Skip to content

Commit

Permalink
fix: [main] Address missed secretPath renaming in App Services (#1127)
Browse files Browse the repository at this point in the history 
fixes #1096

Signed-off-by: Leonard Goodell <leonard.goodell@intel.com>
  • Loading branch information
Lenny Goodell authored Jun 8, 2023
1 parent 89cf314 commit fa9d97f
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 22 deletions.
20 changes: 10 additions & 10 deletions docs_src/microservices/application/AppServiceConfigurable.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -378,17 +378,17 @@ Please refer to the function's detailed documentation by clicking the function n
**Parameters**

- `Algorithm` - AES256
- `SecretPath` - (required for AES256) Path in the `Secret Store` where the encryption key is located.
- `SecretName` - (required for AES256) Name of the secret for the encryption key in the `Secret Store`.
- `SecretName` - (required for AES256) Name of the secret in the `Secret Store` where the encryption key is located.
- `SecretValueKey` - (required for AES256) Key of the secret data for the encryption key in the secret's data.

!!! example
```yaml
# Encrypt with key pulled from Secret Store
Encrypt:
Parameters:
Algorithm: "aes256"
SecretPath: "aes"
SecretName: "key"
SecretName: "aes"
SecretValueKey: "key"
```

### [FilterByDeviceName](../BuiltIn/#by-device-name)
Expand Down Expand Up @@ -462,8 +462,8 @@ Please refer to the function's detailed documentation by clicking the function n
- `ContinueOnSendError` - For chained multi destination exports, if true continues after send error so next export function executes.
- `ReturnInputData` - For chained multi destination exports if true, passes the input data to next export function.
- `HeaderName` - (Optional) Name of the header key to add to the HTTP header
- `SecretPath` - (Optional) Path of the secret in the `Secret Store` where the header value is stored.
- `SecretName` - (Optional) Name of the secret for the header value in the `Secret Store`.
- `SecretName` - (Optional) Name of the secret in the `Secret Store` where the header value is stored.
- `SecretValueKey` - (Optional) Key for the header value in the secret data.

!!! example
```yaml
Expand All @@ -482,8 +482,8 @@ Please refer to the function's detailed documentation by clicking the function n
MimeType: "application/xml"
Url: "http://my.api.net/edgexdata"
HeaderName: "MyApiKey"
SecretPath: "http"
SecretName: "apikey"
SecretName: "http"
SecretValueKey: "apikey"
```
```yaml
# Http Export to multiple destinations
Expand Down Expand Up @@ -533,7 +533,7 @@ Please refer to the function's detailed documentation by clicking the function n
- `usernamepassword` - Use username and password authentication. The Secret Store (Vault or [InsecureSecrets](../GeneralAppServiceConfig/#writable-insecuresecrets)) must contain the `username` and `password` secrets.
- `clientcert` - Use Client Certificate authentication. The Secret Store (Vault or [InsecureSecrets](../GeneralAppServiceConfig/#writable-insecuresecrets)) must contain the `clientkey` and `clientcert` secrets.
- `cacert` - Use CA Certificate authentication. The Secret Store (Vault or [InsecureSecrets](../GeneralAppServiceConfig/#writable-insecuresecrets)) must contain the `cacert` secret.
- `SecretPath` - Path in the secret store where authentication secrets are stored.
- `SecretName` - Name of the secret in the SecretStore where authentication secrets are stored.

!!! note
`Authmode=cacert` is only needed when client authentication (e.g. `usernamepassword`) is not required, but a CA Cert is needed to validate the broker's SSL/TLS cert.
Expand All @@ -560,7 +560,7 @@ Please refer to the function's detailed documentation by clicking the function n
SkipVerify: "false"
PersistOnError: "true"
AuthMode: "usernamepassword"
SecretPath: "mqtt"
SecretName: "mqtt"
```

### [SetResponseData](../BuiltIn/#set-response-data)
Expand Down
22 changes: 11 additions & 11 deletions docs_src/microservices/application/BuiltIn.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ There are two transforms included in the SDK that can be added to your pipeline

| Factory Method | Description |
|--------------------------------------------------------|------------------------------------------------------------------------------------------------------------|
| NewAESProtection(secretPath string, secretName string) | This function returns a `Encryption` instance initialized with the passed in `secretPath` and `secretName` |
| NewAESProtection(secretName string, secretValueKey string) | This function returns a `Encryption` instance initialized with the passed in `secretName` and `secretValueKey` |

It requires a 64-byte key from secrets which is split in half, the first half used for encryption, the second for generating the signature.

