspace/solo-projects/projects/gloo/pkg/syncer/extauth/extauth_translator_syncer.go:69 +0x525
github.com/solo-io/solo-projects/projects/gloo/pkg/syncer/extauth.(*ExtAuthTranslatorSyncerExtension).Sync(0xc000c20520, 0x3d84480, 0xc0012c7770, 0xc0004482c0, 0x3d9ca20, 0xc000cac1e0, 0x0, 0x0, 0x0, 0x0)
	/workspace/solo-projects/projects/gloo/pkg/syncer/extauth/extauth_translator_syncer.go:42 +0x5a1
github.com/solo-io/gloo/projects/gloo/pkg/syncer.(*translatorSyncer).Sync(0xc000bdc080, 0x3d843c0, 0xc00005aa40, 0xc0004482c0, 0x0, 0x0)
	/go/pkg/mod/github.com/solo-io/gloo@v1.4.5/projects/gloo/pkg/syncer/translator_syncer.go:69 +0x2c0
github.com/solo-io/gloo/projects/gloo/pkg/api/v1.ApiSyncers.Sync(0xc000c36720, 0x2, 0x2, 0x3d843c0, 0xc00005aa40, 0xc0004482c0, 0x0, 0x0)
	/go/pkg/mod/github.com/solo-io/gloo@v1.4.5/projects/gloo/pkg/api/v1/api_event_loop.sk.go:28 +0x104
github.com/solo-io/gloo/projects/gloo/pkg/api/v1.(*apiEventLoop).Run.func1(0xc000caacc0, 0x3d84480, 0xc0010bf5c0, 0x0, 0xdf8475800, 0x0, 0x0, 0xc0010bf590, 0xc0000fe900, 0xc0001e0580)
	/go/pkg/mod/github.com/solo-io/gloo@v1.4.5/projects/gloo/pkg/api/v1/api_event_loop.sk.go:84 +0x35f
created by github.com/solo-io/gloo/projects/gloo/pkg/api/v1.(*apiEventLoop).Run
	/go/pkg/mod/github.com/solo-io/gloo@v1.4.5/projects/gloo/pkg/api/v1/api_event_loop.sk.go:66 +0x3ef
@bdecoste bdecoste added Type: Bug Something isn't working Enterprise Issue is released in Enterprise Gloo only labels Jul 17, 2020
@lgadban lgadban mentioned this issue Jul 27, 2020
Open
8 tasks
@lgadban lgadban mentioned this issue Aug 27, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enterprise Issue is released in Enterprise Gloo only Type: Bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bdecoste