8000 Calculation of certificate expiration date won't work with some locales · Issue #124 · NETWAYS/ansible-collection-elasticstack · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Calculation of certificate expiration date won't work with some locales #124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
widhalmt opened this issue Mar 17, 2023 · 3 comments · Fixed by #125
Closed

Calculation of certificate expiration date won't work with some locales #124

widhalmt opened this issue Mar 17, 2023 · 3 comments · Fixed by #125
Assignees
@widhalmt
Labels
bug Something isn't working
Milestone
1.0.0

Comments

@widhalmt
Copy link
Member
widhalmt commented Mar 17, 2023
edited
Loading

When running the collection a second time over a test system I get an error when it tries to calculate the expiration date of certificates.

TASK [netways.elasticstack.elasticsearch : Set the ca expiration date in days] **************************************************************************************************************************************************************
fatal: [elastic801]: FAILED! => {"msg": "the field 'args' has an invalid value ({'elastic_ca_expiration_days': \"{{ ((ca_expiration_date.stdout | to_datetime('%b %d %H:%M:%S %Y %Z')) - (ansible_date_time.date | to_datetime('%Y-%m-%d'))).days }}\"}), and could not be converted to an dict.The error was: time data 'Mar 16 15:55:01 2026 GMT' does not match format '%b %d %H:%M:%S %Y %Z'\n\nThe error appears to be in '/home/widhalmt/.ansible/collections/ansible_collections/netways/elasticstack/roles/elasticsearch/tasks/elasticsearch-security.yml': line 34, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Set the ca expiration date in days\n  ^ here\n"}

The to_datetime calculation is correct and the string does match the pattern. Only problem is that %b refers to "Month as locale’s abbreviated name." . So this can or can not work depending on locales on all involved machines.

[widhalmt@thor elastictest]$ ansible localhost -m debug -a='msg={{ "Mar 16 15:55:01 2026" | to_datetime("%b %d %H:%M:%S %Y") }}'
localhost | FAILED! => {
    "msg": "the field 'args' has an invalid value ({'msg': '{{ \"Mar 16 15:55:01 2026\" | to_datetime(\"%b %d %H:%M:%S %Y\") }}'}), and could not be converted to an dict.The error was: time data 'Mar 16 15:55:01 2026' does not match format '%b %d %H:%M:%S %Y'. time data 'Mar 16 15:55:01 2026' does not match format '%b %d %H:%M:%S %Y'"
}
[widhalmt@thor elastictest]$ ansible localhost -m debug -a='msg={{ "Mär 16 15:55:01 2026" | to_datetime("%b %d %H:%M:%S %Y") }}'
localhost | SUCCESS => {
    "msg": "2026-03-16 15:55:01"
}

So when I change Mar to Mär matching the locale, it works. But we need a way to fix it to the locale openssl is using when showing dates.
@widhalmt widhalmt added the bug Something isn't working label Mar 17, 2023
@widhalmt widhalmt added this to the 1.0.0 milestone Mar 17, 2023
@widhalmt
Copy link
Member Author
widhalmt commented Mar 20, 2023
edited
Loading

Looks like a known problem. I'll try solutions suggested in ansible/ansible#10698 and a-chernykh/railsbox#29 (comment)

@widhalmt
Copy link
Member Author

Setting module_lang = en_US.UTF-8 in ansible.cfg doesn't work.

@widhalmt
Copy link
Member Author

Setting locale at the task level doesn't work, either.

- name: Set the ca expiration date in days
  set_fact:
    elastic_ca_expiration_days: "{{ ((ca_expiration_date.stdout | to_datetime('%b %d %H:%M:%S %Y %Z')) - (ansible_date_time.date | to_datetime('%Y-%m-%d'))).days }}"
  when: inventory_hostname == elasticsearch_ca and ca_expiration_date.skipped is not defined
  environment:
    LANG: en_US.UTF-8
    LANGUAGE: en_US.UTF-8
    LC_ALL: en_US.UTF-8

@widhalmt widhalmt self-assigned this Mar 20, 2023
@widhalmt widhalmt mentioned this issue Mar 20, 2023
Merged
@danopt danopt closed this as completed in b2f78b8 May 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@widhalmt widhalmt

Labels
bug Something isn't working
Projects
None yet
Milestone
1.0.0
Development

Successfully merging a pull request may close this issue.

Make cert expiration check independent of locale NETWAYS/ansible-collection-elasticstack
1 participant
@widhalmt
0