Jx: Vault creation for AWS fails with null pointer exception

Created on 17 Jan 2020  路  13Comments  路  Source: jenkins-x/jx

Summary

Cannot run jx create vault on an existing jenkins x installation.

Steps to reproduce the behavior

AWS_DEFAULT_REGION=eu-west-2 jx create vault jx-vault --aws-access-key-id $AWS_ACCESS_KEY_ID --aws-secret-access-key $AWS_SECRET_ACCESS_KEY --cluster-name fb -n jx  --aws-s3-region=eu-west-2 --aws-auto-create=true --aws-kms-region=eu-west-2  --aws-dynamodb-region=eu-west-2 --verbose

Expected behavior

Vault being created successfully

Actual behavior

DEBUG: vault jx-vault not found in namespace jx, err is the server could not find the requested resource (get vaults.vault.banzaicloud.com jx-vault)
DEBUG: Current configuration dir: /home/victor/.jx
DEBUG: VersionRepository: https://github.com/jenkins-x/jenkins-x-versions.git git ref: master
DEBUG: ? A local Jenkins X versions repository already exists, pulling the latest: Yes
DEBUG: Created service account 'jx-vault-auth-sa' for Vault authentication
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x68 pc=0x2cc2a77]

goroutine 1 [running]:
github.com/jenkins-x/jx/pkg/vault/create.(*defaultVaultCreator).applyDefaultRegionIfEmpty(0xa5b9d00, 0x0, 0xc000050013, 0x9)
    /workspace/source/pkg/vault/create/create.go:440 +0x37
github.com/jenkins-x/jx/pkg/vault/create.(*defaultVaultCreator).vaultAWSConfig(0xa5b9d00, 0xc0007fd880, 0x7ffe406ce00c, 0x8, 0x7ffe406ce08e, 0x2, 0x7ffe406ce094, 0x2, 0x0, 0x0, ...)
    /workspace/source/pkg/vault/create/create.go:304 +0xa4
github.com/jenkins-x/jx/pkg/vault/create.(*defaultVaultCreator).setCloudProviderSpecificSettings(0xa5b9d00, 0xc0007fd880, 0x7ffe406ce00c, 0x8, 0x7ffe406ce08e, 0x2, 0x7ffe406ce094, 0x2, 0x0, 0x0, ...)
    /workspace/source/pkg/vault/create/create.go:216 +0xdc
github.com/jenkins-x/jx/pkg/vault/create.(*defaultVaultCreator).CreateOrUpdateVault(0xa5b9d00, 0x7ffe406ce00c, 0x8, 0x7ffe406ce08e, 0x2, 0x7ffe406ce094, 0x2, 0x0, 0x0, 0xc0007cf638, ...)
    /workspace/source/pkg/vault/create/create.go:154 +0x357
github.com/jenkins-x/jx/pkg/cmd/create/vault.(*CreateVaultOptions).Run(0xc00000a780, 0x0, 0x0)
    /workspace/source/pkg/cmd/create/vault/create_vault.go:223 +0x6e7
github.com/jenkins-x/jx/pkg/cmd/create/vault.NewCmdCreateVault.func1(0xc000946000, 0xc0009761c0, 0x1, 0xe)
    /workspace/source/pkg/cmd/create/vault/create_vault.go:91 +0x6f
github.com/spf13/cobra.(*Command).execute(0xc000946000, 0xc0009760e0, 0xe, 0xe, 0xc000946000, 0xc0009760e0)
    /workspace/go/pkg/mod/github.com/spf13/[email protected]/command.go:830 +0x2ae
github.com/spf13/cobra.(*Command).ExecuteC(0xc00024a780, 0xc0007b6180, 0x5a380c0, 0xc0000da000)
    /workspace/go/pkg/mod/github.com/spf13/[email protected]/command.go:914 +0x2fc
github.com/spf13/cobra.(*Command).Execute(...)
    /workspace/go/pkg/mod/github.com/spf13/[email protected]/command.go:864
github.com/jenkins-x/jx/cmd/jx/app.Run(0x0, 0x0, 0x0, 0xc000669f88, 0xc0000c0058)
    /workspace/source/cmd/jx/app/jx.go:19 +0x185
main.main()
    /workspace/source/cmd/jx/jx.go:11 +0x32

https://github.com/jenkins-x/jx/blob/e8349e4b1c798aed3f2834c1f2c1c990deaf291d/pkg/vault/create/create.go#L440

