java.lang.ArrayIndexOutOfBoundsException: 0 on SaltApiNodeStepPlugin.java:465

[guice]

SaltApiNodeStepPlugin.java:465 -> response.getHeaders(SALT_AUTH_TOKEN_HEADER)[0].getValue()

Fresh install of salt-api: 2018.3.0 Fresh Rundeck: 2.10.8

I have verified successful login works via curl and a REST client. This error happens after responseCode == capability.getLoginSuccessResponseCode() success check. That does mean ENV variables are setup correctly.

Getting this error on successful login:

Authenticating with salt-api endpoint: [https://salt.localhost:8000/login]
Failed executing node plugin [salt-api-exec] on node rad-atx-vm-01: java.lang.ArrayIndexOutOfBoundsException: 0
    at org.rundeck.plugin.salt.SaltApiNodeStepPlugin.authenticate(SaltApiNodeStepPlugin.java:465)
    at org.rundeck.plugin.salt.SaltApiNodeStepPlugin.executeNodeStep(SaltApiNodeStepPlugin.java:229)
    at com.dtolabs.rundeck.core.execution.workflow.steps.node.NodeStepPluginAdapter.executeNodeStep(NodeStepPluginAdapter.java:115)
    at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.executeNodeStep(ExecutionServiceImpl.java:145)
    at com.dtolabs.rundeck.core.execution.dispatch.SequentialNodeDispatcher.dispatch(SequentialNodeDispatcher.java:130)
    at com.dtolabs.rundeck.core.execution.dispatch.SequentialNodeDispatcher.dispatch(SequentialNodeDispatcher.java:61)
    at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.dispatchToNodesWith(ExecutionServiceImpl.java:201)
    at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.dispatchToNodes(ExecutionServiceImpl.java:172)
    at com.dtolabs.rundeck.core.execution.workflow.steps.NodeDispatchStepExecutor.executeWorkflowStep(NodeDispatchStepExecutor.java:65)
    at com.dtolabs.rundeck.core.execution.ExecutionServiceImpl.executeStep(ExecutionServiceImpl.java:97)
    at com.dtolabs.rundeck.core.execution.workflow.BaseWorkflowExecutor.executeWFItem(BaseWorkflowExecutor.java:291)
    at com.dtolabs.rundeck.core.execution.workflow.BaseWorkflowExecutor.executeWorkflowStep(BaseWorkflowExecutor.java:687)
    at com.dtolabs.rundeck.core.execution.workflow.engine.StepCallable.apply(StepCallable.java:71)
    at com.dtolabs.rundeck.core.execution.workflow.engine.StepOperation.apply(StepOperation.java:73)
    at com.dtolabs.rundeck.core.execution.workflow.engine.StepOperation.apply(StepOperation.java:31)
    at com.dtolabs.rundeck.core.rules.WorkflowEngineOperationsProcessor.lambda$processRunnableOperations$27(WorkflowEngineOperationsProcessor.java:224)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)

Failed: PluginFailed: 0
[workflow] finishExecuteNodeStep(rad-atx-vm-01): NodeDispatch: PluginFailed: 0

Salt Version:

[root@d1b8d3cb2af6 /]# salt --versions-report
Salt Version:
           Salt: 2018.3.0

Dependency Versions:
           cffi: Not Installed
       cherrypy: unknown
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.7.2
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.5 (default, Aug  4 2017, 00:39:18)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 15.3.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.1.4

System Versions:
           dist: centos 7.4.1708 Core
         locale: ANSI_X3.4-1968
        machine: x86_64
        release: 4.9.87-linuxkit-aufs
         system: Linux
        version: CentOS Linux 7.4.1708 Core

[guice]

