From 5f7b673cf89901395ff1472e2681f62f120ae08a Mon Sep 17 00:00:00 2001 From: Ajeet D'Souza <98ajeet@gmail.com> Date: Fri, 9 Apr 2021 19:48:16 +0530 Subject: [PATCH 1/5] GetKeys should return an error --- dgraph/cmd/alpha/run.go | 20 ++++++------ dgraph/cmd/bulk/run.go | 7 ++++- dgraph/cmd/debug/run.go | 8 +++-- dgraph/cmd/decrypt/decrypt.go | 33 +++++++++++--------- dgraph/cmd/live/run.go | 7 ++++- ee/backup/run.go | 6 +++- ee/utils_ee.go | 58 ++++++++++++++++++++++------------- testutil/backup.go | 7 +++-- worker/restore_map.go | 7 +++-- 9 files changed, 99 insertions(+), 54 deletions(-) diff --git a/dgraph/cmd/alpha/run.go b/dgraph/cmd/alpha/run.go index daf90fd40ec..ed578a786bb 100644 --- a/dgraph/cmd/alpha/run.go +++ b/dgraph/cmd/alpha/run.go @@ -645,14 +645,14 @@ func run() { ChangeDataConf: Alpha.Conf.GetString("cdc"), } - aclKey, encKey := ee.GetKeys(Alpha.Conf) - if aclKey != nil { - opts.HmacSecret = aclKey - - acl := z.NewSuperFlag(Alpha.Conf.GetString("acl")).MergeAndCheckDefault(ee.AclDefaults) - opts.AccessJwtTtl = acl.GetDuration("access-ttl") - opts.RefreshJwtTtl = acl.GetDuration("refresh-ttl") - + keys, err := ee.GetKeys(Alpha.Conf) + if err != nil { + glog.Fatal(err) + } + if keys.AclKey != nil { + opts.HmacSecret = keys.AclKey + opts.AccessJwtTtl = keys.AclAccessTtl + opts.RefreshJwtTtl = keys.AclRefreshTtl glog.Info("ACL secret key loaded successfully.") } @@ -691,7 +691,7 @@ func run() { Raft: raft, WhiteListedIPRanges: ips, StrictMutations: opts.MutationsMode == worker.StrictMutations, - AclEnabled: aclKey != nil, + AclEnabled: keys.AclKey != nil, AbortOlderThan: abortDur, StartTime: startTime, Ludicrous: ludicrous, @@ -712,7 +712,7 @@ func run() { // Set the directory for temporary buffers. z.SetTmpDir(x.WorkerConfig.TmpDir) - x.WorkerConfig.EncryptionKey = encKey + x.WorkerConfig.EncryptionKey = keys.EncKey setupCustomTokenizers() x.Init() diff --git a/dgraph/cmd/bulk/run.go b/dgraph/cmd/bulk/run.go index 0e75df62548..877d7179fd1 100644 --- a/dgraph/cmd/bulk/run.go +++ b/dgraph/cmd/bulk/run.go @@ -36,6 +36,7 @@ import ( "github.com/dgraph-io/dgraph/protos/pb" "github.com/dgraph-io/dgraph/worker" "github.com/dgraph-io/ristretto/z" + "github.com/golang/glog" "github.com/dgraph-io/dgraph/tok" "github.com/dgraph-io/dgraph/x" @@ -177,7 +178,11 @@ func run() { os.Exit(0) } - _, opt.EncryptionKey = ee.GetKeys(Bulk.Conf) + keys, err := ee.GetKeys(Bulk.Conf) + if err != nil { + glog.Fatal(err) + } + opt.EncryptionKey = keys.EncKey if len(opt.EncryptionKey) == 0 { if opt.Encrypted || opt.EncryptedOut { fmt.Fprint(os.Stderr, "Must use --encryption or vault option(s).\n") diff --git a/dgraph/cmd/debug/run.go b/dgraph/cmd/debug/run.go index c74c8d73156..3d26bc48dfa 100644 --- a/dgraph/cmd/debug/run.go +++ b/dgraph/cmd/debug/run.go @@ -36,6 +36,7 @@ import ( "github.com/dgraph-io/badger/v3" bpb "github.com/dgraph-io/badger/v3/pb" "github.com/dgraph-io/ristretto/z" + "github.com/golang/glog" "github.com/dgraph-io/dgraph/codec" "github.com/dgraph-io/dgraph/ee" @@ -891,14 +892,17 @@ func run() { } }() - var err error dir := opt.pdir isWal := false if len(dir) == 0 { dir = opt.wdir isWal = true } - _, opt.key = ee.GetKeys(Debug.Conf) + keys, err := ee.GetKeys(Debug.Conf) + if err != nil { + glog.Fatal(err) + } + opt.key = keys.EncKey if isWal { store, err := raftwal.InitEncrypted(dir, opt.key) diff --git a/dgraph/cmd/decrypt/decrypt.go b/dgraph/cmd/decrypt/decrypt.go index 0581f17e03e..2ddae8fdcf8 100644 --- a/dgraph/cmd/decrypt/decrypt.go +++ b/dgraph/cmd/decrypt/decrypt.go @@ -18,15 +18,14 @@ package decrypt import ( "compress/gzip" - "fmt" "io" - "log" "os" "strings" "github.com/dgraph-io/dgraph/ee" "github.com/dgraph-io/dgraph/ee/enc" "github.com/dgraph-io/dgraph/x" + "github.com/golang/glog" "github.com/spf13/cobra" ) @@ -57,17 +56,23 @@ func init() { ee.RegisterEncFlag(flag) } func run() { - opts := options{ - file: Decrypt.Conf.GetString("file"), - output: Decrypt.Conf.GetString("out"), + keys, err := ee.GetKeys(Decrypt.Conf) + if err != nil { + glog.Fatal(err) + } + if len(keys.EncKey) == 0 { + glog.Fatal("Error while reading encryption key: Key is empty") } - _, opts.keyfile = ee.GetKeys(Decrypt.Conf) - if len(opts.keyfile) == 0 { - log.Fatal("Error while reading encryption key: Key is empty") + + opts := options{ + file: Decrypt.Conf.GetString("file"), + output: Decrypt.Conf.GetString("out"), + keyfile: keys.EncKey, } + f, err := os.Open(opts.file) if err != nil { - log.Fatalf("Error opening file: %v\n", err) + glog.Fatalf("Error opening file: %v\n", err) } defer f.Close() reader, err := enc.GetReader(opts.keyfile, f) @@ -78,14 +83,14 @@ func run() { } outf, err := os.OpenFile(opts.output, os.O_WRONLY|os.O_CREATE, 0644) if err != nil { - log.Fatalf("Error while opening output file: %v\n", err) + glog.Fatalf("Error while opening output file: %v\n", err) } w := gzip.NewWriter(outf) - fmt.Printf("Decrypting %s\n", opts.file) - fmt.Printf("Writing to %v\n", opts.output) + glog.Infof("Decrypting %s\n", opts.file) + glog.Infof("Writing to %v\n", opts.output) _, err = io.Copy(w, reader) if err != nil { - log.Fatalf("Error while writing: %v\n", err) + glog.Fatalf("Error while writing: %v\n", err) } err = w.Flush() x.Check(err) @@ -93,5 +98,5 @@ func run() { x.Check(err) err = outf.Close() x.Check(err) - fmt.Println("Done.") + glog.Infof("Done.") } diff --git a/dgraph/cmd/live/run.go b/dgraph/cmd/live/run.go index a8d30735af5..6dce96c4844 100644 --- a/dgraph/cmd/live/run.go +++ b/dgraph/cmd/live/run.go @@ -738,7 +738,12 @@ func run() error { z.SetTmpDir(opt.tmpDir) - _, opt.key = ee.GetKeys(Live.Conf) + keys, err := ee.GetKeys(Live.Conf) + if err != nil { + return err + } + opt.key = keys.EncKey + go func() { if err := http.ListenAndServe(opt.httpAddr, nil); err != nil { glog.Errorf("Error while starting HTTP server: %+v", err) diff --git a/ee/backup/run.go b/ee/backup/run.go index 47c120ef86a..da337dd6b6f 100644 --- a/ee/backup/run.go +++ b/ee/backup/run.go @@ -226,7 +226,11 @@ func (bw *bufWriter) Write(buf *z.Buffer) error { } func runExportBackup() error { - _, opt.key = ee.GetKeys(ExportBackup.Conf) + keys, err := ee.GetKeys(ExportBackup.Conf) + if err != nil { + return err + } + opt.key = keys.EncKey if opt.format != "json" && opt.format != "rdf" { return errors.Errorf("invalid format %s", opt.format) } diff --git a/ee/utils_ee.go b/ee/utils_ee.go index d1f0303f936..bd0ed209715 100644 --- a/ee/utils_ee.go +++ b/ee/utils_ee.go @@ -13,48 +13,64 @@ package ee import ( + "fmt" "io/ioutil" + "time" "github.com/dgraph-io/dgraph/x" "github.com/dgraph-io/ristretto/z" - "github.com/golang/glog" "github.com/spf13/viper" ) +type Keys struct { + AclKey x.Sensitive + AclAccessTtl time.Duration + AclRefreshTtl