[BUG]: CSM Authorization sidecar install fails if k8s worker nodes are not in ~/.ssh/known_hosts #147
Assignees
Labels
area/csm-authorization
Issue pertains to the CSM Authorization module
beginner friendly
The issue is suitable for a beginner to work on
type/bug
Something isn't working. This is the default label associated with a bug issue.
Milestone
Comments
hoppea2
added
needs-triage
This was referenced Jan 6, 2022
csmbot
pushed a commit
that referenced
this issue
Aug 1, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
This failure occurs when running SSH commands within the csi-install.sh scripts that verify connectivity to the authorization proxy server host.
If the remote k8s worker node has not yet been added to the ~/.ssh/known_hosts file, then the script that parses the server response fails to get the correct HTTP status code it needs to validate.
The reason is that there is an extra line inserted in the response:
Warning: Permanently added '1.2.3.4' (ECDSA) to the list of known hosts.
To fix this, the verify.sh script could make a check if that warning occurred:
if [[ ${resp} == "Warning"* ]]
and then check for the status code with awk 'NR=="2" instead of awk 'NR=="1"
Fix should be applied to all supported drivers
To Reproduce
Steps to reproduce the behavior:
The text was updated successfully, but these errors were encountered: