From 75c422116c04d13744e65819c4e4108eb854ba1a Mon Sep 17 00:00:00 2001 From: Leonard Goodell Date: Wed, 27 Oct 2021 11:25:01 -0700 Subject: [PATCH 1/2] fix: Fix Error logging to properly include error message fixes #3784 Signed-off-by: Leonard Goodell --- internal/security/secretstore/init.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/security/secretstore/init.go b/internal/security/secretstore/init.go index 8a5e51faab..de2b7965e9 100644 --- a/internal/security/secretstore/init.go +++ b/internal/security/secretstore/init.go @@ -418,7 +418,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s err = ConfigureSecureMessageBus(configuration.SecureMessageBus, redis5Pair, lc) if err != nil { - lc.Error("failed to configure for Secure Message Bus: %w", err) + lc.Errorf("failed to configure for Secure Message Bus: %s", err.Error()) os.Exit(1) } From 44bd9db51f55a28a8e39fe4e5a3bff1741d5a16e Mon Sep 17 00:00:00 2001 From: lenny Date: Wed, 27 Oct 2021 11:49:20 -0700 Subject: [PATCH 2/2] fix: Don't write eKuiper file if file doesn't already exist fixes #3786 Signed-off-by: lenny Signed-off-by: Leonard Goodell --- .../security/secretstore/secure-messagebus.go | 9 ++++ .../secretstore/secure-messagebus_test.go | 48 +++++++++++++------ 2 files changed, 42 insertions(+), 15 deletions(-) diff --git a/internal/security/secretstore/secure-messagebus.go b/internal/security/secretstore/secure-messagebus.go index 1a0d85f535..2a9cc971e9 100644 --- a/internal/security/secretstore/secure-messagebus.go +++ b/internal/security/secretstore/secure-messagebus.go @@ -16,6 +16,7 @@ package secretstore import ( + "errors" "fmt" "os" "text/template" @@ -101,6 +102,14 @@ func ConfigureSecureMessageBus(secureMessageBus config.SecureMessageBusInfo, red } func configureKuiperForSecureMessageBus(credentials UserPasswordPair, fileType string, fileTemplate string, path string, lc logger.LoggingClient) error { + // This capability depends on the eKuiper file existing, which depends on the version of eKuiper installed. + // If the file doesn't exist, then the eKuiper version installed doesn't use it, so skip the injection. + _, err := os.Stat(path) + if err != nil && errors.Is(err, os.ErrNotExist) { + lc.Infof("eKuiper file %s doesn't exist, skipping Secure MessageBus credentials injection", path) + return nil + } + tmpl, err := template.New("eKuiper").Parse(fileTemplate) if err != nil { return fmt.Errorf("failed to parse eKuiper %s template: %w", fileType, err) diff --git a/internal/security/secretstore/secure-messagebus_test.go b/internal/security/secretstore/secure-messagebus_test.go index ae24b74a48..5dd6390a7a 100644 --- a/internal/security/secretstore/secure-messagebus_test.go +++ b/internal/security/secretstore/secure-messagebus_test.go @@ -39,17 +39,19 @@ func TestConfigureSecureMessageBus(t *testing.T) { } tests := []struct { - Name string - Type string - Credentials UserPasswordPair - Expected *UserPasswordPair - ExpectError bool + Name string + Type string + ConnectionFileExists bool + Credentials UserPasswordPair + Expected *UserPasswordPair + ExpectError bool }{ - {"valid redis", redisSecureMessageBusType, validExpected, &validExpected, false}, - {"valid blank", blankSecureMessageBusType, validExpected, nil, false}, - {"valid none", noneSecureMessageBusType, validExpected, nil, false}, - {"invalid type", "bogus", validExpected, nil, true}, - {"invalid mqtt", mqttSecureMessageBusType, validExpected, nil, true}, + {"valid redis - both files", redisSecureMessageBusType, true, validExpected, &validExpected, false}, + {"valid redis - no connection file", redisSecureMessageBusType, false, validExpected, &validExpected, false}, + {"valid blank", blankSecureMessageBusType, false, validExpected, nil, false}, + {"valid none", noneSecureMessageBusType, false, validExpected, nil, false}, + {"invalid type", "bogus", false, validExpected, nil, true}, + {"invalid mqtt", mqttSecureMessageBusType, false, validExpected, nil, true}, } for _, test := range tests { t.Run(test.Name, func(t *testing.T) { @@ -61,6 +63,16 @@ func TestConfigureSecureMessageBus(t *testing.T) { _ = os.Remove(secureMessageBus.KuiperConnectionsPath) }() + if test.Expected != nil { + _, err := os.Create(secureMessageBus.KuiperConfigPath) + require.NoError(t, err) + + if test.ConnectionFileExists { + _, err := os.Create(secureMessageBus.KuiperConnectionsPath) + require.NoError(t, err) + } + } + secureMessageBus.Type = test.Type err := ConfigureSecureMessageBus(secureMessageBus, test.Credentials, logger.NewMockClient()) if test.ExpectError { @@ -88,11 +100,17 @@ func TestConfigureSecureMessageBus(t *testing.T) { assert.True(t, strings.Contains(string(contents), test.Expected.User)) assert.True(t, strings.Contains(string(contents), test.Expected.Password)) - // Connections file should have been written - contents, err = os.ReadFile(secureMessageBus.KuiperConnectionsPath) - require.NoError(t, err) - assert.True(t, strings.Contains(string(contents), test.Expected.User)) - assert.True(t, strings.Contains(string(contents), test.Expected.Password)) + if test.ConnectionFileExists { + // Connections file should have been written + contents, err = os.ReadFile(secureMessageBus.KuiperConnectionsPath) + require.NoError(t, err) + assert.True(t, strings.Contains(string(contents), test.Expected.User)) + assert.True(t, strings.Contains(string(contents), test.Expected.Password)) + } else { + // Connections file should not have been written + _, err = os.Stat(secureMessageBus.KuiperConnectionsPath) + require.True(t, os.IsNotExist(err)) + } }) } }