Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CDH: credentials should be optional in the configuration toml #514

Closed
wainersm opened this issue Mar 21, 2024 · 1 comment · Fixed by #517
Closed

CDH: credentials should be optional in the configuration toml #514

wainersm opened this issue Mar 21, 2024 · 1 comment · Fixed by #517

Comments

@wainersm
Copy link
Member

I'm trying to launch cdh configured for offline_fs_kbc where I don't want to load any credentials but I'm getting missing field \credentials`` errors.

Here is the configuration file and execution output:

$ cat cdh_conf.toml 
socket = "unix:///run/confidential-containers/cdh.sock"

[kbc]
name = "offline_fs_kbc"
url = ""
kbs_cert = ""
$ sudo ../target/x86_64-unknown-linux-gnu/release/confidential-data-hub -c cdh_conf.toml &
[4] 1053939
$ [2024-03-21T15:03:07Z INFO  confidential_data_hub] Use configuration file cdh_conf.toml
thread 'main' panicked at confidential-data-hub/hub/src/bin/confidential-data-hub/config.rs:79:65:
called `Result::unwrap()` on an `Err` value: invalid config

Caused by:
    missing field `credentials`
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Then I added an empty [credentials] section to the toml file and got another error:

$ cat cdh_conf.toml
socket = "unix:///run/confidential-containers/cdh.sock"

[kbc]
name = "offline_fs_kbc"
url = ""
kbs_cert = ""

[credentials]
$ sudo ../target/x86_64-unknown-linux-gnu/release/confidential-data-hub -c cdh_conf.toml &
[4] 1054383
$ [2024-03-21T15:06:52Z INFO  confidential_data_hub] Use configuration file cdh_conf.toml
thread 'main' panicked at confidential-data-hub/hub/src/bin/confidential-data-hub/config.rs:79:65:
called `Result::unwrap()` on an `Err` value: invalid config

Caused by:
    invalid type: map, expected a sequence
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Alright, an empty [[credentials]] didn't work either because now it requires resource_uri and path...
Xynnn007 added a commit to Xynnn007/guest-components that referenced this issue Mar 22, 2024
@Xynnn007
CDH: fix config read
479f913 
This commit gets rid of unwrap() in parsing CDH's config and will result
in an error. Also, this commit adds support for a configuration file
without any [[credentials]] array member.

To ensure the config behavior is as expected, adds some unit tests.

Fixes confidential-containers#514

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
@Xynnn007 Xynnn007 mentioned this issue Mar 22, 2024
Merged
@Xynnn007
Copy link
Member

Xynnn007 commented Mar 22, 2024
edited
Loading

Hi @wainersm, thanks for bringing this up. TOML crate seems not intelligent enough to handle empty arrays thus I explicitly fix that in a PR.

BTW, [[credentials]] items should have double square brackets rather than single.

Xynnn007 added a commit that referenced this issue Mar 22, 2024
@Xynnn007
CDH: fix config read
932d7ad 
This commit gets rid of unwrap() in parsing CDH's config and will result
in an error. Also, this commit adds support for a configuration file
without any [[credentials]] array member.

To ensure the config behavior is as expected, adds some unit tests.

Fixes #514

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

CDH: fix config read Xynnn007/guest-components
2 participants
@wainersm @Xynnn007