I am unable to see the difference between devMode = true and devMode = false. How the process will happen in both the cases. Could you please elaborate it.
devMode
This flag sets the node to run in development mode. On startup, if the keystore /certificates/sslkeystore.jks does not exist, a developer keystore will be used if devMode is true. The node will exit if devMode is false and the keystore does not exist.devMode also turns on background checking of flow checkpoints to shake out any bugs in the checkpointing process. Also, if devMode is true, Hibernate will try to automatically create the schema required by Corda or update an existing schema in the SQL database; if devMode is false, Hibernate will simply validate the existing schema, failing on node start if the schema is either not present or not compatible. If no value is specified in the node configuration file, the node will attempt to detect if it’s running on a developer machine and set devMode=true in that case. This value can be overridden from the command line using the --dev-mode option.
https://docs.corda.net/corda-configuration-file.html
when you make devMode as false your corda node will not generate automatically the keystore and hibernate will not automatically create tables , also when dev mode is true it checks in background the flow checkpoints I think.
Related
I created an AWS secrets manager and a secret key-value entry using Terraform as below. However, After I comment out below aws_secretsmanager_secret_version resource and terraform apply, terraform shows it deletes the secret key-value entry, but I can still see the entry in AWS console and I can still use CLI to get the secret key-value using aws secretsmanager get-secret-value --secret-id myTestName.
Is this entry really deleted? Why I still see it in AWS console? or maybe it is deleted but the one shown in console and cli is an old version? at least Terraform deleted it from its state file.
resource "aws_secretsmanager_secret" "test" {
name = "myTestName"
}
# I deleted secret key-value entry by
# commenting out below and apply terraform again
resource "aws_secretsmanager_secret_version" "test" {
secret_id = aws_secretsmanager_secret.test.id
secret_string = <<EOF
{
"test-key": "test-value"
}
EOF
}
According to AWS documentation:
...Secrets Manager does not immediately delete secrets. Instead,
Secrets Manager immediately makes the secrets inaccessible and
scheduled for deletion after a recovery window of a minimum of
seven days...
Due to critical nature of the secrets, this functionality is there for a reason - to prevent you from accidentally deleting important production-grade secret, which would cause serious problems with accessing services.
If you still want to delete a secret, you can do it with force:
aws secretsmanager delete-secret --secret-id your-secret --force-delete-without-recovery --region your-region
You may need to delete it with force if you want to immediately create new secret with the same name, to avoid name conflict.
Update: As you clarified, for you specific case - where you wish to delete the version of the secret, it cannot be done while you have only one version of the secret with the AWSCURRENT label:
aws secretsmanager get-secret-value --secret-id myTestName
...
"Name": "myTestName",
"SecretString": " ...
"VersionStages": [
"AWSCURRENT"
]
...
From the terraform documentation:
If the AWSCURRENT staging label is present on this version during
resource deletion, that label cannot be removed and will be skipped to
prevent errors when fully deleting the secret. That label will leave
this secret version active even after the resource is deleted from
Terraform unless the secret itself is deleted. Move the AWSCURRENT
staging label before or after deleting this resource from Terraform to
fully trigger version deprecation if necessary.
Hi I got some warning from Corda documentation examples
ATTENTION: This node is running in the development model! this is not safe for production deployments.
what's the reason for this warning??
Corda raises a warning because the devMode configuration flag has few importants consequences on how things such as how node keystore is found, how the DB schema is checked/created, the Java heap size etc. Such configurations can be acceptable for a development phase of a Corda project, but not suitable for Production, so Corda gives the warning.
From the Corda Node documentation :
This flag sets the node to run in development mode. On startup, if the
keystore /certificates/sslkeystore.jks does not exist, a
developer keystore will be used if devMode is true. The node will exit
if devMode is false and the keystore does not exist. devMode also
turns on background checking of flow checkpoints to shake out any bugs
in the checkpointing process. Also, if devMode is true, Hibernate will
try to automatically create the schema required by Corda or update an
existing schema in the SQL database; if devMode is false, Hibernate
will simply validate the existing schema, failing on node start if the
schema is either not present or not compatible. If no value is
specified in the node configuration file, the node will attempt to
detect if it’s running on a developer machine and set devMode=true in
that case. This value can be overridden from the command line using
the --dev-mode option.
This flag affects the default value for Java heap size.
You can also check this out.
To change from DEV mode to PROD mode, modify devMode = true to devMode = false inside node.conf file of your node, then restart the node.
Make sure that you sign the contract CorDapps when you move to PROD mode; read about it here.