Jx version

NAME               VERSION
jx                 2.0.1133
jenkins x platform 2.0.1870
Kubernetes cluster v1.14.9-eks-c0eccc
kubectl            v1.16.3
helm client        Client: v2.16.1+gbbdfe5e
git                2.20.1
Operating System   Ubuntu 19.04

Jenkins type

  • [ ] Serverless Jenkins X Pipelines (Tekton + Prow)
  • [x] Classic Jenkins

Kubernetes cluster

Operating system / Environment

arejenkins arevault kinbug lifecyclrotten prioritimportant-longterm
Source
picture Painyjames

All 13 comments

@hferentschik @dgozalo help!

Painyjames picture Painyjames on 17 Jan 2020

Just to clarity, did you use jx boot to install Jenkins X in this cluster or the old method? (jx install / jx create cluster)

dgozalo picture dgozalo on 17 Jan 2020

I've used jx create cluster, also didn't specify --vault=true while running it cause it seems that it's only supported by GKE
--vault=false: Sets up a Hashicorp Vault for storing secrets during installation (supported only for GKE)

Painyjames picture Painyjames on 17 Jan 2020

Are you interested only n classic Jenkins? You can use boot with vault enable in the jx-requirements.yaml. This is the recommended way for a Tekton based installation. You can find some details in these docs https://jenkins-x.io/docs/reference/components/vault/#configuring-external-dns-in-jenkins-x.

ccojocar picture ccojocar on 23 Jan 2020

At the moment yes. Our team want to focus on classic Jenkins for the time being since we are more familiar with it.

Painyjames picture Painyjames on 23 Jan 2020

In that case, you need to enable vault right in the install, because that vault is configured as a system vault with some extra steps. Unfortunately there isn't a simple solution to mark and later created vault as a system vault.

ccojocar picture ccojocar on 23 Jan 2020

Umh, I thought of doing that but, sadly, our platform is AWS and it seems that enabling vault in the install is not supported yet :(
--vault=false: Sets up a Hashicorp Vault for storing secrets during installation (supported only for GKE)

Painyjames picture Painyjames on 23 Jan 2020

I think that you should give it a try. It might work now on AWS since we did some work to enable it for boot and some parts of the code are shared.

ccojocar picture ccojocar on 23 Jan 2020
👍1

I have a similar problem as @Painyjames. I can not run jx boot locally, because when I set up cloud.provider as AWS the create vault code runs into a panic. In my opinion, the #6286 pull request changed the behavior of jx step boot vault. The new version does not create AWS parameter. This blows up later when setCloudProviderSpecificSettings allow the cloud.provider to be aws and vaultAWSConfig triest to access the AWS parameter.

I will create PR to address the panic. I'm not sure how the jx step boot vault should look like with the cloud provider set up as AWS. I can propose my implementation that's address my needs. @ccojocar @hferentschik what do you think?

RafalKorepta picture RafalKorepta on 24 Jan 2020
1

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://jenkins-x.io/community.
/lifecycle stale

jenkins-x-bot picture jenkins-x-bot on 23 Apr 2020

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Provide feedback via https://jenkins-x.io/community.
/lifecycle rotten

jenkins-x-bot picture jenkins-x-bot on 23 May 2020

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Provide feedback via https://jenkins-x.io/community.
/close

jenkins-x-bot picture jenkins-x-bot on 22 Jun 2020

@jenkins-x-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Provide feedback via https://jenkins-x.io/community.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the jenkins-x/lighthouse repository.

jenkins-x-bot picture jenkins-x-bot on 22 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

carlossg picture carlossg  路  4Comments
vgallissot picture vgallissot  路  5Comments
jstrachan picture jstrachan  路  3Comments
shahnewazrifat picture shahnewazrifat  路  3Comments
ysaakpr picture ysaakpr  路  5Comments