Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Secret store fixes for error log message and not writing eKuiper file unless it already exists #3787

Merged
merged 2 commits into from
Oct 28, 2021
Merged

fix: Secret store fixes for error log message and not writing eKuiper file unless it already exists #3787

merged 2 commits into from
Oct 28, 2021

Conversation

lenny-goodell
Copy link
Member

@lenny-goodell lenny-goodell commented Oct 27, 2021
edited
Loading

fixes #3784 & #3786

If your build fails due to your commit message not passing the build checks, please review the guidelines here: https://github.com/edgexfoundry/edgex-go/blob/main/.github/Contributing.md

PR Checklist

Please check if your PR fulfills the following requirements:

  • I am not introducing a breaking change (if you are, flag in conventional commit message with BREAKING CHANGE: describing the break)
  • I am not introducing a new dependency (add notes below if you are)
  • I have added unit tests for the new feature or bug fix (if not, why?)
  • I have fully tested (add details below) this the new feature or bug fix (if not, why?)
  • I have opened a PR for the related docs change (if not, why?) N/A to user docs due to being internal

Testing Instructions

For existing functionality not broken:

  1. Clone branch for this PR and for feat: Add volume mounting of eKuiper connections file edgex-compose#196
  2. run make docker_security_secretstore_setup
  3. Update image for Security Secret Setup in add-security.yml from /edgex-compose/pull/196 to be edgexfoundry/security-secretstore-setup:0.0.0-dev
  4. From Compose Builder run make run
  5. Verify logs for Security Secret Setup contain the following (specifically the skipping message):
level=INFO ts=2021-10-27T18:44:16.8009944Z app=security-secretstore-setup source=secure-messagebus.go:132 msg="Wrote eKuiper EdgeX Source at /tmp/kuiper/edgex.yaml with Secure MessageBus credentials"
level=INFO ts=2021-10-27T18:44:16.8010801Z app=security-secretstore-setup source=secure-messagebus.go:109 msg="eKuiper file /tmp/kuiper-connections/connection.yaml doesn't exist, skipping Secure MessageBus credentials injection"
  1. Create a stream for eKupier by sending following to: http://localhost:59720/streams
{
  "sql": "create stream demo() WITH (FORMAT=\"JSON\", TYPE=\"edgex\")"
}
  1. Create a new rule for eKupier by sending following to: http://localhost:59720/rules
{
  "id": "ruleBool",
  "sql": "SELECT bool FROM demo where bool = true",
  "actions": [
    {
      "rest": {
        "url": "http://edgex-core-command:48082/api/v1/device/name/Random-Integer-Device/command/Int64",       
        "method": "get",
        "dataTemplate": "\"newKey\":\"{{.key}}\"",
        "sendSingle": true
      }
    }
  ]
}
  1. Verify eKuiper logs contain the following:
time="2021-10-25 17:46:43" level=info msg="Use configuration for edgex messagebus {{ 0 } {edgex-redis 6379 redis} redis map[Password:* Username:redis5]}" file="source/edgex_source.go:109"

For functionality with eKuuiper 1.4.0:

  1. Modify .env file on compose builder to set KUIPER_VERSION=1.4.0-beta.1-alpine
  2. From Compose Builder run make down
  3. From Compose Builder run make run
  4. Verify logs for Security Secret Setup contain the following (specifically that both files are written):
level=INFO ts=2021-10-27T18:48:04.7750548Z app=security-secretstore-setup source=secure-messagebus.go:132 msg="Wrote eKuiper EdgeX Source at /tmp/kuiper/edgex.yaml with Secure MessageBus credentials"
level=INFO ts=2021-10-27T18:48:04.7752716Z app=security-secretstore-setup source=secure-messagebus.go:132 msg="Wrote eKuiper Connections at /tmp/kuiper-connections/connection.yaml with Secure MessageBus credentials"

New Dependency Instructions (If applicable)

N/A

@lenny-goodell lenny-goodell linked an issue Oct 27, 2021 that may be closed by this pull request
New eKuiper credentials injection into Connections file cause snaps to fail to install #3786
Closed
bnevis-i
bnevis-i previously approved these changes Oct 27, 2021
View reviewed changes
jim-wang-intel
jim-wang-intel previously approved these changes Oct 27, 2021
View reviewed changes
@lenny-goodell lenny-goodell dismissed stale reviews from jim-wang-intel and bnevis-i via 44bd9db October 28, 2021 00:24
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@codecov-commenter
Copy link

Codecov Report

Merging #3787 (44bd9db) into main (d325f45) will increase coverage by 0.02%.
The diff coverage is 80.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #3787      +/-   ##
==========================================
+ Coverage   45.75%   45.77%   +0.02%     
==========================================
  Files         112      112              
  Lines        9636     9640       +4     
==========================================
+ Hits         4409     4413       +4     
  Misses       4844     4844              
  Partials      383      383
Impacted Files Coverage Δ
internal/security/secretstore/init.go 17.12% <0.00%> (ø)
internal/security/secretstore/secure-messagebus.go 71.42% <100.00%> (+3.68%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d325f45...44bd9db. Read the comment docs.

farshidtz
farshidtz approved these changes Oct 28, 2021
View reviewed changes
Copy link
Member

@farshidtz farshidtz left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. I confirm that it now skips the config step and the snapped secure-secretstore-setup no longer fails:

$ sudo snap install ./edgexfoundry_2.0.1-dev.69_amd64.snap --dangerous
$ sudo journalctl -n 1000 -o cat | grep "skipping Secure MessageBus"
level=INFO ts=2021-10-28T07:01:03.963284772Z app=security-secretstore-setup source=secure-messagebus.go:109 msg="eKuiper file /var/snap/edgexfoundry/x1/kuiper/etc/connections/connection.yaml doesn't exist, skipping Secure MessageBus credentials injection"
level=INFO ts=2021-10-28T07:01:34.474494582Z app=security-secretstore-setup source=secure-messagebus.go:109 msg="eKuiper file /var/snap/edgexfoundry/x1/kuiper/etc/connections/connection.yaml doesn't exist, skipping Secure MessageBus credentials injection"

It supersedes #3785.

@farshidtz farshidtz mentioned this pull request Oct 28, 2021
Closed
5 tasks
@lenny-goodell lenny-goodell merged commit 4a9701c into edgexfoundry:main Oct 28, 2021
@lenny-goodell lenny-goodell deleted the secret-store-fixes branch October 28, 2021 15:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnevis-i bnevis-i bnevis-i approved these changes

@farshidtz farshidtz farshidtz approved these changes

@jim-wang-intel jim-wang-intel jim-wang-intel left review comments

@tonyespy tonyespy Awaiting requested review from tonyespy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
5 participants
@lenny-goodell @codecov-commenter @farshidtz @bnevis-i @jim-wang-intel