Bug #25554: Upgrading to 8.2.0~beta2~git202409260054-debian12 causes loss of all user techniques - Rudder - Issue Tracker

Actions

Copy link

Bug #25554

closed

Upgrading to 8.2.0~beta2~git202409260054-debian12 causes loss of all user techniques

Added by Michel BOUISSOU 29 days ago. Updated 26 days ago.

Status:

Resolved

Priority:

N/A

Assignee:

Category:

Target version:

Pull Request:

Severity:

Critical - prevents main use of Rudder | no workaround | data loss | security

UX impact:

User visibility:

Effort required:

Priority:

Name check:

To do

Fix check:

To do

Regression:

Description

After upgrading from :

rudder-agent/now 8.2.0~beta2~git202409240710-debian12 amd64 [installed,upgradable to: 8.2.0~beta2~git202409260054-debian12]
rudder-api-client/now 8.2.0~beta2~git202409240710-debian12 amd64 [installed,upgradable to: 8.2.0~beta2~git202409260054-debian12]
rudder-relay/now 8.2.0~beta2~git202409240710-debian12 amd64 [installed,upgradable to: 8.2.0~beta2~git202409260054-debian12]
rudder-server/now 8.2.0~beta2~git202409240710-debian12 amd64 [installed,upgradable to: 8.2.0~beta2~git202409260054-debian12]

to :

rudder-agent/bookworm,now 8.2.0~beta2~git202409260054-debian12 amd64 [installed]
rudder-api-client/bookworm,now 8.2.0~beta2~git202409260054-debian12 amd64 [installed]
rudder-relay/bookworm,now 8.2.0~beta2~git202409260054-debian12 amd64 [installed]
rudder-server/bookworm,now 8.2.0~beta2~git202409260054-debian12 amd64 [installed]

With plugin OpenSCAP installed,

The Rudder server seems to be working allright.

However, changing a group property causes generation to fail with message :

⇨ Policy update error for process '2530' at 2024-09-26 17:07:32 
⇨ Cannot build Rule vals; 
    cause was: Could not find configuration vals; 
    cause was: Version '1.0' of technique 'login_defs_pwd_durations' is not available for directive 'login.defs PWD durations' [ad6960ff-1d14-4fc4-8ef3-372bb8076868]; 
    cause was: Version '1.0' of technique 'mustache_last_template_test' is not available for directive 'Mustache last template test' [dcd10c45-f2eb-4e5e-a532-4bbbee2f032f]; 
    cause was: Version '1.0' of technique 'plugin_openscap_policies' is not available for directive 'OpenSCAP for Debian 10' [961d4cba-fb9a-4a52-8735-51776d7fb2bc]; 
    cause was: Version '1.0' of technique 'upgrade_rudder_agent_on_debian_family' is not available for directive 'Upgrade Rudder agent on Debian and Ubuntu families' [c2b06558-bd00-452f-8799-1ced167e5212]; 
    cause was: Version '1.0' of technique 'install_package_with_parameter' is not available for directive 'Install emacs' [a65834f1-079e-4779-8db5-1be013ea011f]; 
    cause was: Version '1.0' of technique 'plugin_openscap_policies' is not available for directive 'OpenSCAP for Debian 11' [7bd3fe86-94ae-48f1-8b3c-f0d2fd12feef]; 
    cause was: Unexpected: Version '1.0' of technique 'plugin_openscap_policies' is not available for directive 'OpenSCAP for Debian 12' [c50f7203-e371-488f-83ac-6e73ff8c86d3]

Examining the techniques tree them shows all user techniques seems to have been lost (see screenshot)

Using [Reload techniques] doesn't help.

The generation message gives a hint about the OpenSCAP plugin.

Uninstalling the OpenSCAP plugin makes policies generation succeed again.

However, all the user techniques are still gone and using [Reload techniques] still doesn't help.

