Skip to content

Commit

Permalink
surface preflight rbac errors to cli
Browse files Browse the repository at this point in the history
  • Loading branch information
sgalsaleh committed Nov 9, 2023
1 parent 1433be1 commit b54f5ad
Show file tree
Hide file tree
Showing 4 changed files with 104 additions and 44 deletions.
67 changes: 45 additions & 22 deletions .github/workflows/build-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -745,29 +745,22 @@ jobs:
--kotsadm-registry ttl.sh \
--kotsadm-namespace automated-${{ github.run_id }} \
--skip-preflights \
--kotsadm-tag 24h
--kotsadm-tag 24h | tee output.txt
EXIT_CODE=$?
if [ $EXIT_CODE -ne 0 ]; then
echo "------pods:"
kubectl -n "$APP_SLUG" get pods
echo "------kotsadm logs"
kubectl logs -l app=kotsadm --tail=100 --namespace "$APP_SLUG"
exit $EXIT_CODE
if ! grep -q "The Kubernetes RBAC policy that the Admin Console is running with does not have access to complete the Preflight Checks. It's recommended that you run these manually before proceeding." output.txt; then
echo "Expected to see an RBAC error for preflight checks, but did not"
exit 1
fi
COUNTER=1
while [ "$(./bin/kots get apps --namespace "$APP_SLUG" | awk 'NR>1{print $2}')" != "ready" ]; do
((COUNTER += 1))
if [ $COUNTER -gt 180 ]; then
echo "Timed out waiting for app to be ready"
./bin/kots get apps --namespace "$APP_SLUG"
echo "kotsadm logs:"
kubectl logs -l app=kotsadm --tail=100 --namespace "$APP_SLUG"
exit 1
fi
sleep 1
done
if ! grep -q 'The app was not deployed.' output.txt; then
printf "Expected to see message about app not being deployed, but did not\n"
exit 1
fi
if grep FAIL output.txt | grep -q 'This application requires at least 100 nodes'; then
printf "Did not expect to see a failure about number of nodes, but did\n"
exit 1
fi
if ! kubectl get role -n "$APP_SLUG" | grep -q kotsadm; then
echo "kotsadm role not found in namespace $APP_SLUG"
Expand Down Expand Up @@ -1172,7 +1165,22 @@ jobs:
--kotsadm-registry ttl.sh \
--kotsadm-namespace automated-${{ github.run_id }} \
--kotsadm-tag 24h \
--use-minimal-rbac
--use-minimal-rbac | tee output.txt
if ! grep -q "The Kubernetes RBAC policy that the Admin Console is running with does not have access to complete the Preflight Checks. It's recommended that you run these manually before proceeding." output.txt; then
echo "Expected to see an RBAC error for preflight checks, but did not"
exit 1
fi
if ! grep -q 'The app was not deployed.' output.txt; then
printf "Expected to see message about app not being deployed, but did not\n"
exit 1
fi
if grep FAIL output.txt | grep -q 'This application requires at least 100 nodes'; then
printf "Did not expect to see a failure about number of nodes, but did\n"
exit 1
fi
if ! kubectl get role -n "$APP_SLUG" | grep -q kotsadm; then
echo "kotsadm role not found in namespace $APP_SLUG"
Expand Down Expand Up @@ -1214,7 +1222,22 @@ jobs:
--shared-password password \
--kotsadm-registry ttl.sh \
--kotsadm-namespace automated-${{ github.run_id }} \
--kotsadm-tag 24h
--kotsadm-tag 24h | tee output.txt
if grep -q "The Kubernetes RBAC policy that the Admin Console is running with does not have access to complete the Preflight Checks. It's recommended that you run these manually before proceeding." output.txt; then
echo "Did not expect to see an RBAC error for preflight checks, but did"
exit 1
fi
if ! grep -q 'The app was not deployed.' output.txt; then
printf "Expected to see message about app not being deployed, but did not\n"
exit 1
fi
if ! grep FAIL output.txt | grep -q 'This application requires at least 100 nodes'; then
printf "Expected to see a failure about number of nodes, but did not\n"
exit 1
fi
if kubectl get role -n "$APP_SLUG" | grep -q kotsadm; then
echo "kotsadm role found in cluster scoped install"
Expand Down
33 changes: 26 additions & 7 deletions cmd/kots/cli/install.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import (
"github.com/replicatedhq/kots/pkg/kurl"
"github.com/replicatedhq/kots/pkg/logger"
"github.com/replicatedhq/kots/pkg/metrics"
preflighttypes "github.com/replicatedhq/kots/pkg/preflight/types"
"github.com/replicatedhq/kots/pkg/print"
"github.com/replicatedhq/kots/pkg/pull"
"github.com/replicatedhq/kots/pkg/replicatedapp"
Expand Down Expand Up @@ -447,14 +448,14 @@ func InstallCmd() *cobra.Command {
log.FinishSpinner()

