search

reportportal / kubernetes

Kubernetes/Helm configs for ReportPortal
https://reportportal.io
Apache License 2.0
76 stars 190 forks source link

[24.2.0] UAT does not start with SAML #428

Open Skoucail opened 6 days ago

Skoucail commented 6 days ago

When upgrading from 24.1.5 to 24.2.0 the UAT pod does not want to start.

Log:

2024-10-16 12:40:57.534  INFO 1 --- [           main] c.e.r.auth.AuthServerApplication         : Starting AuthServerApplication using Java 21.0.4 on reportportal-uat-576fd97985-hhxkn with PID 1 (/usr/app/service-authorization-5.12.0-exec.jar started by root in /usr/app)
2024-10-16 12:40:57.538  INFO 1 --- [           main] c.e.r.auth.AuthServerApplication         : The following 1 profile is active: "default"
2024-10-16 12:41:05.742  INFO 1 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2024-10-16 12:41:07.151  INFO 1 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 1398 ms. Found 32 JPA repository interfaces.
2024-10-16 12:41:16.637  INFO 1 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 9999 (http)
2024-10-16 12:41:16.651  INFO 1 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2024-10-16 12:41:16.651  INFO 1 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.86]
2024-10-16 12:41:17.155  INFO 1 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/uat]    : Initializing Spring embedded WebApplicationContext
2024-10-16 12:41:17.155  INFO 1 --- [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 19202 ms
2024-10-16 12:41:17.953  INFO 1 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
2024-10-16 12:41:19.338  INFO 1 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
2024-10-16 12:41:25.339  INFO 1 --- [           main] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [name: default]
2024-10-16 12:41:25.949  INFO 1 --- [           main] org.hibernate.Version                    : HHH000412: Hibernate ORM core version 5.4.24.Final
2024-10-16 12:41:27.632  INFO 1 --- [           main] o.hibernate.annotations.common.Version   : HCANN000001: Hibernate Commons Annotations {5.1.2.Final}
2024-10-16 12:41:31.644  INFO 1 --- [           main] org.hibernate.dialect.Dialect            : HHH000400: Using dialect: com.epam.ta.reportportal.commons.JsonbAwarePostgresDialect
2024-10-16 12:41:43.486  INFO 1 --- [           main] o.h.e.t.j.p.i.JtaPlatformInitiator       : HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
2024-10-16 12:41:43.553  INFO 1 --- [           main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2024-10-16 12:41:55.237  WARN 1 --- [           main] JpaBaseConfiguration$JpaWebConfiguration : spring.jpa.open-in-view is enabled by default. Therefore, database queries may be performed during view rendering. Explicitly configure spring.jpa.open-in-view to disable this warning
2024-10-16 12:42:00.842  WARN 1 --- [           main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'samlServiceProviderBeanConfiguration' defined in URL [jar:file:/usr/app/service-authorization-5.12.0-exec.jar!/BOOT-INF/classes!/com/epam/reportportal/auth/config/saml/SamlServiceProviderBeanConfiguration.class]: Unsatisfied dependency expressed through constructor parameter 4; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spConfiguration' defined in class path resource [com/epam/reportportal/auth/config/saml/SamlServiceProviderConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.saml.provider.SamlServerConfiguration]: Factory method 'samlServerConfiguration' threw exception; nested exception is java.lang.ExceptionInInitializerError
2024-10-16 12:42:00.935  INFO 1 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown initiated...
2024-10-16 12:42:00.943  INFO 1 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown completed.
2024-10-16 12:42:00.945  INFO 1 --- [           main] o.apache.catalina.core.StandardService   : Stopping service [Tomcat]
2024-10-16 12:42:01.048  INFO 1 --- [           main] ConditionEvaluationReportLoggingListener :
Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2024-10-16 12:42:01.235 ERROR 1 --- [           main] o.s.boot.SpringApplication               : Application run failed
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'samlServiceProviderBeanConfiguration' defined in URL [jar:file:/usr/app/service-authorization-5.12.0-exec.jar!/BOOT-INF/classes!/com/epam/reportportal/auth/config/saml/SamlServiceProviderBeanConfiguration.class]: Unsatisfied dependency expressed through constructor parameter 4; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spConfiguration' defined in class path resource [com/epam/reportportal/auth/config/saml/SamlServiceProviderConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.saml.provider.SamlServerConfiguration]: Factory method 'samlServerConfiguration' threw exception; nested exception is java.lang.ExceptionInInitializerError
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:920) ~[spring-context-5.3.27.jar!/:5.3.27]
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583) ~[spring-context-5.3.27.jar!/:5.3.27]
    at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:145) ~[spring-boot-2.5.15.jar!/:2.5.15]
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:780) ~[spring-boot-2.5.15.jar!/:2.5.15]
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:453) ~[spring-boot-2.5.15.jar!/:2.5.15]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:343) ~[spring-boot-2.5.15.jar!/:2.5.15]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1370) ~[spring-boot-2.5.15.jar!/:2.5.15]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1359) ~[spring-boot-2.5.15.jar!/:2.5.15]
