Oda/managing-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add debug for the secrets files

Browse Source
This commit is contained in:
cryptooda
2025-11-01 11:49:35 +07:00
parent 52db308898
commit bab2c4f12f
2 changed files with 81 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
src/Managing.Web3Proxy/src/plugins/custom/privy-secrets.ts
View File

@@ -38,15 +38,27 @@ export default fp(async function (fastify) {
// Debug: List all files in /run/secrets/ directory // Debug: List all files in /run/secrets/ directory
const secretsDir = '/run/secrets' const secretsDir = '/run/secrets'
let availableFiles: string[] = []
if (fs.existsSync(secretsDir)) { if (fs.existsSync(secretsDir)) {
try { try {
const files = fs.readdirSync(secretsDir) availableFiles = fs.readdirSync(secretsDir)
fastify.log.info({ files, dir: secretsDir }, 'Files found in /run/secrets/') fastify.log.info({ files: availableFiles, dir: secretsDir, count: availableFiles.length }, 'Files found in /run/secrets/')
// Also log full paths and their sizes
availableFiles.forEach(file => {
const fullPath = `${secretsDir}/${file}`
try {
const stats = fs.statSync(fullPath)
fastify.log.debug({ file, path: fullPath, size: stats.size, isFile: stats.isFile() }, `Secret file details: ${file}`)
} catch (err) {
fastify.log.warn({ file, path: fullPath, error: err }, `Could not stat secret file: ${file}`)
}
})
} catch (error) { } catch (error) {
fastify.log.warn({ error }, 'Could not list /run/secrets/ directory') fastify.log.warn({ error }, 'Could not list /run/secrets/ directory')
} }
} else { } else {
fastify.log.warn({ dir: secretsDir }, '/run/secrets/ directory does not exist') fastify.log.error({ dir: secretsDir }, '/run/secrets/ directory does not exist - Docker secrets may not be mounted')
} }
let appId: string let appId: string
@@ -55,17 +67,44 @@ export default fp(async function (fastify) {
if (isProd) { if (isProd) {
// In production, read from Docker secrets (mounted files) // In production, read from Docker secrets (mounted files)
// Try exact names first
appId = readSecretFile('PRIVY_APP_ID', fastify.log) || process.env.PRIVY_APP_ID || '' appId = readSecretFile('PRIVY_APP_ID', fastify.log) || process.env.PRIVY_APP_ID || ''
appSecret = readSecretFile('PRIVY_APP_SECRET', fastify.log) || process.env.PRIVY_APP_SECRET || '' appSecret = readSecretFile('PRIVY_APP_SECRET', fastify.log) || process.env.PRIVY_APP_SECRET || ''
authKey = readSecretFile('PRIVY_AUTHORIZATION_KEY', fastify.log) || process.env.PRIVY_AUTHORIZATION_KEY || '' authKey = readSecretFile('PRIVY_AUTHORIZATION_KEY', fastify.log) || process.env.PRIVY_AUTHORIZATION_KEY || ''
// If not found, try alternative names (maybe they're mounted with SecretName instead of File.Name)
if (!appId && availableFiles.length > 0) {
const appIdFile = availableFiles.find(f => f.toLowerCase().includes('app_id') || f.toLowerCase().includes('appid'))
if (appIdFile) {
fastify.log.info({ foundFile: appIdFile, trying: 'PRIVY_APP_ID' }, 'Trying alternative file name for PRIVY_APP_ID')
appId = readSecretFile(appIdFile, fastify.log) || ''
}
}
if (!appSecret && availableFiles.length > 0) {
const appSecretFile = availableFiles.find(f => f.toLowerCase().includes('app_secret') || f.toLowerCase().includes('appsecret'))
if (appSecretFile) {
fastify.log.info({ foundFile: appSecretFile, trying: 'PRIVY_APP_SECRET' }, 'Trying alternative file name for PRIVY_APP_SECRET')
appSecret = readSecretFile(appSecretFile, fastify.log) || ''
}
}
if (!authKey && availableFiles.length > 0) {
const authKeyFile = availableFiles.find(f => f.toLowerCase().includes('auth_key') || f.toLowerCase().includes('authkey') || f.toLowerCase().includes('authorization'))
if (authKeyFile) {
fastify.log.info({ foundFile: authKeyFile, trying: 'PRIVY_AUTHORIZATION_KEY' }, 'Trying alternative file name for PRIVY_AUTHORIZATION_KEY')
authKey = readSecretFile(authKeyFile, fastify.log) || ''
}
}
fastify.log.info({ fastify.log.info({
appId: !!appId, appId: !!appId,
appSecret: !!appSecret, appSecret: !!appSecret,
authKey: !!authKey, authKey: !!authKey,
appIdLength: appId.length, appIdLength: appId.length,
appSecretLength: appSecret.length, appSecretLength: appSecret.length,
authKeyLength: authKey.length authKeyLength: authKey.length,
availableSecretFiles: availableFiles
}, 'Privy secrets loaded from Docker secrets') }, 'Privy secrets loaded from Docker secrets')
} else { } else {
// In non-production, use env vars or file paths // In non-production, use env vars or file paths
@@ -80,15 +119,38 @@ export default fp(async function (fastify) {
authKey = readMaybeFile('PRIVY_AUTHORIZATION_KEY', 'PRIVY_AUTHORIZATION_KEY_FILE') || '' authKey = readMaybeFile('PRIVY_AUTHORIZATION_KEY', 'PRIVY_AUTHORIZATION_KEY_FILE') || ''
} }
// Log error but don't throw - let the app start so we can see logs
// The actual error will be thrown when secrets are used
if (!appId || !appSecret || !authKey) { if (!appId || !appSecret || !authKey) {
fastify.log.error({ fastify.log.error({
appId: !!appId, appId: !!appId,
appSecret: !!appSecret, appSecret: !!appSecret,
authKey: !!authKey, authKey: !!authKey,
isProd, isProd,
nodeEnv: process.env.NODE_ENV nodeEnv: process.env.NODE_ENV,
}, 'Privy secrets not fully resolved at plugin load') availableSecretFiles: availableFiles,
throw new Error('Missing required Privy secrets. Check Docker secrets are mounted correctly.') secretsDirExists: fs.existsSync(secretsDir)
}, '⚠️ WARNING: Privy secrets not fully resolved at plugin load - app will continue but Privy operations will fail')
// Still decorate with empty strings so the app doesn't crash
// The actual error will be thrown in getPrivyClient when it's used
fastify.decorate('privySecrets', {
appId: appId || '',
appSecret: appSecret || '',
authKey: authKey || ''
})
fastify.log.error({
message: 'Please check:',
checks: [
'1. Docker secrets are created: docker secret ls',
'2. preDeployFunction in captain-definition is executing',
'3. Secret IDs in captain-definition match actual secret IDs',
'4. Container has access to /run/secrets/ directory'
]
}, 'Debugging steps for missing secrets')
return // Continue without throwing
} }
fastify.decorate('privySecrets', { fastify.decorate('privySecrets', {
@@ -101,5 +163,5 @@ export default fp(async function (fastify) {
appId: appId.substring(0, 10) + '...', appId: appId.substring(0, 10) + '...',
appSecret: appSecret.substring(0, 10) + '...', appSecret: appSecret.substring(0, 10) + '...',
authKey: authKey.substring(0, 20) + '...' authKey: authKey.substring(0, 20) + '...'
}, 'Privy secrets decorated on Fastify instance') }, 'Privy secrets decorated on Fastify instance successfully')
}, { name: 'privy-secrets' }) }, { name: 'privy-secrets' })

15
src/Managing.Web3Proxy/src/plugins/custom/privy.ts
View File

@@ -1329,13 +1329,20 @@ export default fp(async (fastify) => {
return getWalletBalance.call(this, reply, address, assets, chains); return getWalletBalance.call(this, reply, address, assets, chains);
}); });
// Test the Privy client initialization // Test the Privy client initialization (non-blocking)
// Don't throw on error - let the app start so we can debug
try { try {
const testClient = getPrivyClient(fastify); const testClient = getPrivyClient(fastify);
fastify.log.info(`Privy client initialized successfully: ${(await testClient.getAppSettings()).id}`); const appSettings = await testClient.getAppSettings();
fastify.log.info({ appId: appSettings.id }, '✅ Privy client initialized successfully');
} catch (error) { } catch (error) {
fastify.log.error(`Failed to initialize Privy client: ${error}`); fastify.log.error({
throw error; error: error instanceof Error ? error.message : String(error),
stack: error instanceof Error ? error.stack : undefined
}, '❌ Failed to initialize Privy client during plugin registration');
// Don't throw - let the app start so we can see debug logs
// The error will be thrown when Privy is actually used
fastify.log.warn('App will continue but Privy operations will fail until secrets are configured');
} }
}, { }, {
name: 'privy-plugin' name: 'privy-plugin'