Page MenuHomePhabricator

ec2id puppet fact can yield some arbitrary HTML
Closed, ResolvedPublic


I found out deployment-salt.eqiad.wmflabs puppet master got broken. Looking at ./puppet.conf and ./puppet.conf.d/10-self.conf I noticed the certname = fields had some HTML such as:

<title>error 500</title>
blah some error message

Which ... break puppet!

Our factor in modules/base/lib/facter/ec2id.rb has no error handling:

Facter::Util::Resolution.exec("curl 2> /dev/null").chomp

Whenever the executed commands has an error it should bails out. Hopefully curl exit with non 0 whenever it receives a 500.

Version: unspecified
Severity: normal



Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:01 AM
bzimport added a project: Cloud-VPS.
bzimport set Reference to bz63322.
bzimport added a subscriber: Unknown Object (MLST).

Change 123168 had a related patch set uploaded by Hashar:
Labs: prevent ec2id fact from returing errors

Change 123168 merged by Andrew Bogott:
Labs: prevent ec2id fact from returing errors

Appears to have been fixed (cf. also Gerrit change #123221).