    at com.epam.reportportal.auth.AuthServerApplication.main(AuthServerApplication.java:42) ~[classes!/:na]
    at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103) ~[na:na]
    at java.base/java.lang.reflect.Method.invoke(Method.java:580) ~[na:na]
    at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49) ~[service-authorization-5.12.0-exec.jar:na]
    at org.springframework.boot.loader.Launcher.launch(Launcher.java:108) ~[service-authorization-5.12.0-exec.jar:na]
    at org.springframework.boot.loader.Launcher.launch(Launcher.java:58) ~[service-authorization-5.12.0-exec.jar:na]
    at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:88) ~[service-authorization-5.12.0-exec.jar:na]
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spConfiguration' defined in class path resource [com/epam/reportportal/auth/config/saml/SamlServiceProviderConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.saml.provider.SamlServerConfiguration]: Factory method 'samlServerConfiguration' threw exception; nested exception is java.lang.ExceptionInInitializerError
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:486) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791) ~[spring-beans-5.3.27.jar!/:5.3.27]
    ... 25 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.saml.provider.SamlServerConfiguration]: Factory method 'samlServerConfiguration' threw exception; nested exception is java.lang.ExceptionInInitializerError
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.3.27.jar!/:5.3.27]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653) ~[spring-beans-5.3.27.jar!/:5.3.27]
    ... 39 common frames omitted
Caused by: java.lang.ExceptionInInitializerError: null
    at org.springframework.security.saml.saml2.metadata.NameId.<clinit>(NameId.java:32) ~[spring-security-saml2-core-2.0.0.M31.jar!/:2.0.0.M31]
    at org.springframework.security.saml.provider.config.LocalProviderConfiguration.lambda$setNameIds$0(LocalProviderConfiguration.java:138) ~[spring-security-saml2-core-2.0.0.M31.jar!/:2.0.0.M31]
    at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197) ~[na:na]
    at java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:1024) ~[na:na]
    at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509) ~[na:na]
    at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499) ~[na:na]
    at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:921) ~[na:na]
    at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[na:na]
    at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:682) ~[na:na]
    at org.springframework.security.saml.provider.config.LocalProviderConfiguration.setNameIds(LocalProviderConfiguration.java:138) ~[spring-security-saml2-core-2.0.0.M31.jar!/:2.0.0.M31]
    at com.epam.reportportal.auth.config.saml.SamlServiceProviderConfiguration.serviceProviderConfiguration(SamlServiceProviderConfiguration.java:135) ~[classes!/:na]
    at com.epam.reportportal.auth.config.saml.SamlServiceProviderConfiguration.samlServerConfiguration(SamlServiceProviderConfiguration.java:116) ~[classes!/:na]
    at com.epam.reportportal.auth.config.saml.SamlServiceProviderConfiguration$$EnhancerBySpringCGLIB$$dff280f.CGLIB$samlServerConfiguration$0(<generated>) ~[classes!/:na]
    at com.epam.reportportal.auth.config.saml.SamlServiceProviderConfiguration$$EnhancerBySpringCGLIB$$dff280f$$FastClassBySpringCGLIB$$2d4862fb.invoke(<generated>) ~[classes!/:na]
    at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.3.39.jar!/:5.3.39]
    at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331) ~[spring-context-5.3.27.jar!/:5.3.27]
    at com.epam.reportportal.auth.config.saml.SamlServiceProviderConfiguration$$EnhancerBySpringCGLIB$$dff280f.samlServerConfiguration(<generated>) ~[classes!/:na]
    at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103) ~[na:na]
    at java.base/java.lang.reflect.Method.invoke(Method.java:580) ~[na:na]
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.3.27.jar!/:5.3.27]
    ... 40 common frames omitted
Caused by: org.springframework.security.saml.SamlException: java.lang.reflect.InaccessibleObjectException: Unable to make field private final java.lang.String java.lang.Enum.name accessible: module java.base does not "opens java.lang" to unnamed module @52d455b8
    at org.springframework.security.saml.saml2.metadata.NameIdFormat.<init>(NameIdFormat.java:57) ~[spring-security-saml2-core-2.0.0.M31.jar!/:2.0.0.M31]
    at org.springframework.security.saml.saml2.metadata.NameIdFormat.<clinit>(NameIdFormat.java:35) ~[spring-security-saml2-core-2.0.0.M31.jar!/:2.0.0.M31]
    ... 60 common frames omitted
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make field private final java.lang.String java.lang.Enum.name accessible: module java.base does not "opens java.lang" to unnamed module @52d455b8
    at java.base/java.lang.reflect.AccessibleObject.throwInaccessibleObjectException(AccessibleObject.java:391) ~[na:na]
    at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:367) ~[na:na]
    at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:315) ~[na:na]
    at java.base/java.lang.reflect.Field.checkCanSetAccessible(Field.java:183) ~[na:na]
    at java.base/java.lang.reflect.Field.setAccessible(Field.java:177) ~[na:na]
    at org.springframework.security.saml.saml2.metadata.NameIdFormat.<init>(NameIdFormat.java:53) ~[spring-security-saml2-core-2.0.0.M31.jar!/:2.0.0.M31]
    ... 61 common frames omitted
Pink-Bumblebee commented 6 days ago

