[JENKINS-64322] Invalid DER: object is not integer - Plugin doesn't seem to support Kubernetes config with EC keys - Jenkins Jira

Type: Bug
Resolution: Unresolved
Priority: Major
Component/s: kubernetes-plugin
Labels:
None
Environment:
jenkins:2.268 on docker
kubernetes-client-api:4.11.1
kubernetes-credentials:0.7.0
kubernetes:1.28.3

Similar Issues:
Powered by SuggestiMate

Show

Hi,

It seems the plugin doesn't support kubernetes config using EC keys for the 'client-key-data'

Not sure if it's the correct component (kubernetes api client ?)

I'm using K3S for the kubernetes cluster (rancher/k3s:v1.19.4-k3s1)

The configuration is working perfectly with kubectl

Thanks.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

Screenshot from 2020-11-26 17-51-55.png
50 kB
2020-11-26 16:53

Valentin Delaye created issue - 2020-11-26 16:55

Vincent Latombe added a comment - 2020-12-11 08:26 - edited

This looks like a bug in the fabric8 Kubernetes client.

Vincent Latombe added a comment - 2020-12-11 08:26 - edited This looks like a bug in the fabric8 Kubernetes client .

Vincent Latombe added a comment - 2020-12-11 08:32

https://github.com/fabric8io/kubernetes-client/pull/1349

Looks like there is something to be done on the plugin side since bouncycastle is flagged as an optional dependency.

Vincent Latombe added a comment - 2020-12-11 08:32 https://github.com/fabric8io/kubernetes-client/pull/1349 Looks like there is something to be done on the plugin side since bouncycastle is flagged as an optional dependency.

Vincent Latombe added a comment - 2020-12-11 08:43

https://github.com/jenkinsci/kubernetes-client-api-plugin/pull/20 in 4.6.4-2

Vincent Latombe added a comment - 2020-12-11 08:43 https://github.com/jenkinsci/kubernetes-client-api-plugin/pull/20 in 4.6.4-2

Vincent Latombe added a comment - 2020-12-11 08:52

jonesbusy Are you sure your keypair is correct? This is supposed to be supported.

From the error you're providing, it looks like it fails to detect your key as an EC key and defaults to RSA which is obviously failing.

Vincent Latombe added a comment - 2020-12-11 08:52 jonesbusy Are you sure your keypair is correct? This is supposed to be supported. From the error you're providing, it looks like it fails to detect your key as an EC key and defaults to RSA which is obviously failing.

Vincent Latombe added a comment - 2020-12-11 08:53

Needs stacktrace + a sample kubeconfig that is failing to be parsed.

Vincent Latombe added a comment - 2020-12-11 08:53 Needs stacktrace + a sample kubeconfig that is failing to be parsed.

Vincent Latombe made changes - 2020-12-11 08:53

Resolution		New: Incomplete [ 4 ]
Status	Original: Open [ 1 ]	New: Closed [ 6 ]

Valentin Delaye added a comment - 2020-12-12 13:55 - edited

Hi vlatombe the key/config seems correct to me, and works out of the box with kubectl.

I'm using this docker-compose file to start the K3S cluster : https://github.com/k3s-io/k3s/blob/master/docker-compose.yml

Then connect to https://server:6443 or https://localhost:6443 depending if the Jenkins is started on the same docker network or not.

Valentin Delaye added a comment - 2020-12-12 13:55 - edited Hi vlatombe the key/config seems correct to me, and works out of the box with kubectl. I'm using this docker-compose file to start the K3S cluster : https://github.com/k3s-io/k3s/blob/master/docker-compose.yml Then connect to https://server:6443 or https://localhost:6443 depending if the Jenkins is started on the same docker network or not.

Michael Doubez added a comment - 2021-07-05 12:34 - edited

Hello,

I got the same error.

When loading the Key, the key is assumed to be RSA.

Michael Doubez added a comment - 2021-07-05 12:34 - edited Hello, I got the same error. When loading the Key, the key is assumed to be RSA .

Olivier Lamy added a comment - 2021-12-01 12:04 - edited

same error.

Stacktrace:

java.io.IOException: Invalid DER: object is not integer

at io.fabric8.kubernetes.client.internal.PKCS1Util$Asn1Object.getInteger(PKCS1Util.java:125)

at io.fabric8.kubernetes.client.internal.PKCS1Util.next(PKCS1Util.java:55)

at io.fabric8.kubernetes.client.internal.PKCS1Util.decodePKCS1(PKCS1Util.java:46)

at io.fabric8.kubernetes.client.internal.CertUtils.handleOtherKeys(CertUtils.java:179)

at io.fabric8.kubernetes.client.internal.CertUtils.loadKey(CertUtils.java:139)

at io.fabric8.kubernetes.client.internal.CertUtils.createKeyStore(CertUtils.java:115)

at io.fabric8.kubernetes.client.internal.CertUtils.createKeyStore(CertUtils.java:251)

at io.fabric8.kubernetes.client.internal.SSLUtils.keyManagers(SSLUtils.java:128)

at io.fabric8.kubernetes.client.internal.SSLUtils.keyManagers(SSLUtils.java:122)

at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:123)

Caused: io.fabric8.kubernetes.client.KubernetesClientException: An error has occurred.

at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:64)

at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:53)

at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:228)

at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:66)

at io.fabric8.kubernetes.client.BaseClient.<init>(BaseClient.java:51)

at io.fabric8.kubernetes.client.DefaultKubernetesClient.<init>(DefaultKubernetesClient.java:147)

at org.csanchez.jenkins.plugins.kubernetes.KubernetesFactoryAdapter.createClient(KubernetesFactoryAdapter.java:147)

at org.csanchez.jenkins.plugins.kubernetes.KubernetesClientProvider.createClient(KubernetesClientProvider.java:62)

at org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud.connect(KubernetesCloud.java:512)

at org.csanchez.jenkins.plugins.kubernetes.KubernetesLauncher.launch(KubernetesLauncher.java:115)

at hudson.slaves.SlaveComputer.lambda$_connect$0(SlaveComputer.java:293)

at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)

at jenkins.security.ImpersonatingExecutorService$2.call(ImpersonatingExecutorService.java:80)

at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)

at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)

at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)

at java.base/java.lang.Thread.run(Thread.java:834)

simply create a kubernetes cluster using https://k3s.io/.

use the kube file as credentials (created on master node in /etc/rancher/k3s/k3s.yaml)

and get this error.

Olivier Lamy added a comment - 2021-12-01 12:04 - edited same error. Stacktrace: java.io.IOException: Invalid DER: object is not integer at io.fabric8.kubernetes.client.internal.PKCS1Util$Asn1Object.getInteger(PKCS1Util.java:125) at io.fabric8.kubernetes.client.internal.PKCS1Util.next(PKCS1Util.java:55) at io.fabric8.kubernetes.client.internal.PKCS1Util.decodePKCS1(PKCS1Util.java:46) at io.fabric8.kubernetes.client.internal.CertUtils.handleOtherKeys(CertUtils.java:179) at io.fabric8.kubernetes.client.internal.CertUtils.loadKey(CertUtils.java:139) at io.fabric8.kubernetes.client.internal.CertUtils.createKeyStore(CertUtils.java:115) at io.fabric8.kubernetes.client.internal.CertUtils.createKeyStore(CertUtils.java:251) at io.fabric8.kubernetes.client.internal.SSLUtils.keyManagers(SSLUtils.java:128) at io.fabric8.kubernetes.client.internal.SSLUtils.keyManagers(SSLUtils.java:122) at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:123) Caused: io.fabric8.kubernetes.client.KubernetesClientException: An error has occurred. at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:64) at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:53) at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:228) at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:66) at io.fabric8.kubernetes.client.BaseClient.<init>(BaseClient.java:51) at io.fabric8.kubernetes.client.DefaultKubernetesClient.<init>(DefaultKubernetesClient.java:147) at org.csanchez.jenkins.plugins.kubernetes.KubernetesFactoryAdapter.createClient(KubernetesFactoryAdapter.java:147) at org.csanchez.jenkins.plugins.kubernetes.KubernetesClientProvider.createClient(KubernetesClientProvider.java:62) at org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud.connect(KubernetesCloud.java:512) at org.csanchez.jenkins.plugins.kubernetes.KubernetesLauncher.launch(KubernetesLauncher.java:115) at hudson.slaves.SlaveComputer.lambda$_connect$0(SlaveComputer.java:293) at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46) at jenkins.security.ImpersonatingExecutorService$2.call(ImpersonatingExecutorService.java:80) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:834) simply create a kubernetes cluster using https://k3s.io/. use the kube file as credentials (created on master node in /etc/rancher/k3s/k3s.yaml) and get this error.

Assignee:: Olivier Lamy

Reporter:: Valentin Delaye

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2020-11-26 16:55

Updated:: 2021-12-03 01:55

Jenkins

Details

Description

Attachments

Attachments

Activity

[JENKINS-64322] Invalid DER: object is not integer - Plugin doesn't seem to support Kubernetes config with EC keys

Collapse comment: Vincent Latombe added a comment - 2020-12-11 08:26, Edited by Vincent Latombe - 2020-12-11 08:27

Expand comment: Vincent Latombe added a comment - 2020-12-11 08:26, Edited by Vincent Latombe - 2020-12-11 08:27

Collapse comment: Vincent Latombe added a comment - 2020-12-11 08:32

Expand comment: Vincent Latombe added a comment - 2020-12-11 08:32

Collapse comment: Vincent Latombe added a comment - 2020-12-11 08:43

Expand comment: Vincent Latombe added a comment - 2020-12-11 08:43

Collapse comment: Vincent Latombe added a comment - 2020-12-11 08:52

Expand comment: Vincent Latombe added a comment - 2020-12-11 08:52

Collapse comment: Vincent Latombe added a comment - 2020-12-11 08:53

Expand comment: Vincent Latombe added a comment - 2020-12-11 08:53

Collapse comment: Valentin Delaye added a comment - 2020-12-12 13:55, Edited by Valentin Delaye - 2020-12-12 13:56

Expand comment: Valentin Delaye added a comment - 2020-12-12 13:55, Edited by Valentin Delaye - 2020-12-12 13:56

Collapse comment: Michael Doubez added a comment - 2021-07-05 12:34, Edited by Michael Doubez - 2021-07-05 13:13

Expand comment: Michael Doubez added a comment - 2021-07-05 12:34, Edited by Michael Doubez - 2021-07-05 13:13

Collapse comment: Olivier Lamy added a comment - 2021-12-01 12:04, Edited by Olivier Lamy - 2021-12-01 12:05

Expand comment: Olivier Lamy added a comment - 2021-12-01 12:04, Edited by Olivier Lamy - 2021-12-01 12:05

People

Dates