Closed axl89 closed 3 years ago
When running Chef in Debian Buster 10, it fails to converge on the openvpn::apt-repo recipe. Environment details below.
openvpn::apt-repo
It seems that the recipe does not check if gpg utility is installed. By running apt install gpg -y we got the converge working.
gpg
apt install gpg -y
v5.1.1
16.5.77
Cloud provider AWS: AMI-ID: ami-00b951edb5915f3a8 (eu-west-1).
ami-00b951edb5915f3a8
chef_version=16.5.77 platform=debian platform_version=10 ruby=ruby 2.7.1p83 (2020-03-31 revision a0c7c23c9c) [x86_64-linux] program_name=/usr/bin/chef-client executable=/opt/chef/bin/chef-client
Steps to reproduce the behavior:
"recipe[openvpn::server]", "recipe[openvpn::users]", "recipe[openvpn::easy_rsa]"
Recipe: openvpn::apt-repo * apt_repository[openvpn] action add * execute[apt-cache gencaches] action nothing (skipped due to action :nothing) * apt_update[openvpn] action nothing (skipped due to action :nothing) * remote_file[/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg] action create ================================================================================ Error executing action `create` on resource 'remote_file[/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg]' ================================================================================ Errno::ENOENT ------------- No such file or directory - gpg Resource Declaration: --------------------- # In /opt/chef/embedded/lib/ruby/gems/2.7.0/gems/chef-16.5.77/lib/chef/resource/apt_repository.rb 262: declare_resource(key_type(key), cached_keyfile) do 263: source key 264: mode "0644" 265: sensitive new_resource.sensitive 266: action :create 267: verify "gpg --homedir #{tmp_dir} %{path}" 268: end 269: Compiled Resource: ------------------ # Declared in /opt/chef/embedded/lib/ruby/gems/2.7.0/gems/chef-16.5.77/lib/chef/resource/apt_repository.rb:262:in `install_key_from_uri' remote_file("/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg") do action [:create] default_guard_interpreter :default source ["https://swupdate.openvpn.net/repos/repo-public.gpg"] declared_type :remote_file cookbook_name "openvpn" mode "0644" remote_domain nil remote_user nil verifications [#<Chef::Resource::File::Verification:0x000055f39113b980 @command_opts={}, @command="gpg --homedir /tmp/.gpg20201007-952-gn56v5 %{path}", @block=nil, @parent_resource=<remote_file[/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg] @name: "/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg" @before: nil @params: nil @provider: nil @allowed_actions: [:nothing, :create, :delete, :touch, :create_if_missing] @action: [:create] @updated: false @updated_by_last_action: false @source_line: "/opt/chef/embedded/lib/ruby/gems/2.7.0/gems/chef-16.5.77/lib/chef/resource/apt_repository.rb:262:in `install_key_from_uri'" @guard_interpreter: nil @default_guard_interpreter: :default @elapsed_time: 0 @source: ["https://swupdate.openvpn.net/repos/repo-public.gpg"] @declared_type: :remote_file @cookbook_name: "openvpn" @recipe_name: nil @mode: "0644" @remote_domain: nil @remote_user: nil @sensitive: false @verifications: [...] @path: "/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg" @owner: nil @group: nil @headers: {}>>] path "/var/chef/cache/https___swupdate_openvpn_net_repos_repo-public_gpg" owner nil group nil headers {} end
Chef client should be able to converge successfully. It MAY need to check of gpg and install it if necessary.
@axl89 I can confirm this is the case. The dokken images already have gpg installed so this is missed. Feel free to create a PR to to address this otherwise we'll get to this when we can!
:speaking_head: Foreword
When running Chef in Debian Buster 10, it fails to converge on the
openvpn::apt-repo
recipe. Environment details below.:ghost: Brief Description
It seems that the recipe does not check if
gpg
utility is installed. By runningapt install gpg -y
we got the converge working.:pancakes: Cookbook version
v5.1.1
:woman_cook: Chef-Infra Version
16.5.77
:tophat: Platform details
Cloud provider AWS: AMI-ID:
ami-00b951edb5915f3a8
(eu-west-1).Steps To Reproduce
Steps to reproduce the behavior:
:police_car: Expected behavior
Chef client should be able to converge successfully. It MAY need to check of
gpg
and install it if necessary.:heavy_plus_sign: Additional context