I installed a vagrant plugin "vagrant-certificates" and added the following config to my ~/.vagrant.d/Vagrantfile
if !['plugin', 'box'].include? ARGV[0]
unless Vagrant.has_plugin?("vagrant-ca-certificates")
raise "Missing required plugin 'vagrant-certificates', run `vagrant plugin install vagrant-certificates`\n"
end
end
config.certificates.enabled = true
config.certificates.certs = Dir.glob('/home/myhomedirectory/.vagrant.d/*.crt')
and the plugin won't run. Other people that I know who are using that plugin get the following output when they run vagrant up:
==> machine: Uploading root certificates to guest instance...
==> machine: -- /var/folders/mb/1pt7p7zd4q736lq4vdq_309w0000gn/T/vagrant-certificates20200122-60457-
wop57o => /usr/share/ca-certificates/private/BA%20ROOT.crt
==> machine: -- /var/folders/mb/1pt7p7zd4q736lq4vdq_309w0000gn/T/vagrant-certificates20200122-60457-
3v8nhs => /usr/share/ca-certificates/private/BA%20NPE%20CA-3%281%29.crt
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
but I see no output related to certs:
and I'm getting an ssl error which indicates that the certs that I need have not been installed.
Can anybody help me debug this?
EDIT: Other ways I've tried to specify the certs:
config.certificates.certs = [
"./certROOT.crt",
"./certNPE_CA_3.crt"
]
config.certificates.certs = [
"http://pki.mycorp.org/certs/certROOT.crt",
"http://pki.mycorp.org/certs/certNPE_CA_3.crt"
]
EDIT 2: Output of vagrant up --debug 2>&1 >/dev/null | grep -i certificate
INFO manager: - vagrant-certificates = [installed: 2.0.0 constraint: > 0]
DEBUG bundler: Current generated plugin dependency list: [<Gem::Dependency type=:runtime name="vagrant-certificates" requirements="= 2.0.0">]
DEBUG bundler: Activating solution set: ["vagrant-certificates-2.0.0"]
DEBUG bundler: Activating gem vagrant-certificates-2.0.0
INFO manager: Loading plugin `vagrant-certificates` with default require: `vagrant-certificates`
INFO manager: Registered plugin: vagrant-certificates
DEBUG manager: Successfully loaded plugin `vagrant-certificates`.
INFO manager: - vagrant-certificates = [installed: 2.0.0 constraint: > 0]
DEBUG bundler: Current generated plugin dependency list: [<Gem::Dependency type=:runtime name="vagrant-certificates" requirements="= 2.0.0">]
DEBUG bundler: Activating solution set: ["vagrant-certificates-2.0.0"]
DEBUG bundler: Activating gem vagrant-certificates-2.0.0
INFO manager: Loading plugin `vagrant-certificates` with default require: `vagrant-certificates`
DEBUG manager: Successfully loaded plugin `vagrant-certificates`.
INFO warden: Calling IN action: #<VagrantPlugins::Certificates::Action::InstallCertificates:0x0000000002eea438>
INFO warden: Calling OUT action: #<VagrantPlugins::Certificates::Action::InstallCertificates:0x0000000002eea438>
DEBUG subprocess: stdout: fatal: [k8s-master]: FAILED! => {"changed": false, "msg": "Failed to validate the SSL certificate for packages.cloud.google.com:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificat
s/cacert.org, /etc/ansible. The exception msg was: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)."}
INFO interface: detail: fatal: [k8s-master]: FAILED! => {"changed": false, "msg": "Failed to validate the SSL certificate for packages.cloud.google.com:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg was: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)."}
Related
i have a problem with I was not able to get rid of for the past days.
My goal is to start an automated test, for an app that is already downloaded on the device, from my Mac on my iPhone.
I started with installing:
Node.js
Java JDK & JAVA_HOME variable
Appium & Appium inspector
Xcode & Xcode Command Line Tools
Appium driver (xcuitest & UIAutomation)
In the next step in entered my Desired Capabilities in the Appium inspector:
platformName : ios
appium:platformVersion : 16.1
appium:deviceName: iPhone 11 pro
appium:bundleId :
appium:automationName : XCUITest
appium:udid: <udid from my devic
appium:xCodeOrgId :
appium:xCodeSigningId : iPhone Developer
After entering these information I moved on and opened the WebDriverAgent.xcodeproj and signed in with my free Developer Account (Apple ID) and assigned a Team to WebDriverAgentLib, WebDriverAgentRunner, all Integrationtests and the IntegrationApp. The Firestone worked but the last three failed with the Error:
Failed to create provisioning Profile. The app ID "com.facebook.WebDriverAgentRuner" can not be registered to your development team. Change your bunde identifier to a unique String to try again.
and
No profiles for 'com.facebook.WebDriverAgentRunner' were found. Xcode couldn't find any iOS App Development provisioning profiles matching 'com.facebook.WebDriverAgentRunner'.
