Closed farcaller closed 4 years ago
@farcaller can you please share a sanitized version of sls file when running into this issue?
I've run into the same issue. Seems to occur when someone makes a mistake in the pillar top.sls that makes pillar rendering error out - when this happens instead of aborting it nukes the already existing file with "Signing policy mypolicy does not exist."
mycert:
x509.certificate_managed:
- name: /etc/mycert.pem
- ca_server: server.example.com
- signing_policy: mypolicy
- public_key: /etc/mycert.key
- managed_private_key:
name: /etc/mycert.key
bits: 2048
backup: True
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.
none of the fixes seem to me merged in yet.
Thank you for updating this issue. It is no longer marked as stale.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.
none of the fixes seem to me merged in yet.
this bug bankruptcy bot makes me disappointed...
Thank you for updating this issue. It is no longer marked as stale.
thanks for updating the issue. will add into backlog as a bug. thanks
Description of Issue/Question
x509.certificate_managed
will corrupt the pem file and then will die with exception.Setup
Set up
x509.certificate_managed
for a signing policy that doesn't existSteps to Reproduce Issue
Run the state. The generated cert file will contain a single line, e.g.:
Signing policy saltca does not exist.
instead on pem data.Additionally, the state will now fail forever with:
Additionally, master will fail to detect the error and will keep recursing until runs out of stack in
Versions Report