Skip to content

V1.0.x fix: Allow update of node using parent org identity #1073

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 26, 2022
Merged

V1.0.x fix: Allow update of node using parent org identity #1073

merged 1 commit into from
Sep 26, 2022

Conversation

@peterbroadhurst
Copy link
Contributor

@peterbroadhurst peterbroadhurst commented Sep 22, 2022
edited
Loading

Testing patching Node identity for Cert cycling, I found that in v1.0 we were missing the API from the Swagger, but it did exist

PATCH namespaces/{ns}/identities/{iid}

However, attempt to run it for a node resulted in the following - due to a discrepancy between the checking for the author of the message between identity creation, and identity update:
[2022-09-22T22:39:53.629Z] WARN node_0: Invalid identity update message 2ac79c71-3983-45a4-8942-7f1bc124225b - wrong author: did:firefly:org/org_0 dbtx=reAmSQrS role=aggregator

This PR is a V1.0 stream fix to correct this. A separate PR will be needed for the V1.1 stream - in #1074

@peterbroadhurst
Allow update of node using parent org identity
ccbeeb7 
Signed-off-by: Peter Broadhurst <peter.broadhurst@kaleido.io>
@peterbroadhurst
Copy link
Contributor Author

peterbroadhurst commented Sep 22, 2022

Screenshot showing a successful patch to an identity after applying this
image

@codecov-commenter
Copy link

codecov-commenter commented Sep 22, 2022

Codecov Report

Merging #1073 (ccbeeb7) into release-1.0 (a28c2b3) will not change coverage.
The diff coverage is 100.00%.

@@              Coverage Diff              @@
##           release-1.0     #1073   +/-   ##
=============================================
  Coverage       100.00%   100.00%           
=============================================
  Files              324       324           
  Lines            20812     20820    +8     
=============================================
+ Hits             20812     20820    +8
Impacted Files Coverage Δ
...l/definitions/definition_handler_identity_claim.go 100.00% <100.00%> (ø)
.../definitions/definition_handler_identity_update.go 100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@peterbroadhurst peterbroadhurst mentioned this pull request Sep 22, 2022
Merged
awrichar
awrichar reviewed Sep 23, 2022
View reviewed changes
internal/definitions/definition_handler_identity_update.go
if err != nil && retryable {
return HandlerResult{Action: ActionRetry}, err
} else if err != nil {
log.L(ctx).Infof("Unable to process identity update (parked) %s: %s", msg.Header.ID, err)
Copy link
Contributor

@awrichar awrichar Sep 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this one parked? This would be for things like an unknown or unconfirmed parent identity. All other failures here seem to result in outright rejection of the update.

Copy link
Contributor Author

@peterbroadhurst peterbroadhurst Sep 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this case, we couldn't resolve something up the parent stack. The code in creation (which this was copied from) did a wait at this point, on the basis there could be something in the parent stack still being resolved.

I believe it's technical also possible when replaying a chain for that to be true here. Or at least I've not done enough analysis of the topics used on the messages in that scenario to rule it out. So I left the logic equivalent in create and update paths.

awrichar
awrichar approved these changes Sep 23, 2022
View reviewed changes
Copy link
Contributor

@awrichar awrichar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved, but with one question about error handling

@nguyer nguyer merged commit 14f6ff3 into hyperledger:release-1.0 Sep 26, 2022
@nguyer nguyer deleted the node-patch branch September 26, 2022 13:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@awrichar awrichar awrichar approved these changes

+1 more reviewer

@nguyer nguyer nguyer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@peterbroadhurst @codecov-commenter @awrichar @nguyer