Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
3.38.0, 3.37.3
-
2
-
NXRM Neo Sprint 55
-
3
Description
As a security best practice, Microsoft recommends periodically rotating storage access keys (https://docs.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#manually-rotate-access-keys), however doing so can result in the Blob Store UI failing to load (see fail_blobstore_ui.png attached) and the following warning in the nexus.log:
2022-04-27 16:32:30,675+0100 WARN [qtp556198592-771] admin org.sonatype.nexus.siesta.internal.UnexpectedExceptionMapper - (ID 1d243db0-3356-4f2d-9075-c838be0842bd) Response: [500] 'ERROR: (ID 1d243db0-3356-4f2d-9075-c838be0842bd) com.azure.storage.blob.models.BlobStorageException: Status code 403, (empty body)'; mapped from: com.azure.storage.blob.models.BlobStorageException: Status code 403, (empty body)
To reproduce:
1. Create an Azure blob store.
2. Rotate the access keys on the Azure side.
3. Attempt to access the Blob Stores page in the Nexus UI. The screen does not render, and there is an error (see attached).
Expected:
The Blob Stores page should remain accessible, but the specific Azure blob store can be set to a "failed" state so that admins can still access the config and set the new key.
Workaround:
Use the REST API, PUT /v1/blobstores/azure/{blobStoreName} to update and set the new access key. Doing so will resolve the broken UI.
Attachments
Issue Links
- is related to
-
-
- New
-
- relates
-
-
- Closed
-
