Skip to content
This repository has been archived by the owner on May 21, 2024. It is now read-only.

Fix/garage deploy check push server #1347

Merged
merged 3 commits into from
Sep 12, 2019

Conversation

pattivacek
Copy link
Collaborator

This was a minor logic problem (with detecting when we can't sign the targets) caught by OTF, but while looking closer, I realized there was a bigger problem: we were running the garage-check logic on the fetch repo instead of the push repo. I fixed that and addressed the online signing logic flow as well.

It's already done in the authenticate function.

Signed-off-by: Patrick Vacek <[email protected]>
}

TreehubServer push_server;
if (authenticate(cacerts, push_credentials, push_server) != EXIT_SUCCESS) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't push_server authenticate be done before 'UploadToTreehub'?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I've accidentally made it authenticate twice now. I'll try to refactor this.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed.

@@ -317,7 +317,7 @@ if (BUILD_SOTA_TOOLS)
add_test(NAME garage-deploy-online-signing
COMMAND ${PROJECT_SOURCE_DIR}/tests/sota_tools/test-garage-deploy-online-signing $<TARGET_FILE:garage-deploy>
WORKING_DIRECTORY ${PROJECT_SOURCE_DIR})
set_tests_properties(garage-deploy-online-signing PROPERTIES PASS_REGULAR_EXPRESSION "Online signing with garage-deploy is currently unsupported")
set_tests_properties(garage-deploy-online-signing PROPERTIES PASS_REGULAR_EXPRESSION "Online signing with garage-deploy is not supported")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this means we are not planning to support online signing anytime soon or at all?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Online signing" here has kind of a funny meaning. We just shouldn't use that phrase here, because it's confusing with how we use the term elsewhere. I'll change it.

To explain: normally, your credentials file has a key for the Targets role of the Image repository. This is true even if you haven't rotated that key (e.g. what we normally call "offline signing"). If that key isn't there, it's a problem.

@pattivacek pattivacek force-pushed the fix/garage-deploy-check-push-server branch from cf11573 to e4bd536 Compare September 11, 2019 14:48
@codecov-io
Copy link

codecov-io commented Sep 11, 2019

Codecov Report

Merging #1347 into master will decrease coverage by 0.05%.
The diff coverage is 79.16%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1347      +/-   ##
==========================================
- Coverage   80.11%   80.05%   -0.06%     
==========================================
  Files         178      178              
  Lines       10559    10558       -1     
==========================================
- Hits         8459     8452       -7     
- Misses       2100     2106       +6
Impacted Files Coverage Δ
src/sota_tools/garage_push.cc 72.82% <100%> (+1.23%) ⬆️
src/sota_tools/deploy.cc 48.52% <100%> (-2.86%) ⬇️
src/sota_tools/garage_check.cc 63.79% <100%> (+4.11%) ⬆️
src/sota_tools/garage_deploy.cc 87.5% <68.75%> (-0.82%) ⬇️
src/libaktualizr-posix/ipuptanesecondary.cc 82.66% <0%> (-4%) ⬇️
src/aktualizr_primary/secondary.cc 82.89% <0%> (-1.32%) ⬇️
src/libaktualizr/storage/sqlstorage_base.cc 79.05% <0%> (-0.68%) ⬇️
src/libaktualizr/storage/sqlstorage.cc 76.75% <0%> (-0.59%) ⬇️
src/libaktualizr/storage/sql_utils.h 85.91% <0%> (+1.4%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 46fbf64...d41c09a. Read the comment docs.

Raigi
Raigi previously approved these changes Sep 12, 2019
Copy link

@Raigi Raigi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Garage-deploy tests passed:
Deploy unique ostree image - OK
Deploy existing ostree image - OK
Deploy binary image doesn't succeed - OK

Prevents authenticating twice in garage-deploy.

Signed-off-by: Patrick Vacek <[email protected]>
@pattivacek
Copy link
Collaborator Author

Garage-deploy tests passed:

I accidentally broke the docs build but just now pushed a fix (no change to the actual code) which auto-dismissed your review.

@Raigi Raigi self-requested a review September 12, 2019 08:53
@pattivacek pattivacek merged commit 218183b into master Sep 12, 2019
@pattivacek pattivacek deleted the fix/garage-deploy-check-push-server branch September 12, 2019 10:48
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants