-
Notifications
You must be signed in to change notification settings - Fork 477
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Secure MQTT Bus Credentials #4142
feat: Secure MQTT Bus Credentials #4142
Conversation
CLOSES: edgexfoundry#3934 Signed-off-by: Jim Wang (Intel) <yutsung.jim.wang@intel.com> Signed-off-by: intel <joshua.silverio@intel.com>
badc4ca
to
b3312ac
Compare
Unit test failed (run make test)
|
Changed unit test since mosquitto_password binary was available on dev system but not build server...currently being rebuilt |
Signed-off-by: intel <joshua.silverio@intel.com>
…edback Signed-off-by: intel <joshua.silverio@intel.com>
cmd/security-bootstrapper/entrypoint-scripts/messagebus_wait_install.sh
Outdated
Show resolved
Hide resolved
cmd/security-bootstrapper/res-bootstrap-messagebus/configuration.toml
Outdated
Show resolved
Hide resolved
…mment feedback Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All my comments were addressed. I have no further feedback.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good!
Just need to make it more flexible for future support of NATS or other MQTT brokers. I don't expect the support for future to be perfect, but close so minimal changes are needed.
cmd/security-bootstrapper/res-bootstrap-messagebus/configuration.toml
Outdated
Show resolved
Hide resolved
internal/security/bootstrapper/mosquitto/handlers/handlers_test.go
Outdated
Show resolved
Hide resolved
internal/security/bootstrapper/mosquitto/handlers/handlers_test.go
Outdated
Show resolved
Hide resolved
internal/security/bootstrapper/mosquitto/handlers/handlers_test.go
Outdated
Show resolved
Hide resolved
…ment feedback Signed-off-by: intel <joshua.silverio@intel.com>
…sing feedback Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
…back Signed-off-by: intel <joshua.silverio@intel.com>
Signed-off-by: intel <joshua.silverio@intel.com>
@@ -53,11 +53,13 @@ | |||
const ( | |||
addKnownSecretsEnv = "ADD_KNOWN_SECRETS" | |||
redisSecretName = "redisdb" | |||
messagebusSecretName = "message-bus" |
Check failure
Code scanning / CodeQL
Hard-coded credentials
switch messageBusType { | ||
case redisSecureMessageBusType: | ||
creds = redisCredentials | ||
secretName = redisSecretName |
Check failure
Code scanning / CodeQL
Hard-coded credentials
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few minor log messages tweaks.
Signed-off-by: intel <joshua.silverio@intel.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, Great Job!
Signed-off-by: intel <joshua.silverio@intel.com>
Kudos, SonarCloud Quality Gate passed!
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
If your build fails due to your commit message not passing the build checks, please review the guidelines here: https://github.com/edgexfoundry/edgex-go/blob/main/.github/Contributing.md
PR Checklist
Please check if your PR fulfills the following requirements:
BREAKING CHANGE:
describing the break)Testing Instructions
(should see mqtt broker connection w/ authmode:usernamepassword secretname: mqtt-bus"
New Dependency Instructions (If applicable)