Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config Service bugfixes, Admin API and Gateway Location RPC #394

Merged
merged 5 commits into from
Mar 2, 2023
Merged

Config Service bugfixes, Admin API and Gateway Location RPC #394

merged 5 commits into from
Mar 2, 2023

Conversation

jeffgrunewald
Copy link
Contributor

@jeffgrunewald jeffgrunewald commented Feb 28, 2023
edited
Loading

! Depends on helium/proto#288

This doozy introduces several bug fixes in the implementation of the streaming RPCs, retrieving records from the DB and decoding their types, integer size changes in the upstream proto dependency, and devaddr constraints records

  • Introduces devaddr constraint bounds checking when attempting to add new devaddr ranges to routers
  • Implements the Gateway service's Location rpc
  • Implements the Admin service's rpcs and an AuthCache shared between all the services for efficient validation of administrative requests
  • Restructures the region_params management rpc underneath the Admin service (formerly under the Gateway service)
  • Extends the docker-compose stack to include a mock node-follower service for easier testing

andymck
andymck approved these changes Feb 28, 2023
View reviewed changes
Copy link
Contributor

@andymck andymck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A lot going on in here but on an initial pass lgtm.

One observation is that we dont appear to have any tests for the config service which may bite at the client integration phase

iot_config/src/admin_service.rs

let key_type = KeyType::from_i32(request.key_type)
.map_err(|_| Status::invalid_argument("invalid key type supplied"))?;
let pubkey = self
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this check not redundant, in that if the pub key is invalid wont it already be caught at the sig verification on line 75?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good question but these are checking different keys/things.
They function on line 75 is checking the request to add the new key was signed by an already-registered key (the default key in the db or any admin keys saved to the db) so it would fail if it attempted to validate the request with the key being submitted to the add_key method.
this check validates the key you’re trying to register is a valid key worth saving and also converts the bytes to a PublicKey in order to do the follow up check that it’s a valid key for the network this config instance is servicing (mainnet vs devnet)

@jeffgrunewald jeffgrunewald force-pushed the jg/cleanup-config-streaming branch from 8396216 to 418c2be Compare February 28, 2023 19:41
@jeffgrunewald
Copy link
Contributor Author

A lot going on in here but on an initial pass lgtm.

One observation is that we dont appear to have any tests for the config service which may bite at the client integration phase

I agree with you; looking forward to wrapping all of my DB accessors in a trait i can test from outside the rpc methods

michaeldjeffrey
michaeldjeffrey reviewed Mar 1, 2023
View reviewed changes
iot_config/src/gateway_service.rs
) -> GrpcResult<GatewayLocationResV1> {
unimplemented!()
// Should this rpc be admin-authorized only or should a requesting pubkey
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My understanding right now is only HPR's will be requesting gateway locations.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@madninja and i are discussing whether or not this needs to become a more generic metadata method for retrieving any on-chain data about a hotspot, inclusive of the asserted location but that would be either primarily or exclusively for the other oracles so between that and the HPRs still under the umbrella of "network infrastructure" so likely authenticated but we don't currently authenticate any requests the oracles make (they only request from their host-local blockchain-node instance) so request signing would be a new requirement for them

@jeffgrunewald jeffgrunewald force-pushed the jg/cleanup-config-streaming branch from 418c2be to 29bc72d Compare March 1, 2023 16:13
@jeffgrunewald jeffgrunewald force-pushed the jg/cleanup-config-streaming branch from d751c46 to 42ecae9 Compare March 1, 2023 21:59
@jeffgrunewald jeffgrunewald mentioned this pull request Mar 1, 2023
Closed
@jeffgrunewald jeffgrunewald force-pushed the jg/cleanup-config-streaming branch from 42ecae9 to 3c82891 Compare March 2, 2023 14:27
@jeffgrunewald jeffgrunewald merged commit df9134b into main Mar 2, 2023
@jeffgrunewald jeffgrunewald deleted the jg/cleanup-config-streaming branch March 2, 2023 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaeldjeffrey michaeldjeffrey michaeldjeffrey left review comments

@bbalser bbalser bbalser approved these changes

@andymck andymck andymck approved these changes

@madninja madninja Awaiting requested review from madninja

@maplant maplant Awaiting requested review from maplant

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jeffgrunewald @andymck @bbalser @michaeldjeffrey