Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

run-testenv job fails due to a timeout while waiting for netbird api key to be available #34

Closed
kKdH opened this issue Jan 18, 2024 · 1 comment
Closed

run-testenv job fails due to a timeout while waiting for netbird api key to be available #34

kKdH opened this issue Jan 18, 2024 · 1 comment
Assignees
@reimarstier
Labels
component: ci/cd Mostly related to ci/cd type: bug Something isn't working

Comments

@kKdH
Copy link
Member

kKdH commented Jan 18, 2024
edited
Loading

The github action job run-testenv fails due to the following error:

thread 'main' panicked at .ci/docker/theo/src/core/docker.rs:156:13:
Timeout while waiting for netbird api key to be available.

First time observed here and here. But the job does not always fail. A successful run can be found here.
@kKdH kKdH added type: bug Something isn't working component: ci/cd Mostly related to ci/cd labels Jan 18, 2024
@github-project-automation github-project-automation bot moved this to Backlog in openDuT Jan 18, 2024
kKdH added a commit that referenced this issue Jan 18, 2024
@kKdH
Disabled 'run-testenv' job until #34 has been resolved.
19fdd68
reimarstier added a commit that referenced this issue Jan 19, 2024
@reimarstier
CI -> Re-enable test environment #34
e0ce8f3
@reimarstier
Copy link
Contributor

Observation:
Netbird management cannot communicate with Keycloak.
It tries to enumerate the users in keycloak but does not get the expected response.
The provisioning of netbird fails to authenticate and it cannot create an API token for the netbird service.

Error log in netbird management:

2024-01-18T15:34:59Z INFO management/cmd/management.go:250: running gRPC backward compatibility server: [::]:33073
2024-01-18T15:34:59Z INFO management/cmd/management.go:282: running HTTP server and gRPC server on the same port: [::]:80
2024-01-18T15:34:59Z WARN management/server/account.go:868: failed warming up cache due to error: unable to get http://keycloak/admin/realms/netbird/users/count?, statusCode 403
2024-01-18T15:35:02Z INFO management/server/account.go:1524: overriding JWT Domain and DomainCategory claims since single account mode is enabled
2024-01-18T15:35:02Z ERRO management/server/http/middleware/auth_middleware.go:82: Error when validating JWT claims: unable to get http://keycloak/admin/realms/netbird/users/count?, statusCode 403
2024-01-18T15:35:02Z ERRO management/server/http/util/util.go:80: got a handler error: token invalid
2024-01-18T15:35:02Z ERRO management/server/telemetry/http_api_metrics.go:181: HTTP response 2071539231: GET /api/users status 401

Conclusion: Netbird is expecting a response from keycloak but the users are not yet provisioned.

Similar issue: netbirdio/netbird#996

FIX:

  • Wait explicitly for keycloak provisioning
  • Improve error handling in THEO
  • Netbird provision entrypoint shell script: Enumerate users in keycloak before starting netbird management service

@DANOLLE DANOLLE moved this from Backlog to In progress in openDuT Jan 22, 2024
reimarstier added a commit that referenced this issue Jan 22, 2024
@reimarstier
CI -> Re-enable test environment #34
50489b6
@github-project-automation github-project-automation bot moved this from In progress to In review in openDuT Jan 24, 2024
@DANOLLE DANOLLE moved this from In review to Done in openDuT Jan 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@reimarstier reimarstier

Labels
component: ci/cd Mostly related to ci/cd type: bug Something isn't working
Projects
openDuT
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kKdH @reimarstier