time.Duration + EncKey x.Sensitive +} + // GetKeys returns the ACL and encryption keys as configured by the user // through the --acl, --encryption, and --vault flags. On OSS builds, // this function exits with an error. -func GetKeys(config *viper.Viper) (x.Sensitive, x.Sensitive) { - aclSuperFlag := z.NewSuperFlag(config.GetString("acl")) - aclKey, encKey := vaultGetKeys(config) +func GetKeys(config *viper.Viper) (*Keys, error) { + keys := &Keys{} var err error - aclKeyFile := aclSuperFlag.GetPath("secret-file") + aclSuperFlag := z.NewSuperFlag(config.GetString("acl")).MergeAndCheckDefault(AclDefaults) + encSuperFlag := z.NewSuperFlag(config.GetString("encryption")).MergeAndCheckDefault(EncDefaults) + + // Get AclKey and EncKey from vault / acl / encryption SuperFlags + keys.AclKey, keys.EncKey = vaultGetKeys(config) + aclKeyFile := aclSuperFlag.GetPath(flagAclSecretFile) if aclKeyFile != "" { - if aclKey != nil { - glog.Exit("flags: ACL secret key set in both vault and acl flags") + if keys.AclKey != nil { + return nil, fmt.Errorf("flags: ACL secret key set in both vault and acl flags") } - if aclKey, err = ioutil.ReadFile(aclKeyFile); err != nil { - glog.Exitf("error reading ACL secret key from file: %s: %s", aclKeyFile, err) + if keys.AclKey, err = ioutil.ReadFile(aclKeyFile); err != nil { + return nil, fmt.Errorf("error reading ACL secret key from file: %s: %s", aclKeyFile, err) } } - if l := len(aclKey); aclKey != nil && l < 32 { - glog.Exitf("ACL secret key must have length of at least 32 bytes, got %d bytes instead", l) + if l := len(keys.AclKey); keys.AclKey != nil && l < 32 { + return nil, fmt.Errorf( + "ACL secret key must have length of at least 32 bytes, got %d bytes instead", l) } - - encSuperFlag := z.NewSuperFlag(config.GetString("encryption")).MergeAndCheckDefault(EncDefaults) - encKeyFile := encSuperFlag.GetPath("key-file") + encKeyFile := encSuperFlag.GetPath(flagEncKeyFile) if encKeyFile != "" { - if encKey != nil { - glog.Exit("flags: Encryption key set in both vault and encryption") + if keys.EncKey != nil { + return nil, fmt.Errorf("flags: Encryption key set in both vault and encryption flags") } - if encKey, err = ioutil.ReadFile(encKeyFile); err != nil { - glog.Exitf("error reading encryption key from file: %s: %s", encKeyFile, err) + if keys.EncKey, err = ioutil.ReadFile(encKeyFile); err != nil { + return nil, fmt.Errorf("error reading encryption key from file: %s: %s", encKeyFile, err) } } - if l := len(encKey); encKey != nil && l != 16 && l != 32 && l != 64 { - glog.Exitf("encryption key must have length of 16, 32, or 64 bytes, got %d bytes instead", l) + if l := len(keys.EncKey); keys.EncKey != nil && l != 16 && l != 32 && l != 64 { + return nil, fmt.Errorf( + "encryption key must have length of 16, 32, or 64 bytes, got %d bytes instead", l) } - return aclKey, encKey + // Get remaining keys + keys.AclAccessTtl = aclSuperFlag.GetDuration(flagAclAccessTtl) + keys.AclRefreshTtl = aclSuperFlag.GetDuration(flagAclRefreshTtl) + + return keys, nil } diff --git a/testutil/backup.go b/testutil/backup.go index 6fe3ba669df..0e192257283 100644 --- a/testutil/backup.go +++ b/testutil/backup.go @@ -50,12 +50,15 @@ func openDgraph(pdir string) (*badger.DB, error) { return nil, err } config.Set("encryption", ee.BuildEncFlag(KeyFile)) - _, encKey := ee.GetKeys(config) + keys, err := ee.GetKeys(config) + if err != nil { + return nil, err + } opt := badger.DefaultOptions(pdir). WithBlockCacheSize(10 * (1 << 20)). WithIndexCacheSize(10 * (1 << 20)). - WithEncryptionKey(encKey). + WithEncryptionKey(keys.EncKey). WithNamespaceOffset(x.NamespaceOffset) return badger.OpenManaged(opt) } diff --git a/worker/restore_map.go b/worker/restore_map.go index ba07282d558..ada4de314cd 100644 --- a/worker/restore_map.go +++ b/worker/restore_map.go @@ -546,7 +546,10 @@ func RunMapper(req *pb.RestoreRequest, mapDir string) error { if err != nil { return errors.Wrapf(err, "unable to get encryption config") } - _, encKey := ee.GetKeys(cfg) + keys, err := ee.GetKeys(cfg) + if err != nil { + return err + } mapper := &mapper{ buf: newBuffer(), @@ -594,7 +597,7 @@ func RunMapper(req *pb.RestoreRequest, mapDir string) error { // Only restore the predicates that were assigned to this group at the time // of the last backup. file := filepath.Join(manifest.Path, backupName(manifest.Since, gid)) - br := readerFrom(h, file).WithEncryption(encKey).WithCompression(manifest.Compression) + br := readerFrom(h, file).WithEncryption(keys.EncKey).WithCompression(manifest.Compression) if br.err != nil { return errors.Wrap(br.err, "newBackupReader") } From 451c95d008e7f3cb89f4bdbd19c715b8f10d1504 Mon Sep 17 00:00:00 2001 From: Ajeet D'Souza <98ajeet@gmail.com> Date: Fri, 9 Apr 2021 20:10:45 +0530 Subject: [PATCH 2/5] Fix OSS build --- dgraph/cmd/bulk/run.go | 18 ++++++++++-------- dgraph/cmd/live/run.go | 12 +++++------- ee/flags.go | 10 ++++++++++ ee/{utils.go => keys.go} | 10 ++++------ ee/{utils_ee.go => keys_ee.go} | 11 +---------- 5 files changed, 30 insertions(+), 31 deletions(-) rename ee/{utils.go => keys.go} (77%) rename ee/{utils_ee.go => keys_ee.go} (91%) diff --git a/dgraph/cmd/bulk/run.go b/dgraph/cmd/bulk/run.go index 877d7179fd1..9fb2818b1de 100644 --- a/dgraph/cmd/bulk/run.go +++ b/dgraph/cmd/bulk/run.go @@ -36,7 +36,6 @@ import ( "github.com/dgraph-io/dgraph/protos/pb" "github.com/dgraph-io/dgraph/worker" "github.com/dgraph-io/ristretto/z" - "github.com/golang/glog" "github.com/dgraph-io/dgraph/tok" "github.com/dgraph-io/dgraph/x" @@ -143,9 +142,15 @@ func run() { bopts := badger.DefaultOptions("").FromSuperFlag(BulkBadgerDefaults + cacheDefaults). FromSuperFlag(Bulk.Conf.GetString("badger")) + keys, err := ee.GetKeys(Bulk.Conf) + if err != nil { + log.Fatal(err) + } + opt := options{ DataFiles: Bulk.Conf.GetString("files"), DataFormat: Bulk.Conf.GetString("format"), + EncryptionKey: keys.EncKey, SchemaFile: Bulk.Conf.GetString("schema"), GqlSchemaFile: Bulk.Conf.GetString("graphql_schema"), Encrypted: Bulk.Conf.GetBool("encrypted"), @@ -178,11 +183,6 @@ func run() { os.Exit(0) } - keys, err := ee.GetKeys(Bulk.Conf) - if err != nil { - glog.Fatal(err) - } - opt.EncryptionKey = keys.EncKey if len(opt.EncryptionKey) == 0 { if opt.Encrypted || opt.EncryptedOut { fmt.Fprint(os.Stderr, "Must use --encryption or vault option(s).\n") @@ -192,11 +192,13 @@ func run() { requiredFlags := Bulk.Cmd.Flags().Changed("encrypted") && Bulk.Cmd.Flags().Changed("encrypted_out") if !requiredFlags { - fmt.Fprint(os.Stderr, "Must specify --encrypted and --encrypted_out when providing encryption key.\n") + fmt.Fprint(os.Stderr, + "Must specify --encrypted and --encrypted_out when providing encryption key.\n") os.Exit(1) } if !opt.Encrypted && !opt.EncryptedOut { - fmt.Fprint(os.Stderr, "Must set --encrypted and/or --encrypted_out to true when providing encryption key.\n") + fmt.Fprint(os.Stderr, + "Must set --encrypted and/or --encrypted_out to true when providing encryption key.\n") os.Exit(1) } diff --git a/dgraph/cmd/live/run.go b/dgraph/cmd/live/run.go index 6dce96c4844..8bb1d01c165 100644 --- a/dgraph/cmd/live/run.go +++ b/dgraph/cmd/live/run.go @@ -697,8 +697,11 @@ func run() error { } creds := z.NewSuperFlag(Live.Conf.GetString("creds")).MergeAndCheckDefault(x.DefaultCreds) + keys, err := ee.GetKeys(Live.Conf) + if err != nil { + return err + } - var err error x.PrintVersion() opt = options{ dataFiles: Live.Conf.GetString("files"), @@ -717,6 +720,7 @@ func run() error { ludicrousMode: Live.Conf.GetBool("ludicrous"), upsertPredicate: Live.Conf.GetString("upsertPredicate"), tmpDir: Live.Conf.GetString("tmp"), + key: keys.EncKey, } forceNs := Live.Conf.GetInt64("force-namespace") @@ -738,12 +742,6 @@ func run() error { z.SetTmpDir(opt.tmpDir) - keys, err := ee.GetKeys(Live.Conf) - if err != nil { - return err - } - opt.key = keys.EncKey - go func() { if err := http.ListenAndServe(opt.httpAddr, nil); err != nil { glog.Errorf("Error while starting HTTP server: %+v", err) diff --git a/ee/flags.go b/ee/flags.go index 37e9275b25c..5c58f99c752 100644 --- a/ee/flags.go +++ b/ee/flags.go @@ -19,11 +19,21 @@ package ee import ( "fmt" "strings" + "time" + "github.com/dgraph-io/dgraph/x" "github.com/dgraph-io/ristretto/z" "github.com/spf13/pflag" ) +// Keys holds the configuration for ACL and encryption. +type Keys struct { + AclKey x.Sensitive + AclAccessTtl time.Duration + AclRefreshTtl time.Duration + EncKey x.Sensitive +} + const ( flagAcl = "acl" flagAclAccessTtl = "access-ttl" diff --git a/ee/utils.go b/ee/keys.go similarity index 77% rename from ee/utils.go rename to ee/keys.go index 9cb317144df..86a98d70381 100644 --- a/ee/utils.go +++ b/ee/keys.go @@ -19,15 +19,13 @@ package ee import ( - "github.com/dgraph-io/dgraph/x" - "github.com/golang/glog" "github.com/spf13/viper" ) // GetKeys returns the ACL and encryption keys as configured by the user // through the --acl, --encryption, and --vault flags. On OSS builds, -// this function exits with an error. -func GetKeys(config *viper.Viper) (x.Sensitive, x.Sensitive) { - glog.Exit("flags: acl / encryption is an enterprise-only feature") - return nil, nil +// this function always returns an error. +func GetKeys(config *viper.Viper) (Keys, error) { + return nil, fmt.Errorf( + "flags: acl / encryption is an enterprise-only feature") } diff --git a/ee/utils_ee.go b/ee/keys_ee.go similarity index 91% rename from ee/utils_ee.go rename to ee/keys_ee.go index bd0ed209715..c3e10f7c951 100644 --- a/ee/utils_ee.go +++ b/ee/keys_ee.go @@ -15,23 +15,14 @@ package ee import ( "fmt" "io/ioutil" - "time" - "github.com/dgraph-io/dgraph/x" "github.com/dgraph-io/ristretto/z" "github.com/spf13/viper" ) -type Keys struct { - AclKey x.Sensitive - AclAccessTtl time.Duration - AclRefreshTtl time.Duration - EncKey x.Sensitive -} - // GetKeys returns the ACL and encryption keys as configured by the user // through the --acl, --encryption, and --vault flags. On OSS builds, -// this function exits with an error. +// this function always returns an error. func GetKeys(config *viper.Viper) (*Keys, error) { keys := &Keys{} var err error From c11a554dd62165db30b2ae8db6938b1e25ee8d80 Mon Sep 17 00:00:00 2001 From: Ajeet D'Souza <98ajeet@gmail.com> Date: Fri, 9 Apr 2021 20:12:39 +0530 Subject: [PATCH 3/5] Fix OSS build --- ee/keys.