Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sensible keyring error #7272

Merged
merged 4 commits into from
Feb 13, 2020
Merged

Sensible keyring error #7272

merged 4 commits into from
Feb 13, 2020

Conversation

hanshasselberg
Copy link
Member

@hanshasselberg hanshasselberg commented Feb 12, 2020
edited
Loading

Fixes #7231. Before an agent would always emit a warning when there is
an encrypt key in the configuration and an existing keyring stored,
which is happening on restart.

Now it only emits that warning when the encrypt key from the
configuration is not part of the keyring.

I feel a little bad, because setupBaseKeyrings is not pretty and I would like to make it better. But that would mean more changes that don't contribute to the fix at hand. Will leave that for later.

@hanshasselberg
Sensible keyring error
2b7f090 
Fixes #7231. Before an agent would always emit a warning when there is
an encrypt key in the configuration and an existing keyring stored,
which is happening on restart.

Now it only emits that warning when the encrypt key from the
configuration is not part of the keyring.
@hanshasselberg hanshasselberg self-assigned this Feb 12, 2020
@hanshasselberg hanshasselberg added the waiting-reply Waiting on response from Original Poster or another individual in the thread label Feb 12, 2020
@hanshasselberg hanshasselberg requested a review from a team February 12, 2020 12:17
@hanshasselberg
Copy link
Member Author

test failures are related. will fix.

@ghost ghost removed the waiting-reply Waiting on response from Original Poster or another individual in the thread label Feb 12, 2020
mkeeler
mkeeler approved these changes Feb 13, 2020
View reviewed changes
Copy link
Member

@mkeeler mkeeler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have the one non-blocking comment about log messages but otherwise this looks great. :shipit:

agent/agent.go Outdated
config.SerfLANConfig.MemberlistConfig.Keyring,
a.config.EncryptKey,
) {
a.logger.Warn("LAN" + msg)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

I think this would be more consistent with existing logs if it were:

a.logger.Warn(msg, "keyring", "WAN")

During the hclog refactor it looked like most of the places that we had previously formatted a log message we turned into having a constant string message and passing the other data to the logger as kv pairs.

The same thing goes for the log for the "LAN" case too. If you really prefer this form, then thats fine with me too. My opinions on the subject are not very strong either way.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you Matt! This was actually a thing I kept wondering how to do with the new logger! I like your suggestion and will go with it!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@hanshasselberg hanshasselberg merged commit 315d57b into master Feb 13, 2020
@hanshasselberg hanshasselberg deleted the keyring_warning branch February 13, 2020 19:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkeeler mkeeler mkeeler approved these changes

Assignees

@hanshasselberg hanshasselberg

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Not possible to use gossip encryption without a warning in the logs
2 participants
@hanshasselberg @mkeeler