salt-step
salt-step copied to clipboard
rundeck-plugins
java.lang.ArrayIndexOutOfBoundsException: 0 on SaltApiNodeStepPlugin.java:465
SaltApiNodeStepPlugin.java:465 -> response.getHeaders(SALT_AUTH_TOKEN_HEADER)[0].getValue()
Fresh install of salt-api: 2018.3.0 Fresh Rundeck: 2.10.8
I have verified successful login works via curl and a REST client. This error happens after responseCode == capability.getLoginSuccessResponseCode() success check. That does mean ENV variables are setup correctly.
Getting this error on successful login:
Authenticating with salt-api endpoint: [https://salt.localhost:8000/login]
Failed executing node plugin [salt-api-exec] on node rad-atx-vm-01: java.lang.ArrayIndexOutOfBoundsException: 0
at org.rundeck.plugin.salt.SaltApiNodeStepPlugin.authenticate(SaltApiNodeStepPlugin.java:465)
at org.rundeck.plugin.salt.SaltApiNodeStepPlugin.executeNodeStep(SaltApiNodeStepPlugin.java:229)
at com.dtolabs.rundeck.core.execution.workflow.steps.node.NodeStepPluginAdapter.executeNodeStep(NodeStepPluginAdapter.java:115)
at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.executeNodeStep(ExecutionServiceImpl.java:145)
at com.dtolabs.rundeck.core.execution.dispatch.SequentialNodeDispatcher.dispatch(SequentialNodeDispatcher.java:130)
at com.dtolabs.rundeck.core.execution.dispatch.SequentialNodeDispatcher.dispatch(SequentialNodeDispatcher.java:61)
at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.dispatchToNodesWith(ExecutionServiceImpl.java:201)
at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.dispatchToNodes(ExecutionServiceImpl.java:172)
at com.dtolabs.rundeck.core.execution.workflow.steps.NodeDispatchStepExecutor.executeWorkflowStep(NodeDispatchStepExecutor.java:65)
at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.executeStep(ExecutionServiceImpl.java:97)
at com.dtolabs.rundeck.core.execution.workflow.BaseWorkflowExecutor.executeWFItem(BaseWorkflowExecutor.java:291)
at com.dtolabs.rundeck.core.execution.workflow.BaseWorkflowExecutor.executeWorkflowStep(BaseWorkflowExecutor.java:687)
at com.dtolabs.rundeck.core.execution.workflow.engine.StepCallable.apply(StepCallable.java:71)
at com.dtolabs.rundeck.core.execution.workflow.engine.StepOperation.apply(StepOperation.java:73)
at com.dtolabs.rundeck.core.execution.workflow.engine.StepOperation.apply(StepOperation.java:31)
at com.dtolabs.rundeck.core.rules.WorkflowEngineOperationsProcessor.lambda$processRunnableOperations$27(WorkflowEngineOperationsProcessor.java:224)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Failed: PluginFailed: 0
[workflow] finishExecuteNodeStep(rad-atx-vm-01): NodeDispatch: PluginFailed: 0
Salt Version:
[root@d1b8d3cb2af6 /]# salt --versions-report
Salt Version:
Salt: 2018.3.0
Dependency Versions:
cffi: Not Installed
cherrypy: unknown
dateutil: Not Installed
docker-py: Not Installed
gitdb: Not Installed
gitpython: Not Installed
ioflo: Not Installed
Jinja2: 2.7.2
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.4.6
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 2.7.5 (default, Aug 4 2017, 00:39:18)
python-gnupg: Not Installed
PyYAML: 3.11
PyZMQ: 15.3.0
RAET: Not Installed
smmap: Not Installed
timelib: Not Installed
Tornado: 4.2.1
ZMQ: 4.1.4
System Versions:
dist: centos 7.4.1708 Core
locale: ANSI_X3.4-1968
machine: x86_64
release: 4.9.87-linuxkit-aufs
system: Linux
version: CentOS Linux 7.4.1708 Core
FYI: here's curl via command line from the Rundeck server, talking to salt.localhost
root@08ff8ada3894:/# curl -iX "POST" "https://salt.localhost:8000/login" -H 'Content-Type: application/json' -H 'Accept: application/json' -d $'{
"eauth": "pam",
"username": "vagrant",
"password": "vagrant"
}'
HTTP/1.1 200 OK
Content-Length: 206
Access-Control-Expose-Headers: GET, POST
Vary: Accept-Encoding
Server: CherryPy/5.6.0
Allow: GET, HEAD, POST
Access-Control-Allow-Credentials: true
Date: Wed, 18 Apr 2018 16:57:55 GMT
Access-Control-Allow-Origin: *
X-Auth-Token: 0cb5ee5fe42ec0db2b1df040a9b0037317b012d5
Content-Type: application/json
Set-Cookie: session_id=0cb5ee5fe42ec0db2b1df040a9b0037317b012d5; expires=Thu, 19 Apr 2018 02:57:55 GMT; Path=/
{"return": [{"perms": [".*", "@runner", "@wheel", "@jobs"], "start": 1524070675.855344, "token": "0cb5ee5fe42ec0db2b1df040a9b0037317b012d5", "expire": 1524113875.855349, "user": "vagrant", "eauth": "pam"}]}
root@08ff8ada3894:/#
please use http only, you need to use legacy http support which is a patch available with rundeck salt support.
On Wed, Apr 18, 2018 at 10:29 PM, Philip [email protected] wrote:
FYI: here's curl via command line from the Rundeck server, talking to salt.localhost
root@08ff8ada3894:/# curl -iX "POST" "https://salt.localhost:8000/login" -H 'Content-Type: application/json' -H 'Accept: application/json' -d $'{ "eauth": "pam", "username": "vagrant", "password": "vagrant" }' HTTP/1.1 200 OK Content-Length: 206 Access-Control-Expose-Headers: GET, POST Vary: Accept-Encoding Server: CherryPy/5.6.0 Allow: GET, HEAD, POST Access-Control-Allow-Credentials: true Date: Wed, 18 Apr 2018 16:57:55 GMT Access-Control-Allow-Origin: * X-Auth-Token: 0cb5ee5fe42ec0db2b1df040a9b0037317b012d5 Content-Type: application/json Set-Cookie: session_id=0cb5ee5fe42ec0db2b1df040a9b0037317b012d5; expires=Thu, 19 Apr 2018 02:57:55 GMT; Path=/
{"return": [{"perms": [".*", "@runner", "@wheel", "@jobs"], "start": 1524070675.855344, "token": "0cb5ee5fe42ec0db2b1df040a9b0037317b012d5", "expire": 1524113875.855349, "user": "vagrant", "eauth": "pam"}]} root@08ff8ada3894:/#
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/rundeck-plugins/salt-step/issues/22#issuecomment-382457211, or mute the thread https://github.com/notifications/unsubscribe-auth/ATKJO7VKiCKqfRiMeozy16N5Of6pngU5ks5tp3EIgaJpZM4TXaQZ .
please use http only,
You literally told me in #21 (direct comment link) not to use HTTP. Not to mention given the nature of our business, we are required to use HTTPS. Switching to insecure connection isn't an option.
you can use https if you don't use a self signed certificate limited to your machine, because salt-api throws error as "untrusted certificate". If you have authorized cetificate, you will be able to run rundeck in https protocol ssl mode.
http can be used only if you have the patch for backward compatibility where the patch can be obtained from rundeck salt support team.
I am sorry for the confusion.
On Wed, Jun 6, 2018 at 7:43 PM, Philip [email protected] wrote:
please use http only,
You literally told me in #21 https://github.com/rundeck-plugins/salt-step/issues/21 (direct comment link https://github.com/rundeck-plugins/salt-step/issues/21#issuecomment-381565078) not to use HTTP. Not to mention given the nature of our business, we are required to use HTTPS. Switching to insecure connection isn't an option.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/rundeck-plugins/salt-step/issues/22#issuecomment-395083333, or mute the thread https://github.com/notifications/unsubscribe-auth/ATKJO1HXbXwS0973nntDuQaq75IovEwlks5t5-N4gaJpZM4TXaQZ .
No worries. However, that's not the issue of this ticket. Rundeck is successfully connecting and authenticating with salt. The problem is it seems to something changed in the header management:
I have verified successful login works via curl and a REST client. This error happens after responseCode == capability.getLoginSuccessResponseCode() success check.