search

canonical / kyuubi-k8s-operator

Charmed K8s operator for Apache Kyuubi for to be deployed and managed by juju
Apache License 2.0
1 stars 2 forks source link

Show useful message when deployed without --trust flag #18

Open theoctober19th opened 1 month ago

theoctober19th commented 1 month ago

Steps to reproduce

  1. Deploy the charm kyuubi-k8s without the --trust flag as: 
    juju deploy kyuubi-k8s --channel latest/edge
  2. See that the charm will transition to error state, with message hook failed: "config-changed".

Expected behavior

It is not informed to the user what actually went wrong, and the error message is very ambiguous. If Kyuubi does not work without the --trust flag, it's better that failure to do so is checked by the charm and informed to the user. Something along the lines of: Application is blocked because this charm can only be deployed with --trust flag.

Actual behavior

The charm transitions to error message with an ambiguous message.

Versions

Operating system: 23.04

Juju CLI: 3.5.0-genericlinux-amd64

Juju agent: 3.5.0

Charm revision: 9

microk8s: MicroK8s v1.28.7 revision 6532

Log output

Juju debug log: 

unit-kyuubi-k8s-0: 07:58:23 INFO juju.worker.uniter awaiting error resolution for "config-changed" hook
unit-kyuubi-k8s-0: 07:58:23 INFO unit.kyuubi-k8s/0.juju-log HTTP Request: GET https://10.152.183.1/api/v1/namespaces/kyuubi/serviceaccounts/kyuubi "HTTP/1.1 403 Forbidden"
unit-kyuubi-k8s-0: 07:58:23 ERROR unit.kyuubi-k8s/0.juju-log Uncaught exception while in charm code:
Traceback (most recent call last):
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/lightkube/core/generic_client.py", line 188, in raise_for_status
    resp.raise_for_status()
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/httpx/_models.py", line 761, in raise_for_status
    raise HTTPStatusError(message, request=request, response=self)
httpx.HTTPStatusError: Client error '403 Forbidden' for url 'https://10.152.183.1/api/v1/namespaces/kyuubi/serviceaccounts/kyuubi'
For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/./src/charm.py", line 52, in <module>
    ops.main(KyuubiCharm)  # type: ignore
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/main.py", line 555, in __call__
    return main(charm_class, use_juju_for_storage=use_juju_for_storage)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/main.py", line 544, in main
    manager.run()
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/main.py", line 520, in run
    self._emit()
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/main.py", line 509, in _emit
    _emit_charm_event(self.charm, self.dispatcher.event_name)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/main.py", line 143, in _emit_charm_event
    event_to_emit.emit(*args, **kwargs)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/framework.py", line 352, in emit
    framework._emit(event)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/framework.py", line 851, in _emit
    self._reemit(event_path)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/ops/framework.py", line 941, in _reemit
    custom_handler(event)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/src/events/base.py", line 59, in wrapper_hook
    res = hook(event_handler, event)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/src/events/kyuubi.py", line 51, in _on_config_changed
    self.kyuubi.update(
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/src/managers/kyuubi.py", line 31, in update
    ).contents
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/src/config/spark.py", line 92, in contents
    dict_content = self.to_dict()
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/src/config/spark.py", line 87, in to_dict
    return self._base_conf() | self._sa_conf() | self._user_conf()
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/src/config/spark.py", line 57, in _sa_conf
    if sa := registry.get(f"{self.namespace}:{self.service_account}"):
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/spark8t/services.py", line 1449, in get
    service_account_raw = self.kube_interface.get_service_account(
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/spark8t/services.py", line 339, in get_service_account
    raise e
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/spark8t/services.py", line 329, in get_service_account
    service_account = self.client.get(
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/lightkube/core/client.py", line 140, in get
    return self._client.request("get", res=res, name=name, namespace=namespace)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/lightkube/core/generic_client.py", line 245, in request
    return self.handle_response(method, resp, br)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/lightkube/core/generic_client.py", line 196, in handle_response
    self.raise_for_status(resp)
  File "/var/lib/juju/agents/unit-kyuubi-k8s-0/charm/venv/lightkube/core/generic_client.py", line 190, in raise_for_status
    raise transform_exception(e)
lightkube.core.exceptions.ApiError: serviceaccounts "kyuubi" is forbidden: User "system:serviceaccount:something:kyuubi-k8s" cannot get resource "serviceaccounts" in API group "" in the namespace "kyuubi"
unit-kyuubi-k8s-0: 07:58:23 ERROR juju.worker.uniter.operation hook "config-changed" (via hook dispatching script: dispatch) failed: exit status 1

Additional context

github-actions[bot] commented 1 month ago

https://warthogs.atlassian.net/browse/DPE-4481