Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Keto cli cant show version, and it cant create relation-tuple in version 0.6.0-alpha.3 #692

Closed
counter2015 opened this issue Sep 7, 2021 · 7 comments

Comments

@counter2015
Copy link

counter2015 commented Sep 7, 2021

Describe the bug

keto version and keto create relation-tuple do not work as expect.

Reproducing the bug
Following the steps here

$ brew install ory/keto/keto
brew install ory/keto/keto
==> Installing keto from ory/keto
==> Downloading https://github.com/ory/keto/releases/download/v0.6.0-alpha.3/keto_0.6.0-alpha.3-sqlite_macos_64bit.tar.gz
==> Downloading from https://github-releases.githubusercontent.com/125619154/aa7abb00-a906-11eb-81f9-6beafd7ba57c?X-Amz-Algorithm=AWS4
######################################################################## 100.0%
🍺  /usr/local/Cellar/keto/0.6.0-alpha.3: 6 files, 26.8MB, built in 8 seconds

The keto version seems not work

$ keto version
Version:			master
Build Commit:	undefined
Build Timestamp:	undefined

What's more the keto -c cat-videos-example/keto.yml relation-tuple create ./cat-videos-example/relation-tuples/cats1_owner.json does not implement.

First, start a server

// the db is up already
$ export DSN=postgresql://postgres:[email protected]:5432/postgres

$ keto serve -c cat-videos-example/keto.yml
INFO[2021-09-07T15:17:16+08:00] No tracer configured - skipping tracing setup  audience=application service_name=ORY Keto service_version=master
DEBU[2021-09-07T15:17:16+08:00] No SQL connection options have been defined, falling back to default connection options.  audience=application service_name=ORY Keto service_version=master sql_max_connection_lifetime=0s sql_max_connections=16 sql_max_idle_connections=8
DEBU[2021-09-07T15:17:16+08:00] No SQL connection options have been defined, falling back to default connection options.  audience=application service_name=ORY Keto service_version=master sql_max_connection_lifetime=0s sql_max_connections=16 sql_max_idle_connections=8
WARN[2021-09-07T15:17:16+08:00] Namespace videos is defined in the config but not yet migrated. It is ignored until you explicitly migrate it.  audience=application service_name=ORY Keto service_version=master

And then, I try to add relation-tuple.

 $ keto -c cat-videos-example/keto.yml relation-tuple create ./cat-videos-example/relation-tuples/cats1_owner.json
Error doing the request: rpc error: code = Unimplemented desc = unknown service ory.keto.acl.v1alpha1.WriteService

Expected behavior

keto version should get correct version,
keto relation-tuple create should write relation to keto storage.

Environment

  • Version: 0.6.0-alpha.3
  • Environment: Mac
@aeneasr
Copy link
Member

aeneasr commented Sep 7, 2021

Please run and post output of

which keto

@counter2015
Copy link
Author

@aeneasr Like this?

$ which keto
/usr/local/bin/keto

$  ll /usr/local/bin/keto
lrwxr-xr-x  1 counter  admin  37  9  7 15:05 /usr/local/bin/keto@ -> ../Cellar/keto/0.6.0-alpha.3/bin/keto

@aeneasr
Copy link
Member

aeneasr commented Sep 7, 2021

Thanks!

@counter2015
Copy link
Author

counter2015 commented Sep 7, 2021

And I tried to migrate data

$ keto -c cat-videos-example/keto.yml migrate up -y
Applying migrations...
DEBU[2021-09-07T16:01:55+08:00] Checking if legacy migration table exists.    audience=application migration_table=schema_migration service_name=ORY Keto service_version=master
DEBU[2021-09-07T16:01:55+08:00] An error occurred while checking for the legacy migration table, maybe it does not exist yet? Trying to create.  audience=application error=map[message:ERROR: relation "schema_migration" does not exist (SQLSTATE 42P01) trace:stack trace could not be recovered from error type *pgconn.PgError] migration_table=schema_migration service_name=ORY Keto service_version=master
DEBU[2021-09-07T16:01:55+08:00] Transactional migration table created successfully.  audience=application migration_table=schema_migration service_name=ORY Keto service_version=master
DEBU[2021-09-07T16:01:55+08:00] Migration has not yet been applied, running migration.  audience=application service_name=ORY Keto service_version=master version=20201110175414
DEBU[2021-09-07T16:01:55+08:00] > relationtuple                               audience=application service_name=ORY Keto service_version=master
DEBU[2021-09-07T16:01:55+08:00] Successfully applied 1 migrations.            audience=application service_name=ORY Keto service_version=master
DEBU[2021-09-07T16:01:55+08:00] 0.1859 seconds                                audience=application service_name=ORY Keto service_version=master
Successfully applied all migrations:
Version		Name		Status	
20201110175414	relationtuple	Applied	

