From ff45984b63f0a44fe45ca5e95e0741715f417159 Mon Sep 17 00:00:00 2001 From: vjripoll Date: Tue, 28 Jan 2025 10:42:40 +0100 Subject: [PATCH] NR-361437-fix-jd-parse-error --- charts/agent-control/Chart.yaml | 2 +- ...einstall-job-register-system-identity.yaml | 93 ++++++++++++++----- 2 files changed, 71 insertions(+), 24 deletions(-) diff --git a/charts/agent-control/Chart.yaml b/charts/agent-control/Chart.yaml index efe56c3c0..0d8dc419e 100644 --- a/charts/agent-control/Chart.yaml +++ b/charts/agent-control/Chart.yaml @@ -3,7 +3,7 @@ name: agent-control description: Bootstraps New Relic' Agent Control type: application -version: 0.0.42-beta +version: 0.0.43-beta dependencies: - name: flux2 diff --git a/charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml b/charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml index 35da018e2..7fd786944 100644 --- a/charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml @@ -111,28 +111,39 @@ spec: echo Key generated, creating the identity... if [ "${NEW_RELIC_AUTH_CLIENT_ID:-}" != "" ] && [ "${NEW_RELIC_AUTH_CLIENT_SECRET:-}" != "" ]; then - echo Starting with L1/L2 System Identity... + echo Starting with L1 System Identity... ############################################################ # Get the L1 Access Token ############################################################ RESPONSE_FILE=$TEMPORAL_FOLDER/response_token.json for RETRY in 1 2 3; do HTTP_CODE=$(echo '{"client_id": "'$NEW_RELIC_AUTH_CLIENT_ID'", "client_secret": "'$NEW_RELIC_AUTH_CLIENT_SECRET'", "grant_type": "client_credentials"}' | tr -d $'\n' | curl \ - -s -w "%{http_code}" \ + -s -S -w "%{http_code}" \ -H "Content-Type: application/json" \ -o "$RESPONSE_FILE" \ --data-binary @- \ - "{{ include "newrelic-agent-control.config.endpoints.tokenRenewal" . }}" - ) + --max-time 60 \ + "{{ include "newrelic-agent-control.config.endpoints.tokenRenewal" . }}") if [ $HTTP_CODE -eq 200 ]; then break fi - ERROR_MESSAGE=$(jq '.error_description // "invalid_request"' < "$TEMPORAL_FOLDER/response_token.json" | tr -d '"') - - echo "Error getting system identity auth token. The API endpoint returned $HTTP_CODE: $ERROR_MESSAGE. Retrying ($RETRY/3)..." - sleep 2 + if [ -z "$HTTP_CODE" ] || [ "$HTTP_CODE" -eq 0 ]; then + echo "Network error occurred or no HTTP response was received. Retrying ($RETRY/3)..." + sleep 2 + continue + else + if jq empty "$TEMPORAL_FOLDER/response_token.json" > /dev/null 2>&1; then + ERROR_MESSAGE=$(jq '.error_description // "invalid_request"' < "$TEMPORAL_FOLDER/response_token.json" | tr -d '"') + echo "Error getting system identity auth token. The API endpoint returned $HTTP_CODE: $ERROR_MESSAGE. Retrying ($RETRY/3)..." + sleep 2 + else + echo -n "Error getting system identity auth token. The API endpoint returned $HTTP_CODE: " && cat "$TEMPORAL_FOLDER/response_token.json" | tr -d '\n' && echo " Retrying ($RETRY/3)..." + sleep 2 + continue + fi + fi done if [ $HTTP_CODE -ne 200 ]; then @@ -142,6 +153,7 @@ spec: ACCESS_TOKEN=$(jq '.access_token' < "$RESPONSE_FILE" | tr -d '"' ) + echo Starting with L2 System Identity... ############################################################ # Create System Identity (L1/L2 System Identities) ############################################################ @@ -161,11 +173,12 @@ spec: } }" }' | tr -d $'\n' | curl \ - -s -w "%{http_code}" \ + -s -S -w "%{http_code}" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -o "$TEMPORAL_FOLDER/response.json" \ --data-binary @- \ + --max-time 60 \ "{{ include "newrelic-agent-control.config.endpoints.systemIdentityCreation" . }}" ) @@ -173,18 +186,34 @@ spec: break fi - echo "Error creating L2 system identity. The API endpoint returned $HTTP_CODE. Retrying ($RETRY/3)..." - sleep 2 + if [ -z "$HTTP_CODE" ] || [ "$HTTP_CODE" -eq 0 ]; then + echo "Network error occurred or no HTTP response was received during L2 identity creation. Retrying ($RETRY/3)..." + sleep 2 + continue + else + if jq empty "$TEMPORAL_FOLDER/response_token.json" > /dev/null 2>&1; then + ERROR_MESSAGE=$(jq '.errors[0].message // "invalid_request"' < "$TEMPORAL_FOLDER/response_token.json" | tr -d '"') + echo "Error creating L2 system identity. The API endpoint returned $HTTP_CODE. Retrying ($RETRY/3)..." + sleep 2 + else + echo -n "Error creating L2 system identity. The API endpoint returned $HTTP_CODE: " && cat "$TEMPORAL_FOLDER/response_token.json" | tr -d '\n' && echo " Retrying ($RETRY/3)..." + sleep 2 + continue + fi + fi done if [ $HTTP_CODE -ne 200 ]; then + echo "Error: The API endpoint returned HTTP code $HTTP_CODE." exit 99 fi - ERROR_MESSAGE=$(jq '.errors[0].message // "NOERROR"' < "$TEMPORAL_FOLDER/response.json" | tr -d '"') - if [ "$ERROR_MESSAGE" != "NOERROR" ]; then - echo "Failed to create a New Relic System Identity for Fleet Control communication authentication. Please verify that your User Key is valid and that your Account Organization has the necessary permissions to create a System Identity: $ERROR_MESSAGE" - exit 100 + if jq empty "$TEMPORAL_FOLDER/response_token.json" > /dev/null 2>&1; then + ERROR_MESSAGE=$(jq '.errors[0].message // "NOERROR"' < "$TEMPORAL_FOLDER/response.json" | tr -d '"') + if [ "$ERROR_MESSAGE" != "NOERROR" ]; then + echo "Failed to create a New Relic System Identity L2 for Fleet Control communication authentication. Please verify that your User Key is valid and that your Account Organization has the necessary permissions to create a System Identity: $ERROR_MESSAGE" + exit 100 + fi fi CLIENT_ID=$(jq '.data.create.clientId' < "$TEMPORAL_FOLDER/response.json" | tr -d '"' ) @@ -207,28 +236,46 @@ spec: }" }' | tr -d $'\n' | \ curl \ - -w "%{http_code}" \ + -s -S -w "%{http_code}" \ -H "Content-Type: application/json" \ -H "API-Key: $USER_KEY" \ -o "$TEMPORAL_FOLDER/response.json" \ --data @- \ + --max-time 60 \ "{{ include "newrelic-agent-control.config.endpoints.systemIdentityRegistration" . }}" ) if [ $HTTP_CODE -eq 200 ]; then break fi - echo "Error creating the new system identity. The API endpoint returned $HTTP_CODE. Retrying ($RETRY/3)..." - sleep 2 + + if [ -z "$HTTP_CODE" ] || [ "$HTTP_CODE" -eq 0 ]; then + echo "Network error occurred or no HTTP response was received during legacy identity creation. Retrying ($RETRY/3)..." + sleep 2 + continue + else + if jq empty "$TEMPORAL_FOLDER/response_token.json" > /dev/null 2>&1; then + ERROR_MESSAGE=$(jq '.errors[0].message // "invalid_request"' < "$TEMPORAL_FOLDER/response_token.json" | tr -d '"') + echo "Error creating the new legacy system identity. The API endpoint returned $HTTP_CODE. Retrying ($RETRY/3)..." + sleep 2 + else + echo -n "Error creating the new legacy system identity. The API endpoint returned $HTTP_CODE: " && cat "$TEMPORAL_FOLDER/response_token.json" | tr -d '\n' && echo " Retrying ($RETRY/3)..." + sleep 2 + continue + fi + fi done + if [ $HTTP_CODE -ne 200 ]; then echo HTTP_CODE=$HTTP_CODE ;exit 1; fi - ERROR_MESSAGE=$(jq -r '.errors[0].message // "NOERROR"' "$TEMPORAL_FOLDER/response.json") - if [ "$ERROR_MESSAGE" != "NOERROR" ]; then - echo "Failed to create a New Relic System Identity for Fleet Control communication authentication. Please verify that your User Key is valid and that your Account Organization has the necessary permissions to create a System Identity: $ERROR_MESSAGE" - exit 1 + if jq empty "$TEMPORAL_FOLDER/response_token.json" > /dev/null 2>&1; then + ERROR_MESSAGE=$(jq '.errors[0].message // "NOERROR"' < "$TEMPORAL_FOLDER/response.json" | tr -d '"') + if [ "$ERROR_MESSAGE" != "NOERROR" ]; then + echo "Failed to create a New Relic Legacy System Identity for Fleet Control communication authentication. Please verify that your User Key is valid and that your Account Organization has the necessary permissions to create a System Identity: $ERROR_MESSAGE" + exit 100 + fi fi - CLIENT_ID=$(jq -r '.data.systemIdentityCreate.clientId' "$TEMPORAL_FOLDER/response.json") + CLIENT_ID=$(jq -r '.data.systemIdentityCreate.clientId' "$TEMPORAL_FOLDER/response.json") fi echo Creating the secret '{{ include "newrelic-agent-control.auth.secret.name" . }}'... kubectl create secret generic --dry-run=client -o json \