After reviewing the Problem I came up with following a few tutorials without any luck.
I tried to create a profiling Profile, but most ways I found were with the free version or just wouldn't work.
So i changed the bundle identifiers, even though it's not a beautiful solution and was able to trust the computer and install an app with Xcode.
But when I try to start a session with Appium inspector after I started the Appium server in Visual Studio Code it still fails with the Error:
In Appium inspector:
Error
Failed to create session. An unknown server-side error occurred while processing the command. Original error: Unable to launch WebDriverAgent because of xcodebuild failure: xcodebuild failed with code 65 xcodebuild error message: . Make sure you follow the tutorial at https://github.com/appium/appium-xcuitest-driver/blob/master/docs/real-device-config.md. Try to remove the WebDriverAgentRunner application from the device if it is installed and reboot the device.
In Visual Studio Code:
[debug] [XCUITestDriver#f4dc (e98a8edb)] Matched '/status' to command name 'getStatus'
[debug] [XCUITestDriver#f4dc (e98a8edb)] Proxying [GET /status] to [GET http://127.0.0.1:8100/status] with no body
[debug] [iProxy#00008030:8100] Connection was refused to port 8100
[XCUITestDriver#f4dc (e98a8edb)] socket hang up
[Xcode] xcodebuild exited with code '65' and signal 'null'
[debug] [XCUITestDriver#f4dc (e98a8edb)] Event 'wdaStartFailed' logged at 1674136358245 (14:52:38 GMT+0100 (Mitteleuropäische Normalzeit))
[debug] [XCUITestDriver#f4dc (e98a8edb)] Unable to launch WebDriverAgent because of xcodebuild failure: xcodebuild failed with code 65
[debug] [XCUITestDriver#f4dc (e98a8edb)] xcodebuild error message:
[debug] [XCUITestDriver#f4dc (e98a8edb)] . Make sure you follow the tutorial at https://github.com/appium/appium-xcuitest-driver/blob/master/docs/real-device-config.md. Try to remove the WebDriverAgentRunner application from the device if it is installed and reboot the device.
[XCUITestDriver#f4dc (e98a8edb)] Quitting and uninstalling WebDriverAgent
[XCUITestDriver#f4dc (e98a8edb)] Shutting down sub-processes
[debug] [WebDriverAgent] Successfully reset '/Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/node_modules/appium-webdriveragent/WebDriverAgent.xcodeproj/project.pbxproj' with bundle id 'com.facebook.WebDriverAgentRunner'
[debug] [XCUITestDriver#f4dc (e98a8edb)] No WDAs on the device.
[XCUITestDriver#f4dc (e98a8edb)] {}
[DevCon Factory] Releasing connections for 00008030-0005298C0C45802E device on any port number
[DevCon Factory] Found cached connections to release: ["00008030-0005298C0C45802E:8100"]
[DevCon Factory] Releasing the listener for '00008030-0005298C0C45802E:8100'
[debug] [iProxy#00008030:8100] Closing the connection
[debug] [DevCon Factory] Cached connections count: 0
[debug] [XCUITestDriver#f4dc (e98a8edb)] Not clearing log files. U`clearSystemFiles` capability to turn on.
[iProxy#00008030:8100] The connection has been closed
[debug] [AppiumDriver#567d] Event 'newSessionStarted' logged at 1674136358629 (14:52:38 GMT+0100 (Mitteleuropäische Normalzeit))
[debug] [AppiumDriver#567d] Encountered internal error running command: Error: Unable to launch WebDriverAgent because of xcodebuild failure: xcodebuild failed with code 65
[debug] [AppiumDriver#567d] xcodebuild error message:
[debug] [AppiumDriver#567d] . Make sure you follow the tutorial at https://github.com/appium/appium-xcuitest-driver/blob/master/docs/real-device-config.md. Try to remove the WebDriverAgentRunner application from the device if it is installed and reboot the device.
