Bug #14934: Rudder directive API seem to take key-value order into account in json POST request - Rudder - Issue Tracker

Actions

Copy link

Bug #14934

closed

Rudder directive API seem to take key-value order into account in json POST request

Added by Félix DALLIDET over 5 years ago. Updated about 4 years ago.

Status:

Released

Priority:

N/A

Assignee:

François ARMAND

Category:

API

Target version:

5.0.19

Pull Request:

https://github.com/Normation/rudder/p...

Severity:

Major - prevents use of part of Rudder | no simple workaround

UX impact:

User visibility:

Operational - other Techniques | Rudder settings | Plugins

Effort required:

Priority:

Name check:

Fix check:

Checked

Regression:

Description

On my rudder server in 5.0, I tried to import a given technique from its json, I ended up not being able to import it if some key-value were on the wrong order.
Which should not be the case since I guess it should only be key-value based.

I put 2 files here containing some User directive, one works, the other doesn't.


root@server:/tmp# diff not_working.json working.json 
25,26c25,26
<                                                 "value": "linux-shadow-sha256:$5$YNADkZ07$htb77c7EFCvMnMriWLRK.MWDWkQOuZ8ErNJxW.TAK2A",
<                                                 "name": "USERGROUP_USER_PASSWORD" 
---
>                                                 "name": "USERGROUP_USER_PASSWORD", 
>                                                 "value": "linux-shadow-sha256:$5$YNADkZ07$htb77c7EFCvMnMriWLRK.MWDWkQOuZ8ErNJxW.TAK2A"

The curl command used:

curl --show-error --silent --insecure --location --proxy '' --globoff -H "X-API-Token: xxxxxx" -X PUT "https://127.0.0.1/rudder/api/latest/directives" -H "Content-Type: application/json" -d @/tmp/working.json | jq ''

The error message was absolutly not clear about the error:

{
  "action": "createDirective",
  "result": "error",
  "errorDetails": "Could not create Directive <- Could not extract values from request <- Missing required attribute 'name' for <section>: JObject(List(JField(var,JObject(List(JField(value,JString(linux-shadow-sha256:$5$YNADkZ07$htb77c7EFCvMnMriWLRK.MWDWkQOuZ8ErNJxW.TAK2A)), JField(name,JString(USERGROUP_USER_PASSWORD)))))))" 
}

This is a template, please edit and remove what is not relevant.

I found this bug in Rudder version [Your Version here], on [Distribution here]

This bug happens:

During installation of Rudder agent / Rudder server
While running rudder agent on a Node
When using Rudder web interface
When looking at compliance of a Node
When configurations are generated on Rudder Server
When a Nodes applies a configuration

Description:

You can reproduce it with the following steps:

You can workaround this issue by doing likewise:

Files

Download all files

working.json (5.46 KB) working.json		Félix DALLIDET, 2019-05-22 10:21
not_working.json (5.46 KB) not_working.json		Félix DALLIDET, 2019-05-22 10:21

Related issues 1 (1 open — 0 closed)

Actions

Copy link

Updated by Vincent MEMBRÉ over 5 years ago

Target version changed from 5.0.12 to 5.0.13

Actions

Copy link

Updated by Vincent MEMBRÉ about 5 years ago

Target version changed from 5.0.13 to 5.0.14

Actions

Copy link

Updated by Vincent MEMBRÉ about 5 years ago

Target version changed from 5.0.14 to 5.0.15

Actions

Copy link

Updated by Vincent MEMBRÉ almost 5 years ago

Target version changed from 5.0.15 to 5.0.16

Actions

Copy link

Updated by Alexis Mousset almost 5 years ago

Target version changed from 5.0.16 to 5.0.17

Actions

Copy link

Updated by Vincent MEMBRÉ over 4 years ago

Target version changed from 5.0.17 to 5.0.18

Actions

Copy link

Updated by François ARMAND over 4 years ago

Subject changed from Rudder API seem to take key-value order into account in json POST request to Rudder directive API seem to take key-value order into account in json POST request
Severity changed from Minor - inconvenience | misleading | easy workaround to Major - prevents use of part of Rudder | no simple workaround
User visibility set to Operational - other Techniques | Rudder settings | Plugins
Priority changed from 0 to 43

I don't think it's minor. It can break processes for absolutly no obvious reason, since the JSON is correct and the error message show the missing field. Finding the workaround is easy only if you know what the problem is.

Actions

Copy link

Updated by François ARMAND over 4 years ago

Assignee set to Elaad FURREEDAN

Elaad, this is a good ticket to upskill in that part of rudder.

