On startup we have always received an initial update notification from consul when nothing actually changed in consul. Previously when Consul was the Record of True this was not an issue.

Now it is an issue as overrides to Writable fields, which applied after loading from Consul, are undone when this initial update notification is processed. This only occurs when config already exists in Consul and a Writable filed that has an override has been changed in Consul or the override was added after to config was pushed into Consul

We somehow need to ignore this first bogus update notification from Consul.

Once the Registry refactoring is complete, it needs to be integrated into the common bootstrap.

Dependent on edgexfoundry/go-mod-registry#37

Hello,

🚀 Feature Request

Relevant Package

This feature request is for the API Gateway

Description

The Edgex components are exposed through REST APIs and those services are usually called from a UI running on a browser. Most browser prevent calls to services at a different origin (CORS) thus making it difficult the interactions with services like Edgex.
There are basically 2 ways to solve the CORS issue. The first one is on the client side (UI application) by using a proxy server. Unfortunately this solution is static and need to know before hand the back end servers.
The second option is to enable the backend server to allow CORS.

Describe the solution you'd like

Currently I have been bypassing this issue by using a proxy server at the client site. However, this solution is not working due to the nature of IoT projects and solutions. The IoT solutions tend to be very dynamic and in my specific example, the number of instances where the Edgex framework is deployed is dynamic and can change. That makes the proxy option irrelevant as that solution is static.

So, the preferred solution will be to allow the user to enable/disable CORS as desired on the API Gateway. That will allow calling the API from UI clients without requiring to use a proxy.

Describe alternatives you've considered

As described above, I am already using a proxy solution but it only works for a static number of Edgex installations.

Thanks in advance,
Marcelo

Clients in configuration were renamed in edgexfoundry/edgex-go#2401. References to usage with hardcoded service names (e.g. configuration.Clients["Logging"], etc.) were not updated.

Suggest implementation replace string literal with centrally defined constant.

Created edgexfoundry/edgex-go#2424 for edgex-go. You'll need to create follow up issues (and self-assign and work them) to update the configuration naming scheme used for clients in consumers of go-mod-bootstrap (e.g. appfunc, device services).

In a given service, such as core-data, if I specify an empty value for LogFile in configuration as is necessary for edgexfoundry/edgex-go#2479 an erroneous line is written to the log.

Configuration example

[Logging]
EnableRemote = false
File = ''

Results in this message being written to the log

level=INFO ts=2020-04-09T21:28:34.469091Z app=edgex-core-data source=config.go:219 msg="Loaded configuration from /Users/tconn/Documents/code/git/tsconn23/edgex-go/cmd/core-data/res/configuration.toml"
level=INFO ts=2020-04-09T21:28:40.55768Z app=edgex-core-data source=config.go:321 msg="Using local configuration from file (0 environment overrides applied)"
2020/04/09 16:28:40 open /Users/tconn/Documents/code/git/tsconn23/edgex-go: is a directory

Note that the third line contains erroneous output related to where the executable is running since the log file's path is blank. The logic here

Currently the default startup duration is 30s, which is to short for some limited resource systems. Bumping it up to 60s resolves startup issues on these systems. Changing the default here avoids having to add override in the compose files.

To ensure our tests (and to some extent production code) are reliable, we should be running unit tests with the -race argument in the Makefile. Ensure tests go green with -race option. Add -race to the test target in our Makefile.

Dependent upon completion of #13.

Once Client Monitoring is removed from services, ClientMonitor needs to be removed from the ServiceInfo struct

Flattening the Database data structure because consul client fail to fetch the Database username and password.
https://github.com/edgexfoundry/go-mod-configuration/blob/master/internal/pkg/consul/client.go#L175
Change from

type Database struct {
	Credentials
	Type    string
	Timeout int
	Host    string
	Port    int
	Name    string
}

to

type Database struct {
	Username string
	Password string
	Type    string
	Timeout int
	Host    string
	Port    int
	Name    string
}

The original issue edgexfoundry/edgex-go#2433

Facilitates adoption of go-mod-bootstrap by AppFunc (and possibly device service) subdomain.

We have security utilities that need to run in silent mode unless verbose option specified.

Currently the bootstrap creates an initial STDOUT logging client set to INFO level which breaks the security utility silent mode.

To resolve this we need ability for the security utility to create the initial STDOUT logging client set to EROR level and pass it to bootstrap to use via the DIC. Bootstrap then just checks if the DIC has a logging client and uses it, otherwise it creates the initial client as it does now.

As proposed in December QA/Testing WG call and demonstrated in edgexfoundry/edgex-go@master...michaelestrin:testing-poc

Requires change to Run() method signature and addition of new common testing handler.

As directed in December 12th #security group conversation:

Requires working go-mod-bootstrap build; e.g. dependent upon completion of #13.

Will also require corresponding changes to https://github.com/edgexfoundry/edgex-go.

Service's pass in a timer that has been initialized with constants for Duration=30s and interval=1s.

Bootstrap attempts to update the timer with values from '[Startup]' configuration or environment variables, but the update doesn't seem to work.

Recreate by:

1. Start core-data from command-line (no options) without EdgeX stack running.
2. Note that it attempts to connect to the Database approx every second and gives up after approx 30 seconds
3. Edit the local configuration.toml and change '[Startup]' as follows

[Startup]
Duration = 10
Interval = 5

4. Start core-data from command-line (no options) without EdgeX stack running.
5. Note that it still attempts to connect to the Database approx every second and gives up after approx 30 seconds, i.e no change

Using Service_Host="" as an example, the blank value is not used in the call to listenAndServe() thus all core apis do not listen on all available IP addresses on a system. see https://golang.org/pkg/net/#Listen for details. When blank, it is overridden with the value from consul or configuration. This causes a problem for deployment scenarios such as swarm or k8s.

The following files also need to be updated:

Dockerfile.build
go.mod
Jenkinsfile (pull go reference)

The version v0.0.15 of go-mod-secrets has the defect described in edgexfoundry/go-mod-secrets#49 in which the API URL was not correctly built if path from secret config (that NewSecretClient() takes) is fully specified like /v1/secrets/edgex/mongo while being used as the URL to look up the Vault token.

The version v0.0.17 of go-mod-secrets fixes this particular issue and hence should be updated to that version.

The LoggingClient seems not updated correctly after loading configuration

Maybe we should update the Process method with pointer receiver

If the value of the environment variable contains =, the strings after the first = is ignored.
Therefore, overriding the configuration by environment variables may not work as expected.

I faced this issue when I tried to pass my PEM strings to the app-service-configurable. The PEM files often contain =.

This seems to caused by this line in variables.go. The length of kv will be larger than 2 if the value includes =, and then kv[2] or later will be purged.

	for _, env := range osEnv {
		kv := strings.Split(env, "=")
		if len(kv) > 0 && len(kv[0]) > 0 {
			if len(kv) > 1 && len(kv[1]) > 0 {
				e.variables[kv[0]] = kv[1]
			} else {
				e.variables[kv[0]] = "" // Handle case when value is blank, i.e. Service_Host=""
			}
		}
	}

The constructor or instantiator of vault.NewSecretclient from go-mod-secrets client is changed after the Pull Request of token-refresh background process has been merged onto master branch.

This requires code modification on the client or caller side. In particular, the NewSecretClient is now instantiated with a NewSecretClientFactory object first:

NewSecretClientFactory()

and NewSecretClient takes extra new input arguments with background context, referential implementation of loggingClient and tokenExpiredCallback func:

func (factory *secretClientFactory) NewSecretClient(ctx context.Context,
	config SecretConfig,
	lc loggingClient,
	tokenExpiredCallback tokenExpiredCallback) (pkg.SecretClient, error) { ... }

With new secret client factory, the caller now is able to instantiate multiple secret clients for use cases like dynamic secrets on the fly with potentially asynchronous fashion.

The current code reference to be modified in go-mod-bootstrap is here --

Suggested solution

To handle the token expired scenario, implement the default callback to re-read the token from the disk to see if it was updated offline and set the retry to be true while supplying a new token if any.
Some code reference is here: https://github.com/edgexfoundry/go-mod-bootstrap/blob/master/bootstrap/handlers/secret/secret.go#L100-L108 and use that similar logic to compare the new token to the old one with retry logic for the callback function.

Dependency

Dependent on edgexfoundry/go-mod-secrets#34

Update references for Go 1.12 to 1.13 in the following files

• Dockerfile.build
• go.mod
• Jenkinsfile

Corresponding issue for #9

There are many TODOs related to code ensuring backwards compatibility for 1.x versions. These need to be addressed at the end of version 2.0 development cycle. This issue is on-hold until then

edgexfoundry/edgex-go#2317 (comment)

Will require follow-on PR for edgex-go.

The flag parser will fail on arguments if the flag string contains '-r' or '--cp'. This can happen if the following string is past to the executable:

./some-device-service -confdir config/device-rest-go

The '-r' in the word 'rest' will cause the parser to fail.

Because of the location of the defer statement on startup with registry, services that use the registry are immediately unregistered with the registry because the RunAndReturnWaitGroup function returns almost immediately after the defer statement.

This block of code needs to be refactored to rely on some other timing mechanism.

Notify go-mod-bootstrap caller/consumer when configuration provider is used and a remote configuration change is made.

Required for AppFunc.

🐞 Bug Report

Affected Services

Any service using go-mod-bootstrap

Is this a regression?

Description and Minimal Reproduction

Currently Service_Host environment variable is always passed to the address to be used for the webserver to start up (

The address can use a host name, but this is not recommended, because it will create a listener for at most one of the host's IP addresses.

The host should by default be blank - which is addressed by #75. However, this creates a problem in that the service becomes non-addressable to other service since it is blank. Ultimately - the listener address host should be separate from how this service is addressed.
There isn't an easy to way reproduce this. To replicate what I am doing, create a free azure account and deploy https://github.com/rsdmike/app-service-examples/blob/armtemplates/templates/azuredeploy.json.
Additionally our team has reported the same behavior in docker swarm. Can try deploying to a docker swarm deployment and the issue should surface.

🔥 Exception or Error

N/A - Just no response on any Core API call from external - though all services can communicate internally.

🌍 Your Environment

Deployment Environment:
Azure Container Instance (Managed K8s)

EdgeX Version:
Fuji and Geneva

Anything else relevant?

Clean up code for removal of Logging Service.

Remove LoggingInfo struct, refactor bootstrapping to create just the default STDOUT logging client.

Currently the config override env names as PascalCase which is non-standard. Changing the names to UPPERCASE only is a breaking change. For now allow use of UPPERCASE names in addition to the current PascalCase names until release 2.0. At that time we can force only UPPERCASE.

Update name from loggingClient to lc where global variable has been replaced with an injected logger.LoggingClient instance.

From edgexfoundry/edgex-go#2072; needs to be done for code extracted from edgex-go to go-mod-bootstrap.

Dependent upon completion of #13.

Because the value returned by the service constructor always has a type (even if it doesn't have a value) the resulting variable returned by the DIC will never be evaluated to nil.. This has the knock on effect of causing things like RegstryFrom to always execute the != nil path, causing any consuming services to have registryClient != nil to evaluate to true when it is a typed nil.

Required for build. See #9

These need to be public as edgex-go has dependencies on both sub-packages even after its bootstrap code is replaced with go-mod-bootstrap.

The following modules need to be latest in go.mod

github.com/edgexfoundry/go-mod-configuration 
github.com/edgexfoundry/go-mod-core-contracts
github.com/edgexfoundry/go-mod-registry
github.com/edgexfoundry/go-mod-secrets

When loading config from consul, the vault.SecretConfig portion of SecretStoreInfo is not loaded. This is because the decoding in the https://github.com/mitchellh/consulstructure package we use to pull values from Consul doesn't handle embedded types.

type SecretStoreInfo struct {
	vault.SecretConfig
	// TokenFile provides a location to a token file.
	TokenFile string
}

Previous to the new Configuration provider the config was first loaded from TOML, which does handle embedded types, and then when values loaded from consul they never overrode the values loaded from file. This was hiding the this bug.

Now with the new Configuration provider we are no longer loading from TOML file prior to loading from consul, which now results in the vault.SecretConfig portion of SecretStoreInfo being left empty.

See example README.md in edgexfoundry/edgex-go#2277.

Add me as sole reviewer when complete.

For App Functions SDK trying to receive on a UpdatedStream defined as type UpdatedStream chan<- struct{} and using it in a select statement like this:

	for {
		select {
		case <-configUpdated:

we get the following error:

invalid operation: <-configUpdated (receive from send-only type "github.com/edgexfoundry/go-mod-bootstrap/bootstrap/config".UpdatedStream)

If we change the definition to type UpdatedStream chan struct{} the error goes away.

Replace the hard coded 0.0.0.0 value currently use for ListenAndServe with a new config setting added to ServiceInfo struct.

So this change is backwards compatible, use Host value when new setting value is empty. This restores previous functionality, but allows env override to explicitly set the value used for ListenAndServe as needed for different deployments.

Core WG decision 9/17 is to enable use of DependaBot Weekly

config-seed-like functionality at an individual service-level to enable config-seed service to be removed.

Dependent upon completion of #13.