GCP KMS support is broken since version 0.4.4.0

Question

GCP KMS support is broken since version 0.4.4.0

omerlh opened this issue 5 years ago · 0 comments

Just tested the latest version using GCK KMS - all interaction with the KMS failed, for example - this is an error from the encryptor:

{
"Timestamp":"2019-07-14T17:39:23.5015802+00:00",
"Level":"Error",
"MessageTemplate":"An unhandled exception has occurred while executing the request.",
"Exception":"System.IO.IOException: Error loading native library \"/home/dotnet/app/runtimes/linux/native/libgrpc_csharp_ext.x64.so\". 
Symbol not found: PAL_dlerror\n   
at Grpc.Core.Internal.UnmanagedLibrary..ctor(String[] libraryPathAlternatives)\n
   at Grpc.Core.Internal.NativeExtension.LoadUnmanagedLibrary()\n
   at Grpc.Core.Internal.NativeExtension.LoadNativeMethods()\n
   at Grpc.Core.Internal.NativeExtension..ctor()\n
   at Grpc.Core.Internal.NativeExtension.Get()\n
   at Grpc.Core.GrpcEnvironment.GrpcNativeInit()\n
   at Grpc.Core.GrpcEnvironment..ctor()\n
   at Grpc.Core.GrpcEnvironment.AddRef()\n
   at Grpc.Core.Channel..ctor(String target, ChannelCredentials credentials, IEnumerable`1 options)\n
   at Google.Api.Gax.Grpc.ChannelPool.GetChannel(ServiceEndpoint endpoint, ChannelCredentials credentials)\n
   at Kamus.KeyManagement.ServiceCollectionExtensions.GetGoogleCloudKeyManagment(IConfiguration configuration) in /app/key-managment/ServiceCollectionExtensions.cs:line 81\n
   at Kamus.KeyManagement.ServiceCollectionExtensions.<>c__DisplayClass0_0.<AddKeyManagement>b__0(IServiceProvider s) in /app/key-managment/ServiceCollectionExtensions.cs:line 31\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, ServiceProviderEngineScope scope)\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitScoped(ScopedCallSite scopedCallSite, ServiceProviderEngineScope scope)\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitSingleton(SingletonCallSite singletonCallSite, ServiceProviderEngineScope scope)\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)\n
  at Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine.<>c__DisplayClass1_0.<RealizeService>b__0(ServiceProviderEngineScope scope)\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope)\n
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType)\n
   at Microsoft.Extensions.DependencyInjection.ActivatorUtilities.GetService(IServiceProvider sp, Type type, Type requiredBy, Boolean isDefaultParameterRequired)\n
   at lambda_method(Closure , IServiceProvider , Object[] )\n
   at Microsoft.AspNetCore.Mvc.Controllers.ControllerActivatorProvider.<>c__DisplayClass4_0.<CreateActivator>b__0(ControllerContext controllerContext)\n
   at Microsoft.AspNetCore.Mvc.Controllers.ControllerFactoryProvider.<>c__DisplayClass5_0.<CreateControllerFactory>g__CreateController|0(ControllerContext controllerContext)\n\
   at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\n
   at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync()\n   at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextResourceFilter()\n
   at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Rethrow(ResourceExecutedContext context)\n   at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\n
   at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeFilterPipelineAsync()\n   at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeAsync()\n 
  at Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)\n
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)\n
   at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)\n
   at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)\n
   at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)\n
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)",
"Properties":{"EventId":{"Id":1,"Name":"UnhandledException"},"SourceContext":"Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware"}}

Look like this is because the OS is alpine - see grpc/grpc#15605. Working on a fix now.
Tests didn't catch this because blackbox tests are running using AES KMS and not GCP. Wonder if we need to change that..