Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-5790

Quay should not report panic runtime error when not finding valid SSL Cert for Elastic Server

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • quay-v3.8.9, quay-v3.9.0
    • config-tool, quay
    • False
    • None
    • False

      Description:

      This is an issue found in Quay, when configure Quay to use elasticsearch as logs producer, the elastic server is using self-signed TSL Cert, when providing invalid TLS CA cert, Quay should be able to handle the exception rather than report "panic: runtime error: invalid memory address or nil pointer dereference", pls review this issue.

      Quay:  quay-operator-bundle-container-v3.9.0-128

      Note: This is not quay 3.8.0 regression issue.

      oc logs quayregistry-quay-app-6c5f89b957-lh5zv
   __   __
  /  \ /  \     ______   _    _     __   __   __
 / /\ / /\ \   /  __  \ | |  | |   /  \  \ \ / /
/ /  / /  \ \  | |  | | | |  | |  / /\ \  \   /
\ \  \ \  / /  | |__| | | |__| | / ____ \  | |
 \ \/ \ \/ /   \_  ___/  \____/ /_/    \_\ |_|
  \__/ \__/      \ \__
                  \___\ by Red Hat
 Build, Store, and Distribute your Containers


Startup timestamp: 
Thu Jul  6 07:30:40 UTC 2023


Running all default registry services without migration
Running init script '/quay-registry/conf/init/certs_install.sh'
Installing extra certificates found in /quay-registry/conf/stack/extra_ca_certs directory
Running init script '/quay-registry/conf/init/copy_config_files.sh'
Running init script '/quay-registry/conf/init/d_validate_config_bundle.sh'
Validating Configuration
plpgsql
pg_trgm
e Get "https://quayes.qe.devcluster.openshift.com:9200/quay390*": x509: certificate is valid for localhost, 6358acef52b1, not quayes.qe.devcluster.openshift.com
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0xb8278b]


goroutine 1 [running]:
github.com/quay/config-tool/pkg/lib/shared.ValidateElasticSearchCredentials({0xc0014d4540, 0xc00061dab0}, {0xc0002dec50, 0x7}, {0xc000624438, 0x14})
	/remote-source/config-tool/app/pkg/lib/shared/validators.go:654 +0x24b
github.com/quay/config-tool/pkg/lib/fieldgroups/elasticsearch.(*ElasticSearchFieldGroup).Validate(0xc00000e378, {{0x7fff54f8ec20, 0xecdad4}, 0xc00067a330})
	/remote-source/config-tool/app/pkg/lib/fieldgroups/elasticsearch/elasticsearch_validator.go:93 +0x973
github.com/quay/config-tool/commands.glob..func3(0x1f29620, {0xec3aed, 0x4, 0x4})
	/remote-source/config-tool/app/commands/validate.go:102 +0x69f
github.com/spf13/cobra.(*Command).execute(0x1f29620, {0xc000802500, 0x4, 0x4})
	/remote-source/config-tool/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:846 +0x5f8
github.com/spf13/cobra.(*Command).ExecuteC(0x1f29380)
	/remote-source/config-tool/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:950 +0x3ad
github.com/spf13/cobra.(*Command).Execute(...)
	/remote-source/config-tool/deps/gomod/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:887
github.com/quay/config-tool/commands.Execute()
	/remote-source/config-tool/app/commands/root.go:37 +0x25
main.main()
	/remote-source/config-tool/app/cmd/config-tool/main.go:21 +0x17

      Quay config.yaml:

      LOGS_MODEL: elasticsearch
LOGS_MODEL_CONFIG:
    elasticsearch_config:
        access_key: elastic
        host: quayes.qe.devcluster.openshift.com
        index_prefix: quay390
        port: 9200
        secret_key: password
        use_ssl: true
    producer: elasticsearch

              Unassigned Unassigned
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: