From 685156e38746197c3ec194dc224fdf6d1c9c7064 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Tue, 29 Sep 2020 16:24:05 +0200 Subject: [PATCH] Document how to fix bugzilla/aws SAML login via ipsilon Signed-off-by: Pierre-Yves Chibon --- fix_bugzilla_aws_saml_login.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 fix_bugzilla_aws_saml_login.md diff --git a/fix_bugzilla_aws_saml_login.md b/fix_bugzilla_aws_saml_login.md new file mode 100644 index 0000000..e31d5c9 --- /dev/null +++ b/fix_bugzilla_aws_saml_login.md @@ -0,0 +1,20 @@ +# How to fix SAML login in bugzilla/AWS + +Basically, we've observed that every now and then one of the ipsilon pod looses +its config (or so it seems) which leads to make that pod unable to properly +serve SAML requests. + +Here are the steps to debug and fix this situation: + +- Open all the web pod of ipsilon in different tags - Open the logs tab for + each +- Open bugzilla.redhat.com in a tab using the private browser mode +- Try logging into bugzilla using the Fedora contributor button in the drop-down +- Check the recent logs of the pods and find the one saying something like: + ``DEBUG(providers/saml2/auth.py:176 Redirect.saml2login()): saml2: 'NoneType' object has no attribute 'get_login_handler'`` + - copy the name of that pod +- Go to the openshift's main node +- Delete the pod using: ``oc -n ipsilon delete pod `` (for example: ``oc -n ipsilon delete pod ipsilon-24-8ztdd``), + Openshift will automatically spawn a new one +- Try login on bugzilla again - it should work (or maybe another pod is mis-behaving?) +