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/keys.go b/ee/keys.go index 86a98d70381..b9d81d2855c 100644 --- a/ee/keys.go +++ b/ee/keys.go @@ -25,7 +25,7 @@ import ( // GetKeys returns the ACL and encryption keys as configured by the user // through the --acl, --encryption, and --vault flags. On OSS builds, // this function always returns an error. -func GetKeys(config *viper.Viper) (Keys, error) { +func GetKeys(config *viper.Viper) (*Keys, error) { return nil, fmt.Errorf( "flags: acl / encryption is an enterprise-only feature") } From 2e495eafe98f77d2d8ff15328fe7eb76db078e47 Mon Sep 17 00:00:00 2001 From: Ajeet D'Souza <98ajeet@gmail.com> Date: Fri, 9 Apr 2021 20:17:25 +0530 Subject: [PATCH 4/5] Fix OSS build --- ee/keys.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ee/keys.go b/ee/keys.go index b9d81d2855c..8e4abc57f49 100644 --- a/ee/keys.go +++ b/ee/keys.go @@ -19,6 +19,8 @@ package ee import ( + "fmt" + "github.com/spf13/viper" ) From 7cb91f3262d7f62ad0f1fa45294cd4399d35d477 Mon Sep 17 00:00:00 2001 From: Ajeet D'Souza <98ajeet@gmail.com> Date: Mon, 12 Apr 2021 13:18:36 +0530 Subject: [PATCH 5/5] Replace glog.Fatal with x.Check --- dgraph/cmd/alpha/run.go | 5 ++--- dgraph/cmd/bulk/run.go | 4 +--- dgraph/cmd/debug/run.go | 5 +---- dgraph/cmd/decrypt/decrypt.go | 4 +--- 4 files changed, 5 insertions(+), 13 deletions(-) diff --git a/dgraph/cmd/alpha/run.go b/dgraph/cmd/alpha/run.go index ed578a786bb..b62b254093e 100644 --- a/dgraph/cmd/alpha/run.go +++ b/dgraph/cmd/alpha/run.go @@ -646,9 +646,8 @@ func run() { } keys, err := ee.GetKeys(Alpha.Conf) - if err != nil { - glog.Fatal(err) - } + x.Check(err) + if keys.AclKey != nil { opts.HmacSecret = keys.AclKey opts.AccessJwtTtl = keys.AclAccessTtl diff --git a/dgraph/cmd/bulk/run.go b/dgraph/cmd/bulk/run.go index 9fb2818b1de..f1c5337f2ec 100644 --- a/dgraph/cmd/bulk/run.go +++ b/dgraph/cmd/bulk/run.go @@ -143,9 +143,7 @@ func run() { bopts := badger.DefaultOptions("").FromSuperFlag(BulkBadgerDefaults + cacheDefaults). FromSuperFlag(Bulk.Conf.GetString("badger")) keys, err := ee.GetKeys(Bulk.Conf) - if err != nil { - log.Fatal(err) - } + x.Check(err) opt := options{ DataFiles: Bulk.Conf.GetString("files"), diff --git a/dgraph/cmd/debug/run.go b/dgraph/cmd/debug/run.go index 3d26bc48dfa..3103802e1d3 100644 --- a/dgraph/cmd/debug/run.go +++ b/dgraph/cmd/debug/run.go @@ -36,7 +36,6 @@ import ( "github.com/dgraph-io/badger/v3" bpb "github.com/dgraph-io/badger/v3/pb" "github.com/dgraph-io/ristretto/z" - "github.com/golang/glog" "github.com/dgraph-io/dgraph/codec" "github.com/dgraph-io/dgraph/ee" @@ -899,9 +898,7 @@ func run() { isWal = true } keys, err := ee.GetKeys(Debug.Conf) - if err != nil { - glog.Fatal(err) - } + x.Check(err) opt.key = keys.EncKey if isWal { diff --git a/dgraph/cmd/decrypt/decrypt.go b/dgraph/cmd/decrypt/decrypt.go index 2ddae8fdcf8..5e72a1e246b 100644 --- a/dgraph/cmd/decrypt/decrypt.go +++ b/dgraph/cmd/decrypt/decrypt.go @@ -57,9 +57,7 @@ func init() { } func run() { keys, err := ee.GetKeys(Decrypt.Conf) - if err != nil { - glog.Fatal(err) - } + x.Check(err) if len(keys.EncKey) == 0 { glog.Fatal("Error while reading encryption key: Key is empty") }