[#7706] Platform: Edit backup config credentials. #8050
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…-db into 7706-Edit-Configs
nishantSharma459
requested review from
andrewc-dev,
sshev,
SergeyPotachev,
Arnav15,
mjoshi0923 and
gaurav061
|
This pull request introduces 2 alerts when merging bd965bc into 9d5751c - view on LGTM.com new alerts:
|
| assertOk(result); | ||
| assertEquals(data, CustomerConfig.get(configUUID).data); | ||
| } | ||
|
|
There was a problem hiding this comment.
Required to add more test cases.
- testcase to edit not used config. It should allow all fields to edit.
- testcase to edit in the used config should config with limited fields.
- In used config with all field edit. API should give an error.
- Invalid Data, Content, and Invalid configured. you can add 1 test case for each or add one testcase and cover all 3 senario.
There was a problem hiding this comment.
@jaydeepkumara for both used and unused configs, editable fields are the same I believe. ( at least the current implementation of UI behaves like that. @nishantSharma459 confirm )
| } | ||
| CustomerConfig customerConfig = CustomerConfig.get(customerUUID, configUUID); | ||
| if (customerConfig == null) { | ||
| return ApiResponse.error(BAD_REQUEST, "Invalid configUUID: " + configUUID); |
There was a problem hiding this comment.
Invalid Customer configuration UUID.
There was a problem hiding this comment.
Consistent with the delete API response.
|
Tested below scenario.
|
…-db into 7706-Edit-Configs
…-db into 7706-Edit-Configs
|
This pull request introduces 2 alerts when merging 88e5728 into e63ce11 - view on LGTM.com new alerts:
|
|
jaydeepkumara
approved these changes
Apr 21, 2021
sshev
approved these changes
Apr 27, 2021
SergeyPotachev
requested changes
Apr 28, 2021
managed/src/main/java/com/yugabyte/yw/controllers/CustomerConfigController.java
Outdated
Show resolved
Hide resolved
| } | ||
| CustomerConfig config = CustomerConfig.get(configUUID); | ||
| JsonNode data = Json.toJson(formData.get("data")); | ||
| if (data != null && data.get("BACKUP_LOCATION") != null) { |
There was a problem hiding this comment.
Please extract "BACKUP_LOCATION" into a constant or use CustomerConfigValidator.BACKUP_LOCATION_FIELDNAME.
P.S. BTW, maybe it is even better to extract these field names into a separate file if we going to use them not only inside CustomerConfigValidator.
There was a problem hiding this comment.
we are using the string instead of constants lot of places. Including other tests and utils file for masking. I will create another issue to fix these separately.
managed/src/main/java/com/yugabyte/yw/controllers/CustomerConfigController.java
Show resolved
Hide resolved
| @Test | ||
| public void testEditInUseStorageConfig() { | ||
| ObjectNode bodyJson = Json.newObject(); | ||
| JsonNode data = Json.parse("{\"BACKUP_LOCATION\": \"test\", \"ACCESS_KEY\": \"A-KEY\", " + |
There was a problem hiding this comment.
Putting strings here instead of somewhere defined constants may give us some problems later if someone decides to rename one of these fields. I suggest to create/use Java constants.
There was a problem hiding this comment.
Yeah, we are using the string instead of constants lot of places. Including other tests and utils file for masking. I will create another issue to fix these separately.
There was a problem hiding this comment.
OK, this works for me.
SergeyPotachev
requested changes
May 5, 2021
managed/src/main/java/com/yugabyte/yw/controllers/CustomerConfigController.java
Show resolved
Hide resolved
| return isStrictlySensitiveField(key) || (value == null) ? MASKED_FIELD_VALUE | ||
| : value.replaceAll(maskRegex, "*"); | ||
| return isStrictlySensitiveField(key) || value.length() < 5 | ||
| || (value == null) ? MASKED_FIELD_VALUE : value.replaceAll(maskRegex, "*"); |
There was a problem hiding this comment.
No-no-no. If you have this in such variant then you don't have a test case for this. IIRC, boolean operations are executed from left to right order. So if you have value=null, you will get NPE here as value.length() < 5 is executed before (value == null).
Update here and update tests to control this case.
There was a problem hiding this comment.
Oops!! Yeah, did not check the last condition. Will update and add a test case too.
| @Test | ||
| public void testEditInUseStorageConfig() { | ||
| ObjectNode bodyJson = Json.newObject(); | ||
| JsonNode data = Json.parse("{\"BACKUP_LOCATION\": \"test\", \"ACCESS_KEY\": \"A-KEY\", " + |
There was a problem hiding this comment.
OK, this works for me.
SergeyPotachev
approved these changes
May 5, 2021
|
This pull request introduces 2 alerts when merging ee6a95d into ba3f65e - view on LGTM.com new alerts:
|
nishantSharma459
added a commit
to jaydeepkumara/yugabyte-db
that referenced
this pull request
May 20, 2021
) Description: Backup config security credentials can change over time. The platform should support editing the security credentials even if there are existing backups associated with a Backup Config. When security credentials expire, the Platform will fail to take new backups and also fail to delete old backups. This change should be implemented for all three storage configs: AWS: Allow editing Access Key/Secret, also toggling between IAM and AccessKey GCP: Allow editing GCS Credentials [Do not allow editing bucket name] Azure: Allow editing Azure SAS token [Do not allow editing Container URL] Test Plan: 1. Hit the config button from the SideNav. 2. Click on Backup Tab and then hit the amazon s3 tab. 3. Create a backup config for s3. 4. Once it got created then you'll see the Edit configuration button next to the Delete configuration button. 5. Click on the Edit Configuration button. 6. AWS access credentials should be editable. Do the same for the rest of the configs. Reviewers: @sshev , @jaydeepkumara, @gaurav061, @mjoshi0923, @SergeyPotachev, @Arnav15, @yb-andrew Reviewed by: @SergeyPotachev, @sshev, @jaydeepkumara
nishantSharma459
added a commit
to jaydeepkumara/yugabyte-db
that referenced
this pull request
May 20, 2021
) Description: Backup config security credentials can change over time. The platform should support editing the security credentials even if there are existing backups associated with a Backup Config. When security credentials expire, the Platform will fail to take new backups and also fail to delete old backups. This change should be implemented for all three storage configs: AWS: Allow editing Access Key/Secret, also toggling between IAM and AccessKey GCP: Allow editing GCS Credentials [Do not allow editing bucket name] Azure: Allow editing Azure SAS token [Do not allow editing Container URL] Test Plan: 1. Hit the config button from the SideNav. 2. Click on Backup Tab and then hit the amazon s3 tab. 3. Create a backup config for s3. 4. Once it got created then you'll see the Edit configuration button next to the Delete configuration button. 5. Click on the Edit Configuration button. 6. AWS access credentials should be editable. Do the same for the rest of the configs. Reviewers: @sshev , @jaydeepkumara, @gaurav061, @mjoshi0923, @SergeyPotachev, @Arnav15, @yb-andrew Reviewed by: @SergeyPotachev, @sshev, @jaydeepkumara
jharveysmith
pushed a commit
that referenced
this pull request
May 21, 2021
) * [#7706] Platform: Edit backup config credentials. (#8050) Description: Backup config security credentials can change over time. The platform should support editing the security credentials even if there are existing backups associated with a Backup Config. When security credentials expire, the Platform will fail to take new backups and also fail to delete old backups. This change should be implemented for all three storage configs: AWS: Allow editing Access Key/Secret, also toggling between IAM and AccessKey GCP: Allow editing GCS Credentials [Do not allow editing bucket name] Azure: Allow editing Azure SAS token [Do not allow editing Container URL] Test Plan: 1. Hit the config button from the SideNav. 2. Click on Backup Tab and then hit the amazon s3 tab. 3. Create a backup config for s3. 4. Once it got created then you'll see the Edit configuration button next to the Delete configuration button. 5. Click on the Edit Configuration button. 6. AWS access credentials should be editable. Do the same for the rest of the configs. Reviewers: @sshev , @jaydeepkumara, @gaurav061, @mjoshi0923, @SergeyPotachev, @Arnav15, @yb-andrew Reviewed by: @SergeyPotachev, @sshev, @jaydeepkumara * [#7706] Platform: Cherry picked the edit backup config credentials commit. * extra test cases removed * fFormatted the code Co-authored-by: mahenranbhat <mahendra.bhat@hashedin.com>
jharveysmith
pushed a commit
that referenced
this pull request
May 21, 2021
) * [#7706] Platform: Edit backup config credentials. (#8050) Description: Backup config security credentials can change over time. The platform should support editing the security credentials even if there are existing backups associated with a Backup Config. When security credentials expire, the Platform will fail to take new backups and also fail to delete old backups. This change should be implemented for all three storage configs: AWS: Allow editing Access Key/Secret, also toggling between IAM and AccessKey GCP: Allow editing GCS Credentials [Do not allow editing bucket name] Azure: Allow editing Azure SAS token [Do not allow editing Container URL] Test Plan: 1. Hit the config button from the SideNav. 2. Click on Backup Tab and then hit the amazon s3 tab. 3. Create a backup config for s3. 4. Once it got created then you'll see the Edit configuration button next to the Delete configuration button. 5. Click on the Edit Configuration button. 6. AWS access credentials should be editable. Do the same for the rest of the configs. Reviewers: @sshev , @jaydeepkumara, @gaurav061, @mjoshi0923, @SergeyPotachev, @Arnav15, @yb-andrew Reviewed by: @SergeyPotachev, @sshev, @jaydeepkumara * [#7706] Platform: Cherry picked the edit backup config credentials commit. * review comment fixes * formatting changes * formatted common.utils Co-authored-by: mahenranbhat <mahendra.bhat@hashedin.com>
YintongMa
pushed a commit
to YintongMa/yugabyte-db
that referenced
this pull request
May 26, 2021
) Description: Backup config security credentials can change over time. The platform should support editing the security credentials even if there are existing backups associated with a Backup Config. When security credentials expire, the Platform will fail to take new backups and also fail to delete old backups. This change should be implemented for all three storage configs: AWS: Allow editing Access Key/Secret, also toggling between IAM and AccessKey GCP: Allow editing GCS Credentials [Do not allow editing bucket name] Azure: Allow editing Azure SAS token [Do not allow editing Container URL] Test Plan: 1. Hit the config button from the SideNav. 2. Click on Backup Tab and then hit the amazon s3 tab. 3. Create a backup config for s3. 4. Once it got created then you'll see the Edit configuration button next to the Delete configuration button. 5. Click on the Edit Configuration button. 6. AWS access credentials should be editable. Do the same for the rest of the configs. Reviewers: @sshev , @jaydeepkumara, @gaurav061, @mjoshi0923, @SergeyPotachev, @Arnav15, @yb-andrew Reviewed by: @SergeyPotachev, @sshev, @jaydeepkumara
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
Backup config security credentials can change over time. The platform should support editing the security credentials even if there are existing backups associated with a Backup Config. When security credentials expire, the Platform will fail to take new backups and also fail to delete old backups.
This change should be implemented for all three storage configs:
AWS: Allow editing Access Key/Secret, also toggling between IAM and AccessKey
GCP: Allow editing GCS Credentials [Do not allow editing bucket name]
Azure: Allow editing Azure SAS token [Do not allow editing Container URL]
Test Plan:
amazon s3tab.Do the same for the rest of the configs.
SBT test
[info] Passed: Total 1304, Failed 0, Errors 0, Passed 1300, Skipped 4 [success] Total time: 1187 s (19:47), completed 12 May, 2021 3:55:27 PM