Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bootstrap failures with read-only simp_puppetdb grants and puppetlabs/puppetdb 7.9.0+ #843

Open
op-ct opened this issue Aug 8, 2022 · 0 comments
Open

Bootstrap failures with read-only simp_puppetdb grants and puppetlabs/puppetdb 7.9.0+ #843

op-ct opened this issue Aug 8, 2022 · 0 comments

Comments

@op-ct
Copy link
Member

op-ct commented Aug 8, 2022

During a SIMP EE install, @AndyAdrian-OP ran into some Postgresql errors failures during simp-bootstrap with puppetlabs/puppetlabs-puppetdb 7.10.1.

Debug: Executing with uid=postgres gid=postgres: 'psql -d puppetdb -t -X -c "SELECT COUNT(*) FROM (SELECT
                  ns.nspname,
                  acl.defaclobjtype,
                  acl.defaclacl
                FROM pg_default_acl acl
                JOIN pg_namespace ns ON acl.defaclnamespace=ns.oid
                WHERE acl.defaclacl::text ~ '.*\\\"simp_puppetdb\\\"=X/puppetdb\\".*'
                AND nspname = 'public') count"'[0m

Error: /Stage[main]/Puppetdb::Database::Postgresql/Puppetdb::Database::Read_only_user[simp_puppetdb]/Puppetdb::Database::Default_read_grant[puppetdb grant read permission on new objects from puppetdb to simp_puppetdb]/Postgresql_psql[grant default select permission for simp_puppetdb]: Could not evaluate: Error evaluating 'unless' clause, returned pid 2950 exit 1: 'sh: -c: line 7: unexpected EOF while looking for matching `''
sh: -c: line 8: syntax error: unexpected end of file

Among other things, these failures prevented the catalog from installing the puppetdb package (which provides the puppetdb user) resulting in many other apparently unrelated file permissions failures related to PuppetDB (this should probably be prevented by resource-ordering in the puppetlabs/puppetlabs-puppetdb module).

Related upstream issues:

Relevant discussions:

@AndyAdrian-OP implemented the proposed alternative fix in puppetlabs/puppetdb#339, but ran into other problems:

that fix gets past that issue, but then we get errors enabling SSL in postgresql (and a bunch of option deprecations). I've asked Brandon to use puppetdb 7.8.0 and rebuild
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Org Triage
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@op-ct