Signatory 1.1.0 using GCP HSM don't start anymore when there are destroyed key

[Mayeu]

Hello,

The last version of Signatory (1.1.0) doesn't start anymore when the first key available in GCP HSM is destroyed.

We are in a situation where our mainnet baking keyring contains two keys:

The first one only contains one version that has been destroyed since we had an issue during our initial key generation ceremony:

The second one contains our current active key:

It seems that some of the changes between 1.0.0-beta3 and 1.1.0 broke the key selection logic. I see that the external library used to interact with cloudKMS has been upgraded, and that the cloudKMSIterator function got changed as well.

When starting signatory we get the following error message:

Jun 29 06:20:34 signatory-WWWW signatory[1186]: {"level":"info","msg":"Initializing vault","time":"2023-06-29T06:20:34Z","vault":"cloudkms","vault_name":"kms"}
Jun 29 06:20:35 signatory-WWWW signatory[1186]: Error: (CloudKMS/projects/XXXXXXXXXX/locations/global/keyRings/YYYYYYY) getPublicKey: rpc error: code = FailedPrecondition desc = projects/XXXXXXXXXX/locations/global/keyRings/YYYYYYY/cryptoKeys/signatory-imported-2ZZZZZZZZZZZZZZZZZZZZ6/cryptoKeyVersions/1 is not enabled, current state is: DESTROYED.
Jun 29 06:20:35 signatory-WWWW signatory[1186]: error details: name = PreconditionFailure type = KEY_DESTROYED subj = projects/XXXXXXXXXX/locations/global/keyRings/YYYYYYY/cryptoKeys/signatory-imported-2ZZZZZZZZZZZZZZZZZZZZ6/cryptoKeyVersions/1 desc =

Beside the upgrade of Signatory, there was no other configuration changes on our side between those two versions.

Happy to provide more details if you need anything else.

[stephengaudet]

thank you for taking the time to communicate this issue to us @Mayeu
I'm able to reproduce the issue you describe and a fix should be made soon.

[Mayeu]

Thank you @stephengaudet, if you need me to try out the PR before merging just warn me, I can do that on monday.

[stephengaudet]

thank you for the assistance @Mayeu but I went ahead and merged the fix to main. Signatory integration tests now have a key in GCP with only destroyed versions, so, I merged the fix in order to keep our builds passing.

you may want to stay on v1.0.0-beta for another short time while I test the fix for another new issue #379

I expect to make a new release v1.1.1 shortly that will have fixes for both this issue you've raised, and #379

thank you kindly

[stephengaudet]

good day @Mayeu , Signatory v1.1.1 has been released and fixes this issue. thank you for letting us know. please do let me know if v1.1.1 fixes the startup failure.

[Mayeu]

@stephengaudet thank you for warning me. I won't be able to test it out before the 17th, but I'll definitely warn you as soon as I have tested it 👍

[Mayeu]

Hello @stephengaudet, I can confirm that the v1.1.1 solves our issue 👍

Thank you ✨