Runboat broken server_environment_data_encryption

[simahawk]

This PR seems to solve one issue, but there's another one in runboat

odoo.exceptions.ValidationError: No 'encryption_key_test' entry found in config file. Use a key similar to: b'lUMc38soCfqymcvsJdsXYAB_DQGZozQQYPYHOZ2PZik='

Seems related to server_environment_data_encryption module. Do you have any idea what could be wrong? @florian-dacosta @sebastienbeau

Full traceback

``` 2022-04-27 11:56:32,531 77 INFO b7b3579b4-0fcf-4ca0-8b98-4b272b74d91e odoo.modules.loading: loading payment_transfer/data/payment_acquirer_data.xml 2022-04-27 11:56:32,541 77 WARNING b7b3579b4-0fcf-4ca0-8b98-4b272b74d91e odoo.modules.loading: Transient module states were reset 2022-04-27 11:56:32,541 77 ERROR b7b3579b4-0fcf-4ca0-8b98-4b272b74d91e odoo.modules.registry: Failed to load registry 2022-04-27 11:56:32,541 77 CRITICAL b7b3579b4-0fcf-4ca0-8b98-4b272b74d91e odoo.service.server: Failed to initialize database `b7b3579b4-0fcf-4ca0-8b98-4b272b74d91e`. Traceback (most recent call last): File "/opt/odoo/odoo/tools/convert.py", line 677, in _tag_root f(rec) File "/opt/odoo/odoo/tools/convert.py", line 580, in _tag_record record = model._load_records([data], self.mode == 'update') File "/opt/odoo/odoo/models.py", line 4220, in _load_records data['record']._load_records_write(data['values']) File "/opt/odoo/odoo/models.py", line 4149, in _load_records_write self.write(values) File "/opt/odoo/addons/payment_transfer/models/payment.py", line 68, in write return super(TransferPaymentAcquirer, self).write(values) File "/opt/odoo/addons/payment/models/payment_acquirer.py", line 335, in write result = super(PaymentAcquirer, self).write(vals) File "/mnt/data/odoo-addons-dir/server_environment/models/server_env_tech_name_mixin.py", line 66, in write return super().write(vals) File "/opt/odoo/odoo/models.py", line 3703, in write fields[0].determine_inverse(real_recs) File "/opt/odoo/odoo/fields.py", line 1187, in determine_inverse getattr(records, self.inverse)() File "/mnt/data/odoo-addons-dir/server_environment_data_encryption/models/server_env_mixin.py", line 50, in _inverse_server_env encrypted_data_name, values, env=env File "/mnt/data/odoo-addons-dir/data_encryption/models/encrypted_data.py", line 145, in _encrypted_store_json return self._encrypted_store(name, json.dumps(json_data), env=env) File "/mnt/data/odoo-addons-dir/data_encryption/models/encrypted_data.py", line 132, in _encrypted_store encrypted_data = self._encrypt_data(data, env) File "/mnt/data/odoo-addons-dir/data_encryption/models/encrypted_data.py", line 119, in _encrypt_data cipher = self._get_cipher(env) File "/mnt/data/odoo-addons-dir/data_encryption/models/encrypted_data.py", line 111, in _get_cipher % (key_name, Fernet.generate_key()) odoo.exceptions.ValidationError: No 'encryption_key_test' entry found in config file. Use a key similar to: b'lUMc38soCfqymcvsJdsXYAB_DQGZozQQYPYHOZ2PZik=' The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/opt/odoo/odoo/service/server.py", line 1199, in preload_registries registry = Registry.new(dbname, update_module=update_module) File "/opt/odoo/odoo/modules/registry.py", line 89, in new odoo.modules.load_modules(registry._db, force_demo, status, update_module) File "/opt/odoo/odoo/modules/loading.py", line 461, in load_modules loaded_modules, update_module, models_to_check) File "/opt/odoo/odoo/modules/loading.py", line 349, in load_marked_modules perform_checks=perform_checks, models_to_check=models_to_check File "/opt/odoo/odoo/modules/loading.py", line 222, in load_module_graph load_data(cr, idref, mode, kind='data', package=package) File "/opt/odoo/odoo/modules/loading.py", line 69, in load_data tools.convert_file(cr, package.name, filename, idref, mode, noupdate, kind) File "/opt/odoo/odoo/tools/convert.py", line 733, in convert_file convert_xml_import(cr, module, fp, idref, mode, noupdate) File "/opt/odoo/odoo/tools/convert.py", line 799, in convert_xml_import obj.parse(doc.getroot()) File "/opt/odoo/odoo/tools/convert.py", line 719, in parse self._tag_root(de) File "/opt/odoo/odoo/tools/convert.py", line 677, in _tag_root f(rec) File "/opt/odoo/odoo/tools/convert.py", line 685, in _tag_root )) from e odoo.tools.convert.ParseError: while parsing /opt/odoo/addons/payment_transfer/data/payment_acquirer_data.xml:5, near Wire Transfer transfer enabled <h3>Please make a payment to: </h3> <ul> <li>Bank:&nbsp;</li> <li>Account Number:</li> <li>Account Holder: </li> </ul> ```

