Uploaded image for project: 'Red Hat Decision Manager'
  1. Red Hat Decision Manager
  2. RHDM-1488

Crash when the console is not configured with SSO (and the servers are)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Minor Minor
    • 7.9.0.GA
    • 7.9.0.GA
    • Cloud
    • None
    • OpenShift 4.5
      BA Operator 7.9.0
      RHBA Images 7.9.0 CR1
      RHDM and RHPAM

    • False
    • False
    • CR1
    • CR2
    • Undefined
    • Workaround Exists
    • Hide

      Configure the SSOClient of the Console object.

      Show
      Configure the SSOClient of the Console object.
    • Hide

      1.- Create a new OpenShift project with BA 7.9.0 Operator
      2.- Deploy a Keycloak instance (or another SSO provider)
      3.- Create following KieApp

      apiVersion: app.kiegroup.org/v2
      kind: KieApp
      metadata:
        name: myapp
      spec:
        auth:
          sso:
            adminPassword: serviceUser1!
            adminUser: serviceUser
            disableSSLCertValidation: true
            realm: demo
            url: >-
              https://secure-sso-josecarvajalhilario-local-350b.apps.production.rhba.openshift-psi.rhocf-dev.net/auth
        commonConfig:
          adminPassword: usetheforce123@
          adminUser: yoda
        environment: rhdm-production-immutable
        objects:
          servers:
            - build:
                gitSource:
                  contextDir: stateless-session
                  reference: master
                  uri: >-
                    http://gogs-josecarvajalhilario-local-350b.apps.production.rhba.openshift-psi.rhocf-dev.net:80/root/KieServerS2iDroolsRepository-7613.git
                kieServerContainerDeployment: 'cont-id=org.kie.server.testing:stateless-session:1.0.0.Final'
              env:
                - name: KIE_ADMIN_USER
                  value: yoda
                - name: KIE_ADMIN_PWD
                  value: usetheforce123@
                - name: DROOLS_SERVER_FILTER_CLASSES
                  value: 'false'
                - name: HOSTNAME_HTTP
                  value: b84b-kieserver-sso-droolsnull
                - name: HOSTNAME_HTTPS
                  value: secured-b84b-kieserver-sso-droolsnull
                - name: HTTPS_NAME
                  value: jboss
                - name: HTTPS_PASSWORD
                  value: mykeystorepass
              keystoreSecret: kie-app-secret
              ssoClient:
                name: kie-server-0-client
                secret: kie-server-0-secret
        useImageTags: true
      

      Actual: The operator crashes and nothing is deployed (see description and attached logs for more information)

      Show
      1.- Create a new OpenShift project with BA 7.9.0 Operator 2.- Deploy a Keycloak instance (or another SSO provider) 3.- Create following KieApp apiVersion: app.kiegroup.org/v2 kind: KieApp metadata: name: myapp spec: auth: sso: adminPassword: serviceUser1! adminUser: serviceUser disableSSLCertValidation: true realm: demo url: >- https: //secure-sso-josecarvajalhilario-local-350b.apps.production.rhba.openshift-psi.rhocf-dev.net/auth commonConfig: adminPassword: usetheforce123@ adminUser: yoda environment: rhdm-production-immutable objects: servers: - build: gitSource: contextDir: stateless-session reference: master uri: >- http: //gogs-josecarvajalhilario-local-350b.apps.production.rhba.openshift-psi.rhocf-dev.net:80/root/KieServerS2iDroolsRepository-7613.git kieServerContainerDeployment: 'cont-id=org.kie.server.testing:stateless-session:1.0.0.Final' env: - name: KIE_ADMIN_USER value: yoda - name: KIE_ADMIN_PWD value: usetheforce123@ - name: DROOLS_SERVER_FILTER_CLASSES value: ' false ' - name: HOSTNAME_HTTP value: b84b-kieserver-sso-droolsnull - name: HOSTNAME_HTTPS value: secured-b84b-kieserver-sso-droolsnull - name: HTTPS_NAME value: jboss - name: HTTPS_PASSWORD value: mykeystorepass keystoreSecret: kie-app-secret ssoClient: name: kie-server-0-client secret: kie-server-0-secret useImageTags: true Actual: The operator crashes and nothing is deployed (see description and attached logs for more information)

      The operator crashes with:

      E1022 13:06:33.599339       1 runtime.go:78] Observed a panic: "invalid memory address or nil pointer dereference" (runtime error: invalid memory address or nil pointer dereference)
      goroutine 2308 [running]:
      k8s.io/apimachinery/pkg/util/runtime.logPanic(0x18b66c0, 0x2b0cf50)
      	/tmp/scripts/builder/src/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:74 +0xa3
      k8s.io/apimachinery/pkg/util/runtime.HandleCrash(0x0, 0x0, 0x0)
      	/tmp/scripts/builder/src/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:48 +0x82
      panic(0x18b66c0, 0x2b0cf50)
      	/usr/lib/golang/src/runtime/panic.go:679 +0x1b2
      github.com/kiegroup/kie-cloud-operator/pkg/controller/kieapp/defaults.configureSSO(0xc0007af180, 0xc001632300, 0x0, 0x0)
      	/tmp/scripts/builder/src/pkg/controller/kieapp/defaults/auth.go:69 +0xa0
      github.com/kiegroup/kie-cloud-operator/pkg/controller/kieapp/defaults.configureAuth(0xc0007af180, 0xc001632300, 0x1, 0x1)
      	/tmp/scripts/builder/src/pkg/controller/kieapp/defaults/auth.go:48 +0xe4
      github.com/kiegroup/kie-cloud-operator/pkg/controller/kieapp/defaults.getEnvTemplate(0xc0007af180, 0xc0007af450, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
      	/tmp/scripts/builder/src/pkg/controller/kieapp/defaults/defaults.go:253 +0x2fd
      

      Looking at the source code, auth.go:

      if cr.Status.Applied.Objects.Console.SSOClient != nil {
      

      Therefore, the issue is happening when we don't configure the SSOClient in the console and the SSOClient is configured for the servers (kie servers).

              rhn-support-fspolti Filippe Spolti
              jcarvaja@redhat.com Jose Carvajal Hilario
              Jakub Schwan Jakub Schwan
              Jakub Schwan Jakub Schwan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: