fix: fix panic on missing issuer_key_id in agent_issuance (#42)

impierce · Apr 12, 2024 · 300b179 · 300b179
1 parent 4a7f028
commit 300b179
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 9 deletions.
diff --git a/agent_application/docker/README.md b/agent_application/docker/README.md
@@ -17,14 +17,16 @@ Inside the folder `/agent_application/docker`:
    - `AGENT_ISSUANCE_CREDENTIAL_NAME`: To set the name of the credentials that will be issued.
    - `AGENT_ISSUANCE_CREDENTIAL_LOGO_URL`: To set the URL of the logo that will be used in the credentials.
 > [!IMPORTANT] 
-> 3. By default, UniCore will automatically generate a temporary secure Stronghold file which will be used to sign
->    authorization requests and credentials. Note that using this default option, this Stronghold file will NOT be
->    persisted. If you want to ensure that the key material that is used for signing data will always be consistent, you
->    will need to supply an existing Stronghold file. This can be done by mounting the Stronghold file in the `docker-compose.yml` file. Example:
->   ```yaml
->   volumes:
->     - /path/to/stronghold:/app/res/stronghold
->   ```
+> 3. By default, UniCore currently uses a default Stronghold file which is used for storing secrets. Using this default
+>    Stronghold is for testing purposes only and should not be used in production. To use your own Stronghold file, you
+>    need to mount it in the `docker-compose.yml` file by replacing the default volume. Example:
+> ```yaml
+>  volumes:
+>    # - ../../agent_secret_manager/tests/res/test.stronghold:/app/res/stronghold # Default Stronghold file
+>    - /path/to/stronghold:/app/res/stronghold
+>  ```
+>    It is recommended to not change the target path `/app/res/stronghold`.
+> 
 >   You will also need to set the following environment variables: 
 >   - `AGENT_SECRET_MANAGER_STRONGHOLD_PATH`: The path to the Stronghold file. This value must correspond to the path to which
 >     the Stronghold is mounted. Set to `/app/res/stronghold` by default. It

diff --git a/agent_application/docker/docker-compose.yml b/agent_application/docker/docker-compose.yml
@@ -41,6 +41,7 @@ services:
       AGENT_STORE_DB_CONNECTION_STRING: postgresql://demo_user:demo_pass@cqrs-postgres-db:5432/demo
       AGENT_SECRET_MANAGER_STRONGHOLD_PATH: /app/res/stronghold
       AGENT_SECRET_MANAGER_STRONGHOLD_PASSWORD: "secure_password"
+      AGENT_SECRET_MANAGER_ISSUER_KEY_ID: "9O66nzWqYYy1LmmiOudOlh2SMIaUWoTS"
     volumes:
-      # - /path/to/stronghold:/app/res/stronghold
+      - ../../agent_secret_manager/tests/res/test.stronghold:/app/res/stronghold
       - ../../agent_event_publisher_http/config.yml:/app/agent_event_publisher_http/config.yml