Originally posted by @ivantodorovich in https://github.com/OCA/server-env/issues/109#issuecomment-1110916155

[florian-dacosta]

Indeed, this module (server_environment_data_encryption) needs an encryption key in the odoo main configuration file in order to work. The module is compatible with any serverenvironment* module as soon as it is installed. Here it seems that in payment_acquirer try to write some environment dependent values, with server_environment_data_encryption installed, so it tries to encrypt it and store it but can't do it because the configuration is missing... The necessary configuration for the module to work is managed it the module test : https://github.com/OCA/server-env/blob/14.0/server_environment_data_encryption/tests/test_server_environment_data_encrypt.py#L12 But is not present in other serverenvironment modules because they don't depend on it.

I guess the test of server_environment_data_encryption should be isolated in a separated job...

[ivantodorovich]

Actually the tests on travis/gh actions are not failing.

The issue is with runboat, and I think there we can't isolate modules 🤔 but more over, considering tests on travis/gh succeed without isolated modules... I'm thinking we don't need to do that.

There's probably something missing on runboat, that's somehow available in travis/gh. I'm not sure what that is though 😅

[florian-dacosta]

Oh yes, it is not failing on a test but at payment_transfer installation with runboat...

Well then I am not not sure on how to fix this the problem is that server_environment_data_encryption is installed but without the encryption key in the odoo config file and then payment_transfer is installed and try to change a environment dependent value in its data.

Is it possible to add some entries in odoo config file for runboat ?

[ivantodorovich]

Is it possible to add some entries in odoo config file for runboat ?

I've no idea, @sbidoul ?

[sbidoul]

No at the moment it is not possible to add configuration to runboat builds.

Would it be possible to add demo data the provide a demo encryption key or something ?

[florian-dacosta]

The encryption key beeing only in configuration file, I don't think we can do it with demo data.

But I think we could change a bit the module this way : If we don't have encryption key configuration (which make the module useless) instead of failing, we fall back on storing the environement dependent value in clear (default behavior of server_environment). And we add a red ribon to warn the user encryption key is missing (and so the data won't be encrypted).

[simahawk]

@sbidoul is it possible to use an ENV key? Maybe we can have a .runboat.env file in the repo?

[sbidoul]

@simahawk If really needed we can set specific environment variables per repo+branch in the global runboat config. Having a in-repo .runboat.yaml to drive runboat configuration is feasible if not trivial (I think there is an open issue for it), but I'm still not convinced it is desirable.

I personally believe that having sane (demo) defaults for addons has many advantages, at least for them to not break at install time. For instance, one problem is that specific configurations would need to be applied also to dependent repos that use this module, which is quite painful as we have seen in the past.

[simahawk]

Sure, mine was just a general question ;) Thanks for the feedback!

[florian-dacosta]

@simahawk Can you close this issue since it has been fixed ?