Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use API Key in module artifactory download #58936

Closed
jvimont opened this issue Nov 13, 2020 · 3 comments · Fixed by #65642
Closed

Use API Key in module artifactory download #58936

jvimont opened this issue Nov 13, 2020 · 3 comments · Fixed by #65642
Labels
Bug broken, incorrect, or confusing behavior severity-medium 3rd level, incorrect or bad functionality, confusing and lacks a work around
Milestone
Approved

Comments

@jvimont
Copy link

jvimont commented Nov 13, 2020

Description of Issue

I try to download an artifact from artifactory but i got an "ValueError: Invalid header value".
It seems there is a format issue regarding the base64 encoding of the Authorisation header. The "\n" included by the hashutil.base64_encodestring, as said in salt.modules.hashutil.base64_encodestring doc, are not removed.

Setup

Create api key in artifactory
Target an existing artifact_id using username and api_key

Steps to Reproduce Issue

salt minion_id artifactory.get_release artifactory_url=my_artifactory_url repository=my_repo group_id=my_group artifact_id=my_artifact packaging=jar version=0.1 target_dir='/tmp' username=foo, password=my_artifactory_api_key

minion_id:
    The minion function caused an exception: Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/salt/minion.py", line 1889, in _thread_return
        function_name, function_args, executors, opts, data
      File "/usr/lib/python3/dist-packages/salt/minion.py", line 1845, in _execute_job_function
        return_data = self.executors[fname](opts, data, func, args, kwargs)
      File "/usr/lib/python3/dist-packages/salt/executors/direct_call.py", line 12, in execute
        return func(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/modules/artifactory.py", line 354, in get_release
        return __save_artifact(release_url, target_file, headers)
      File "/usr/lib/python3/dist-packages/salt/modules/artifactory.py", line 744, in __save_artifact
        f = urllib.request.urlopen(request)
      File "/usr/lib/python3.7/urllib/request.py", line 222, in urlopen
        return opener.open(url, data, timeout)
      File "/usr/lib/python3.7/urllib/request.py", line 525, in open
        response = self._open(req, data)
      File "/usr/lib/python3.7/urllib/request.py", line 543, in _open
        '_open', req)
      File "/usr/lib/python3.7/urllib/request.py", line 503, in _call_chain
        result = func(*args)
      File "/usr/lib/python3.7/urllib/request.py", line 1367, in https_open
        context=self._context, check_hostname=self._check_hostname)
      File "/usr/lib/python3.7/urllib/request.py", line 1324, in do_open
        encode_chunked=req.has_header('Transfer-encoding'))
      File "/usr/lib/python3.7/http/client.py", line 1244, in request
        self._send_request(method, url, body, headers, encode_chunked)
      File "/usr/lib/python3.7/http/client.py", line 1285, in _send_request
        self.putheader(hdr, value)
      File "/usr/lib/python3.7/http/client.py", line 1222, in putheader
        raise ValueError('Invalid header value %r' % (values[i],))
    ValueError: Invalid header value b'Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX**\n**XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX**\n**'

It can be fixed with this workaround:

if username and password:
        headers["Authorization"] = "Basic {0}".format(
            salt.utils.hashutils.base64_encodestring(
                "{0}:{1}".format(username.replace("\n", ""), password.replace("\n", ""))
            ).replace("\n", "")

Versions Report

Same version on master and minion.

Salt Version:
           Salt: 3002.1
 
Dependency Versions:
           cffi: 1.14.3
       cherrypy: unknown
       dateutil: 2.7.3
      docker-py: Not Installed
          gitdb: 2.0.5
      gitpython: 2.1.11
         Jinja2: 2.10
        libgit2: Not Installed
       M2Crypto: 0.31.0
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.5.6
   mysql-python: Not Installed
      pycparser: 2.20
       pycrypto: Not Installed
   pycryptodome: 3.6.1
         pygit2: Not Installed
         Python: 3.7.3 (default, Jul 25 2020, 13:03:44)
   python-gnupg: Not Installed
         PyYAML: 3.13
          PyZMQ: 17.1.2
          smmap: 2.0.5
        timelib: Not Installed
        Tornado: 4.5.3
            ZMQ: 4.3.1
 
System Versions:
           dist: debian 10 buster
         locale: UTF-8
        machine: x86_64
        release: 4.19.0-12-amd64
         system: Linux
        version: Debian GNU/Linux 10 buster
@welcome
Copy link

welcome bot commented Nov 13, 2020

Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as possible. In the meantime, here’s some information that may help as you continue your Salt journey.
Please be sure to review our Code of Conduct. Also, check out some of our community resources including:

There are lots of ways to get involved in our community. Every month, there are around a dozen opportunities to meet with other contributors and the Salt Core team and collaborate in real time. The best way to keep track is by subscribing to the Salt Community Events Calendar.
If you have additional questions, email us at core@saltstack.com. We’re glad you’ve joined our community and look forward to doing awesome things with you!

@sagetherage sagetherage added Bug broken, incorrect, or confusing behavior severity-medium 3rd level, incorrect or bad functionality, confusing and lacks a work around and removed needs-triage labels Jan 26, 2021
@sagetherage sagetherage added this to the Approved milestone Jan 26, 2021
@baldervanx
Copy link

I've done a workaround for this issue locally based on the suggestion above. To avoid duplication I created a function like this:

def _get_headers(username, password):
    headers = {}
    if username and password:
        headers["Authorization"] = "Basic {0}".format(
            salt.utils.hashutils.base64_encodestring(
                "{0}:{1}".format(username.replace("\n", ""), password.replace("\n", ""))
            ).rstrip()
        )
        log.debug("Auth header='%s'", headers["Authorization"])
    return headers

There are 4 places this function need to be called, replacing the current incorrect logic, like this:
headers = _get_headers(username, password)

Unfortunately I don't have the time to do a proper contribution just now, so I hope someone with the right environment setup can do this.

@ssoto2
Copy link

ssoto2 commented Dec 16, 2021

I am commenting on this as also have run into this error. jfrog/artifactory has strongly pushed the use of service accounts for services, but unfortunately, the artifactory module does not work for api keys and salt throws an error of

Invalid header value b'Basic

@ubrix ubrix mentioned this issue Nov 29, 2023
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug broken, incorrect, or confusing behavior severity-medium 3rd level, incorrect or bad functionality, confusing and lacks a work around
Projects
None yet
Milestone
Approved
Development

Successfully merging a pull request may close this issue.

[master] Artifactory module basic auth fix ubrix/salt
5 participants
@s0undt3ch @baldervanx @ssoto2 @jvimont @sagetherage