Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-3638

Quay config validator crashes on 3.6.5 startup when openshift enabled FIPS

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Done
    • quay-v3.6.5
    • quay-v3.6.6
    • quay
    • False
    • None
    • False
    • Quay Enterprise
    • 0

    Description

      Running init script '/quay-registry/conf/init/certs_install.sh'
      Installing extra certificates found in /quay-registry/conf/stack/extra_ca_certs directory
      Installing extra cert /quay-registry/conf/stack/extra_ca_cert_service-ca.crt
      Running init script '/quay-registry/conf/init/copy_config_files.sh'
      Running init script '/quay-registry/conf/init/d_validate_config_bundle.sh'
      Validating Configuration
      plpgsql
      pg_trgm
      boringcrypto: unexpected code execution in config-tool
      panic: boringcrypto: invalid code execution
      
      
      goroutine 1 [running]:
      crypto/internal/boring.UnreachableExceptTests()
      /usr/lib/golang/src/crypto/internal/boring/boring.go:118 +0x18b
      crypto/hmac.New(0x122c390, 0xc0003936e0, 0x2c, 0x30, 0x8, 0x8)
              /usr/lib/golang/src/crypto/hmac/hmac.go:135 +0x36a
      github.com/minio/minio-go/v7/pkg/signer.sumHMAC(0xc0003936e0, 0x2c, 0x30, 0xc001109e70, 0x8, 0x8, 0x8, 0x45, 0xc00071dfc0)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/utils.go:40 +0x4f
      github.com/minio/minio-go/v7/pkg/signer.getSigningKey(0xc0003923c0, 0x28, 0x11cea58, 0x9, 0x3da25f9, 0xed9f322ef, 0x0, 0x11c6fde, 0x2, 0xc00017b200, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go:68 +0x13d
      github.com/minio/minio-go/v7/pkg/signer.signV4(0x11c72b7, 0x3, 0xc00071b680, 0x11cca79, 0x8, 0x1, 0x1, 0xc0011071d0, 0x0, 0x0, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go:289 +0x4fb
      github.com/minio/minio-go/v7/pkg/signer.SignV4(...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go:317
      github.com/minio/minio-go/v7.Client.getBucketLocationRequest(0xc00071b320, 0xc0004a18c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xc0011070e0, 0xc0011232a0, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/bucket-cache.go:251 +0x77a
      github.com/minio/minio-go/v7.Client.getBucketLocation(0xc00071b320, 0xc0004a18c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xc0011070e0, 0xc0011232a0, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/bucket-cache.go:100 +0x13a
      github.com/minio/minio-go/v7.Client.newRequest(0xc00071b320, 0xc0004a18c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xc0011070e0, 0xc0011232a0, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/api.go:681 +0x12b8
      github.com/minio/minio-go/v7.Client.executeMethod(0xc00071b320, 0xc0004a18c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xc0011070e0, 0xc0011232a0, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/api.go:565 +0x298
      github.com/minio/minio-go/v7.Client.BucketExists(0xc00071b320, 0xc0004a18c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xc0011070e0, 0xc0011232a0, ...)
              /remote-source/config-tool/app/vendor/github.com/minio/minio-go/v7/api-stat.go:37 +0x1b8
      github.com/quay/config-tool/pkg/lib/shared.validateMinioGateway(0x7fff19d2db1c, 0x6, 0xc00051db90, 0xc000442990, 0x7, 0xc000331b00, 0x3b, 0xc000636cc0, 0x14, 0xc0003923c0, ...)
              /remote-source/config-tool/app/pkg/lib/shared/storage_validators.go:348 +0x3d4
      github.com/quay/config-tool/pkg/lib/shared.ValidateStorage(0x7fff19d2db1c, 0x6, 0xc00051db90, 0xc000442990, 0x7, 0xc0004429b0, 0xc, 0xc000092900, 0x11d81e9, 0x12, ...)
              /remote-source/config-tool/app/pkg/lib/shared/storage_validators.go:73 +0x2211
      github.com/quay/config-tool/pkg/lib/fieldgroups/distributedstorage.(*DistributedStorageFieldGroup).Validate(0xc0000ae500, 0x7fff19d2db1c, 0x6, 0xc00051db90, 0xc000595c28, 0x1, 0x1)
             /remote-source/config-tool/app/pkg/lib/fieldgroups/distributedstorage/distributedstorage_validator.go:42 +0x2c6
      github.com/quay/config-tool/commands.glob..func3(0x22dc580, 0xc0000ae3c0, 0x0, 0x4)
              /remote-source/config-tool/app/commands/validate.go:102 +0x5b3
      github.com/spf13/cobra.(*Command).execute(0x22dc580, 0xc0000ae380, 0x4, 0x4, 0x22dc580, 0xc0000ae380)
              /remote-source/config-tool/app/vendor/github.com/spf13/cobra/command.go:846 +0x2c2
      github.com/spf13/cobra.(*Command).ExecuteC(0x22dc2e0, 0x40c7a5, 0xc00007e058, 0x0)
              /remote-source/config-tool/app/vendor/github.com/spf13/cobra/command.go:950 +0x375
      github.com/spf13/cobra.(*Command).Execute(...)
              /remote-source/config-tool/app/vendor/github.com/spf13/cobra/command.go:887
      github.com/quay/config-tool/commands.Execute()
              /remote-source/config-tool/app/commands/root.go:37 +0x2d
      main.main()
              /remote-source/config-tool/app/cmd/config-tool/main.go:21 +0x25
      

      Please check. Thank you!

      Attachments

        Issue Links

          Activity

            People

              bcaton@redhat.com Brandon Caton
              rhn-support-ibazulic Ivan Bazulic
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: