Https subscription and root certs #341

ablepharus · 2024-02-26T14:09:49Z

Implement https subscriptions and fix a bug related to our handling regarding the https client.

Https subscriptions were just not handled, initialise a client and reuse the existing code for http subscriptions.
There was a bug in our certificate store handling. The SSLClient owns its certificate store and deletes it on destruction.
We can not share one store with all clients, so every client gets its own now.

codecov · 2024-02-26T15:22:56Z

Codecov Report

Attention: Patch coverage is 17.77778% with 37 lines in your changes are missing coverage. Please review.

Project coverage is 57.03%. Comparing base (a7a7c5c) to head (2bd9294).

Files	Patch %	Lines
src/client/include/RestClientNative.hpp	21.62%	5 Missing and 24 partials ⚠️
...c/client/include/RestDefaultClientCertificates.hpp	0.00%	7 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #341      +/-   ##
==========================================
- Coverage   57.15%   57.03%   -0.13%     
==========================================
  Files          69       69              
  Lines        7310     7324      +14     
  Branches     2703     2710       +7     
==========================================
- Hits         4178     4177       -1     
- Misses       1322     1324       +2     
- Partials     1810     1823      +13

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

wirew0rm

Looks good in general.
I think it would be good to persist the findings about how the certstore is handled. Please update the PR description and commit messages accordingly.

Also this adds quite some new uncovered new code paths which I think should be easy to fix, since RestClient_tests.cpp already has http(s) tests for get/set and a http only test for subscribe.

src/client/include/RestClientNative.hpp

https subscriptions were not handled, create a SSLCLient and reuse existing code for subscribing. the certificate store was shared between all SslClients in our RestClient, this does not work, because the client owns the store and deletes it on its own destruction. this patch also adds the certificate specified by OPENCMW_REST_CERT_FILE to our RestDefaultCLientCertificates to make it trusted.

sonarqubecloud · 2024-02-27T09:55:30Z

Quality Gate failed

Failed conditions
22.4% Coverage on New Code (required ≥ 80%)
51.0% Duplication on New Code (required ≤ 3%)

See analysis details on SonarCloud

wirew0rm

Looks good, thanks for the additional documentation.

I've looked into the coverage, it seems most of it is due to coverage not being properly configured in this project, the majority of the missed lines is in the unit-test that seems to be excluded from coverage collection but not coverage calculation :/

ablepharus requested review from ivan-cukic and wirew0rm February 26, 2024 14:09

ablepharus had a problem deploying to configure coverage February 26, 2024 14:09 — with GitHub Actions Failure

ablepharus temporarily deployed to configure coverage February 26, 2024 14:09 — with GitHub Actions Inactive

ablepharus force-pushed the https-subscription-and-root-certs branch from 5fc78e2 to a4bb850 Compare February 26, 2024 14:14

ablepharus had a problem deploying to configure coverage February 26, 2024 14:14 — with GitHub Actions Failure

ablepharus temporarily deployed to configure coverage February 26, 2024 14:14 — with GitHub Actions Inactive

ablepharus force-pushed the https-subscription-and-root-certs branch from a4bb850 to 0499b8c Compare February 26, 2024 14:17

ablepharus had a problem deploying to configure coverage February 26, 2024 14:17 — with GitHub Actions Failure

ablepharus temporarily deployed to configure coverage February 26, 2024 14:17 — with GitHub Actions Inactive

ablepharus force-pushed the https-subscription-and-root-certs branch from 0499b8c to dfd13b3 Compare February 26, 2024 14:19

ablepharus had a problem deploying to configure coverage February 26, 2024 14:19 — with GitHub Actions Failure

ablepharus temporarily deployed to configure coverage February 26, 2024 14:19 — with GitHub Actions Inactive

ablepharus force-pushed the https-subscription-and-root-certs branch from dfd13b3 to 78a0184 Compare February 26, 2024 14:22

ablepharus temporarily deployed to configure coverage February 26, 2024 15:08 — with GitHub Actions Inactive

ablepharus linked an issue Feb 26, 2024 that may be closed by this pull request

[2SP,2SP] Make OpenDigitizer Service and UI work with https fair-acc/opendigitizer#162

Closed

wirew0rm requested changes Feb 26, 2024

View reviewed changes

wirew0rm reviewed Feb 26, 2024

View reviewed changes

src/client/include/RestClientNative.hpp Show resolved Hide resolved

ablepharus temporarily deployed to configure coverage February 27, 2024 09:17 — with GitHub Actions Inactive

ablepharus temporarily deployed to configure coverage February 27, 2024 09:20 — with GitHub Actions Inactive

ablepharus force-pushed the https-subscription-and-root-certs branch from ccc993d to 2bd9294 Compare February 27, 2024 09:30

ablepharus temporarily deployed to configure coverage February 27, 2024 09:30 — with GitHub Actions Inactive

wirew0rm approved these changes Feb 27, 2024

View reviewed changes

wirew0rm merged commit ac69eaf into main Feb 27, 2024
8 of 11 checks passed

wirew0rm deleted the https-subscription-and-root-certs branch February 27, 2024 10:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Https subscription and root certs #341

Https subscription and root certs #341

ablepharus commented Feb 26, 2024 •

edited

Loading

codecov bot commented Feb 26, 2024 •

edited

Loading

wirew0rm left a comment

sonarqubecloud bot commented Feb 27, 2024

wirew0rm left a comment

Https subscription and root certs #341

Https subscription and root certs #341

Conversation

ablepharus commented Feb 26, 2024 • edited Loading

codecov bot commented Feb 26, 2024 • edited Loading

Codecov Report

wirew0rm left a comment

Choose a reason for hiding this comment

sonarqubecloud bot commented Feb 27, 2024

Quality Gate failed

wirew0rm left a comment

Choose a reason for hiding this comment

ablepharus commented Feb 26, 2024 •

edited

Loading

codecov bot commented Feb 26, 2024 •

edited

Loading