Webapp log contains the following nteresting part :

2024-09-26 17:30:32+0000 INFO  bootchecks - Check for force reload of Techniques library
2024-09-26 17:30:32+0000 INFO  bootchecks - Flag file '/opt/rudder/etc/force_technique_reload' found, reload Technique library now
2024-09-26 17:30:33+0000 INFO  bootchecks - Migrated change requests and workflow columns that should be not null (id, state, content)
2024-09-26 17:30:33+0000 INFO  bootchecks - Migrated eventLog columns that should be not null (eventtype, principal, severity, data)
2024-09-26 17:30:33+0000 INFO  bootchecks - Migrating '0' old inventory accept/refuse facts to 'NodeFacts' database table
2024-09-26 17:30:33+0000 INFO  bootchecks - Migration of old accept/refuse facts done
2024-09-26 17:30:33+0000 WARN  explain_compliance.29ec0914-0172-4c40-a9cd-99b92d6a07db - Received a run at 2024-09-26T17:30:10.000Z for node '29ec0914-0172-4c40-a9cd-99b92d6a07db' configId '20240926-125018-4d4efd27' which is not known b
y Rudder, and that node should be sending reports for configId 20240924-095025-8f33c5c0.
2024-09-26 17:30:37+0000 INFO  techniques.reader - Reloading technique library, no modified techniques found
2024-09-26 17:30:37+0000 INFO  com.normation.rudder.services.policies.DeployOnTechniqueCallback - Reload Technique library at start up
2024-09-26 17:30:37+0000 INFO  bootchecks - Successfully reloaded Technique library on start up. now deleting flag file '/opt/rudder/etc/force_technique_reload'
2024-09-26 17:30:37+0000 INFO  bootchecks - Flag file '/opt/rudder/etc/force_technique_reload' successfully removed
2024-09-26 17:30:37+0000 INFO  bootchecks - Check if system groups hasPolicyServer-root and all-nodes-with-cfengine-agent have the correct description and name
2024-09-26 17:30:37+0000 INFO  bootchecks - Check if 'rudder_generation_rudderc_enabled_targets' is present and must be deleted
2024-09-26 17:30:37+0000 INFO  bootchecks - Check mandatory DIT entries
2024-09-26 17:30:37+0000 INFO  bootchecks - All the required DIT entries are present in the LDAP directory
2024-09-26 17:30:37+0000 INFO  bootchecks - Check if hash algorithm for user password is a modern one, if not enable unsafe_hashes
2024-09-26 17:30:37+0000 INFO  bootchecks - Check initialization of User Technique Library
2024-09-26 17:30:37+0000 INFO  bootchecks - Check that `rudder` global parameter matches default value
2024-09-26 17:30:37+0000 INFO  bootchecks - Check existence of at least one archive of the configuration
2024-09-26 17:30:37+0000 INFO  bootchecks - First full archive of configuration-repository items done
2024-09-26 17:30:37+0000 INFO  bootchecks - Check if table 'NodeFacts' exists and if data from /var/rudder/inventories/historical are migrated
2024-09-26 17:30:37+0000 INFO  bootchecks - Migrating '0' old inventory accept/refuse facts to 'NodeFacts' database table
2024-09-26 17:30:37+0000 INFO  bootchecks - Migration of old accept/refuse facts done
2024-09-26 17:30:37+0000 INFO  bootchecks - Regenerate all ncf techniques
2024-09-26 17:30:38+0000 INFO  bootchecks - Started editor techniques update
[2024-09-26T17:30:41+0000] WARNING Exception thrown from handler: Cannot invoke "com.zaxxer.nuprocess.NuProcessHandler.onStart(com.zaxxer.nuprocess.NuProcess)" because "this.processHandler" is null
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'jinja_template_test'; cause was: error when committing Technique 'jinja_template_test/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/jinja_template_test/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/jinja_template_test/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'login_defs_pwd_durations'; cause was: error when committing Technique 'login_defs_pwd_durations/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/login_defs_pwd_durations/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/login_defs_pwd_durations/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'telnet_server_packages_not_installed'; cause was: error when committing Technique 'telnet_server_packages_not_installed/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/telnet_server_packages_not_installed/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/telnet_server_packages_not_installed/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'swap_inactive_and_absent_from_fstab'; cause was: error when committing Technique 'swap_inactive_and_absent_from_fstab/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/swap_inactive_and_absent_from_fstab/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/swap_inactive_and_absent_from_fstab/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'inventory_hook__headers_w_o_generic'; cause was: error when committing Technique 'inventory_hook__headers_w_o_generic/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/inventory_hook__headers_w_o_generic/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/inventory_hook__headers_w_o_generic/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'mustache_last_template_test'; cause was: error when committing Technique 'mustache_last_template_test/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/mustache_last_template_test/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/mustache_last_template_test/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'update_rudder_demo_licence_password'; cause was: error when committing Technique 'update_rudder_demo_licence_password/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/update_rudder_demo_licence_password/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/update_rudder_demo_licence_password/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'telnet_stopped'; cause was: error when committing Technique 'telnet_stopped/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/telnet_stopped/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/telnet_stopped/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'install_package_with_parameter'; cause was: error when committing Technique 'install_package_with_parameter/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/install_package_with_parameter/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/install_package_with_parameter/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'upgrade_rudder_agent_on_debian_family'; cause was: error when committing Technique 'upgrade_rudder_agent_on_debian_family/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/ncf_techniques/upgrade_rudder_agent_on_debian_family/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/ncf_techniques/upgrade_rudder_agent_on_debian_family/1.0'.'
2024-09-26 17:30:44+0000 ERROR bootchecks - An error occurred while writing technique 'plugin_openscap_policies'; cause was: error when committing Technique 'plugin_openscap_policies/1.0'; cause was: Unexpected: Error when trying to compile technique '/var/rudder/configuration-repository/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0'. Error details are available in `compilation-output.yml` file in the same directory. Error message: 'Exit code=2 for technique: '/var/rudder/configuration-repository/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0'.'
2024-09-26 17:30:44+0000 INFO  bootchecks - 0 techniques migrated, 11 have an error. check errors above if any
2024-09-26 17:30:47+0000 INFO  techniques.reader - Reloading technique library, no modified techniques found
2024-09-26 17:30:47+0000 INFO  com.normation.rudder.services.policies.DeployOnTechniqueCallback - Update Technique library after updating all techniques at start up
2024-09-26 17:30:47+0000 INFO  bootchecks - Ended editor techniques update
2024-09-26 17:30:47+0000 INFO  bootchecks - Migrate technique.json to technique.yml
2024-09-26 17:30:47+0000 INFO  bootchecks.migration.techniques - Checking if some techniques need to be migrated to YAML format
2024-09-26 17:30:47+0000 INFO  bootchecks - Trigger policy update automatically at start
2024-09-26 17:30:47+0000 INFO  bootchecks - Deprecated flag file '/opt/rudder/etc/trigger-policy-generation' found, removing it
2024-09-26 17:30:47+0000 INFO  bootchecks - Flag file '/opt/rudder/etc/trigger-policy-generation' successfully removed
2024-09-26 17:30:47+0000 INFO  bootchecks - Remove LDAP entries breaking directive api, see https://issues.rudder.io/issues/22314
2024-09-26 17:30:47+0000 INFO  bootchecks - Create system api token
2024-09-26 17:30:47+0000 INFO  bootchecks - System api token file created in /var/rudder/run/api-token
2024-09-26 17:30:47+0000 INFO  bootchecks - Initialize node compliance cache
2024-09-26 17:30:47+0000 INFO  bootchecks - Table 'NodeLastCompliance' is in used, loading past compliance from it
2024-09-26 17:30:48+0000 INFO  bootchecks - Check all user sessions are closed

