From 707a0d2c51afc87c47e0750c5f7a8086dbdeccf3 Mon Sep 17 00:00:00 2001 From: Yuhao Su <31772373+yuhao-su@users.noreply.github.com> Date: Thu, 24 Oct 2024 15:57:53 +0800 Subject: [PATCH] test(secret): use correct RW_SECRET_STORE_PRIVATE_KEY_HEX length in test (#19092) --- Cargo.lock | 1 + Makefile.toml | 2 +- ci/scripts/common.sh | 2 +- docker/docker-compose.yml | 2 +- src/common/secret/Cargo.toml | 3 +++ src/common/secret/src/encryption.rs | 3 ++- src/meta/src/manager/env.rs | 4 +++- 7 files changed, 12 insertions(+), 5 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4e315686fde0..85370217c518 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -10777,6 +10777,7 @@ dependencies = [ "aes-gcm", "anyhow", "bincode 1.3.3", + "hex", "parking_lot 0.12.1", "prost 0.13.1", "risingwave_pb", diff --git a/Makefile.toml b/Makefile.toml index fb787603111a..a0544239d4e1 100644 --- a/Makefile.toml +++ b/Makefile.toml @@ -27,7 +27,7 @@ env_scripts = [ set_env ENABLE_TELEMETRY "false" set_env RW_TELEMETRY_TYPE "test" - set_env RW_SECRET_STORE_PRIVATE_KEY_HEX "0123456789abcdef" + set_env RW_SECRET_STORE_PRIVATE_KEY_HEX "0123456789abcdef0123456789abcdef" set_env RW_TEMP_SECRET_FILE_DIR "${PREFIX_SECRET}" is_sanitizer_enabled = get_env ENABLE_SANITIZER diff --git a/ci/scripts/common.sh b/ci/scripts/common.sh index 5a448a627926..4ced7b94b767 100755 --- a/ci/scripts/common.sh +++ b/ci/scripts/common.sh @@ -15,7 +15,7 @@ export MCLI_DOWNLOAD_BIN=https://rw-ci-deps-dist.s3.amazonaws.com/mc export GCLOUD_DOWNLOAD_TGZ=https://rw-ci-deps-dist.s3.amazonaws.com/google-cloud-cli-475.0.0-linux-x86_64.tar.gz export NEXTEST_HIDE_PROGRESS_BAR=true export RW_TELEMETRY_TYPE=test -export RW_SECRET_STORE_PRIVATE_KEY_HEX="0123456789abcdef" +export RW_SECRET_STORE_PRIVATE_KEY_HEX="0123456789abcdef0123456789abcdef" export RUST_MIN_STACK=4194304 unset LANG diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index ead28407a401..dd594f29719d 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -59,7 +59,7 @@ services: # If ENABLE_TELEMETRY is not set, telemetry will start by default ENABLE_TELEMETRY: ${ENABLE_TELEMETRY:-true} RW_TELEMETRY_TYPE: ${RW_TELEMETRY_TYPE:-"docker-compose"} - RW_SECRET_STORE_PRIVATE_KEY_HEX: ${RW_SECRET_STORE_PRIVATE_KEY_HEX:-0123456789abcdef} + RW_SECRET_STORE_PRIVATE_KEY_HEX: ${RW_SECRET_STORE_PRIVATE_KEY_HEX:-0123456789abcdef0123456789abcdef} RW_LICENSE_KEY: ${RW_LICENSE_KEY:-} container_name: risingwave-standalone healthcheck: diff --git a/src/common/secret/Cargo.toml b/src/common/secret/Cargo.toml index 4b698a737cb5..6d501594acbd 100644 --- a/src/common/secret/Cargo.toml +++ b/src/common/secret/Cargo.toml @@ -25,5 +25,8 @@ thiserror = "1" thiserror-ext = { workspace = true } tracing = "0.1" +[dev-dependencies] +hex = "0.4" + [lints] workspace = true diff --git a/src/common/secret/src/encryption.rs b/src/common/secret/src/encryption.rs index a6c0253fb1f9..c6d5e7cdb66d 100644 --- a/src/common/secret/src/encryption.rs +++ b/src/common/secret/src/encryption.rs @@ -71,7 +71,8 @@ mod test { use super::*; #[test] fn test_secret_encryption_decyption() { - let key = b"0123456789abcdef"; + let key = &hex::decode("0123456789abcdef0123456789abcdef").unwrap(); + assert!(key.len() == 16); let plaintext = "Hello, world!".as_bytes(); let secret = SecretEncryption::encrypt(key, plaintext).unwrap(); let decrypted = secret.decrypt(key).unwrap(); diff --git a/src/meta/src/manager/env.rs b/src/meta/src/manager/env.rs index 02a8753cb688..d084b613f516 100644 --- a/src/meta/src/manager/env.rs +++ b/src/meta/src/manager/env.rs @@ -302,7 +302,9 @@ impl MetaOpts { object_store_config: ObjectStoreConfig::default(), max_trivial_move_task_count_per_loop: 256, max_get_task_probe_times: 5, - secret_store_private_key: Some("0123456789abcdef".as_bytes().to_vec()), + secret_store_private_key: Some( + hex::decode("0123456789abcdef0123456789abcdef").unwrap(), + ), temp_secret_file_dir: "./secrets".to_string(), table_info_statistic_history_times: 240, actor_cnt_per_worker_parallelism_hard_limit: usize::MAX,