Expand All @@ -145,7 +145,7 @@ It requires a 64-byte key from secrets which is split in half, the first half us

!!! example
```go
transforms.NewAESProtection(secretPath, secretName).Encrypt(ctx, data)
transforms.NewAESProtection(secretName, secretValueKey).Encrypt(ctx, data)
```

!!! note
Expand Down Expand Up @@ -213,7 +213,7 @@ There are two export functions included in the SDK that can be added to your pip
| Factory Method | Description |
|------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| NewHTTPSender(url string, mimeType string, persistOnError bool) | This factory function returns a `HTTPSender` instance initialized with the passed in url, mime type and persistOnError values. |
| NewHTTPSenderWithSecretHeader(url string, mimeType string, persistOnError bool, headerName string, secretPath string, secretName string) | This factory function returns a `HTTPSender` instance similar to the above function however will set up the `HTTPSender` to add a header to the HTTP request using the `headerName ` for the field name and the `secretPath` and `secretName` to pull the header field value from the Secret Store. |
| NewHTTPSenderWithSecretHeader(url string, mimeType string, persistOnError bool, headerName string, secretName string, secretValueKey string) | This factory function returns a `HTTPSender` instance similar to the above function however will set up the `HTTPSender` to add a header to the HTTP request using the `headerName ` for the field name and the `secretName` and `secretValueKey` to pull the header field value from the Secret Store. |
| NewHTTPSenderWithOptions(options HTTPSenderOptions) | This factory function returns a `HTTPSender`using the passed in `options` to configure it. |

```go
Expand All @@ -227,10 +227,10 @@ type HTTPSenderOptions struct {
PersistOnError bool
// HTTPHeaderName to use for passing configured secret
HTTPHeaderName string
// SecretPath to search for configured secret
SecretPath string
// SecretName for configured secret
SecretName string
// SecretName to search for configured secret
SecretName string
// SecretValueKey is the key for configured secret data
SecretValueKey string
// URLFormatter specifies custom formatting behavior to be applied to configured URL.
// If nothing specified, default behavior is to attempt to replace placeholders in the
// form '{some-context-key}' with the values found in the context storage.
Expand Down Expand Up @@ -286,8 +286,8 @@ The `URLFormatter` option allows you to override the default formatter with your
BrokerAddress string
// ClientId to connect with the broker with.
ClientId string
// The name of the path in secret provider to retrieve your secrets
SecretPath string
// The name of the secret in secret provider to retrieve your secrets
SecretName string
// AutoReconnect indicated whether or not to retry connection if disconnected
AutoReconnect bool
// KeepAlive is the interval duration between client sending keepalive ping to broker
Expand All @@ -304,13 +304,13 @@ The `URLFormatter` option allows you to override the default formatter with your
SkipCertVerify bool
// AuthMode indicates what to use when connecting to the broker.
// Options are "none", "cacert" , "usernamepassword", "clientcert".
// If a CA Cert exists in the SecretPath then it will be used for
// If a CA Cert exists in the SecretName data then it will be used for
// all modes except "none".
AuthMode string
}
```

Secrets in the Secret Store may be located at any path however they must have some or all the follow keys at the specified `SecretPath`.
Secrets in the Secret Store may be located at any SecretName however they must have some or all the follow keys at the specified in the secret data:

- `username` - username to connect to the broker
- `password` - password used to connect to the broker
Expand Down
2 changes: 1 addition & 1 deletion docs_src/microservices/application/Triggers.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ Trigger:
ConnectTimeout: "30s"
SkipCertVerify: true
AuthMode: "clientcert"
SecretPath: "external-mqtt"
SecretName: "external-mqtt"
RetryDuration: 600
RetryInterval: 5
```
Expand Down

0 comments on commit fa9d97f

Please sign in to comment.