Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failing at Removing (potential) previously declared Groovy script update_admin_password #10

Open
skeep opened this issue Apr 6, 2017 · 9 comments
Open

Failing at Removing (potential) previously declared Groovy script update_admin_password #10

skeep opened this issue Apr 6, 2017 · 9 comments

Comments

@skeep
Copy link

skeep commented Apr 6, 2017

Error

TASK [savoirfairelinux.nexus3-oss : Removing (potential) previously declared Groovy script update_admin_password] ***
fatal: [35.165.111.86]: FAILED! => {"changed": false, "connection": "close", "content": "", "date": "Thu, 06 Apr 2017 19:26:22 GMT", "failed": true, "msg": "Status code was not [204, 404]: HTTP Error 401: Unauthorized", "redirected": false, "server": "Nexus/3.2.1-01 (OSS)", "status": 401, "url": "http://localhost:8081/service/siesta/rest/v1/script/update_admin_password", "www_authenticate": "BASIC realm=\"Sonatype Nexus Repository Manager\"", "x_content_type_options": "nosniff", "x_frame_options": "SAMEORIGIN"}
	to retry, use: --limit @/Users/suman/Documents/MDL/telkomseligi/infra/nexus/play.retry

PLAY RECAP *********************************************************************
35.165.111.86              : ok=97   changed=34   unreachable=0    failed=1

playbook.yml

---
- name: Nexus
  hosts: nexus
  user: ec2-user
  become: yes

  vars:
    java_version: 8
    nexus_version: '3.2.1-01'
    nexus_timezone: 'UTC'
    nexus_admin_password: "admin"
    nexus_privileges:
      - name: all-repos-read
        description: 'Read & Browse access to all repos'
        repository: '*'
        actions:
          - read
          - browse
      - name: company-project-deploy
        description: 'Deployments to company-project'
        repository: company-project
        actions:
          - add
          - edit
    nexus_roles:
      - id: Developpers # maps to the LDAP group
        name: developers
        description: All developers
        privileges:
          - nx-search-read
          - all-repos-read
          - company-project-deploy
        roles: []
    nexus_local_users:
      - username: jenkins # used as key to update
        first_name: Jenkins
        last_name: CI
        email: [email protected]
        password: "s3cr3t"
        roles:
          - Developpers # role ID here
    nexus_blobstores:
      - name: company-artifacts
        path: /var/nexus/blobs/company-artifacts
    nexus_scheduled_tasks:
      - name: compact-blobstore
        cron: '0 0 22 * * ?'
        typeId: blobstore.compact
        taskProperties:
          blobstoreName: 'company-artifacts'
    nexus_repos_maven_proxy:
      - name: central
        remote_url: 'https://repo1.maven.org/maven2/'
        layout_policy: permissive
  roles:
    - role: williamyeh.oracle-java
    - role: geerlingguy.apache
      apache_create_vhosts: no
    - role: savoirfairelinux.nexus3-oss

Running on

  • AWS EC2 instance t2.medium

Security group settings

  • 80
  • 8080
  • 8081
  • 443
  • 22
  • 4000

are open to 0.0.0.0
@Justinbobustin
Copy link

+1

@Justinbobustin
Copy link

Seems like it's a bug related to their note "admin password change subsequent to first-time install is not implemented yet".

The nexus_admin_password needs to be the '1st time install password', which is set to 'admin123'.

@samherve
Copy link
Contributor

Seems like it's a bug related to their note "admin password change subsequent to first-time install is not implemented yet".

The nexus_admin_password needs to be the '1st time install password', which is set to 'admin123'.

This note may not be clear, but actually you can choose any admin password, though you cannot change it once it's been set.

@skeep
Copy link
Author

skeep commented Apr 28, 2017

So I am putting nexus_admin_password as admin instead of admin123. That should not be a problem right?

@Justinbobustin
Copy link

@skeep
As long as you set it before the first install, I think it should be fine.

