Skip to content

fix: ovftool error handling#413

Merged
lbajolet-hashicorp merged 1 commit intomainfrom
fix/ovftool-error-handling-
May 9, 2024
Merged

fix: ovftool error handling#413
lbajolet-hashicorp merged 1 commit intomainfrom
fix/ovftool-error-handling-

Conversation

@tenthirtyam
Copy link
Copy Markdown
Collaborator

@tenthirtyam tenthirtyam commented Apr 25, 2024

Summary

  • Adds the option to allow ovftool to use --noSSLVerify if insecure is set to false.
  • Adds an error, similar to incorrect credentials error, message if the ovftool's target endpoint's SSL thumbprint is not trusted by the Packer host and suggests remediation options.
  • Updates error, log, ui, and fatal messages.

Testing

Build

packer-plugin-vsphere1 on  fix/ovftool-error-handling- [?] via 🐹 v1.22.2 make generate
2024/04/25 09:52:13 Copying "docs" to ".docs/"
2024/04/25 09:52:13 Replacing @include '...' calls in .docs/
Compiling MDX docs in '.docs' to Markdown in '.web-docs'...

packer-plugin-vsphere1 on  fix/ovftool-error-handling- [?] via 🐹 v1.22.2 took 13.5s make build

packer-plugin-vsphere1 on  fix/ovftool-error-handling- [?] via 🐹 v1.22.2 took 5.0s make test
?       github.com/hashicorp/packer-plugin-vsphere      [no test files]
?       github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/common/testing       [no test files]
?       github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/examples/driver      [no test files]
?       github.com/hashicorp/packer-plugin-vsphere/version      [no test files]
ok      github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/clone        1.513s
ok      github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/common       2.485s
ok      github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/driver       5.813s
ok      github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/iso  2.259s
ok      github.com/hashicorp/packer-plugin-vsphere/builder/vsphere/supervisor   4.454s
ok      github.com/hashicorp/packer-plugin-vsphere/post-processor/vsphere       1.739s
ok      github.com/hashicorp/packer-plugin-vsphere/post-processor/vsphere-template      2.764s

Run

  1. If insecure is not provided or is set to false explicitly for the post-processor and the certificate is not trusted, it will fail with an error by capturing "Accept SSL fingerprint" in the stdout. Unfortunately, I'm unable to get it to pause and allow for user input with a fmt.Scanln(&response). (I've tried endlessly to get that to work. ¯\_(ツ)_/¯ )

  2. If insecure is set to true, it will proceed and present a message.

=> vsphere-iso.linux-photon: Running post-processor:  (type vsphere)
    vsphere-iso.linux-photon (vsphere): Uploading /Users/ryan/Library/Mobile Documents/com~apple~CloudDocs/Code/Personal/<sensitive>-examples-for-vsphere12/artifacts/linux-photon-5.0-develop/linux-photon-5.0-develop.ovf to m01-vc01.rainpole.io
    vsphere-iso.linux-photon (vsphere): Validating username and password...
    vsphere-iso.linux-photon (vsphere): Skipping SSL thumbprint verification; insecure flag set to true...
    vsphere-iso.linux-photon (vsphere): Uploading virtual machine...
    vsphere-iso.linux-photon (vsphere): Opening OVF source: /Users/ryan/Library/Mobile Documents/com~apple~CloudDocs/Code/Personal/<sensitive>-examples-for-vsphere12/artifacts/linux-photon-5.0-develop/linux-photon-5.0-develop.ovf
    vsphere-iso.linux-photon (vsphere): The manifest validates

Reference

Closes #297

@tenthirtyam tenthirtyam added the bug Bug label Apr 25, 2024
@tenthirtyam tenthirtyam added this to the v1.2.8 milestone Apr 25, 2024
@tenthirtyam tenthirtyam self-assigned this Apr 25, 2024
@tenthirtyam tenthirtyam requested a review from a team as a code owner April 25, 2024 13:56
@tenthirtyam
fix: ovftool error handling
70e56ba 
- Adds the option to allow ovftool to use `--noSSLVerify` if insecure is set to `false`.
- Adds an error, similar to incorrect credentials error, message if the ovftool's target endpoint's SSL thumbprint is not trusted by the Packer host and suggests remediation options.
- Updates error, log, ui, and fatal messages.
@tenthirtyam tenthirtyam force-pushed the fix/ovftool-error-handling- branch from 456fa47 to 70e56ba Compare April 25, 2024 14:25
@tenthirtyam tenthirtyam added the post-processor/vsphere Post-Processor: vsphere label Apr 28, 2024
@lbajolet-hashicorp lbajolet-hashicorp merged commit 2e350e6 into main May 9, 2024
@lbajolet-hashicorp lbajolet-hashicorp deleted the fix/ovftool-error-handling- branch May 9, 2024 13:41
@vmware vmware locked as resolved and limited conversation to collaborators Jun 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@nywilken nywilken Awaiting requested review from nywilken

1 more reviewer

@lbajolet-hashicorp lbajolet-hashicorp lbajolet-hashicorp approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@tenthirtyam tenthirtyam

Labels

bug Bug post-processor/vsphere Post-Processor: vsphere

Projects

None yet

Milestone

v1.3.0

Development

Successfully merging this pull request may close these issues.

post-processor vsphere: Handle prompts from ovftool when using custom CA

2 participants

@tenthirtyam @lbajolet-hashicorp