fix: Don't write eKuiper file if file doesn't already exist

fixes #3786

Signed-off-by: lenny <[email protected]>

internal/security/secretstore/secure-messagebus.go

@@ -16,6 +16,7 @@
 package secretstore
 
 import (
+	"errors"
 	"fmt"
 	"os"
 	"text/template"
@@ -101,6 +102,14 @@ func ConfigureSecureMessageBus(secureMessageBus config.SecureMessageBusInfo, red
 }
 
 func configureKuiperForSecureMessageBus(credentials UserPasswordPair, fileType string, fileTemplate string, path string, lc logger.LoggingClient) error {
+	// This capability depends on the eKuiper file existing, which depends on the version of eKuiper installed.
+	// If the file doesn't exist, then the eKuiper version installed doesn't use it, so skip the injection.
+	_, err := os.Stat(path)
+	if err != nil && errors.Is(err, os.ErrNotExist) {
+		lc.Infof("eKuiper file %s doesn't exist, skipping Secure MessageBus credentials injection", path)
+		return nil
+	}
+
 	tmpl, err := template.New("eKuiper").Parse(fileTemplate)
 	if err != nil {
 		return fmt.Errorf("failed to parse eKuiper %s template: %w", fileType, err)

internal/security/secretstore/secure-messagebus_test.go

@@ -41,15 +41,17 @@ func TestConfigureSecureMessageBus(t *testing.T) {
 	tests := []struct {
 		Name        string
 		Type        string
+		ConnectionFileExists  bool
 		Credentials UserPasswordPair
 		Expected    *UserPasswordPair
 		ExpectError bool
 	}{
-		{"valid redis", redisSecureMessageBusType, validExpected, &validExpected, false},
-		{"valid blank", blankSecureMessageBusType, validExpected, nil, false},
-		{"valid none", noneSecureMessageBusType, validExpected, nil, false},
-		{"invalid type", "bogus", validExpected, nil, true},
-		{"invalid mqtt", mqttSecureMessageBusType, validExpected, nil, true},
+		{"valid redis - both files", redisSecureMessageBusType, true, validExpected, &validExpected, false},
+		{"valid redis - no connection file", redisSecureMessageBusType, false, validExpected, &validExpected, false},
+		{"valid blank", blankSecureMessageBusType, false, validExpected, nil, false},
+		{"valid none", noneSecureMessageBusType, false,validExpected, nil, false},
+		{"invalid type", "bogus", false,validExpected, nil, true},
+		{"invalid mqtt", mqttSecureMessageBusType, false,validExpected, nil, true},
 	}
 	for _, test := range tests {
 		t.Run(test.Name, func(t *testing.T) {
@@ -61,6 +63,16 @@ func TestConfigureSecureMessageBus(t *testing.T) {
 				_ = os.Remove(secureMessageBus.KuiperConnectionsPath)
 			}()
 
+			if test.Expected != nil {
+				_, err := os.Create(secureMessageBus.KuiperConfigPath)
+				require.NoError(t, err)
+
+				if test.ConnectionFileExists {
+					_, err := os.Create(secureMessageBus.KuiperConnectionsPath)
+					require.NoError(t, err)
+				}
+			}
+
 			secureMessageBus.Type = test.Type
 			err := ConfigureSecureMessageBus(secureMessageBus, test.Credentials, logger.NewMockClient())
 			if test.ExpectError {
@@ -88,11 +100,17 @@ func TestConfigureSecureMessageBus(t *testing.T) {
 			assert.True(t, strings.Contains(string(contents), test.Expected.User))
 			assert.True(t, strings.Contains(string(contents), test.Expected.Password))
 
-			// Connections file should have been written
-			contents, err = os.ReadFile(secureMessageBus.KuiperConnectionsPath)
-			require.NoError(t, err)
-			assert.True(t, strings.Contains(string(contents), test.Expected.User))
-			assert.True(t, strings.Contains(string(contents), test.Expected.Password))
+			if test.ConnectionFileExists {
+				// Connections file should have been written
+				contents, err = os.ReadFile(secureMessageBus.KuiperConnectionsPath)
+				require.NoError(t, err)
+				assert.True(t, strings.Contains(string(contents), test.Expected.User))
+				assert.True(t, strings.Contains(string(contents), test.Expected.Password))
+			} else {
+				// Connections file should not have been written
+				_, err = os.Stat(secureMessageBus.KuiperConnectionsPath)
+				require.True(t, os.IsNotExist(err))
+			}
 		})
 	}
 }