[FOLIO-1485] Folio testing backend build fails due to incompatible authtoken interface versions Created: 12/Sep/18 Updated: 12/Nov/18 Resolved: 18/Sep/18 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | P2 |
| Reporter: | Marc Johnson | Assignee: | Kurt Nordstrom |
| Resolution: | Done | Votes: | 0 |
| Labels: | ci, core, sprint46 | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||||||||||||||
| Sprint: | |||||||||||||||||||||||||
| Tester Assignee: | Zoltan Erdos | ||||||||||||||||||||||||
| Description |
|
Summary mod-login-saml requires an authotken interface version 1.x I believe this discrepancy means that we are not able to build a cohesive backend set of modules. Symptoms https://jenkins-aws.indexdata.com/job/Automation/job/folio-testing-backend01/504/ failed overnight, with what appeared to be the following error (I ignore the multiple 404 errors that sometimes appear):
failed: [10.36.1.46] (item={u'okapi_docker_pull': u'false', u'index': 7, u'image_repository': u'folioci', u'name': u'mod-login-saml', u'mod_descriptor_repo': u'http://folio-registry.aws.indexdata.com', 'module_id': u'mod-login-saml-1.1.1-SNAPSHOT.26', u'docker_env': [{u'name': u'JAVA_OPTIONS', u'value': u'-Xmx256m'}]}) => {"changed": true, "cmd": "curl -X POST -H \"Content-Type: application/json\" -d @/etc/folio/module-descriptors/mod-login-saml.json -sSf http://10.36.1.46:9130/_/proxy/modules", "delta": "0:00:00.014401", "end": "2018-09-12 05:56:54.048247", "failed": true, "item": {"docker_env": [{"name": "JAVA_OPTIONS", "value": "-Xmx256m"}], "image_repository": "folioci", "index": 7, "mod_descriptor_repo": "http://folio-registry.aws.indexdata.com", "module_id": "mod-login-saml-1.1.1-SNAPSHOT.26", "name": "mod-login-saml", "okapi_docker_pull": "false"}, "rc": 22, "start": "2018-09-12 05:56:54.033846", "stderr": "curl: (22) The requested URL returned error: 400 Bad Request", "stderr_lines": ["curl: (22) The requested URL returned error: 400 Bad Request"], "stdout": "", "stdout_lines": []}`
Investigation This looked like it might be an transient error, so I kicked off another build to check. https://jenkins-aws.indexdata.com/job/Automation/job/folio-testing-backend01/505 failed the same way. The error appeared related to either a lookup in the folio-registry for the module or fetching the docker image. Fetching the module descriptor from the registry seems to work ok (http://folio-registry.aws.indexdata.com/_/proxy/modules/mod-login-saml-1.1.1-SNAPSHOT.26) and the docker image appears to be present (https://hub.docker.com/r/folioci/mod-login-saml/tags/ ) This is the same version of mod-login-saml that was deployed in previous folio-testing builds and is in the folio-snapshot build that succeeded. Looking at it again, it appears the post to Okapi was the aspect that failed. There doesn’t appear to be an error message. mod-login-saml relies on the authtoken, configuration and users interfaces. Based upon https://github.com/folio-org/folio-ansible/blob/e65a28f2ab64d95ab952271c993a035af9528bf9/group_vars/testing it looks like `mod-authtoken`, `mod-configuration` and `mod-users` come before it in the list, so should fulfil those requirements. It turns out that mod-authtoken changed to provide authtoken version 2.0 yesterday (https://github.com/folio-org/mod-authtoken/commit/fdba6e9371618adf1bebf39964127ac3b54787a6). It looks like this mismatch is what causes the backend build to fail. |
| Comments |
| Comment by Marc Johnson [ 12/Sep/18 ] |
|
Kurt Nordstrom I thought that the refresh tokens change was an additional feature that did not affect current behaviour. The major interface change suggests that it included a breaking change? Which from the comments appears to be that the token is now returned in the body instead of the header (in the original API)? |
| Comment by Jakub Skoczen [ 12/Sep/18 ] |
|
István Bender Marc Johnson do we need mod-login-saml in the Q3 release at all? |
| Comment by István Bender [ 12/Sep/18 ] |
|
I don't know any need for that. But if yes we can move to new mod-authtoken API very quickly. It seems to me a minor change in our code. |
| Comment by István Bender [ 12/Sep/18 ] |
|
Meanwhile Kurt created a pull request to fix API change. We test it tomorrow and make a new release. |
| Comment by Wayne Schneider [ 12/Sep/18 ] |
|
We can remove mod-login-saml from the testing build without affecting the frontend. We have done this temporarily. It breaks the Settings/Organization/SSO Settings page and reports a missing interface on the versions page, but everything else seems OK. |
| Comment by Zoltan Erdos [ 14/Sep/18 ] |
|
I would like to test it, but I'm not able to do it, because there is an older version authtoken module( "mod-authtoken-1.5.1-SNAPSHOT.24") in the 'folio/testing' vagrant box(v5.0.0-20180914.1065). |
| Comment by Marc Johnson [ 14/Sep/18 ] |
|
Zoltan Erdos That is odd. The folio-testing hosted environment which I believe uses a very similar process has mod-authtoken-2.0.2-SNAPSHOT.28. The log from last nights VM build shows mod-authtoken-2.0.2-SNAPSHOT.28 as well. I'm not very familiar with Vagrant, have you tried destroying and recreating your current instance after getting the new image? |
| Comment by Zoltan Erdos [ 14/Sep/18 ] |
|
Oh sorry, I forgot to destroy the vagrant machine after i updated the box. So my task is in progress now. |
| Comment by Marc Johnson [ 14/Sep/18 ] |
|
Zoltan Erdos No worries, thank you |
| Comment by Zoltan Erdos [ 14/Sep/18 ] |
|
Thank you Marc, The modules (saml + authtoken 2.0) is wokring fine with each other. I will release our login-saml module now. |
| Comment by István Bender [ 14/Sep/18 ] |
|
mod-login-saml 1.2.0 has been released which supports both authtoken 1.0 and 2.0: |
| Comment by Ann-Marie Breaux (Inactive) [ 17/Sep/18 ] |
|
Kurt Nordstrom Zoltan Erdos István Bender should this be In Code Review rather than In Review? Nothing for the manual testers to do, I think - right? |
| Comment by István Bender [ 18/Sep/18 ] |
|
Ann-Marie Breaux, as a matter of fact the development, code review and tests are done. New release was created from mod-login-saml which supports mod-authtoken. Therefore I think we can close this issue. |
| Comment by Ann-Marie Breaux (Inactive) [ 18/Sep/18 ] |
|
Lovely, István Bender - It's still open, so I'll close it. If it needs to reopen, please put it In Progress or In Code Review instead of In Review. Thank you! |