All the mentioned “compilation-output.yml” files contain the same kind of :

compiler: rudderc
resultCode: 2
fileStatus: []
msg: 'Exit code=2 for technique: ''/var/rudder/configuration-repository/techniques/ncf_techniques/upgrade_rudder_agent_on_debian_family/1.0''.'
stdout: ''
stderr: |
  error: unrecognized subcommand ''

  Usage: rudderc [OPTIONS] <COMMAND>

  For more information, try '--help'.

Issue reproduced twice (restarting from previous server VM snapshot)

Files

Download all files

Policy_update_error_240926a.png (103 KB) Policy_update_error_240926a.png	Policy update error	Michel BOUISSOU, 2024-09-26 19:40
User_techniques_before_update_240926b.png (349 KB) User_techniques_before_update_240926b.png	User techniques before server update	Michel BOUISSOU, 2024-09-26 19:40
User_techniques_lost_240926a.png (299 KB) User_techniques_lost_240926a.png	User techniques lost	Michel BOUISSOU, 2024-09-26 19:41

Actions

Copy link

Updated by Michel BOUISSOU 26 days ago

Status changed from New to Resolved

Fixed in 8.2.0~beta2~git202409272205-debian12

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #25554

Upgrading to 8.2.0~beta2~git202409260054-debian12 causes loss of all user techniques

Updated by Michel BOUISSOU 26 days ago