feat(notifications): Add secret creation API #3510
Conversation
|
This PR should hold until edgexfoundry/go-mod-core-contracts#624 merged. |
Codecov Report
@@ Coverage Diff @@
## master #3510 +/- ##
==========================================
+ Coverage 40.41% 40.44% +0.03%
==========================================
Files 204 206 +2
Lines 16790 16846 +56
==========================================
+ Hits 6786 6814 +28
- Misses 9527 9552 +25
- Partials 477 480 +3
Continue to review full report at Codecov.
|
| // add '/' in the full URL path if it's not already at the end of the base path or sub path | ||
| if !strings.HasSuffix(secretStoreInfo.Path, "/") && !strings.HasPrefix(path, "/") { | ||
| path = "/" + path | ||
| } else if strings.HasSuffix(secretStoreInfo.Path, "/") && strings.HasPrefix(path, "/") { | ||
| // remove extra '/' in the full URL path because secret store's (Vault) APIs don't handle extra '/'. | ||
| path = path[1:] | ||
| } |
There was a problem hiding this comment.
Very recent change for the value of secretStoreInfo.Path. It is no longer the full base base. Just the sub path, i.e. "core-data/" . This code is no longer needed. Lower level code handles it.
There was a problem hiding this comment.
FYI, I verified this code can be removed using App Service version and have removed it in this PR
edgexfoundry/app-functions-sdk-go#870
I will submit same clean-up for Device SDK.
There was a problem hiding this comment.
Modified.
- But I got a 404 error when the path contains the prefix
/
curl http://0.0.0.0:59860/api/v2/secret -X POST -H "Content-Type: application/json" \
-d '{"apiVersion":"v2", "path": "/mqtt", "secretData":[{"key":"username","value":"tester"}]}' | json_pp
{
"apiVersion" : "v2",
"message" : "adding secret failed -> Error found on handling secrets from underlying data-store: Received a '404' response from the secret store",
"statusCode" : 500
}
- And got 400 error when the path contains the suffix
//
% curl http://0.0.0.0:59860/api/v2/secret -X POST -H "Content-Type: application/json" \
-d '{"apiVersion":"v2", "path": "mqtt//", "secretData":[{"key":"username","value":"tester"}]}' | json_pp
{
"apiVersion" : "v2",
"message" : "adding secret failed -> Error found on handling secrets from underlying data-store: Received a '400' response from the secret store",
"statusCode" : 500
}
I thought we can improve the error message to return the actual error from the vault
https://github.com/edgexfoundry/go-mod-secrets/blob/master/internal/pkg/vault/secrets.go#L450
There was a problem hiding this comment.
Humm, please set logging to DEBUG so it logs the URL it is attempting to use so we have a better understanding of what is happening. Note // is never valid. So that error would be expected. Also please try just mqtt as the expected valid values are /mqtt & 'mqtt`
Yes, that error message could be improved. ;-)
There was a problem hiding this comment.
I just verified with my Device SDK PR, that the two valid options are actually mqtt and mqtt/, which make more sense for specifying a sub-path
There was a problem hiding this comment.
i.e. I got the sane errors using /mqtt and /mqtt//, but no errors using nqtt or mqtt/ or even mqtt/something
There was a problem hiding this comment.
I got the sane errors using /mqtt and /mqtt//, but no errors using nqtt or mqtt/ or even mqtt/something
Yes, I also verified that. The user just needs to use DEBUG log to inspect and resolve the error.
I have no problem now. The changes made, please help review.
Add secret creation API for storing EdgeX service exclusive secret to the Secret Store. Close: #3333 Signed-off-by: weichou <[email protected]>
Close: #3333 Signed-off-by: weichou <[email protected]>
Close: #3333 Signed-off-by: weichou <[email protected]>
|
Kudos, SonarCloud Quality Gate passed!
|
3 participants
Close: #3333
PR Checklist
Please check if your PR fulfills the following requirements:
If your build fails due to your commit message not passing the build checks, please review the guidelines here: https://github.com/edgexfoundry/edgex-go/blob/master/.github/Contributing.md.
What is the current behavior?
Issue Number: #3333
What is the new behavior?
Add secret creation API for storing EdgeX service exclusive secret to the Secret Store.
Does this PR introduce a breaking change?
New Imports
Specific Instructions
Are there any specific instructions or things that should be known prior to reviewing?
Other information