switch status {
case storetypes.VersionPendingPreflight:
case storetypes.VersionPendingPreflight, storetypes.VersionPending:
log.ActionWithSpinner("Waiting for preflight checks to complete")
if err := ValidatePreflightStatus(deployOptions, authSlug, apiEndpoint); err != nil {
perr := preflightError{}
if errors.As(err, &perr) {
log.FinishSpinner() // We succeeded waiting for the results. Don't finish with an error
log.Errorf(perr.Msg)
print.PreflightErrors(log, perr.Results)
print.PreflightResults(perr.Results)
cmd.SilenceErrors = true // Stop Cobra from printing the error, we format the message ourselves
} else {
log.FinishSpinnerWithError()
Expand Down Expand Up @@ -1020,7 +1021,7 @@ func checkPreflightsComplete(response *handlers.GetPreflightResultResponse) (boo

type preflightError struct {
Msg string
Results []*preflight.UploadPreflightResult
Results preflighttypes.PreflightResults
}

func (e preflightError) Error() string {
Expand All @@ -1034,12 +1035,30 @@ func checkPreflightResults(response *handlers.GetPreflightResultResponse) (bool,
return false, nil
}

var results preflight.UploadPreflightResults
var results preflighttypes.PreflightResults
err := json.Unmarshal([]byte(response.PreflightResult.Result), &results)
if err != nil {
return false, errors.Wrap(err, fmt.Sprintf("failed to unmarshal upload preflight results from response: %v", response.PreflightResult.Result))
}

if len(results.Errors) > 0 {
isRBAC := false
for _, err := range results.Errors {
if err.IsRBAC {
isRBAC = true
break
}
}
msg := "There are preflight check errors for the application. The app was not deployed."
if isRBAC {
msg = "The Kubernetes RBAC policy that the Admin Console is running with does not have access to complete the Preflight Checks. It's recommended that you run these manually before proceeding. The app was not deployed."
}
return false, preflightError{
Msg: msg,
Results: results,
}
}

var isWarn, isFail bool
for _, result := range results.Results {
if result.IsWarn {
Expand All @@ -1053,20 +1072,20 @@ func checkPreflightResults(response *handlers.GetPreflightResultResponse) (bool,
if isWarn && isFail {
return false, preflightError{
Msg: "There are preflight check failures and warnings for the application. The app was not deployed.",
Results: results.Results,
Results: results,
}
}

if isWarn {
return false, preflightError{
Msg: "There are preflight check warnings for the application. The app was not deployed.",
Results: results.Results,
Results: results,
}
}
if isFail {
return false, preflightError{
Msg: "There are preflight check failures for the application. The app was not deployed.",
Results: results.Results,
Results: results,
}
}

Expand Down
15 changes: 0 additions & 15 deletions pkg/print/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,6 @@ import (

configtypes "github.com/replicatedhq/kots/pkg/kotsadmconfig/types"
"github.com/replicatedhq/kots/pkg/logger"
"github.com/replicatedhq/kots/pkg/preflight"
tsPreflight "github.com/replicatedhq/troubleshoot/pkg/preflight"
)

func ConfigValidationErrors(log *logger.CLILogger, groupValidationErrors []configtypes.ConfigGroupValidationError) {
Expand All @@ -28,16 +26,3 @@ func ConfigValidationErrors(log *logger.CLILogger, groupValidationErrors []confi
log.FinishSpinnerWithError()
log.Errorf(sb.String())
}

func PreflightErrors(log *logger.CLILogger, results []*tsPreflight.UploadPreflightResult) {
w := NewTabWriter()
defer w.Flush()

fmt.Fprintf(w, "\n")
fmtColumns := "%s\t%s\t%s\n"
fmt.Fprintf(w, fmtColumns, "STATE", "TITLE", "MESSAGE")
for _, result := range results {
fmt.Fprintf(w, fmtColumns, strings.ToUpper(preflight.GetPreflightCheckState(result)), result.Title, result.Message)
}
fmt.Fprintf(w, "\n")
}
33 changes: 33 additions & 0 deletions pkg/print/preflight.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
package print

import (
"fmt"
"strings"

"github.com/replicatedhq/kots/pkg/preflight"
preflighttypes "github.com/replicatedhq/kots/pkg/preflight/types"
)

func PreflightResults(results preflighttypes.PreflightResults) {
w := NewTabWriter()
defer w.Flush()

if len(results.Errors) > 0 {
fmt.Fprintf(w, "\n")
for _, err := range results.Errors {
fmtColumns := " - %s\n"
fmt.Fprintf(w, fmtColumns, err.Error)
}
fmt.Fprintf(w, "\n")
}

if len(results.Results) > 0 {
fmt.Fprintf(w, "\n")
fmtColumns := "%s\t%s\t%s\n"
fmt.Fprintf(w, fmtColumns, "STATE", "TITLE", "MESSAGE")
for _, result := range results.Results {
fmt.Fprintf(w, fmtColumns, strings.ToUpper(preflight.GetPreflightCheckState(result)), result.Title, result.Message)
}
fmt.Fprintf(w, "\n")
}
}

0 comments on commit b54f5ad

Please sign in to comment.