Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] AzureBlobXmlRepository #21987

Closed
damiannno opened this issue Jun 20, 2021 · 6 comments
Closed

[BUG] AzureBlobXmlRepository #21987

damiannno opened this issue Jun 20, 2021 · 6 comments
Assignees
@pakrym
Labels
Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. Extensions ASP.NET Core extensions feature-request This issue requires a new behavior in the product in order be resolved. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team
Milestone
Backlog

Comments

@damiannno
Copy link

damiannno commented Jun 20, 2021
edited
Loading

Hello
I found bug (or inconsistency) when 2 types of Data Protection Xml Repository is used.
FileSystemXmlRepository and AzureBlobXmlRepository

Steps:

  1. Application A hosted on premise generates the key using FileSystemXmlRepository.
  2. Distribite key from disc to Azure Storage
  3. Application B tries to read this key using AzureBlobXmlRepository.
    4, Data protector could not find any key and that is why we could not authorize request.

This is how they read keys differently:
image

When I changed key file structure (like below) everythink is working fine.

< keys >
< key >< /key >
< /keys >

Instead of

< key >
< /key >

I think this is the root cause.
image

Best regards
@ghost ghost added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Jun 20, 2021
@jsquire jsquire added Client This issue points to a problem in the data-plane of the library. Extensions ASP.NET Core extensions needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team labels Jun 21, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Jun 21, 2021
@jsquire
Copy link
Member

jsquire commented Jun 21, 2021

Thank you for your feedback. Tagging and routing to the team member best able to assist.

@pakrym pakrym added feature-request This issue requires a new behavior in the product in order be resolved. and removed question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Jun 21, 2021
@pakrym pakrym added this to the Backlog milestone Jun 21, 2021
@pakrym
Copy link
Contributor

pakrym commented Jun 21, 2021

FileSystemXmlRepository and AzureBlobXmlRepository were not designed to allow key migration. The larger difference is that in file system keys are stored with a single key per file while in blob all keys are in the same blob. Supporting this kind of migration would require a tool that would merge keys into a single blob.

@damiannno
Copy link
Author

As I understood we can transform keys structure on our own then upload to storage account container. Thank you very much.

@damiannno
Copy link
Author

damiannno commented Jun 23, 2021
edited
Loading

However I am just curious. Why you designed that to store all keys in one file? Could not pass SAS token to container with READ,WRITE permissions and files could be created?

@pakrym
Copy link
Contributor

pakrym commented Jun 23, 2021

It's cheaper and faster to download a single blob during the app startup than to scan the container and download many tiny blobs.

@damiannno
Copy link
Author

Ok thank you for explanation. I am closing the ticket.

azure-sdk pushed a commit to azure-sdk/azure-sdk-for-net that referenced this issue Dec 27, 2022
@AzureRestAPISpecReview
CodeGen from PR 21987 in Azure/azure-rest-api-specs
bb7bbb6 
[Hub Generated] Publish private branch 'containerservice/official/v20221218' (Azure#21987)

* [AutoSync] 6a6ad0e3336 Merged PR 7353698: [API Release] Sync swagger changes in GitHub PR Azure#21069

* [AutoSync] c7b8955aefd Merged PR 7359461: [API Release] Fix Swagger LintDiff errors

* [AutoSync] 76fc4392c08 Merged PR 7379598: [Swagger][2022-11 APIs] azure auth-provider kubeconfig is fully removed in v1.26 instead of v1.25

Co-authored-by: swagger-automation <swagger@microsoft.com>
@github-actions github-actions bot locked and limited conversation to collaborators Mar 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@pakrym pakrym

Labels
Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. Extensions ASP.NET Core extensions feature-request This issue requires a new behavior in the product in order be resolved. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
3 participants
@jsquire @pakrym @damiannno