[FOLIO-1485] Folio testing backend build fails due to incompatible authtoken interface versions Created: 12/Sep/18  Updated: 12/Nov/18  Resolved: 18/Sep/18

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: P2
Reporter: Marc Johnson Assignee: Kurt Nordstrom
Resolution: Done Votes: 0
Labels: ci, core, sprint46
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
is blocked by MODLOGSAML-34 Support authtoken interface 2.0 In Progress
is blocked by MODLOGSAML-35 Test module with mod-authtoken v2.0 Closed
Relates
relates to STRIPES-552 Support authtoken interface 2.0 Closed
relates to FOLIO-1233 Implement refresh tokens Closed
Sprint:
Tester Assignee: Zoltan Erdos

 Description   

Summary

mod-login-saml requires an authotken interface version 1.x
mod-authtoken now provides authtoken interface version 2.0

I believe this discrepancy means that we are not able to build a cohesive backend set of modules.

Symptoms

https://jenkins-aws.indexdata.com/job/Automation/job/folio-testing-backend01/504/ failed overnight, with what appeared to be the following error (I ignore the multiple 404 errors that sometimes appear):

failed: [10.36.1.46] (item={u'okapi_docker_pull': u'false', u'index': 7, u'image_repository': u'folioci', u'name': u'mod-login-saml', u'mod_descriptor_repo': u'http://folio-registry.aws.indexdata.com', 'module_id': u'mod-login-saml-1.1.1-SNAPSHOT.26', u'docker_env': [{u'name': u'JAVA_OPTIONS', u'value': u'-Xmx256m'}]}) => {"changed": true, "cmd": "curl -X POST -H \"Content-Type: application/json\" -d @/etc/folio/module-descriptors/mod-login-saml.json -sSf http://10.36.1.46:9130/_/proxy/modules", "delta": "0:00:00.014401", "end": "2018-09-12 05:56:54.048247", "failed": true, "item": {"docker_env": [{"name": "JAVA_OPTIONS", "value": "-Xmx256m"}], "image_repository": "folioci", "index": 7, "mod_descriptor_repo": "http://folio-registry.aws.indexdata.com", "module_id": "mod-login-saml-1.1.1-SNAPSHOT.26", "name": "mod-login-saml", "okapi_docker_pull": "false"}, "rc": 22, "start": "2018-09-12 05:56:54.033846", "stderr": "curl: (22) The requested URL returned error: 400 Bad Request", "stderr_lines": ["curl: (22) The requested URL returned error: 400 Bad Request"], "stdout": "", "stdout_lines": []}`

Investigation

This looked like it might be an transient error, so I kicked off another build to check. https://jenkins-aws.indexdata.com/job/Automation/job/folio-testing-backend01/505 failed the same way.

The error appeared related to either a lookup in the folio-registry for the module or fetching the docker image.

Fetching the module descriptor from the registry seems to work ok (http://folio-registry.aws.indexdata.com/_/proxy/modules/mod-login-saml-1.1.1-SNAPSHOT.26) and the docker image appears to be present (https://hub.docker.com/r/folioci/mod-login-saml/tags/ )

This is the same version of mod-login-saml that was deployed in previous folio-testing builds and is in the folio-snapshot build that succeeded.

Looking at it again, it appears the post to Okapi was the aspect that failed. There doesn’t appear to be an error message.

mod-login-saml relies on the authtoken, configuration and users interfaces. Based upon https://github.com/folio-org/folio-ansible/blob/e65a28f2ab64d95ab952271c993a035af9528bf9/group_vars/testing it looks like `mod-authtoken`, `mod-configuration` and `mod-users` come before it in the list, so should fulfil those requirements.

It turns out that mod-authtoken changed to provide authtoken version 2.0 yesterday (https://github.com/folio-org/mod-authtoken/commit/fdba6e9371618adf1bebf39964127ac3b54787a6).

It looks like this mismatch is what causes the backend build to fail.



 Comments   
Comment by Marc Johnson [ 12/Sep/18 ]

Kurt Nordstrom I thought that the refresh tokens change was an additional feature that did not affect current behaviour.

The major interface change suggests that it included a breaking change? Which from the comments appears to be that the token is now returned in the body instead of the header (in the original API)?

Comment by Jakub Skoczen [ 12/Sep/18 ]

István Bender Marc Johnson do we need mod-login-saml in the Q3 release at all?

Comment by István Bender [ 12/Sep/18 ]

I don't know any need for that. But if yes we can move to new mod-authtoken API very quickly. It seems to me a minor change in our code.

Comment by István Bender [ 12/Sep/18 ]

Meanwhile Kurt created a pull request to fix API change. We test it tomorrow and make a new release.

Comment by Wayne Schneider [ 12/Sep/18 ]

We can remove mod-login-saml from the testing build without affecting the frontend. We have done this temporarily. It breaks the Settings/Organization/SSO Settings page and reports a missing interface on the versions page, but everything else seems OK.

Comment by Zoltan Erdos [ 14/Sep/18 ]

I would like to test it, but I'm not able to do it, because there is an older version authtoken module( "mod-authtoken-1.5.1-SNAPSHOT.24") in the 'folio/testing' vagrant box(v5.0.0-20180914.1065).

Comment by Marc Johnson [ 14/Sep/18 ]

Zoltan Erdos That is odd.

The folio-testing hosted environment which I believe uses a very similar process has mod-authtoken-2.0.2-SNAPSHOT.28.

The log from last nights VM build shows mod-authtoken-2.0.2-SNAPSHOT.28 as well.

I'm not very familiar with Vagrant, have you tried destroying and recreating your current instance after getting the new image?

Comment by Zoltan Erdos [ 14/Sep/18 ]

Oh sorry, I forgot to destroy the vagrant machine after i updated the box. So my task is in progress now.

Comment by Marc Johnson [ 14/Sep/18 ]

Zoltan Erdos No worries, thank you

Comment by Zoltan Erdos [ 14/Sep/18 ]

Thank you Marc, The modules (saml + authtoken 2.0) is wokring fine with each other. I will release our login-saml module now.

Comment by István Bender [ 14/Sep/18 ]

mod-login-saml 1.2.0 has been released which supports both authtoken 1.0 and 2.0:
https://repository.folio.org/#browse/search/maven=attributes.maven2.artifactId%3Dmod-login-saml:e5c50d09b73fd3c5bc1cff034ac05a11

Comment by Ann-Marie Breaux (Inactive) [ 17/Sep/18 ]

Kurt Nordstrom Zoltan Erdos István Bender should this be In Code Review rather than In Review? Nothing for the manual testers to do, I think - right?

Comment by István Bender [ 18/Sep/18 ]

Ann-Marie Breaux, as a matter of fact the development, code review and tests are done. New release was created from mod-login-saml which supports mod-authtoken. Therefore I think we can close this issue.

Comment by Ann-Marie Breaux (Inactive) [ 18/Sep/18 ]

Lovely, István Bender - It's still open, so I'll close it. If it needs to reopen, please put it In Progress or In Code Review instead of In Review.

Thank you!

Generated at Thu Feb 08 23:13:41 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.