introduce metadata gateway

[butonic]

We wrapped the metadata storage in a minimal reva instance with a dedicated gateway, including static storage registry, static auth registry, in memory userprovider and machine authprovider. This allows us to preconfigure the service user for the ocis settings service, share and public share providers.

requires cs3org/reva#2781

[update-docs]

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

[ownclouders]

💥 Acceptance test localApiTests-apiAccountsHashDifficulty-ocis failed. Further test are cancelled...

[rhafer]

After increasing the log-level the debug log shows this for the failing test:

"level":"info","service":"ocis","pkg":"rgrpc","traceid":"00000000000000000000000000000000","time":"2022-04-29T17:11:47Z","message":"user idp:\"internal\" opaque_id:\"95cb8724-03b2-11eb-a0a6-c33ef8ef53ad\" type:USER_TYPE_PRIMARY  authenticated"}
{"level":"debug","service":"ocis","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.46.0","from":"tcp://127.0.0.1:48166","uri":"/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate","start":"29/Apr/2022:17:11:47 +0000","end":"29/Apr/2022:17:11:47 +0000","time_ns":1328258,"code":"OK","time":"2022-04-29T17:11:47Z","message":"unary"}
{"level":"debug","service":"ocis","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.46.0","from":"tcp://127.0.0.1:48162","uri":"/cs3.gateway.v1beta1.GatewayAPI/Authenticate","start":"29/Apr/2022:17:11:47 +0000","end":"29/Apr/2022:17:11:47 +0000","time_ns":2817598,"code":"OK","time":"2022-04-29T17:11:47Z","message":"unary"}
{"level":"debug","service":"ocis","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.46.0","from":"tcp://127.0.0.1:48044","uri":"/cs3.permissions.v1beta1.PermissionsAPI/CheckPermission","start":"29/Apr/2022:17:11:47 +0000","end":"29/Apr/2022:17:11:47 +0000","time_ns":91179,"code":"OK","time":"2022-04-29T17:11:47Z","message":"unary"}
{"level":"debug","service":"ocis","pkg":"rgrpc","traceid":"00000000000000000000000000000000","ref":{"resource_id":{"storage_id":"f1bdd61a-da7c-49fc-8203-0558109d1b4f","opaque_id":"f1bdd61a-da7c-49fc-8203-0558109d1b4f"}},"grant":{"grantee":{"type":1,"Id":{"UserId":{"idp":"internal","opaque_id":"95cb8724-03b2-11eb-a0a6-c33ef8ef53ad","type":1}}},"permissions":{"add_grant":true,"create_container":true,"delete":true,"get_path":true,"get_quota":true,"initiate_file_download":true,"initiate_file_upload":true,"list_grants":true,"list_container":true,"list_file_versions":true,"list_recycle":true,"move":true,"remove_grant":true,"purge_recycle":true,"restore_file_version":true,"restore_recycle_item":true,"stat":true,"update_grant":true}},"time":"2022-04-29T17:11:47Z","message":"AddGrant()"}
{"level":"debug","service":"ocis","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.46.0","from":"tcp://127.0.0.1:48160","uri":"/cs3.storage.provider.v1beta1.ProviderAPI/CreateStorageSpace","start":"29/Apr/2022:17:11:47 +0000","end":"29/Apr/2022:17:11:47 +0000","time_ns":1358746,"code":"OK","time":"2022-04-29T17:11:47Z","message":"unary"}
{"level":"error","service":"ocis","error":"error: permission denied: permission denied","time":"2022-04-29T17:11:47Z","message":"error initializing metadata client"}

So the authentication of the service seems to succeed with the new internal user and auth providers. It seems to fail after that in CreateStorageSpace

[kobergj]

Minor issue, not critical

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
2 Code Smells

4.2% Coverage
4.5% Duplication