fix: skip chown for cert and key when using Basic Auth

[Ruadhri17]

Proposed changes

Skip changing ownership for device certificate as it is not needed when connecting via Basic Auth credentials.

Types of changes

• Bugfix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Improvement (general improvements like code refactoring that doesn't explicitly fix a bug or add any new functionality)
• Documentation Update (if none of the other choices apply)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

Paste Link to the issue

#3476

Checklist

• I have read the CONTRIBUTING doc
• I have signed the CLA (in all commits with git commit -s. You can activate automatic signing by running just prepare-dev once)
• I ran just format as mentioned in CODING_GUIDELINES
• I used just check as mentioned in CODING_GUIDELINES
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)

Further comments

[codecov]

Codecov Report

Attention: Patch coverage is 66.66667% with 9 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
crates/core/tedge/src/cli/log.rs	0.00%	5 Missing ⚠️
crates/core/tedge/src/cli/connect/command.rs	0.00%	4 Missing ⚠️

📢 Thoughts on this report? Let us know!

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Robot Results

✅ Passed	❌ Failed	⏭️ Skipped	Total	Pass %	⏱️ Duration
599	0	3	599	100	1h43m18.100298s

[rina23q]

Actually, this condition doesn't cover when auth_method == AuthMethod::Auto and auto chooses basic. You could use auth_method.is_basic(<path_to_credentials_toml>) instead, however, you need to parse the credentials file path, which is not available in this function.

Alternatively, if both remote_username and remote_password are set, you can consider that auth method is basic.

Suggested change

	if bridge_config
	.auth_method
	.is_some_and(|auth_method| auth_method == AuthMethod::Basic)
	if bridge_config.remote_username.is_some() && bridge_config.remote_password.is_some()

[Ruadhri17]

When Bridge Config is created, based on remote_username it is either AuthMethod::Certificate or AuthMethod::Basic. For aws and azure it is set to None. However, using if bridge_config.remote_username.is_some() && bridge_config.remote_password.is_some() is also what I considered.

[rina23q]

When Bridge Config is created, based on remote_username it is either AuthMethod::Certificate or AuthMethod::Basic. For aws and azure it is set to None.

This is correct. So, just to fix the issue, your change is enough.

However, there is a misuse of the type in the code.

1. BridgeConfig::auth_method should have been Option<AuthType>, AuthType has only Basic or Certificate. AuthMethod is just a representation of c8y.auth_method config. Internally, we should use AuthType since it doesn't have Auto.
2. Next, what does None mean for authentication? AWS/Azure, we use certificate based authentication.

So, BridgeConfig::auth_method should be no longer Option, just AuthType.

[didier-wenzek]

As the condition seems no so obvious, it would be better to extract it into a BridgeConfig method.

[didier-wenzek]

Approved. Pre-computing bridge_config.auth_type makes things clearer. Thanks.

[rina23q]

Thank you!