Actions

Copy link

Updated by Vincent MEMBRÉ over 4 years ago

Target version changed from 5.0.18 to 5.0.19

Actions

Copy link

#10

Updated by Vincent MEMBRÉ about 4 years ago

Status changed from New to In progress
Assignee changed from Elaad FURREEDAN to Vincent MEMBRÉ

Actions

Copy link

#11

Updated by Vincent MEMBRÉ about 4 years ago

Assignee changed from Vincent MEMBRÉ to François ARMAND
Pull Request set to https://github.com/Normation/rudder/pull/3193

PR https://github.com/Normation/rudder/pull/3193

Actions

Copy link

#12

Updated by Vincent MEMBRÉ about 4 years ago

Status changed from In progress to Pending release

Applied in changeset rudder|9e3b73914b0e2519ef62b856aeeae8aa6261bb46.

Actions

Copy link

#13

Updated by François ARMAND about 4 years ago

Fix check set to Error - Blocking

We now get:

[2020-09-07 12:24:45] ERROR com.normation.ldap.sdk.RWPooledSimpleAuthConnectionProvider - Can't execute LDAP request
com.unboundid.ldap.sdk.LDAPSearchException: invalid DN
        at com.unboundid.ldap.sdk.LDAPConnection.search(LDAPConnection.java:3772)
        at com.unboundid.ldap.sdk.LDAPConnection.getEntry(LDAPConnection.java:1803)
        at com.unboundid.ldap.sdk.LDAPConnection.getEntry(LDAPConnection.java:1770)
        at com.normation.ldap.sdk.RoLDAPConnection.get(LDAPConnection.scala:312)
        at com.normation.ldap.sdk.RwLDAPConnection.save(LDAPConnection.scala:580)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.$anonfun$internalSaveDirective$10(LDAPDirectiveRepository.scala:595)
        at com.normation.rudder.repository.ldap.ScalaLock.$anonfun$apply$1(Lock.scala:46)
        at com.normation.rudder.repository.ldap.ScalaLock.map(Lock.scala:36)
        at com.normation.rudder.repository.ldap.ScalaLock.map$(Lock.scala:33)
        at com.normation.rudder.repository.ldap.ScalaLock$$anon$1.map(Lock.scala:60)
        at com.normation.rudder.repository.ldap.ScalaLock.apply(Lock.scala:46)
        at com.normation.rudder.repository.ldap.ScalaLock.apply$(Lock.scala:46)
        at com.normation.rudder.repository.ldap.ScalaLock$$anon$1.apply(Lock.scala:60)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.$anonfun$internalSaveDirective$9(LDAPDirectiveRepository.scala:595)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.$anonfun$internalSaveDirective$7(LDAPDirectiveRepository.scala:590)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.$anonfun$internalSaveDirective$3(LDAPDirectiveRepository.scala:560)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.$anonfun$internalSaveDirective$1(LDAPDirectiveRepository.scala:559)
        at com.normation.ldap.sdk.LDAPConnectionProvider.$anonfun$flatMap$1(LDAPConnectionProvider.scala:117)
        at com.normation.ldap.sdk.LDAPConnectionProvider.withCon(LDAPConnectionProvider.scala:154)
        at com.normation.ldap.sdk.LDAPConnectionProvider.withCon$(LDAPConnectionProvider.scala:143)
        at com.normation.ldap.sdk.RWPooledSimpleAuthConnectionProvider.withCon(LDAPConnectionProvider.scala:395)
        at com.normation.ldap.sdk.LDAPConnectionProvider.flatMap(LDAPConnectionProvider.scala:116)
        at com.normation.ldap.sdk.LDAPConnectionProvider.flatMap$(LDAPConnectionProvider.scala:115)
        at com.normation.ldap.sdk.RWPooledSimpleAuthConnectionProvider.flatMap(LDAPConnectionProvider.scala:395)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.internalSaveDirective(LDAPDirectiveRepository.scala:558)
        at com.normation.rudder.repository.ldap.WoLDAPDirectiveRepository.saveDirective(LDAPDirectiveRepository.scala:639)
        at com.normation.rudder.rest.lift.DirectiveAPIService2.$anonfun$actualDirectiveCreation$6(DirectiveApi.scala:283)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.rest.lift.DirectiveAPIService2.$anonfun$actualDirectiveCreation$1(DirectiveApi.scala:276)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.rest.lift.DirectiveAPIService2.actualDirectiveCreation(DirectiveApi.scala:270)
        at com.normation.rudder.rest.lift.DirectiveAPIService2.$anonfun$createDirective$8(DirectiveApi.scala:312)
        at com.normation.rudder.rest.RestUtils$.$anonfun$actionResponse2$3(RestUtils.scala:170)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.rest.RestUtils$.$anonfun$actionResponse2$2(RestUtils.scala:170)
        at net.liftweb.common.Full.flatMap(Box.scala:856)
        at com.normation.rudder.rest.RestUtils$.actionResponse2(RestUtils.scala:168)
        at com.normation.rudder.rest.lift.DirectiveApi.actionResponse(DirectiveApi.scala:96)

=> #18170

Actions

Copy link

#14