Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate database encryption keys in bootstrap tooling #1340

Merged
merged 8 commits into from Sep 29, 2021
Merged

Generate database encryption keys in bootstrap tooling #1340

merged 8 commits into from Sep 29, 2021

Conversation

jordanschalm
Copy link
Member

@jordanschalm jordanschalm commented Sep 23, 2021
edited

Updates bootstrap tooling to generate database encryption keys and adds a tool for existing operators to generate an encryption key file.

@jordanschalm jordanschalm changed the title Generate database encryption keys in tooling Generate database encryption keys in bootstrap tooling Sep 23, 2021
@jordanschalm jordanschalm marked this pull request as ready for review September 23, 2021 13:38
@jordanschalm jordanschalm mentioned this pull request Sep 23, 2021
Merged
@jordanschalm jordanschalm mentioned this pull request Sep 24, 2021
Merged
zhangchiqing
zhangchiqing approved these changes Sep 24, 2021
View reviewed changes
cmd/bootstrap/cmd/db_encryption_key.go
log.Fatal().Err(err).Msg("could not check if db encryption key already exists")
}
if exists {
log.Warn().Msg("DB encryption key already exists, exiting...")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better to print the path

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added it to the logger f958aea

cmd/bootstrap/cmd/db_encryption_key.go
if err != nil {
log.Fatal().Err(err).Msg("could not generate db encryption key")
}
log.Info().Msg("generated db encryption key")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better to print path

cmd/bootstrap/cmd/key.go
if err != nil {
return nil, nil, nil, fmt.Errorf("could not generate secrets db encryption key: %w", err)
}
log.Info().Msg("generated db encryption key")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
log.Info().Msg("generated db encryption key")
log.Info().Msg("saved db encryption key")

otherwise, we are printing the same log twice

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The two logs are for two separate commands. One is for setting up all of your keys at once (key.go) the other is only for creating the encryption key (db_encryption_key.go), so we wouldn't see these logs twice running either command.

Base automatically changed from jordan/5856-secrets-db to master September 29, 2021 19:05
@jordanschalm
Copy link
Member Author

bors merge

@codecov-commenter
Copy link

Codecov Report

Merging #1340 (63ca09f) into master (13ef07a) will decrease coverage by 0.00%.
The diff coverage is 46.15%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1340      +/-   ##
==========================================
- Coverage   55.39%   55.39%   -0.01%     
==========================================
  Files         510      511       +1     
  Lines       31892    31923      +31     
==========================================
+ Hits        17667    17684      +17     
- Misses      11851    11862      +11     
- Partials     2374     2377       +3
Flag Coverage Δ
unittests 55.39% <46.15%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
cmd/bootstrap/cmd/keygen.go 8.47% <0.00%> (-1.33%) ⬇️
cmd/bootstrap/cmd/key.go 72.83% <60.00%> (-0.50%) ⬇️
cmd/bootstrap/cmd/db_encryption_key.go 64.70% <64.70%> (ø)
cmd/bootstrap/cmd/machine_account_key.go 61.90% <100.00%> (ø)
admin/command_runner.go 80.00% <0.00%> (+1.48%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 13ef07a...63ca09f. Read the comment docs.

@bors
Copy link
Contributor

bors bot commented Sep 29, 2021

Build succeeded:

@bors bors bot merged commit c5fb936 into master Sep 29, 2021
@bors bors bot deleted the jordan/5873/generate-enc-key-files branch September 29, 2021 23:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhangchiqing zhangchiqing zhangchiqing approved these changes

@kc1116 kc1116 kc1116 approved these changes

@peterargue peterargue peterargue approved these changes

@vishalchangrani vishalchangrani Awaiting requested review from vishalchangrani

@tarakby tarakby Awaiting requested review from tarakby

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@jordanschalm @codecov-commenter @zhangchiqing @kc1116 @peterargue @Kay-Zee