Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tweak how GetControllerCredentials works #1025

Merged
merged 5 commits into from
Aug 22, 2023
Merged

Tweak how GetControllerCredentials works #1025

merged 5 commits into from
Aug 22, 2023

Conversation

kian99
Copy link
Contributor

@kian99 kian99 commented Aug 14, 2023

Description

The GetControllerCredentials implementation in Vault will not return an error when controller credentials are not found, this updates the Postgres secret store to match Vault. If it doesn't work like that then one is unable to add a controller to JIMM.

Engineering checklist

Check only items that apply

  • Documentation updated
  • Covered by unit tests
  • Covered by integration tests

ale8k
ale8k reviewed Aug 22, 2023
View reviewed changes
internal/db/secrets.go Outdated
@@ -130,6 +130,10 @@ func (d *Database) GetControllerCredentials(ctx context.Context, controllerName
const op = errors.Op("database.GetControllerCredentials")
secret := dbmodel.NewSecret(names.ControllerTagKind, controllerName, nil)
err := d.GetSecret(ctx, &secret)
// It is expected for this interface that a non-existent controller credential return empty username/password.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think perhaps put this in the godoc too as it's an interesting behaviour

ale8k
ale8k reviewed Aug 22, 2023
View reviewed changes
internal/db/secrets_test.go Outdated
c.Assert(err, qt.Equals, nil)
ctx := context.Background()
controllerName := "beef1beef2-0000-0000-000011112222"
// Get ControllerCred
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this necessary?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The comment? No I'll remove it

ale8k
ale8k approved these changes Aug 22, 2023
View reviewed changes
Copy link
Contributor

@ale8k ale8k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approving but two comments

@kian99 kian99 merged commit 6c22e1d into canonical:feature-rebac Aug 22, 2023
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ale8k ale8k ale8k approved these changes

@babakks babakks Awaiting requested review from babakks

@mina1460 mina1460 Awaiting requested review from mina1460

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kian99 @ale8k