FYI: here's curl via command line from the Rundeck server, talking to salt.localhost

root@08ff8ada3894:/# curl -iX "POST" "https://salt.localhost:8000/login"  -H 'Content-Type: application/json'   -H 'Accept: application/json'   -d $'{
  "eauth": "pam",
  "username": "vagrant",
  "password": "vagrant"
}'
HTTP/1.1 200 OK
Content-Length: 206
Access-Control-Expose-Headers: GET, POST
Vary: Accept-Encoding
Server: CherryPy/5.6.0
Allow: GET, HEAD, POST
Access-Control-Allow-Credentials: true
Date: Wed, 18 Apr 2018 16:57:55 GMT
Access-Control-Allow-Origin: *
X-Auth-Token: 0cb5ee5fe42ec0db2b1df040a9b0037317b012d5
Content-Type: application/json
Set-Cookie: session_id=0cb5ee5fe42ec0db2b1df040a9b0037317b012d5; expires=Thu, 19 Apr 2018 02:57:55 GMT; Path=/

{"return": [{"perms": [".*", "@runner", "@wheel", "@jobs"], "start": 1524070675.855344, "token": "0cb5ee5fe42ec0db2b1df040a9b0037317b012d5", "expire": 1524113875.855349, "user": "vagrant", "eauth": "pam"}]}
root@08ff8ada3894:/# 

[ghost]

please use http only, you need to use legacy http support which is a patch available with rundeck salt support.

On Wed, Apr 18, 2018 at 10:29 PM, Philip notifications@github.com wrote:

FYI: here's curl via command line from the Rundeck server, talking to salt.localhost

root@08ff8ada3894:/# curl -iX "POST" "https://salt.localhost:8000/login" -H 'Content-Type: application/json' -H 'Accept: application/json' -d $'{ "eauth": "pam", "username": "vagrant", "password": "vagrant" }' HTTP/1.1 200 OK Content-Length: 206 Access-Control-Expose-Headers: GET, POST Vary: Accept-Encoding Server: CherryPy/5.6.0 Allow: GET, HEAD, POST Access-Control-Allow-Credentials: true Date: Wed, 18 Apr 2018 16:57:55 GMT Access-Control-Allow-Origin: * X-Auth-Token: 0cb5ee5fe42ec0db2b1df040a9b0037317b012d5 Content-Type: application/json Set-Cookie: session_id=0cb5ee5fe42ec0db2b1df040a9b0037317b012d5; expires=Thu, 19 Apr 2018 02:57:55 GMT; Path=/

{"return": [{"perms": [".*", "@runner", "@wheel", "@jobs"], "start": 1524070675.855344, "token": "0cb5ee5fe42ec0db2b1df040a9b0037317b012d5", "expire": 1524113875.855349, "user": "vagrant", "eauth": "pam"}]} root@08ff8ada3894:/#

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/rundeck-plugins/salt-step/issues/22#issuecomment-382457211, or mute the thread https://github.com/notifications/unsubscribe-auth/ATKJO7VKiCKqfRiMeozy16N5Of6pngU5ks5tp3EIgaJpZM4TXaQZ .

[guice]

please use http only,

You literally told me in #21 (direct comment link) not to use HTTP. Not to mention given the nature of our business, we are required to use HTTPS. Switching to insecure connection isn't an option.

[ghost]

you can use https if you don't use a self signed certificate limited to your machine, because salt-api throws error as "untrusted certificate". If you have authorized cetificate, you will be able to run rundeck in https protocol ssl mode.

http can be used only if you have the patch for backward compatibility where the patch can be obtained from rundeck salt support team.

I am sorry for the confusion.

On Wed, Jun 6, 2018 at 7:43 PM, Philip notifications@github.com wrote:

please use http only,

You literally told me in #21 https://github.com/rundeck-plugins/salt-step/issues/21 (direct comment link https://github.com/rundeck-plugins/salt-step/issues/21#issuecomment-381565078) not to use HTTP. Not to mention given the nature of our business, we are required to use HTTPS. Switching to insecure connection isn't an option.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/rundeck-plugins/salt-step/issues/22#issuecomment-395083333, or mute the thread https://github.com/notifications/unsubscribe-auth/ATKJO1HXbXwS0973nntDuQaq75IovEwlks5t5-N4gaJpZM4TXaQZ .

[guice]

No worries. However, that's not the issue of this ticket. Rundeck is successfully connecting and authenticating with salt. The problem is it seems to something changed in the header management:

I have verified successful login works via curl and a REST client. This error happens after responseCode == capability.getLoginSuccessResponseCode() success check.