search

dokku / ansible-dokku

Ansible modules for installing and configuring Dokku
MIT License
169 stars 44 forks source link

dokku_global_cert module fails with KeyError: 'enabled' #72

Closed ltalirz closed 4 years ago

ltalirz commented 4 years ago

Description of problem

Using the dokku_global_cert module, e.g. like

- name: Add ssl certificate and key to dokku
  become: true
  dokku_global_cert:
    key: /etc/letsencrypt/live/{{ domain }}/privkey.pem
    cert: /etc/letsencrypt/live/{{ domain }}/fullchain.pem

Results in an error:

...
      File "/tmp/ansible_dokku_global_cert_payload_XdwLil/ansible_dokku_global_cert_payload.zip/ansible/modules/dokku_global_cert.py", line 153, in dokku_global_cert_present
    KeyError: 'enabled'

Bug

There appears to be a bug in the parsing of the output of the dokku --quiet global-cert:report command.

This is an example of the output:

dokku --quiet global-cert:report
       Global cert dir:     /var/lib/dokku/config/global-cert
       Global cert enabled: false
       Global cert expires at:
       Global cert hostnames:
       Global cert issuer:
       Global cert starts at:
       Global cert subject:
       Global cert verified:

The parsing then tries to extract e.g. the 'enabled', 'expires', ... keys by some searching & replacing. In particular, all spaces are replaced by dashes, but the following line https://github.com/dokku/ansible-dokku/blob/eec1b37adf9d830a8ed174046f40ec4d4769c545/library/dokku_global_cert.py#L100 tries to strip off a prefix that still contains a space (resulting in the prefix not being stripped off).

One thing that puzzles me a bit is that this bug seems to affect any use of the dokku_global_cert module, i.e. if it has not surfaced so far, does that mean I am the first user of it (?).

I'll make a PR to fix it.

P.S. @josegonzalez In general, I'm wondering whether it would not be a better idea to add a --format json flag to the output of the dokku command rather than to write a fragile parser of a free-format report.