-
Notifications
You must be signed in to change notification settings - Fork 906
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
clnrest: refactoring #6749
clnrest: refactoring #6749
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like you are having fun with pytest and friends :)
I left a couple of comments while reviewing the code
Thanks for the review @vincenzopalazzo |
It seems better that the logs changed can be seen when INFO level is set. Discussed with Vincenzo Palazzo in the PR ElementsProject#6749.
4fdc8f3
to
da60faf
Compare
Once we get to the commit
we are left with the following tree structure in the directory
Expect maybe for the functions in The file So now the only reason to keep But why not puting those 66 lines of code ( One benefit of this is also to put the most important state of that plugin (which is the You can also read comment: #6749 (comment) Finally, when we've removed Doing all of this results in 287 LOC in And this is really small! We can compare it to some other plugins if we want:
ps: I'm using |
da60faf
to
cfeea69
Compare
Hey @ShahanaFarooqui, as discussed yesterday I removed the last refactoring that incorporated the content of the following files If you want, you can now do the modifications you told me about yesterday (I think you have write access to that branch, but tell me if this not the case). As the PR has evolved, I'm leaving the original proposal here to contextualize it (with minor changes suggested by @vincenzopalazzo): https://github.com/tonyaldon/lightning/tree/backup-test-clnrest |
cfeea69
to
92d8445
Compare
92d8445
to
661beb5
Compare
Dismissing my reviews after rebasing and explaining the reason on my previous comments.
661beb5
to
651176e
Compare
Hey @ShahanaFarooqui , I don't know why but if you put
diff --git a/contrib/pyln-testing/pyproject.toml b/contrib/pyln-testing/pyproject.toml
index e551acb40..3ceaf279f 100644
--- a/contrib/pyln-testing/pyproject.toml
+++ b/contrib/pyln-testing/pyproject.toml
@@ -21,10 +21,10 @@ pyln-client = ">=23"
Flask = "^2"
cheroot = "^8"
psutil = "^5.9"
+requests = "^2.31.0"
grpcio = { version = "^1", optional = true }
pyln-grpc-proto = { version = "^0.1", optional = true }
-requests = "^2.31.0"
[tool.poetry.dev-dependencies]
pyln-client = { path = "../pyln-client", develop = true} Tell me if it works for you. |
651176e
to
b63bec8
Compare
@tonyaldon Thanks for the suggestion, trying it now. |
b63bec8
to
5348d25
Compare
Rebased on master to include the latest test flake fixes. |
1a111fa
to
f12c736
Compare
It is a comment only, nothing to change. Included all other reviewed suggestions.
43752e7
to
7d11019
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like that tests are failing
=========================== short test summary info ============================
FAILED tests/test_clnrest.py::test_clnrest_uses_grpc_plugin_certificates - requests.exceptions.ConnectionError: HTTPSConnectionPool(host='localhost', port=36049): Max retries exceeded with url: /v1/list-methods (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f0b388eefd0>: Failed to establish a new connection: [Errno 111] Connection refused'))
FAILED tests/test_clnrest.py::test_clnrest_rpc_method - requests.exceptions.ConnectionError: HTTPSConnectionPool(host='127.0.0.1', port=40339): Max retries exceeded with url: /v1/getinfo (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f9cebc128b0>: Failed to establish a new connection: [Errno 111] Connection refused'))
FAILED tests/test_clnrest.py::test_clnrest_websocket_rune_readonly - socketio.exceptions.ConnectionError: HTTPSConnectionPool(host='127.0.0.1', port=44733): Max retries exceeded with url: /socket.io/?transport=polling&EIO=4&t=1698384416.943965 (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fe97802fe50>: Failed to establish a new connection: [Errno 111] Connection refused'))
===== 3 failed, 631 passed, 58 skipped, 33 warnings in 1905.51s (0:31:45) ======
I'll look at these failing tests. I can't reproduce these failed tests locally. But I tried to play with
Does anyone know why this happens? |
5e4b955
to
54cc473
Compare
ACK 54cc473 |
@ShahanaFarooqui is it necessary to use the method is_valid_rune = verify_rune(plugin, rune, "listclnrest-notifications", None) Can't we get the same behavior using is_valid_rune = verify_rune(plugin, rune, "getinfo", None) |
@tonyaldon We can use But as suggested by @rustyrussell, using |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks nice. Just a few minor comments.
54cc473
to
1964f6e
Compare
- certificate generation - config options validation - log level from 'error' to 'info' - sending method as None instead "" - added `listclnrest-notifications` for websocket server rune method Changelog-Fixed: websocket server notifications are available with restriction of `readonly` runes
1964f6e
to
d4788ed
Compare
ACK d4788ed |
1 similar comment
ACK d4788ed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK d4788ed
plugin.add_option(name="rest-certs", default=os.getcwd(), description="Path for certificates (for https)", opt_type="string", deprecated=False) | ||
rest_certs = Path(os.getcwd()) / 'clnrest' | ||
|
||
plugin.add_option(name="rest-certs", default=rest_certs.as_posix(), description="Path for certificates (for https)", opt_type="string", deprecated=False) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Configuring the certificate with multiple SAN can be considered an enhancement but:
rest-host
option is used for IP address where the server is accessible. So using127.0.0.1
orrest-host
will not make any difference in current cert generation.- Self signed certs should be enough for testing.
- For more advanced cert options, user should generate their own certificates as per their preference and configure the location with
rest-certs
. - If we still prefer to add more sofisticated certs functionality then it should be added with new config option like cert-sans/cert-clients to accept array of allowed SANs
- The default should still be to use cln-grpc certs/generate basic certs at the default location.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After discussing with Rusty:
- cln-grpc certs will be used as first go to option
- if certs are not generate by grpc, then clnrest will generate certs
- added
rest-host
is in SAN for clnrest certs
|
||
|
||
def generate_certs(plugin, rest_host, certs_path): | ||
ca_subject, ca_private_key = generate_ca_cert(rest_host, certs_path) | ||
generate_client_server_certs(rest_host, certs_path, ca_subject, ca_private_key) | ||
ca_subject, ca_private_key = generate_cert("ca", None, None, rest_host, certs_path) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixing log level and refactoring the code for generating the certificate are tiny updated which can be accepted with testing PR as well. But I am not convinced with the idea to refactor the whole utilities folder and merge everything in clnrest.py directly.
Good catch on generate cert refactoring. I was repeating the same code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tonyaldon Thanks for refactoring generate certificate method.
plugins/clnrest/pyproject.toml
Outdated
@@ -6,7 +6,6 @@ authors = ["ShahanaFarooqui <sfarooqui@blockstream.com>"] | |||
|
|||
[tool.poetry.dependencies] | |||
python = "^3.8" | |||
json5 = "^0.9.14" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had to add json5 dependency due to some non standard responses received from some requests. json5.loads(str(err)) does not fail with those requests. So json5 dependency is required to handle those responses.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Keeping json5 is essential for some non-standard error messages.
@@ -41,26 +39,27 @@ class RpcMethodResource(Resource): | |||
@rpcns.response(500, "Server error") | |||
def post(self, rpc_method): | |||
"""Call any valid core lightning method (check list-methods response)""" | |||
try: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool side effect :).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tonyaldon Thanks, implemented the login to read payload
once, as per your suggestion.
While working on testcases, I found few bugs in
clnrest
that were fixed along the way:clnrest
self-signed certificates addsrest-host
IP in Subject Alternative Namelistclnrest-notifications
method are allowed to get notificationsChangelog-Fixed: websocket server notifications are available with
readonly
runesLink to #6436.