[debug] [AppiumDriver#567d] at quitAndUninstall (/Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/lib/driver.js:584:15)
[debug] [AppiumDriver#567d] at /Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/lib/driver.js:619:11
[debug] [AppiumDriver#567d] at wrapped (/Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/node_modules/asyncbox/lib/asyncbox.js:95:13)
[debug] [AppiumDriver#567d] at retry (/Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/node_modules/asyncbox/lib/asyncbox.js:68:13)
[debug] [AppiumDriver#567d] at retryInterval (/Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/node_modules/asyncbox/lib/asyncbox.js:105:10)
[debug] [AppiumDriver#567d] at /Users/k.steffens/.appium/node_modules/appium-xcuitest-driver/lib/driver.js:599:7
[HTTP] <-- POST /session 500 14443 ms - 1398
[HTTP]
After this try I even tried to add the bootstrapPath as a desired Capability and the agentPath as a desired Capability, with no luck.
But the error changed a little:
Failed to create session. An unknown server-side error occurred while processing the command. Original error: Unable to launch WebDriverAgent because of xcodebuild failure: xcodebuild failed with code 66 xcodebuild error message: . Make sure you follow the tutorial at https://github.com/appium/appium-xcuitest-driver/blob/master/docs/real-device-config.md. Try to remove the WebDriverAgentRunner application from the device if it is installed and reboot the device.
Is there something I'm doing wrong, or is there better way to do automated testing on real iOS devices?
I would be very happy if you could help me out.
kind regards,
henry
I thought I had found something that would make managing the /etc/resolv.conf file easy. https://galaxy.ansible.com/ahuffman/resolv but when I try to install this role as per the documentation like so ...
bash-3.2$ ansible-galaxy install ahuffman.resolv
I get this error ...
Starting galaxy role install process
[WARNING]: - ahuffman.resolv was NOT installed successfully: Unknown error when attempting to call Galaxy at 'https://galaxy.ansible.com/api/': <urlopen error [SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)>
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
I have never used ansible-galaxy before ... and probably won't ever again :(
Please help.
If I run with -vvvv I see this additional output:
ansible-galaxy 2.10.5
config file = None
configured module search path = ['/Users/red/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible
executable location = /Library/Frameworks/Python.framework/Versions/3.6/bin/ansible-galaxy
python version = 3.6.8 (v3.6.8:3c6b436a57, Dec 24 2018, 02:04:31) [GCC 4.2.1 Compatible Apple LLVM 6.0 (clang-600.0.57)]
No config file found; using defaults
Starting galaxy role install process
Processing role ahuffman.resolv
Initial connection to galaxy_server: https://galaxy.ansible.com
Opened /Users/red/.ansible/galaxy_token
Calling Galaxy at https://galaxy.ansible.com/api/
[WARNING]: - ahuffman.resolv was NOT installed successfully: Unknown error when attempting to call Galaxy at 'https://galaxy.ansible.com/api/': <urlopen error [SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)>
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
Running with --ignore-certs seems to have fixed the problem but the usage from anisble-galaxy does mention a --ignore-certs option:
usage: ansible-galaxy [-h] [--version] [-v] TYPE ...
Perform various Role and Collection related operations.
positional arguments:
TYPE
collection Manage an Ansible Galaxy collection.
role Manage an Ansible Galaxy role.
optional arguments:
--version show program's version number, config file location,
configured module search path, module location, executable
location and exit
-h, --help show this help message and exit
-v, --verbose verbose mode (-vvv for more, -vvvv to enable connection
debugging)
I am trying to set up chef-push-jobs client on a macOS 10.13 node.
Here is what I did so far:
Installed push-jobs-client for macOS from Chef Downloads
Created a configuration file named push-jobs-client.rb that looks something like this:
chef_server_url 'https://chef.XXXXX.com/organizations/XXXXX'
node_name 'default-macos-1013'
client_key '/opt/chef/embedded/ssl/cert.pem'
trusted_certs_dir '/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.8.5/spec/data/trusted_certs'
verify_api_cert true
ssl_verify_mode :verify_peer
allow_unencrypted true
log_level :info
log_location STDOUT
whitelist({"chef-client"=>"chef-client"})
Mixlib::Log::Formatter.show_time = false
Ran this command:
/usr/local/bin/pushy-client -c push-jobs-client.rb
Error Message:
/opt/push-jobs-client/embedded/lib/ruby/gems/2.4.0/gems/opscode-pushy-client-2.4.8/lib/pushy_client.rb:236:in
`rescue in get_config': Could not download push jobs config
(RuntimeError)
Log:
INFO: [jenkins03] Setting reconfigure deadline to 2018-05-04 12:05:31
+0200
INFO: [jenkins03] using config file path: '/opt/push-jobs-client/push-jobs-client.rb'
INFO: [jenkins03] Using node name: jenkins03
INFO: [jenkins03] Using org name: XXXXX
INFO: [jenkins03] Using Chef server: https://chef.XXXXX.com/organizations/XXXXX
INFO: [jenkins03] Using private key: /opt/chef/embedded/ssl/cert.pem
INFO: [jenkins03] Incarnation ID: 633f168d-c8c0-469e-a9c0-8d6658b3b3d5
INFO: [jenkins03] Allowing fallback to unencrypted connection: true
INFO: [jenkins03] Starting client ...
INFO: [jenkins03] Retrieving configuration from https://chef.XXXXX.com/organizations/XXXXX//pushy/config/jenkins03: ...
INFO: Could not download push jobs config
So it looks like the connection and the authentication is successful but for some reason push-jobs-client cannot retrieve the configuration from the server.
I tried to go the URL from the log manually in a browser directly on the node and I see this in the browser window:
{"error":["missing required authentication header(s) 'X-Ops-UserId', 'X-Ops-Timestamp', 'X-Ops-Sign', 'X-Ops-Content-Hash'"]}
So I wonder if I did anything wrong in the configuration? Or maybe it is a bug in the push-jobs-client for macOS?
I found out that the client_key at /opt/chef/embedded/ssl/cert.pem was not a cient_key signed by the chef server. The correct client key was found at /etc/chef/client.pem
Now everything works, but I will leave the answer here in case anyone else has a similar issue.
I've created a simple recipe to copy files from one directory to another on windows.
Recipe:
remote_directory 'C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination' do
source 'C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\source'
action :create
end
However, I'm getting the following error when trying to execute the recipe in --local-mode for the sake of testing the recipe before deploying it on Chef server:
PS C:\chef-repo\chef-repo\cookbooks\chef-repo> chef-client
--local-mode .\copyBinaries.rb [2017-08-08T13:34:03+03:00] INFO: Started chef-zero at chefzero://localhost:1 with repository at C:/chef-repo/chef-repo One version per cookbook
Starting Chef Client, version 13.2.20 [2017-08-08T13:34:03+03:00] INFO: *** Chef 13.2.20 *** [2017-08-08T13:34:03+03:00] INFO: Platform: i386-mingw32 [2017-08-08T13:34:03+03:00] INFO: Chef-client pid: 10708 [2017-08-08T13:34:03+03:00] INFO: The plugin path C:\chef\ohai\plugins does not exist. Skipping... [2017-08-08T13:34:12+03:00] INFO: Run List is [] [2017-08-08T13:34:12+03:00] INFO: Run List expands to [] [2017-08-08T13:34:12+03:00] INFO: Starting Chef Run for mohammedr [2017-08-08T13:34:12+03:00] INFO: Running start handlers [2017-08-08T13:34:12+03:00] INFO: Start handlers complete. resolving cookbooks for run list: [] [2017-08-08T13:34:12+03:00] INFO: Loading cookbooks [] Synchronizing Cookbooks: Installing Cookbook Gems: Compiling Cookbooks... [2017-08-08T13:34:12+03:00] WARN: Node mohammedr has an empty run list. Converging 1 resources Recipe: #recipe_files::C:/chef-repo/chef-repo/cookbooks/chef-repo/copyBinaries.rb
* remote_directory[C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination] action create[2017-08-08T13:34:12+03:00] INFO: Processing remote_directory[C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination] action create (#recipe_files::C:/chef-repo/chef-repo/cookbooks/chef-repo/copyBinaries.rb line 7)
================================================================================
Error executing action `create` on resource 'remote_directory[C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination]'
================================================================================