@skeep
Copy link
Author

skeep commented May 9, 2017

Ok I will try again.

@keitalbame
Copy link

keitalbame commented Oct 12, 2018
edited
Loading

I'm having a similar issue but with a 405 error code, on first install.
It's running on a centos7 vm on my laptop and I'm able to login into nexus UI with admin123 password.
Role version: v1.7.1

...
TASK [savoirfairelinux.nexus3-oss : Check if data directory is empty (first-time install)] **************************************************************************************************
changed: [centos7-nexus] => {"changed": true, "cmd": ["ls", "/var/nexus"], "delta": "0:00:00.003930", "end": "2018-10-12 12:17:43.668987", "rc": 0, "start": "2018-10-12 12:17:43.665057", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
...
TASK [savoirfairelinux.nexus3-oss : First-time install admin password] **********************************************************************************************************************
ok: [centos7-nexus] => {"ansible_facts": {"current_nexus_admin_password": "admin123"}, "changed": false}

TASK [savoirfairelinux.nexus3-oss : Subsequent re-provision admin password] *****************************************************************************************************************
skipping: [centos7-nexus] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}

TASK [savoirfairelinux.nexus3-oss : include] ************************************************************************************************************************************************
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus
included: /REDACTED/roles/savoirfairelinux.nexus3-oss/tasks/declare_script_each.yml for centos7-nexus

TASK [savoirfairelinux.nexus3-oss : Removing (potential) previously declared Groovy script update_admin_password] ***************************************************************************
fatal: [centos7-nexus]: FAILED! => {"changed": false, "connection": "close", "content": "", "date": "Fri, 12 Oct 2018 10:19:22 GMT", "msg": "Status code was 405 and not [204, 404]: HTTP Error 405: Http method DELETE is not supported by this URL", "redirected": false, "server": "Nexus/3.13.0-01 (OSS)", "status": 405, "url": "http://localhost:8081/service/siesta/rest/v1/script/update_admin_password", "x_content_type_options": "nosniff"}

Playbook:

---
- hosts: nexus
  vars:
    ansible_ssh_private_key_file: REDACTED

    # Oracle Java
    oracle_java_use_defaults: no

    oracle_java_dir_source: '/usr/local/src'
    oracle_java_download_timeout: 60  
    oracle_java_rpm_filename: 'jdk-8u181-linux-x64.rpm'
    oracle_java_home: '/usr/java/default'
    oracle_java_os_supported: yes
    oracle_java_rpm_url: 'http://download.oracle.com/otn-pub/java/jdk/8u181-b13/96a7b8442fe848ef90c96a2fad6ed6d1/jdk-8u181-linux-x64.rpm'
    oracle_java_rpm_validate_certs: yes
    oracle_java_set_as_default: no
    oracle_java_version_string: 1.8.0_181

    # Nexus
    nexus_version: '3.13.0-01'
    nexus_timezone: 'CEST'
    public_hostname: 'centos7-nexus.nexus.lan'
  roles:
    - ansiblebit.oracle-java
    - savoirfairelinux.nexus3-oss

@rastaman
Copy link

rastaman commented Nov 11, 2018
edited
Loading

Hi,

Since the issue NEXUS-14940: deprecate /service/siesta part of REST API urls, the urls used to register the groovy scripts should be changed from service/siesta/rest/v1/script to service/rest/v1/script.

Here is a patch for this : siesta_rest_api_is_deprecated_since_nexus_3_8.txt.

@keitalbame
Copy link

@rastaman, thanks for the patch file. It could be useful to someone else.
In the meantime I'm now using a different role where that change is already being handled.

m4ng0 added a commit to phoops/ansible-nexus3-oss that referenced this issue Feb 8, 2019
@m4ng0
Applied @rastaman patch:
6defebe 
savoirfairelinux#10 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rastaman @skeep @Justinbobustin @keitalbame @samherve