auto create gorm association mode

cmd/migrate/keyrotate/helpers_test.go

@@ -3,6 +3,7 @@ package keyrotate_test
 import (
 	"os"
 	"testing"
+	"time"
 
 	"github.com/porter-dev/porter/internal/adapter"
 	"github.com/porter-dev/porter/internal/config"
@@ -365,6 +366,12 @@ func initCluster(tester *tester, t *testing.T) {
 		Server:                   "https://localhost",
 		KubeIntegrationID:        tester.initKIs[0].ID,
 		CertificateAuthorityData: []byte("-----BEGIN"),
+		TokenCache: ints.ClusterTokenCache{
+			TokenCache: ints.TokenCache{
+				Token:  []byte("token-1"),
+				Expiry: time.Now().Add(-1 * time.Hour),
+			},
+		},
 	}
 
 	cluster, err := tester.repo.Cluster.CreateCluster(cluster)

cmd/migrate/keyrotate/rotate.go

@@ -35,18 +35,26 @@ func rotateClusterModel(db *_gorm.DB, oldKey, newKey *[32]byte) error {
 	for i := 0; i < (int(count)/stepSize)+1; i++ {
 		clusters := []*models.Cluster{}
 
-		if err := db.Offset(i * stepSize).Limit(stepSize).Find(&clusters).Error; err != nil {
+		if err := db.Offset(i * stepSize).Limit(stepSize).Preload("TokenCache").Find(&clusters).Error; err != nil {
 			return err
 		}
 
 		// decrypt with the old key
 		for _, cluster := range clusters {
-			repo.DecryptClusterData(cluster, oldKey)
+			err := repo.DecryptClusterData(cluster, oldKey)
+
+			if err != nil {
+				return err
+			}
 		}
 
 		// encrypt with the new key and re-insert
 		for _, cluster := range clusters {
-			repo.EncryptClusterData(cluster, newKey)
+			err := repo.EncryptClusterData(cluster, newKey)
+
+			if err != nil {
+				return err
+			}
 
 			if err := db.Save(cluster).Error; err != nil {
 				return err

cmd/migrate/keyrotate/rotate_test.go

@@ -1,6 +1,7 @@
 package keyrotate_test
 
 import (
+	"fmt"
 	"testing"
 
 	"github.com/porter-dev/porter/cmd/migrate/keyrotate"
@@ -21,29 +22,43 @@ func TestClusterModelRotation(t *testing.T) {
 
 	setupTestEnv(tester, t)
 
-	for i := 0; i < 100; i++ {
+	for i := 0; i < 1; i++ {
 		initCluster(tester, t)
 	}
 
 	defer cleanup(tester, t)
 
-	keyrotate.Rotate(tester.DB, tester.Key, &newKey)
+	err := keyrotate.Rotate(tester.DB, tester.Key, &newKey)
+
+	if err != nil {
+		t.Fatalf("error rotating: %v\n", err)
+	}
 
 	// very all clusters decoded properly
 	repo := gorm.NewClusterRepository(tester.DB, &newKey).(*gorm.ClusterRepository)
 
 	clusters := []*models.Cluster{}
 
-	if err := tester.DB.Find(&clusters).Error; err != nil {
+	if err := tester.DB.Preload("TokenCache").Find(&clusters).Error; err != nil {
 		t.Fatalf("%v\n", err)
 	}
 
 	// decrypt with the old key
-	for _, cluster := range clusters {
-		repo.DecryptClusterData(cluster, &newKey)
+	for _, c := range clusters {
+		fmt.Println("GOT TOKEN", string(c.TokenCache.Token))
+
+		cluster, err := repo.ReadCluster(c.ID)
+
+		if err != nil {
+			t.Fatalf("error reading cluster: %v\n", err)
+		}
 
 		if string(cluster.CertificateAuthorityData) != "-----BEGIN" {
 			t.Errorf("%s\n", string(cluster.CertificateAuthorityData))
 		}
+
+		if string(cluster.TokenCache.Token) != "token-1" {
+			t.Errorf("%s\n", string(cluster.TokenCache.Token))
+		}
 	}
 }

cmd/migrate/keyrotate/temp.go

@@ -0,0 +1 @@
+package keyrotate

internal/adapter/gorm.go

@@ -17,6 +17,7 @@ func New(conf *config.DBConf) (*gorm.DB, error) {
 		// not support foreign key constraints
 		return gorm.Open(sqlite.Open(conf.SQLLitePath), &gorm.Config{
 			DisableForeignKeyConstraintWhenMigrating: true,
+			FullSaveAssociations:                     true,
 		})
 	}
 
@@ -28,7 +29,9 @@ func New(conf *config.DBConf) (*gorm.DB, error) {
 		conf.Host,
 	)
 
-	res, err := gorm.Open(postgres.Open(dsn), &gorm.Config{})
+	res, err := gorm.Open(postgres.Open(dsn), &gorm.Config{
+		FullSaveAssociations: true,
+	})
 
 	// retry the connection 3 times
 	retryCount := 0

internal/repository/gorm/cluster.go

@@ -170,7 +170,11 @@ func (repo *ClusterRepository) ReadCluster(
 		return nil, err
 	}
 
-	repo.DecryptClusterData(cluster, repo.key)
+	err := repo.DecryptClusterData(cluster, repo.key)
+
+	if err != nil {
+		return nil, err
+	}
 
 	return cluster, nil
 }
@@ -220,16 +224,6 @@ func (repo *ClusterRepository) UpdateCluster(
 func (repo *ClusterRepository) UpdateClusterTokenCache(
 	tokenCache *ints.ClusterTokenCache,
 ) (*models.Cluster, error) {
-	if tok := tokenCache.Token; len(tok) > 0 {
-		cipherData, err := repository.Encrypt(tok, repo.key)
-
-		if err != nil {
-			return nil, err
-		}
-
-		tokenCache.Token = cipherData
-	}
-
 	cluster := &models.Cluster{}
 
 	if err := repo.db.Where("id = ?", tokenCache.ClusterID).First(&cluster).Error; err != nil {
@@ -239,11 +233,7 @@ func (repo *ClusterRepository) UpdateClusterTokenCache(
 	cluster.TokenCache.Token = tokenCache.Token
 	cluster.TokenCache.Expiry = tokenCache.Expiry
 
-	if err := repo.db.Save(cluster).Error; err != nil {
-		return nil, err
-	}
-
-	return cluster, nil
+	return repo.UpdateCluster(cluster)
 }
 
 // DeleteCluster removes a cluster from the db
@@ -343,6 +333,7 @@ func (repo *ClusterRepository) DecryptClusterData(
 	}
 
 	if tok := cluster.TokenCache.Token; len(tok) > 0 {
+
 		plaintext, err := repository.Decrypt(tok, key)
 
 		if err != nil {

internal/repository/gorm/cluster_test.go

@@ -382,6 +382,11 @@ func TestUpdateClusterToken(t *testing.T) {
 		t.Fatalf("incorrect cluster id in token cache: expected %d, got %d\n", 1, cluster.TokenCache.ClusterID)
 	}
 
+	// make sure old token is token-1
+	if string(cluster.TokenCache.Token) != "token-1" {
+		t.Errorf("incorrect token in cache: expected %s, got %s\n", "token-1", cluster.TokenCache.Token)
+	}
+
 	// make sure old token is expired
 	if isExpired := cluster.TokenCache.IsExpired(); !isExpired {
 		t.Fatalf("token was not expired\n")