Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API keys expire after 3 days [fake auth] #20

Open
drpaneas opened this issue Mar 8, 2018 · 2 comments
Open

API keys expire after 3 days [fake auth] #20

drpaneas opened this issue Mar 8, 2018 · 2 comments
Labels
enhancement

Comments

@drpaneas
Copy link

drpaneas commented Mar 8, 2018

I don't know why, but in openQA the default API keys used for fake authentication are expiring after ~3 days. As soon as this happens, the workers cannot connect to the webui, plus there's another problem: the contairer of the worker is not starting (running) anymore. It goes up and then it does immediately.

workaround:

  1. Generate new keys from the webui
  2. Create a file on the host with the new valid API keys
cat > client.conf << "EOF"
[openqa-webui]
key = 7B0DF15A3AE564AD
secret = 01C5639A5F8EA0E8
EOF
  1. Copy this file into the worker, without starting the container
docker cp client.conf generic-openqa_worker4:/etc/openqa/
  1. Start the container of the worker

After some seconds, it should connect to the webui and appear to be online once again :)
@drpaneas
Copy link
Author

drpaneas commented Mar 8, 2018
edited
Loading

Although I am able to restart my jobs in openQA from the webui, I cannot use the openqa-client within the workers anymore.

e.g.

docker exec c37e211fb90e openqa-client isos post DISTRI=ubuntu VERSION=17.10 FLAVOR=desktop ARCH=amd64
ERROR:  - Connection refused

EDIT:

I fixed that by passing the host:

openqa-client --host http://openqa-webui isos post DISTRI=ubuntu VERSION=17.10 FLAVOR=desktop ARCH=amd64

strange... I didn't have to do this before the keys got expired.

@drpaneas drpaneas changed the title API keys expire after 3 days API keys expire after 3 days [fake auth] Mar 9, 2018
@binary-sequence
Copy link
Member

Hello @drpaneas,

About #20 (comment):
Yes, but this is not an Issue of docker nor openQA.
You should be able to create an API key/secret that last the time you need. You could also create a never-expiring one.
From the webui, on "Manage API keys", remove the date of the form input before clicking create (I don't know how to do that programmatically).

About the second #20 (comment):
I don't know what happened there. It sounds like you are using a new openQA version?
But, when a key expires, you then need to restart all the workers after the new API key/secret are setup properly. I plan to cover the expected behavior with tests, but first I want to cover openQA itself. To detect whether the bugs I find are from openQA or from my docker images.
At the moment only the version in development is tested in openQA, but not the shipped version in Tumbleweed, which is the one my images relied on.

Cheers,
Sergio

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@drpaneas @binary-sequence @SergioAtSUSE