search

GENI-NSF / geni-ch

GENI clearinghouse services
Other
3 stars 6 forks source link

geni-sign-tool-csr fails with ImportError #577

Closed tcmitchell closed 7 years ago

tcmitchell commented 7 years ago

Running geni-sign-tool-csr results in a stack trace:

Traceback (most recent call last):
  File "/sbin/geni-sign-tool-csr", line 137, in <module>
    sys.exit(main())
  File "/sbin/geni-sign-tool-csr", line 119, in main
    options.use_csr_subject)
  File "/usr/share/geni-chapi/../geni-ch/chapi/chapi/tools/cert_utils.py", line 160, in make_cert
    import tools.pluginmanager as pm
ImportError: No module named tools.pluginmanager
tcmitchell commented 7 years ago

Adding PYTHONPATH to the execution fails with a different error:

sudo -u apache PYTHONPATH=/usr/share/geni-ch/chapi/chapi geni-sign-tool-csr
    -k /usr/share/geni-ch/ma/ma-key.pem -c /usr/share/geni-ch/ma/ma-cert.pem \
    -a ch.geni.net -d "${TOOL_EXPIRATION}" -e "${TOOL_EMAIL}" -i "${TOOL_NAME}"
    --csr "${TOOL_CSR}" > /tmp/"${TOOL_NAME}".pem
Traceback (most recent call last):
  File "/sbin/geni-sign-tool-csr", line 137, in <module>
    sys.exit(main())
  File "/sbin/geni-sign-tool-csr", line 119, in main
    options.use_csr_subject)
  File "/usr/share/geni-chapi/../geni-ch/chapi/chapi/tools/cert_utils.py", line 161, in make_cert
    config = pm.getService('config')
  File "/usr/share/geni-ch/chapi/chapi/tools/pluginmanager.py", line 39, in getService
    return ALL_SERVICES[name]
KeyError: 'config'
tcmitchell commented 7 years ago

This appears to be tied up in two changes: removing AMSoil and removing hardcoded paths. The underlying certificate signing function, cert_utils.make_cert, now relies on the plugin manager to get the config plugin to get the OpenSSL config file.

geni-sign-tool-csr will need to recreate some of the pluginmanager setup so that it can invoke make_cert in the right environment.