Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing profile results in misleading error message in chef_gate log #144

Closed
jwr0 opened this issue Nov 3, 2016 · 8 comments
Closed

Missing profile results in misleading error message in chef_gate log #144

jwr0 opened this issue Nov 3, 2016 · 8 comments

Comments

@jwr0
Copy link

jwr0 commented Nov 3, 2016

Cookbook version

[0.14.1]

Chef-client version

[12.13.37]

Platform Details

[RHEL 7.2 on AWS]

Scenario:

[When you run the audit cookbook for a profile that does not exist, the chef_gate log will say Authentication failed. Please check your system's clock. This is misleading because the problem is a missing profile, not any authentication or problem with the clock.]

Steps to Reproduce:

[Run the audit cookbook for a profile that doesn't exist, then look at your chef_gate current log.]

Expected Result:

[If an error is because of a missing profile, the error message should state that the profile is missing.]

Actual Result:

[chef_gate current log will say Authentication failed. Please check your system's clock.]
@chris-rock
Copy link
Contributor

@ricksebak This error should only come up if the authentication between Chef Server and Chef Compliance is not working. Are you able to retrieve available profiles?

@chris-rock
Copy link
Contributor

In addition we are closely to finalizing the 2.0 version of this cookbook. Could you update the cookbook and verify that this issue still exists with the latest version? Be aware that we changed the syntax for defining profiles https://github.com/chef-cookbooks/audit#configure-node

@jwr0
Copy link
Author

jwr0 commented Nov 3, 2016

@chris-rock After I upload the missing profile, audit works fine. Other aspects of authentication also work as expected (such as logging in using the "other provider" link.).

The readme suggests that 2.0 is unreleased. Are you suggesting testing with 2.0? Or the latest currently released version (1.1, apparently)?

@chris-rock
Copy link
Contributor

Work on 2.0 is finalized and we do the latest testing. It will be released tomorrow.

@chris-rock
Copy link
Contributor

@ricksebak Is this still valid for 2.0?

@jwr0
Copy link
Author

jwr0 commented Nov 14, 2016

I was out all last week, so I haven't tried this yet. We're working on moving to audit 2.1 this week. I'll report back. Thanks.

@jwr0
Copy link
Author

jwr0 commented Nov 14, 2016

Unfortunately this misleading error message still does appear in the chef_gate log even when using audit 2.1. When I use a profile named "doesntexist" I can see the "check your clock" error.

When I use a profile that does exist, those profiles work correctly.

@chris-rock
Copy link
Contributor

We added better error output in https://github.com/chef-cookbooks/audit/pull/208/files#diff-ac3f30b2c66fd1ec1b818a9707a4066dR120 This will highlight that a profile could not be fetched. Therefore I am going to close this issue. Please reopen if this continues to be an issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cheeseplus @chris-rock @jwr0