The keto.yml

version: v0.6.0-alpha.3

log:
  level: trace
  leak_sensitive_values: true


namespaces:
  - id: 0
    name: videos

dsn: postgresql://postgres:[email protected]:5432/postgres

serve:
  read:
    host: 0.0.0.0
    port: 4466
  write:
    host: 0.0.0.0
    port: 4467

Then I retry to create relation tuple.

$ keto -c cat-videos-example/keto.yml relation-tuple create ./cat-videos-example/relation-tuples/cats1_owner.json  --write-remote=127.0.0.1:4467

Error doing the request: rpc error: code = Unknown desc = ERROR: relation "keto_0000000000_relation_tuples" does not exist (SQLSTATE 42P01)

Is there any steps I missed?

@counter2015
Copy link
Author

Well, after serval attempts, I found the right way to start a keto serve with database.

# start the server, then open a new terminal
$ keto serve -c cat-videos-example/keto.yml

# migrate namespaces
$ keto migrate up --all-namespaces -y -c cat-videos-example/keto.yml

# create relation-tuples 
$ keto relation-tuple create cat-videos-example/relation-tuples/ -c cat-videos-example/keto.yml
neither flag --write-remote nor env var KETO_WRITE_REMOTE are set, falling back to 127.0.0.1:4467

NAMESPACE	OBJECT		RELATION NAME	SUBJECT				
videos		/cats/1.mp4	owner		videos:/cats#owner		
videos		/cats/1.mp4	view		videos:/cats/1.mp4#owner	
videos		/cats/1.mp4	view		*				
videos		/cats/2.mp4	owner		videos:/cats#owner		
videos		/cats/2.mp4	view		videos:/cats/2.mp4#owner	
videos		/cats		owner		cat lady			
videos		/cats		view		videos:/cats#owner

It seems that the server init steps is different from memory and database, in up.sh it just run keto relation-tuple create, the details are hidden.

#!/bin/bash
set -euo pipefail

keto serve -c contrib/cat-videos-example/keto.yml &
keto_server_pid=$!

function teardown() {
    kill $keto_server_pid || true
}
trap teardown EXIT

export KETO_WRITE_REMOTE="127.0.0.1:4467"

keto relation-tuple create contrib/cat-videos-example/relation-tuples

echo "

Created all relation tuples. Now you can use the Keto CLI client to play around:

export KETO_READ_REMOTE=\"127.0.0.1:4466\"
keto relation-tuple get videos
keto check \"*\" view videos /cats/1.mp4
keto expand view videos /cats/2.mp4
"

# sleep 10h; has to be defined like this because OSX does not know units https://www.unix.com/man-page/osx/1/sleep/
sleep 36000

IMO, the error resposne should be more clear
Something like

Database state error, cant find relation xxxx, do you forget run `keto migrate up` or `keto namespcae migrate` ?

is better than

Error doing the request: rpc error: code = Unimplemented desc = unknown service ory.keto.acl.v1alpha1.WriteService

@aeneasr
Copy link
Member

aeneasr commented Sep 8, 2021

Sorry to hear that this is difficult to use! I also find this information missing in the docs - it is kinda hidden in the docker compose set up.

On current master we have a complete refactor of the namespaces so this is no longer required! In essence, namespaces are now part of the table and do not need to be migrated any longer!

@counter2015
Copy link
Author

This issue is solved partly, I will reopen another issue for keto version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants