Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check CAcert file exists when installing extension #761

Merged
merged 1 commit into from
Feb 15, 2022

Conversation

luismiramirez
Copy link
Member

The extension installation will no longer fail if the CA cert file is
not accessible. It'll print a warning and use the library defaults.

Fixes: #756

mix_helpers.exs Outdated Show resolved Hide resolved
@tombruijn
Copy link
Member

We'll also need to add this behavior to the transmitter. Can you add this in this PR or create a new PR for that?

@luismiramirez
Copy link
Member Author

luismiramirez commented Feb 14, 2022

We'll also need to add this behavior to the transmitter. Can you add this in this PR or create a new PR for that?

The transmitter already checks if the file is readable and accessible, is there anything else to do there?

I'm going to replicate the transmitter behavior here.

@tombruijn
Copy link
Member

Ah it's already there! Great! Then you can replicate that behavior yes :)

@luismiramirez luismiramirez force-pushed the ca-file-path-ext-download branch from 682b048 to 45b32aa Compare February 14, 2022 14:55
@@ -252,13 +252,28 @@ defmodule Mix.Appsignal.Helper do
end

defp download_options do
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If possible, can you add some tests for this in the mix helpers test file?

Copy link
Member Author

@luismiramirez luismiramirez Feb 15, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a bit tricky to test this file. A solution would be to make download_options a public function. I'm not sure if that's worth it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For this file it's fine. It's not that apps other than the integration itself can access it. We've made things public in this file before to test them, unfortunately. It would be easier to test in #762, so that we can specify a custom path: paths that don't exist or are not writable.

Copy link
Contributor

@unflxw unflxw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requesting change on the default_cacert_file_path value; all good otherwise 👍

mix_helpers.exs Outdated Show resolved Hide resolved
mix_helpers.exs Outdated Show resolved Hide resolved
@luismiramirez luismiramirez force-pushed the ca-file-path-ext-download branch 2 times, most recently from 72e6e2e to 2ffb5b6 Compare February 15, 2022 07:26
@unflxw unflxw self-requested a review February 15, 2022 07:39
mix_helpers.exs Outdated Show resolved Hide resolved
The extension installation will no longer fail if the CA cert file is
not accessible. It'll print a warning and use the library defaults.
@luismiramirez luismiramirez force-pushed the ca-file-path-ext-download branch from 2ffb5b6 to 003a2ed Compare February 15, 2022 08:38
@@ -252,13 +252,28 @@ defmodule Mix.Appsignal.Helper do
end

defp download_options do
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For this file it's fine. It's not that apps other than the integration itself can access it. We've made things public in this file before to test them, unfortunately. It would be easier to test in #762, so that we can specify a custom path: paths that don't exist or are not writable.

Comment on lines +263 to +267
Logger.warn(
"The cacert file path: #{default_cacert_file_path} is not accessible. " <>
"Reason: #{inspect(message)}. " <>
"Using system defaults instead."
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be logged in the download report, but we don't have a field for "warnings" or "messages". Let's keep it like this for now. Can you create an issue for moving this to the download report file?

Looking at the code it's going to a hassle to get this non-error message all the way up to the top again. This is buried quite deep. It's probably easier to do the check twice, earlier in another location so that it's easier to log to the download report file.

@luismiramirez luismiramirez merged commit 2ab25b8 into main Feb 15, 2022
@luismiramirez luismiramirez deleted the ca-file-path-ext-download branch February 15, 2022 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Check that the CA cert file exists and is readable on extension install
3 participants