Chef::Exceptions::CookbookNotFound
----------------------------------
Cookbook #recipe_files not found. If you're loading #recipe_files from another cookbook, make sure you configure the dependency in your metadata
Resource Declaration:
---------------------
# In C:/chef-repo/chef-repo/cookbooks/chef-repo/copyBinaries.rb
7: remote_directory 'C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination' do
8: source 'C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\source'
9: action :create
10: end
11:
Compiled Resource:
------------------
# Declared in C:/chef-repo/chef-repo/cookbooks/chef-repo/copyBinaries.rb:7:in `from_file'
remote_directory("C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination") do
action [:create]
default_guard_interpreter :default
path "C:\\chef-repo\\chef-repo\\cookbooks\\chef-repo\\recipes\\destination"
recursive true
source "C:\\chef-repo\\chef-repo\\cookbooks\\chef-repo\\recipes\\source"
files_backup 5
files_owner nil
files_group nil
overwrite true
declared_type :remote_directory
cookbook_name "#recipe_files"
recipe_name "C:/chef-repo/chef-repo/cookbooks/chef-repo/copyBinaries.rb"
mode nil
owner nil
group nil
files_mode nil
end
System Info:
------------
chef_version=13.2.20
platform=windows
platform_version=10.0.14393
ruby=ruby 2.4.1p111 (2017-03-22 revision 58053) [i386-mingw32]
program_name=C:/opscode/chefdk/modules/chef/../../bin/chef-client
executable=C:/opscode/chefdk/bin/chef-client
[2017-08-08T13:34:12+03:00] INFO: Running queued delayed notifications before re-raising exception
Running handlers: [2017-08-08T13:34:12+03:00] ERROR: Running exception handlers Running handlers complete [2017-08-08T13:34:12+03:00] ERROR: Exception handlers complete Chef Client failed. 0 resources updated in 09 seconds [2017-08-08T13:34:12+03:00] FATAL: Stacktrace dumped to c:/chef-repo/chef-repo/.chef/local-mode-cache/cache/chef-stacktrace.out [2017-08-08T13:34:12+03:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report [2017-08-08T13:34:12+03:00] FATAL: Chef::Exceptions::CookbookNotFound: remote_directory[C:\chef-repo\chef-repo\cookbooks\chef-repo\recipes\destination] (#recipe_files::C:/chef-repo/chef-repo/cookbooks/chef-repo/copyBinaries.rb line 7) had an error: Chef::Exceptions::CookbookNotFound: Cookbook #recipe_files not found. If you're loading #recipe_files from another cookbook, make sure you configure the dependency in your metadata
I've tried searching the internet for a solution regarding this issue, but I couldn't find anything useful.
The remote_directory resource takes files from the cookbook's files/ folder.
What you do looks pretty weird to me - you're copying recipes, and you're hardcoding local paths to the cookbook. Better ask a new question including your actual goal. I'm pretty confident that remote_directory is not what you want.
PS C:\App\cookbooks\windows_settings> kitchen verify
---> Starting Kitchen (v1.4.2)
C:/opscode/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.6.0.1/lib/httpclient/webagent-cookie.rb:458: warning: a
lready initialized constant HTTPClient::CookieManager
C:/opscode/chefdk/embedded/lib/ruby/gems/2.1.0/gems/httpclient-2.6.0.1/lib/httpclient/cookie.rb:8: warning: previous def
inition of CookieManager was here
---> Converging <default-windows-2012r2>...
Preparing files for transfer
Preparing dna.json
Resolving cookbook dependencies with Berkshelf 4.0.1...
Removing non-cookbook files before transfer
Preparing validation.pem
Preparing client.rb
>>>>>> ------Exception-------
>>>>>> Class: Kitchen::ActionFailed
>>>>>> Message: Failed to complete #converge action: [A connection attempt failed because the connected party did not pr
operly respond after a period of time, or established connection failed because connected host has failed to respond. -
connect(2) for "ec2-54-213-41-35.us-west-2.compute.amazonaws.com" port 5985 (http://ec2-54-213-41-35.us-west-2.compute.a
mazonaws.com:5985)]
>>>>>> ----------------------
>>>>>> Please see .kitchen/logs/kitchen.log for more details
>>>>>> Also try running `kitchen diagnose --all` for configuration
I am not able to do kitchen converge action, everytime I am facing the specified above issue.
Looks like, the port 5985 is not opened on the test server. Can you please check the security group of the server, if the rule 'WinRM-HTTP' to connect 5985 is opened in inbound rules.
If the port is opened, you may tell the test kitchen to wait until the WinRM is ready, using the below parameters in kitchen.yml:
max_wait_until_ready: true
connection_timeout : 900
see here https://docs.chef.io/config_yml_kitchen.html#transport-settings