In my Xamarin.Forms application (that supports iOS, Android, UWP), I have a config.json file that defines some variables, e.g.
{
"HideExperimentalFeature": false
}
Is it possible in the AzureDevops pipeline to inject a value for a variable based on stage, e.g. QA or Production? E.g. for QA it can be set to false, and for Production true. Is it possible to do it using user interface?
You can replace tokens in files:
swap it in your json file to a token, ie. { "HideExperimentalFeature": #{HideExperimentalFeature}# }
In your release pipeline you set these variables:
HideExperimentalFeature: true for Prod stage
HideExperimentalFeature: false for QA stage
Add a Replace Tokens task to your pipeline:
Target files: path/to/config.json
Missing variables / action: fail
Yes, you can use Replace Tokens extension.
in config.json file just add key markers, and tell the extension which files should be scanned for replacement.
{
"ConnectionStrings": {
"BloggingDatabase": "#{connection_string}#"
},
{ "HideExperimentalFeature": #{HideExperimentalFeature}# }
}
connection_string will be replaced with proper value based on stage. Also, you can use Release stage which means "use it everywhere". What is more, you can you Release + stage_x, and then Release will be used as default, and stage_x will override it on its stage.
Consider Missing variable behavior set as Fail pipeline due to the fact, Log Warn is usually not noticed in the woods of logs.
Also, Azure DevOps variables nature allows you using Settable as release time option next to the variable definition. Then, you can pass the value
In BizTalk application we are configuring a WCF-ORACLEDB send port adapter to call Stored proc. In the portbinding file we have set useAmbientTransaction” = False but in the sendport this value in the binding coming as true. This is happening one specific environment. Other environment its coming as false as mentioned in the port binding file.
This happening one specific environment
useAmbientTransaction = False
Because this value coming as true we are getting some oracle connection error.
Please advise why this value override to true only one specific environment.
I could name numerous things that could be wrong, but for issues like this it's best to start all over again, so:
Remove the ports on all the servers you are trying to deploy to.
Create the send port again from scratch on your dev machine.
Export the bindings.
Remove the send port on the dev machine.
Test it on your dev machine by importing the bindings.
Now test it on the machine where you had issues.
If the issue still persists, try setting the value manually in the Admin console, does the value stay on True? (this is the default value i think) Maybe there aren't enough permissions for you to change the value.
I am using a redis cache in my symfony application.
When inspecting the internally used keys in redis-cli I found out that all entries share a common prefix (like AWVAugkC6-:, or gBphwvED1G:). The prefix changes if I toggle APP_ENV between dev and prod.
Can I disable this behavior?
Currently, I cannot use the prod entries in dev mode, and vice versa.
A call to
$this->cache->getItem('2f560421-1b6d-4251-8392-e9c0f5e824a7-1514764800-1546300799-noref-nostr');
translates in devmode to a redis key
gBphwvED1G:2f560421-1b6d-4251-8392-e9c0f5e824a7-1514764800-1546300799-noref-nostr
however in prod, it's
AWVAugkC6-:2f560421-1b6d-4251-8392-e9c0f5e824a7-1514764800-1546300799-noref-nostr
So the prefix is exchanged!
I have traced this back to AbstractTrait::getId($key) https://github.com/symfony/cache/blob/e5e9a6d35558b43cca49cde9f3a7ad22980812cb/Traits/AbstractTrait.php#L269, but I think this line should just hash the give key, not the environment...?
framework:
cache:
default_redis_provider: 'redis://%env(REDIS_HOST)%'
pools:
data_evaluator_cache_items_cache:
adapter: cache.adapter.redis
default_lifetime: 0
public: true
data_evaluator_cache_tags_cache:
adapter: cache.adapter.redis
default_lifetime: 0
public: true
services:
tagged_data_cache:
class: Symfony\Component\Cache\Adapter\TagAwareAdapter
arguments:
$itemsPool: "#data_evaluator_cache_items_cache"
$tagsPool: "#data_evaluator_cache_tags_cache"
public: true
I am unsure if this relates to the TagAwareAdapter. In reality an additional tag entry is stored, which
The prefix is computed to ensure dev and prod don't share the same cached items, to be safe by default. This is done when using semantic configuration, in a compiler pass, here:
https://github.com/symfony/cache/blob/master/DependencyInjection/CachePoolPass.php#L55
If you want to opt out from this, you might need to define your cache pools directly as a service - without using semantic configuration. You'll then have full control over the namespace and everything else.
You can also keep using semantic and redefine the kernel.container_class parameter. I think this can be done by overriding the getContainerClass on your Kernel.
But you should double check first why you need same namespace for prod and dev.