Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-15464

Luna HSM Integration Failing at deployment with "ERROR: Must supply non-Blank name argument for SecretStores entry."

XMLWordPrintable

    • 2
    • False
    • Hide

      None

      Show
      None
    • False
    • ?
    • openstack-barbican-12.0.3-17.1.20250603070901.6ee5ad9.el9osttrunk openstack-tripleo-common-15.4.1-17.1.20250527161411.e5b18f2.el9osttrunk ansible-role-lunasa-hsm-1.1.1-17.1.20250603180833.5b8127c.el9osttrunk
    • openstack-barbican-12.0.3-17.1.20250603070901.6ee5ad9.el9osttrunk openstack-tripleo-common-15.4.1-17.1.20250527161411.e5b18f2.el9osttrunk ansible-role-lunasa-hsm-1.1.1-17.1.20250603180833.5b8127c.el9osttrunk
    • rhos-ops-platform-services-security
    • None
    • DFG Security: Test Sprint 2, DFG Security: Test Sprint 3, DFG Security: Test Sprint 4, DFG Security: Test Sprint 5, DFG Security: Test Sprint 6, DFG Security: Test Sprint 7
    • 6
    • Important

      On RHOSP17.1, Luna HSM Integration Failing at deployment with "ERROR: Must supply non-Blank name argument for SecretStores entry.":

       
      ++ cat /run_command
      + CMD='/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '\''/usr/bin/barbican-manage db sync_secret_stores --verbose '\'''
      + ARGS=
      + [[ ! -n '' ]]
      + . kolla_extend_start
      + echo 'Running command: '\''/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '\''/usr/bin/barbican-manage db sync_secret_stores --verbose '\'''\'''
      + umask 0022
      + exec /usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c ''\''/usr/bin/barbican-manage' db sync_secret_stores --verbose \'
      ERROR: Must supply non-Blank name argument for SecretStores entry.
      as well as this one:

      + CMD='/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '\''/usr/bin/barbican-manage  db sync_sec
ret_stores --verbose '\'''
+ ARGS=
+ [[ ! -n '' ]]
+ . kolla_extend_start
+ echo 'Running command: '\''/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '\''/usr/bin/barbic
an-manage  db sync_secret_stores --verbose '\'''\'''
+ umask 0022
+ exec /usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c ''\''/usr/bin/barbican-manage' db sync_se
cret_stores --verbose \'
ERROR: Must supply non-Blank name argument for SecretStores entry.

      and finally this one:

      + exec /usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c ''\''/usr/bin/barbican-manage' hsm check_
hmac --label barbican_hmac_0 '||' /usr/bin/barbican-manage hsm gen_hmac --label barbican_hmac_0 \'
ERROR: No token was found in slot 0
ERROR: No token was found in slot 0

      This could be similar to https://bugs.launchpad.net/barbican/+bug/2036506 or it's a template/configuration issue ... given I've found this upstream bug, I'm wondering if working on the template side is the way to go unless it's because barbican is configured with unsupported features with LUNA in 17.1 .

       

       

              dmendiza Douglas Mendizabal
              rhn-support-dhill Dave Hill
              rhos-dfg-security
              Votes:
              2 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated: