October 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (SWSQE-953) ocp4-kqe2 cluster is stuck and not possible to remove

by Filip Brychta (Jira)

[ https://issues.jboss.org/browse/SWSQE-953?page=com.atlassian.jira.plugin.... ] Filip Brychta resolved SWSQE-953. --------------------------------- Resolution: Done > ocp4-kqe2 cluster is stuck and not possible to remove > ----------------------------------------------------- > > Key: SWSQE-953 > URL: https://issues.jboss.org/browse/SWSQE-953 > Project: Kiali QE > Issue Type: Bug > Reporter: Filip Brychta > Assignee: Filip Brychta > Priority: Major > Labels: infrastructure > > After mixing ocp 4.1 and 4.2 installation the ocp4-kqe2 is stuck and it's not possible to remove it even manually. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFWIP-224) Redundant template eap-cd-chained-build-s2i.json

by Jean Francois Denise (Jira)

[ https://issues.jboss.org/browse/WFWIP-224?page=com.atlassian.jira.plugin.... ] Jean Francois Denise commented on WFWIP-224: -------------------------------------------- This one will be removed. It is not needed anymore. The analysis doc reflects that. > Redundant template eap-cd-chained-build-s2i.json > ------------------------------------------------ > > Key: WFWIP-224 > URL: https://issues.jboss.org/browse/WFWIP-224 > Project: WildFly WIP > Issue Type: Bug > Components: OpenShift > Reporter: Nikoleta Ziakova > Assignee: Jean Francois Denise > Priority: Major > > The [chained-build|https://github.com/wildfly/temp-openshift-image/blob/EAP7-1...] template was added with old feature design when chained build was not possible to be added to the existing templates. Now the existing templates contain chained build so this new template has become redundant. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1851) Elytron ldaps realm fails if a referral is returned inside a search

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/ELY-1851?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1851: ---------------------------------- Fix Version/s: 1.6.6.CR1 (was: 1.6.5.Final) > Elytron ldaps realm fails if a referral is returned inside a search > ------------------------------------------------------------------- > > Key: ELY-1851 > URL: https://issues.jboss.org/browse/ELY-1851 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.6.3.Final > Reporter: Chao Wang > Assignee: Chao Wang > Priority: Major > Fix For: 1.6.6.CR1 > > > Elytron LdapRealm fails to follow a referral when ldaps is used (the {{ThreadLocalSSLSocketFactory}} is not set). > With a configuration similar to this one ({{memberOf}} is used to locate groups): > {code:xml} > <ldap-realm name="ldap-realm" dir-context="ldap-dir-context" direct-verification="true"> > <identity-mapping rdn-identifier="sAMAccountName" use-recursive-search="true" search-base-dn="DC=redhat,DC=com"> > <attribute-mapping> > <attribute reference="memberOf" from="cn" to="Roles" role-recursion="3"/> > </attribute-mapping> > </identity-mapping> > </ldap-realm> > ... > <dir-context name="ldap-dir-context" url="ldaps://ldap.redhat.com:636" principal="cn=Administrator,cn=Users,DC=redhat,DC=com" referral-mode="FOLLOW" ssl-context="ldaps-context"> > <credential-reference store="credstore" alias="ldap_password"/> > </dir-context> > {code} > If we have a group (or user) which contains a {{memberOf}} of another ldap, something like the following: > {noformat} > dn: CN=group-with-external-members,OU=Groups,DC=redhat,DC=com > ... > memberOf: CN=group-in-another-domain,OU=Groups,DC=lab,DC=redhat,DC=com > {noformat} > The following exception is thrown when a referral is returned for a group that is inside another ldapserver of the forest: > {noformat} > TRACE [org.jboss.remoting.remote.server] (management task-1) Server sending authentication rejected: java.lang.RuntimeException: ELY01079: ldap-realm realm failed to obtain attributes for entry [CN=group-with-external-members,OU=Groups,DC=redhat,DC=com] > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:808) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$null$4(LdapSecurityRealm.java:768) > at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184) > at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:151) > at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:174) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:418) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.forEachAttributeValue(LdapSecurityRealm.java:841) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.lambda$extractFilteredAttributes$6(LdapSecurityRealm.java:766) > at java.util.stream.Collectors.lambda$toMap$58(Collectors.java:1321) > at java.util.stream.ReduceOps$3ReducingSink.accept(ReduceOps.java:169) > at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) > at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) > at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) > at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) > at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) > at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) > at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractAttributes(LdapSecurityRealm.java:828) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributes(LdapSecurityRealm.java:754) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAttributes(LdapSecurityRealm.java:516) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getAuthorizationIdentity(LdapSecurityRealm.java:497) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1923) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1952) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:509) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:489) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:872) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:839) > at org.wildfly.security.sasl.util.SSLQueryCallbackHandler.handle(SSLQueryCallbackHandler.java:60) > at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96) > at org.wildfly.security.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:146) > at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) > at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106) > at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217) > at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:942) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) > at java.lang.Thread.run(Thread.java:748) > Caused by: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: ldap-realm realm identity search failed > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1141) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.extractFilteredAttributesFromSearch(LdapSecurityRealm.java:797) > ... 46 more > Caused by: javax.naming.CommunicationException: ldap.lab.redhat.com:636 [Root exception is java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting] > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:96) > at com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:151) > at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) > at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786) > at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:335) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1161) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1038) > ... 47 more > Caused by: java.lang.IllegalStateException: ELY04025: DirContext tries to connect without ThreadLocalSSLSocketFactory thread local setting > at org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory.getDefault(ThreadLocalSSLSocketFactory.java:46) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at com.sun.jndi.ldap.Connection.createSocket(Connection.java:296) > at com.sun.jndi.ldap.Connection.<init>(Connection.java:215) > at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) > at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1609) > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) > at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) > at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151) > at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(ldapURLContextFactory.java:52) > at org.jboss.as.naming.context.ObjectFactoryBuilder$ReferenceUrlContextFactoryWrapper.getObjectInstance(ObjectFactoryBuilder.java:293) > at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:300) > at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:119) > ... 58 more > {noformat} > The reason seems to be that the {{ThreadLocalSSLSocketFactory}} is not set when doing a search, so, if a referral is returned the new search created inside the current one has no access to the {{SSLSocketFactory}} in the thread local. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1883) Release WildFly Elytron 1.6.5.Final

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/ELY-1883?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse resolved ELY-1883. ----------------------------------- Resolution: Done [~ivassile] FYI https://github.com/wildfly-security/wildfly-elytron/tree/1.6.5.Final > Release WildFly Elytron 1.6.5.Final > ----------------------------------- > > Key: ELY-1883 > URL: https://issues.jboss.org/browse/ELY-1883 > Project: WildFly Elytron > Issue Type: Release > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 1.6.5.CR1 > > -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1883) Release WildFly Elytron 1.6.5.Final

by Darran Lofthouse (Jira)

Darran Lofthouse created ELY-1883: ------------------------------------- Summary: Release WildFly Elytron 1.6.5.Final Key: ELY-1883 URL: https://issues.jboss.org/browse/ELY-1883 Project: WildFly Elytron Issue Type: Release Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.6.5.CR1 -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1872) elytron-tool.sh usage with symbolic links

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/ELY-1872?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated ELY-1872: ---------------------------------- Fix Version/s: 1.6.5.CR1 1.10.4.CR1 > elytron-tool.sh usage with symbolic links > ----------------------------------------- > > Key: ELY-1872 > URL: https://issues.jboss.org/browse/ELY-1872 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Affects Versions: 2.0.0.Alpha4 > Environment: Red Hat JBoss Enterprise Application Platform (7.2.3) > Reporter: Ilia Vassilev > Assignee: Ilia Vassilev > Priority: Major > Labels: downstream_dependency > Fix For: 1.6.5.CR1, 1.10.4.CR1 > > > It looks like elytron-tool.sh doesn't work well with symbolic links. > The soft link becomes a credential store - in a "standard" file - with the newly added alias but the original credential store will not be updated. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFWIP-225) Environment variable to configure the initial metaspace size - need to update standalone.conf to bring CLOUD-3270 changes

by Jan Blizňák (Jira)

Jan Blizňák created WFWIP-225: --------------------------------- Summary: Environment variable to configure the initial metaspace size - need to update standalone.conf to bring CLOUD-3270 changes Key: WFWIP-225 URL: https://issues.jboss.org/browse/WFWIP-225 Project: WildFly WIP Issue Type: Bug Components: OpenShift Reporter: Jan Blizňák Assignee: Jean Francois Denise In CLOUD-3270, some changes were made to be able to override jvm metaspace value but current image docker-registry.upshift.redhat.com/kwills/eap-cd-openshift-rhel8:18.0-EAP... doesn't have it. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFWIP-223) disableHTTPRoute = true in runtime does not clean CR.status.hosts

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFWIP-223?page=com.atlassian.jira.plugin.... ] Jeff Mesnil commented on WFWIP-223: ----------------------------------- tracked in upstream by https://github.com/wildfly/wildfly-operator/issues/94 > disableHTTPRoute = true in runtime does not clean CR.status.hosts > ----------------------------------------------------------------- > > Key: WFWIP-223 > URL: https://issues.jboss.org/browse/WFWIP-223 > Project: WildFly WIP > Issue Type: Bug > Components: OpenShift > Reporter: Martin Choma > Assignee: Jeff Mesnil > Priority: Blocker > Labels: operator > > Reproducer: > # create CR > {code} > apiVersion: wildfly.org/v1alpha1 > kind: WildFlyServer > metadata: > generation: 1 > name: eap-cd > namespace: default > spec: > applicationImage: >- > brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888/jboss-eap-7-tech-preview/eap-cd-openshift-rhel8:17.0-4 > size: 1 > disableHTTPRoute: false > {code} > # Edit CR with disableHTTPRoute: true. I would expect Route object will be deleted. > {code} > apiVersion: wildfly.org/v1alpha1 > kind: WildFlyServer > metadata: > generation: 1 > name: eap-cd > namespace: default > spec: > applicationImage: >- > brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888/jboss-eap-7-tech-preview/eap-cd-openshift-rhel8:17.0-4 > size: 1 > disableHTTPRoute: true > {code} > # Route object eap-cd is not deleted but status.hosts is still filled > {code:yaml} > apiVersion: wildfly.org/v1alpha1 > kind: WildFlyServer > metadata: > creationTimestamp: '2019-10-01T17:20:34Z' > generation: 2 > name: eap-cd > namespace: mchoma > resourceVersion: '629943' > selfLink: /apis/wildfly.org/v1alpha1/namespaces/mchoma/wildflyservers/eap-cd > uid: c7535f3f-e46f-11e9-b4ad-02e6008f3048 > spec: > applicationImage: >- > image-registry.openshift-image-registry.svc:5000/eapcd-suite-builds/eap-cd-openshift-rhel8:17.0-4 > disableHTTPRoute: false > env: [] > envFrom: [] > replicas: 1 > status: > hosts: > - >- > eap-cd-route-mchoma.apps.eap-qe-cluster105.eap-qe-cluster105.fw.rhcloud.com > pods: > - name: eap-cd-0 > podIP: 10.131.0.246 > state: ACTIVE > replicas: 1 > scalingdownPods: 0 > {code} -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFWIP-223) disableHTTPRoute = true in runtime does not clean CR.status.hosts

by Jeff Mesnil (Jira)

[ https://issues.jboss.org/browse/WFWIP-223?page=com.atlassian.jira.plugin.... ] Jeff Mesnil updated WFWIP-223: ------------------------------ Labels: operator (was: ) > disableHTTPRoute = true in runtime does not clean CR.status.hosts > ----------------------------------------------------------------- > > Key: WFWIP-223 > URL: https://issues.jboss.org/browse/WFWIP-223 > Project: WildFly WIP > Issue Type: Bug > Components: OpenShift > Reporter: Martin Choma > Assignee: Jeff Mesnil > Priority: Blocker > Labels: operator > > Reproducer: > # create CR > {code} > apiVersion: wildfly.org/v1alpha1 > kind: WildFlyServer > metadata: > generation: 1 > name: eap-cd > namespace: default > spec: > applicationImage: >- > brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888/jboss-eap-7-tech-preview/eap-cd-openshift-rhel8:17.0-4 > size: 1 > disableHTTPRoute: false > {code} > # Edit CR with disableHTTPRoute: true. I would expect Route object will be deleted. > {code} > apiVersion: wildfly.org/v1alpha1 > kind: WildFlyServer > metadata: > generation: 1 > name: eap-cd > namespace: default > spec: > applicationImage: >- > brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888/jboss-eap-7-tech-preview/eap-cd-openshift-rhel8:17.0-4 > size: 1 > disableHTTPRoute: true > {code} > # Route object eap-cd is not deleted but status.hosts is still filled > {code:yaml} > apiVersion: wildfly.org/v1alpha1 > kind: WildFlyServer > metadata: > creationTimestamp: '2019-10-01T17:20:34Z' > generation: 2 > name: eap-cd > namespace: mchoma > resourceVersion: '629943' > selfLink: /apis/wildfly.org/v1alpha1/namespaces/mchoma/wildflyservers/eap-cd > uid: c7535f3f-e46f-11e9-b4ad-02e6008f3048 > spec: > applicationImage: >- > image-registry.openshift-image-registry.svc:5000/eapcd-suite-builds/eap-cd-openshift-rhel8:17.0-4 > disableHTTPRoute: false > env: [] > envFrom: [] > replicas: 1 > status: > hosts: > - >- > eap-cd-route-mchoma.apps.eap-qe-cluster105.eap-qe-cluster105.fw.rhcloud.com > pods: > - name: eap-cd-0 > podIP: 10.131.0.246 > state: ACTIVE > replicas: 1 > scalingdownPods: 0 > {code} -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFWIP-224) Redundant template eap-cd-chained-build-s2i.json

by Nikoleta Ziakova (Jira)

Nikoleta Ziakova created WFWIP-224: -------------------------------------- Summary: Redundant template eap-cd-chained-build-s2i.json Key: WFWIP-224 URL: https://issues.jboss.org/browse/WFWIP-224 Project: WildFly WIP Issue Type: Bug Components: OpenShift Reporter: Nikoleta Ziakova Assignee: Jean Francois Denise The [chained-build|https://github.com/wildfly/temp-openshift-image/blob/EAP7-1...] template was added with old feature design when chained build was not possible to be added to the existing templates. Now the existing templates contain chained build so this new template has become redundant. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 1 month

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2019