@Skoucail , please re-setup SAML integration.

Skoucail commented 6 days ago

@Pink-Bumblebee , i deleted the SAML integration, still the exact same error occurs

image

Pink-Bumblebee commented 5 days ago

@Skoucail , please check my understanding: you've deleted saml integration, but uat service without configured integration still has the same issue, right?

Skoucail commented 5 days ago

@Pink-Bumblebee Correct, i deleted the integration, restarted the UAT pod, still got the exact same issue.

Pink-Bumblebee commented 5 days ago

@Skoucail , sorry, but how you login into ReportPortal without working uat service? May you provide a little bit more information?

APiankouski commented 5 days ago

Hi @Skoucail, make sure that you have --add-opens=java.base/java.lang=ALL-UNNAMED parameter in JAVA_OPTS for uat Add JAVA_OPTS: -Djava.security.egd=file:/dev/./urandom -XX:MinRAMPercentage=60.0 -XX:MaxRAMPercentage=90.0 --add-opens=java.base/java.lang=ALL-UNNAMED

Skoucail commented 5 days ago

@APiankouski I will try this later today, but it might be it. We needed a custom truststore so used

For custom java keystore add parameter: -Djavax.net.ssl.trustStore=/etc/secret-volume/custom-pki.jks

Ofc that overwrites the default jvmArgs where the devs added the --add-opens=java.base/java.lang=ALL-UNNAMED

Will update when i had a chance to try it!