search

canonical / dex-auth-operator

Operator for Dex Auth
Apache License 2.0
3 stars 14 forks source link

dex-auth service won't initialise if no connectors are specified #155

Closed DnPlas closed 1 year ago

DnPlas commented 1 year ago

Disabling the static login (through juju config dex-auth enable-password-db=false) will prevent the dex-auth service to start in the absence of a connector properly configured. The workload container will throw this message: 2023-08-07T08:39:31.967Z [dex] failed to initialize server: server: no connectors specified

And the juju debug-log will show:

  File "./src/charm.py", line 172, in _update_layer
    self._container.restart(self._container_name)
  File "/var/lib/juju/agents/unit-dex-auth-0/charm/venv/ops/model.py", line 1466, in restart
    self._pebble.restart_services(service_names)
  File "/var/lib/juju/agents/unit-dex-auth-0/charm/venv/ops/pebble.py", line 1699, in restart_services
    return self._services_action('restart', services, timeout, delay)
  File "/var/lib/juju/agents/unit-dex-auth-0/charm/venv/ops/pebble.py", line 1721, in _services_action
    raise ChangeError(change.err, change)
ops.pebble.ChangeError: cannot perform the following tasks:
- Start service "dex" (cannot start service: exited quickly with code 2)
----- Logs from task 0 -----
2023-08-07T08:47:10Z INFO Service "dex" has never been started.

Finally, changing this configuration will set the unit to error status without a proper recovery method: dex-auth/0* error idle 10.1.235.140 hook failed: "config-changed"

All the above goes away when changing dex-auth's connectors config.

Proposed fix

Handle the case where the static login is disabled and no connector has been configured, providing enough logs and messaging to users.

DnPlas commented 1 year ago

153 and #157 should fix this issue in track/2.31 and main respectively. Closing this issue.