-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ingest adds keyhash to files db table #1073
base: main
Are you sure you want to change the base?
Changes from all commits
e2f03e4
75db92a
6e56c0b
5dca077
9b3e6e3
b9c8d3d
0f68dbe
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
|
@@ -69,4 +69,11 @@ until [ "$(curl -su guest:guest http://rabbitmq:15672/api/queues/sda/verified/ | | |||||
sleep 2 | ||||||
done | ||||||
|
||||||
echo "ingestion and verification test completed successfully" | ||||||
# check that the files have key hashes assigned | ||||||
key_hashes="$(psql -U postgres -h postgres -d sda -At -c "select distinct key_hash from sda.files" | wc -l)" | ||||||
if [ "$key_hashes" -lt 0 ]; then | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The result of |
||||||
echo "::error::Ingested files did not have any key hashes." | ||||||
exit 1 | ||||||
fi | ||||||
|
||||||
echo "ingestion and verification test completed successfully" |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,6 +6,7 @@ package main | |
import ( | ||
"bytes" | ||
"crypto/sha256" | ||
"encoding/hex" | ||
"encoding/json" | ||
"fmt" | ||
"io" | ||
|
@@ -14,6 +15,7 @@ import ( | |
"strings" | ||
"syscall" | ||
|
||
"github.com/neicnordic/crypt4gh/keys" | ||
"github.com/neicnordic/crypt4gh/model/headers" | ||
"github.com/neicnordic/crypt4gh/streaming" | ||
"github.com/neicnordic/sensitive-data-archive/internal/broker" | ||
|
@@ -388,6 +390,20 @@ func main() { | |
continue mainWorkLoop | ||
} | ||
|
||
// Set the file's hex encoded public key | ||
log.Debugln("Compute and set key hash") | ||
publicKey := keys.DerivePublicKey(*key) | ||
keyhash := hex.EncodeToString(publicKey[:]) | ||
err = db.SetKeyHash(keyhash, fileID) | ||
if err != nil { | ||
log.Errorf("Key hash %s could not be set for fileID %s: (%s)", keyhash, fileID, err.Error()) | ||
MalinAhlberg marked this conversation as resolved.
Show resolved
Hide resolved
|
||
if err = delivered.Nack(false, true); err != nil { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I would use a different variable name for the inner |
||
log.Errorf("Failed to Nack message, reason: (%s)", err.Error()) | ||
} | ||
|
||
continue mainWorkLoop | ||
} | ||
|
||
log.Debugln("store header") | ||
if err := db.StoreHeader(header, fileID); err != nil { | ||
log.Errorf("StoreHeader failed, reason: (%s)", err.Error()) | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -782,3 +782,21 @@ func (dbs *SDAdb) addKeyHash(keyHash, keyDescription string) error { | |
|
||
return nil | ||
} | ||
|
||
func (dbs *SDAdb) SetKeyHash(keyHash, fileID string) error { | ||
dbs.checkAndReconnectIfNeeded() | ||
db := dbs.DB | ||
|
||
query := "UPDATE sda.files SET key_hash = $1 WHERE id = $2;" | ||
result, err := db.Exec(query, keyHash, fileID) | ||
if err != nil { | ||
|
||
return err | ||
} | ||
if rowsAffected, _ := result.RowsAffected(); rowsAffected == 0 { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why ignore the potentially returned error message? |
||
return errors.New("something went wrong with the query, zero rows were changed") | ||
} | ||
log.Debugf("Successfully set key hash for file %v", fileID) | ||
|
||
return nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is inefficient and waste of time to (potentially) run
apt-get update
multiple times. It can be refactored to runapt-get update
only once.