From 1ff2bdc2a6e013517ecaf17acbb2952dd98ac8df Mon Sep 17 00:00:00 2001 From: shubhamvernekar Date: Mon, 13 Nov 2023 18:45:02 +0530 Subject: [PATCH 1/6] Added AWS cloud functionaly --- client/client.go | 31 +++- client/{gcs_service.go => cloud_service.go} | 12 +- client/service_test.go | 6 +- config/config.go | 34 +++-- config/dolores.go | 10 +- go.mod | 29 +++- go.sum | 59 ++++++-- store/aws/aws.go | 149 ++++++++++++++++++++ store/cld/object.go | 10 ++ store/google/gcs.go | 15 +- 10 files changed, 301 insertions(+), 54 deletions(-) rename client/{gcs_service.go => cloud_service.go} (94%) create mode 100644 store/aws/aws.go create mode 100644 store/cld/object.go diff --git a/client/client.go b/client/client.go index 10b2a57..14cc94e 100644 --- a/client/client.go +++ b/client/client.go @@ -8,6 +8,7 @@ import ( "github.com/rs/zerolog" "github.com/rs/zerolog/log" "github.com/scalescape/dolores/config" + "github.com/scalescape/dolores/store/aws" "github.com/scalescape/dolores/store/google" ) @@ -106,12 +107,38 @@ func (c *Client) GetSecretList(_ SecretListConfig) ([]SecretObject, error) { return objs, nil } +func getStore(ctx context.Context, cfg config.Client) (storeI, error) { + var store storeI + var err error + switch cfg.Provider { + case config.AWS: + { + acfg := aws.Config{ServiceAccountFile: cfg.Cloud.ApplicationCredentials} + store, err = aws.NewStore(ctx, acfg) + if err != nil { + return nil, err + } + } + case config.GCS: + { + gcfg := google.Config{ServiceAccountFile: cfg.Cloud.ApplicationCredentials} + store, err = google.NewStore(ctx, gcfg) + if err != nil { + return nil, err + } + } + default: + err = fmt.Errorf("failed to get store: %w", config.ErrCloudProviderNotFound) + } + + return store, err +} + func New(ctx context.Context, cfg config.Client) (*Client, error) { if err := cfg.Valid(); err != nil { return nil, err } - gcfg := google.Config{ServiceAccountFile: cfg.Google.ApplicationCredentials} - st, err := google.NewStore(ctx, gcfg) + st, err := getStore(ctx, cfg) if err != nil { return nil, err } diff --git a/client/gcs_service.go b/client/cloud_service.go similarity index 94% rename from client/gcs_service.go rename to client/cloud_service.go index 1301390..6d60247 100644 --- a/client/gcs_service.go +++ b/client/cloud_service.go @@ -10,7 +10,7 @@ import ( "github.com/rs/zerolog/log" "github.com/scalescape/dolores/config" - "github.com/scalescape/dolores/store/google" + cloud "github.com/scalescape/dolores/store/cld" ) var ErrInvalidPublicKeys = errors.New("invalid public keys") @@ -18,13 +18,13 @@ var ErrInvalidPublicKeys = errors.New("invalid public keys") const metadataFile = "dolores.md" type Service struct { - store gcsStore + store storeI } -type gcsStore interface { +type storeI interface { WriteToObject(ctx context.Context, bucketName, fileName string, data []byte) error ReadObject(ctx context.Context, bucketName, fileName string) ([]byte, error) - ListObject(ctx context.Context, bucketName, path string) ([]google.Object, error) + ListObject(ctx context.Context, bucketName, path string) ([]cloud.Object, error) ExistsObject(ctx context.Context, bucketName, fileName string) (bool, error) } @@ -138,7 +138,7 @@ func (s Service) saveObject(ctx context.Context, bucket, fname string, md any) e return s.store.WriteToObject(ctx, bucket, fname, data) } -func (s Service) ListObject(ctx context.Context, bucket, path string) ([]google.Object, error) { +func (s Service) ListObject(ctx context.Context, bucket, path string) ([]cloud.Object, error) { resp, err := s.store.ListObject(ctx, bucket, path) if err != nil { return nil, err @@ -146,6 +146,6 @@ func (s Service) ListObject(ctx context.Context, bucket, path string) ([]google. return resp, nil } -func NewService(st gcsStore) Service { +func NewService(st storeI) Service { return Service{store: st} } diff --git a/client/service_test.go b/client/service_test.go index 26bcef0..fb020da 100644 --- a/client/service_test.go +++ b/client/service_test.go @@ -7,7 +7,7 @@ import ( "github.com/scalescape/dolores/client" "github.com/scalescape/dolores/config" - "github.com/scalescape/dolores/store/google" + cloud "github.com/scalescape/dolores/store/cld" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" @@ -39,9 +39,9 @@ func (m *mockGCS) ReadObject(ctx context.Context, bucketName, fileName string) ( return args.Get(0).([]byte), args.Error(1) } -func (m *mockGCS) ListObject(ctx context.Context, bucketName, path string) ([]google.Object, error) { +func (m *mockGCS) ListObject(ctx context.Context, bucketName, path string) ([]cloud.Object, error) { args := m.Called(ctx, bucketName, path) - return args.Get(0).([]google.Object), args.Error(1) + return args.Get(0).([]cloud.Object), args.Error(1) } func (m *mockGCS) ExistsObject(ctx context.Context, bucketName, fileName string) (bool, error) { diff --git a/config/config.go b/config/config.go index ea81703..b94a62d 100644 --- a/config/config.go +++ b/config/config.go @@ -12,9 +12,15 @@ import ( ) var ( - ErrInvalidGoogleCreds = errors.New("invalid google application credentials") - ErrInvalidStorageBucket = errors.New("invalid storage bucket") - ErrInvalidKeyFile = errors.New("invalid key file") + ErrInvalidGoogleCreds = errors.New("invalid google application credentials") + ErrInvalidStorageBucket = errors.New("invalid storage bucket") + ErrInvalidKeyFile = errors.New("invalid key file") + ErrCloudProviderNotFound = errors.New("cloud provider not found") +) + +var ( + AWS = "AWS" + GCS = "GCS" ) type CtxKey string @@ -27,7 +33,7 @@ var ( File = filepath.Join(Dir, "dolores.json") ) -type Google struct { +type Cloud struct { ApplicationCredentials string `split_words:"true"` StorageBucket string `split_words:"true"` StoragePrefix string @@ -42,18 +48,19 @@ type Metadata struct { } type Client struct { - Google + Cloud + Provider string } func (c Client) BucketName() string { - return c.Google.StorageBucket + return c.Cloud.StorageBucket } func (c Client) Valid() error { - if c.Google.ApplicationCredentials == "" { + if c.Cloud.ApplicationCredentials == "" { return ErrInvalidGoogleCreds } - if c.Google.StorageBucket == "" { + if c.Cloud.StorageBucket == "" { return ErrInvalidStorageBucket } return nil @@ -65,23 +72,24 @@ func LoadClient(ctx context.Context, env string) (Client, error) { if err != nil { return Client{}, fmt.Errorf("dolores not initialized yet: %w", err) } - if err := envconfig.Process("GOOGLE", &cfg.Google); err != nil { + if err := envconfig.Process("GOOGLE", &cfg.Cloud); err != nil { return Client{}, fmt.Errorf("processing config: %w", err) } md := d.Environments[env].Metadata - if cfg.Google.ApplicationCredentials == "" { + cfg.Provider = d.Environments[env].CloudProvider + if cfg.Cloud.ApplicationCredentials == "" { if creds := md.ApplicationCredentials; creds != "" { - cfg.Google.ApplicationCredentials = creds + cfg.Cloud.ApplicationCredentials = creds } } if bucket := md.Bucket; bucket != "" { - cfg.Google.StorageBucket = bucket + cfg.Cloud.StorageBucket = bucket } if location := md.Location; location != "" { - cfg.Google.StoragePrefix = location + cfg.Cloud.StoragePrefix = location } if err := cfg.Valid(); err != nil { diff --git a/config/dolores.go b/config/dolores.go index 9c2708f..2bd5120 100644 --- a/config/dolores.go +++ b/config/dolores.go @@ -12,8 +12,9 @@ import ( var ErrInvalidDoloresConfig = errors.New("invalid dolores config") type Environment struct { - Metadata `json:"metadata"` - KeyFile string `json:"key_file"` + Metadata `json:"metadata"` + KeyFile string `json:"key_file"` + CloudProvider string `json:"cloud_provider"` } type Dolores struct { @@ -25,8 +26,9 @@ func (d *Dolores) AddEnvironment(env string, keyFile string, md Metadata) { d.Environments = make(map[string]Environment) } d.Environments[env] = Environment{ - Metadata: md, - KeyFile: keyFile, + Metadata: md, + KeyFile: keyFile, + CloudProvider: AWS, // Temp adding for testing } } diff --git a/go.mod b/go.mod index 2290e1d..d328eaa 100644 --- a/go.mod +++ b/go.mod @@ -6,6 +6,9 @@ require ( cloud.google.com/go/storage v1.30.1 filippo.io/age v1.1.1 github.com/AlecAivazis/survey/v2 v2.3.7 + github.com/aws/aws-sdk-go-v2/config v1.23.0 + github.com/aws/aws-sdk-go-v2/credentials v1.15.2 + github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 github.com/kelseyhightower/envconfig v1.4.0 github.com/rs/zerolog v1.29.1 github.com/scalescape/go-metrics v0.0.0-20230825040750-1888415fe69a @@ -19,6 +22,22 @@ require ( cloud.google.com/go/compute v1.19.3 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect cloud.google.com/go/iam v0.13.0 // indirect + github.com/aws/aws-sdk-go v1.47.9 + github.com/aws/aws-sdk-go-v2 v1.22.2 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.6.0 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.17.1 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.25.1 // indirect + github.com/aws/smithy-go v1.16.0 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cactus/go-statsd-client/v5 v5.0.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect @@ -45,12 +64,12 @@ require ( github.com/stretchr/objx v0.5.0 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect go.opencensus.io v0.24.0 // indirect - golang.org/x/crypto v0.10.0 // indirect - golang.org/x/net v0.11.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.9.0 // indirect - golang.org/x/sys v0.9.0 // indirect - golang.org/x/term v0.9.0 // indirect - golang.org/x/text v0.10.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc // indirect diff --git a/go.sum b/go.sum index cf068cf..f5c4cc7 100644 --- a/go.sum +++ b/go.sum @@ -55,6 +55,44 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/aws/aws-sdk-go v1.47.9 h1:rarTsos0mA16q+huicGx0e560aYRtOucV5z2Mw23JRY= +github.com/aws/aws-sdk-go v1.47.9/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go-v2 v1.22.2 h1:lV0U8fnhAnPz8YcdmZVV60+tr6CakHzqA6P8T46ExJI= +github.com/aws/aws-sdk-go-v2 v1.22.2/go.mod h1:Kd0OJtkW3Q0M0lUWGszapWjEvrXDzRW+D21JNsroB+c= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 h1:hHgLiIrTRtddC0AKcJr5s7i/hLgcpTt+q/FKxf1Zayk= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0/go.mod h1:w4I/v3NOWgD+qvs1NPEwhd++1h3XPHFaVxasfY6HlYQ= +github.com/aws/aws-sdk-go-v2/config v1.23.0 h1:kqzEfGGDIrRJpfJckgwuZfFTbU9NB1jZnRcaO9MpOqE= +github.com/aws/aws-sdk-go-v2/config v1.23.0/go.mod h1:p7wbxKXXjS1GGQOss7VXOazVMFF9bjUGq85/4wR/fSw= +github.com/aws/aws-sdk-go-v2/credentials v1.15.2 h1:rKH7khRMxPdD0u3dHecd0Q7NOVw3EUe7AqdkUOkiOGI= +github.com/aws/aws-sdk-go-v2/credentials v1.15.2/go.mod h1:tXM8wmaeAhfC7nZoCxb0FzM/aRaB1m1WQ7x0qlBLq80= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3 h1:G5KawTAkyHH6WyKQCdHiW4h3PmAXNJpOgwKg3H7sDRE= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3/go.mod h1:hugKmSFnZB+HgNI1sYGT14BUPZkO6alC/e0AWu+0IAQ= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2 h1:AaQsr5vvGR7rmeSWBtTCcw16tT9r51mWijuCQhzLnq8= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2/go.mod h1:o1IiRn7CWocIFTXJjGKJDOwxv1ibL53NpcvcqGWyRBA= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2 h1:UZx8SXZ0YtzRiALzYAWcjb9Y9hZUR7MBKaBQ5ouOjPs= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2/go.mod h1:ipuRpcSaklmxR6C39G187TpBAO132gUfleTGccUPs8c= +github.com/aws/aws-sdk-go-v2/internal/ini v1.6.0 h1:hwZB07/beLiCopuRKF0t+dEHmP39iN4YtDh3X5d3hrg= +github.com/aws/aws-sdk-go-v2/internal/ini v1.6.0/go.mod h1:rdAuXeHWhI/zkpYcO5n8WCpaIgY9MUxFyBsuqq3kjyA= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2 h1:pyVrNAf7Hwz0u39dLKN5t+n0+K/3rMYKuiOoIum3AsU= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2/go.mod h1:mydrfOb9uiOYCxuCPR8YHQNQyGQwUQ7gPMZGBKbH8NY= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0 h1:CJxo7ZBbaIzmXfV3hjcx36n9V87gJsIUPJflwqEHl3Q= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0/go.mod h1:yjVfjuY4nD1EW9i387Kau+I6V5cBA5YnC/mWNopjZrI= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2 h1:f2LhPofnjcdOQKRtumKjMvIHkfSQ8aH/rwKUDEQ/SB4= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2/go.mod h1:q+xX0H4OfuWDuBy7y/LDi4v8IBOWuF+vtp8Z6ex+lw4= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2 h1:h7j73yuAVVjic8pqswh+L/7r2IHP43QwRyOu6zcCDDE= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2/go.mod h1:H07AHdK5LSy8F7EJUQhoxyiCNkePoHj2D8P2yGTWafo= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2 h1:gbIaOzpXixUpoPK+js/bCBK1QBDXM22SigsnzGZio0U= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2/go.mod h1:p+S7RNbdGN8qgHDSg2SCQJ9FeMAmvcETQiVpeGhYnNM= +github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 h1:o6MCcX1rJW8Y3g+hvg2xpjF6JR6DftuYhfl3Nc1WV9Q= +github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1/go.mod h1:UDtxEWbREX6y4KREapT+jjtjoH0TiVSS6f5nfaY1UaM= +github.com/aws/aws-sdk-go-v2/service/sso v1.17.1 h1:km+ZNjtLtpXYf42RdaDZnNHm9s7SYAuDGTafy6nd89A= +github.com/aws/aws-sdk-go-v2/service/sso v1.17.1/go.mod h1:aHBr3pvBSD5MbzOvQtYutyPLLRPbl/y9x86XyJJnUXQ= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1 h1:iRFNqZH4a67IqPvK8xxtyQYnyrlsvwmpHOe9r55ggBA= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1/go.mod h1:pTy5WM+6sNv2tB24JNKFtn6EvciQ5k40ZJ0pq/Iaxj0= +github.com/aws/aws-sdk-go-v2/service/sts v1.25.1 h1:txgVXIXWPXyqdiVn92BV6a/rgtpX31HYdsOYj0sVQQQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.25.1/go.mod h1:VAiJiNaoP1L89STFlEMgmHX1bKixY+FaP+TpRFrmyZ4= +github.com/aws/smithy-go v1.16.0 h1:gJZEH/Fqh+RsvlJ1Zt4tVAtV6bKkp3cC+R6FCZMNzik= +github.com/aws/smithy-go v1.16.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -181,6 +219,7 @@ github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -303,8 +342,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM= -golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -371,8 +410,8 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU= -golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -437,12 +476,12 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= -golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28= -golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -452,8 +491,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= -golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/store/aws/aws.go b/store/aws/aws.go new file mode 100644 index 0000000..751308c --- /dev/null +++ b/store/aws/aws.go @@ -0,0 +1,149 @@ +package aws + +import ( + "bytes" + "context" + "encoding/json" + "errors" + "fmt" + "io" + "os" + + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/credentials" + "github.com/aws/aws-sdk-go-v2/service/s3" + "github.com/aws/aws-sdk-go-v2/service/s3/types" + "github.com/aws/aws-sdk-go/aws" + "github.com/rs/zerolog/log" + cloud "github.com/scalescape/dolores/store/cld" +) + +var ErrInvalidServiceAccount = errors.New("invalid service account") + +type StorageClient struct { + client *s3.Client + region string +} + +type Config struct { + ServiceAccountFile string +} + +type ServiceAccount struct { + AccessKeyID string `json:"accessKey"` + SecretAccessKey string `json:"secretKey"` + Region string `json:"region"` +} + +func (s StorageClient) bucketExists(ctx context.Context, bucketName string) (bool, error) { + _, err := s.client.HeadBucket(ctx, &s3.HeadBucketInput{ + Bucket: aws.String(bucketName), + }) + if err != nil { + var notFoundType *types.NotFound + if errors.As(err, ¬FoundType) { + return false, nil + } + } + return true, err +} + +func (s StorageClient) CreateBucket(ctx context.Context, bucketName string) error { + lconst := types.BucketLocationConstraint(s.region) + cbCfg := &types.CreateBucketConfiguration{LocationConstraint: lconst} + bucket := &s3.CreateBucketInput{Bucket: aws.String(bucketName), + CreateBucketConfiguration: cbCfg} + _, err := s.client.CreateBucket(ctx, bucket) + var existsErr *types.BucketAlreadyOwnedByYou = new(types.BucketAlreadyOwnedByYou) + if errors.As(err, &existsErr) { + log.Debug().Msgf("bucket %s already exists", bucketName) + return nil + } + if err != nil { + return fmt.Errorf("error creating bucket: %s at region %s: %w", bucketName, s.region, err) + } + return nil +} + +func (s StorageClient) ListObject(ctx context.Context, bucket, path string) ([]cloud.Object, error) { + resp, err := s.client.ListObjectsV2(ctx, &s3.ListObjectsV2Input{ + Bucket: aws.String(bucket), + Prefix: aws.String(path), + }) + if err != nil { + return nil, fmt.Errorf("failed to get object list: %w", err) + } + + items := resp.Contents + objs := make([]cloud.Object, len(items)) + for i, item := range items { + o := cloud.Object{Name: *item.Key, Updated: *item.LastModified, Bucket: bucket} + objs[i] = o + } + log.Trace().Msgf("list of objects from path: %s length: %+v", path, len(objs)) + return objs, nil +} + +func (s StorageClient) WriteToObject(ctx context.Context, bucketName, fileName string, data []byte) error { + log.Debug().Msgf("writing to %s/%s", bucketName, fileName) + bucketExist, err := s.bucketExists(ctx, bucketName) + if err != nil { + return fmt.Errorf("failed to fetch bucket: %w", err) + } + if !bucketExist { + if err := s.CreateBucket(ctx, bucketName); err != nil { + return err + } + } + + fileReader := bytes.NewReader(data) + _, err = s.client.PutObject(ctx, &s3.PutObjectInput{ + Bucket: aws.String(bucketName), + Key: aws.String(fileName), + Body: fileReader, + }) + + if err != nil { + return fmt.Errorf("failed to upload secret: %w", err) + } + return nil +} + +func (s StorageClient) ReadObject(ctx context.Context, bucketName, fileName string) ([]byte, error) { + resp, err := s.client.GetObject(ctx, &s3.GetObjectInput{ + Bucket: aws.String(bucketName), + Key: aws.String(fileName), + }) + + if err != nil { + return nil, fmt.Errorf("failed to read object : %w", err) + } + defer resp.Body.Close() + data, err := io.ReadAll(resp.Body) + if err != nil { + return nil, fmt.Errorf("failed to read response body : %w", err) + } + return data, nil +} + +func (s StorageClient) ExistsObject(ctx context.Context, bucketName, fileName string) (bool, error) { + return true, nil +} + +func NewStore(ctx context.Context, acfg Config) (StorageClient, error) { + data, err := os.ReadFile(acfg.ServiceAccountFile) + if err != nil { + return StorageClient{}, fmt.Errorf("failed to read service account file with error %v %w", err, ErrInvalidServiceAccount) + } + sa := new(ServiceAccount) + if err := json.Unmarshal(data, sa); err != nil { + return StorageClient{}, fmt.Errorf("unable to parse service account file: %w", err) + } + cp := credentials.NewStaticCredentialsProvider(sa.AccessKeyID, sa.SecretAccessKey, "") + cfg, err := config.LoadDefaultConfig(ctx, config.WithRegion(sa.Region), config.WithCredentialsProvider(cp)) + if err != nil { + return StorageClient{}, err + } + cli := s3.NewFromConfig(cfg) + return StorageClient{client: cli, region: sa.Region}, nil +} diff --git a/store/cld/object.go b/store/cld/object.go new file mode 100644 index 0000000..c254400 --- /dev/null +++ b/store/cld/object.go @@ -0,0 +1,10 @@ +package cloud + +import "time" + +type Object struct { + Name string `json:"name"` + Bucket string `json:"bucket"` + Created time.Time `json:"created"` + Updated time.Time `json:"updated"` +} diff --git a/store/google/gcs.go b/store/google/gcs.go index a0dd500..5df1308 100644 --- a/store/google/gcs.go +++ b/store/google/gcs.go @@ -7,10 +7,10 @@ import ( "fmt" "io" "os" - "time" "cloud.google.com/go/storage" "github.com/rs/zerolog/log" + cloud "github.com/scalescape/dolores/store/cld" "google.golang.org/api/iterator" "google.golang.org/api/option" ) @@ -26,13 +26,6 @@ type Config struct { ServiceAccountFile string } -type Object struct { - Name string `json:"name"` - Bucket string `json:"bucket"` - Created time.Time `json:"created"` - Updated time.Time `json:"updated"` -} - type ServiceAccount struct { Type string `json:"type"` ProjectID string `json:"project_id"` @@ -113,12 +106,12 @@ func (s StorageClient) ListBuckets(ctx context.Context) ([]string, error) { return buckets, nil } -func (s StorageClient) ListObject(ctx context.Context, bucketName, path string) ([]Object, error) { +func (s StorageClient) ListObject(ctx context.Context, bucketName, path string) ([]cloud.Object, error) { bucket := s.Client.Bucket(bucketName) if _, err := bucket.Attrs(ctx); err != nil { return nil, fmt.Errorf("failed to get bucket: %w", err) } - objs := make([]Object, 0) + objs := make([]cloud.Object, 0) iter := bucket.Objects(ctx, &storage.Query{Prefix: path}) for { attrs, err := iter.Next() @@ -128,7 +121,7 @@ func (s StorageClient) ListObject(ctx context.Context, bucketName, path string) if err != nil { return nil, fmt.Errorf("failed to iterate object list: %w", err) } - o := Object{Name: attrs.Name, Created: attrs.Created, Updated: attrs.Updated, Bucket: attrs.Bucket} + o := cloud.Object{Name: attrs.Name, Created: attrs.Created, Updated: attrs.Updated, Bucket: attrs.Bucket} objs = append(objs, o) } log.Trace().Msgf("list of objects from path: %s %+v", path, objs) From 95fff87ee676b0bbaed3df9dcb62d64cf4fefea1 Mon Sep 17 00:00:00 2001 From: shubhamvernekar Date: Wed, 15 Nov 2023 12:32:50 +0530 Subject: [PATCH 2/6] adding init flow --- cmd/dolores/init.go | 94 +++++++++++++++++++++++++++++++++++---------- config/config.go | 9 ++++- config/dolores.go | 10 ++--- 3 files changed, 85 insertions(+), 28 deletions(-) diff --git a/cmd/dolores/init.go b/cmd/dolores/init.go index f3b89b4..678c502 100644 --- a/cmd/dolores/init.go +++ b/cmd/dolores/init.go @@ -41,14 +41,16 @@ func NewInitCommand(newCli GetClient) *cli.Command { } type Input struct { + CloudProvider string `survey:"cloud_provider"` UserID string `survey:"user_id"` Bucket string Location string - ApplicationCredentials string `survey:"google_creds"` + ApplicationCredentials string `survey:"creds"` } func (inp Input) ToMetadata(env string) config.Metadata { return config.Metadata{ + CloudProvider: inp.CloudProvider, Bucket: inp.Bucket, Location: inp.Location, CreatedAt: time.Now(), @@ -57,13 +59,78 @@ func (inp Input) ToMetadata(env string) config.Metadata { } } +func (c *InitCommand) getCred(res *Input) error { + qs := []*survey.Question{} + + switch res.CloudProvider { + case config.GCS: + { + credFile := os.Getenv("GOOGLE_APPLICATION_CREDENTIALS") + if credFile != "" { + qs = append(qs, &survey.Question{ + Name: "creds", + Validate: survey.Required, + Prompt: &survey.Select{ + Message: "Use GOOGLE_APPLICATION_CREDENTIALS env as credentials file", + Options: []string{credFile}, + }, + }) + } else { + qs = append(qs, &survey.Question{ + Name: "creds", + Prompt: &survey.Input{ + Message: "Enter google service account file path", + }, + Validate: survey.Required, + }) + } + } + case config.AWS: + { + credFile := os.Getenv("AWS_APPLICATION_CREDENTIALS") + if credFile != "" { + qs = append(qs, &survey.Question{ + Name: "creds", + Validate: survey.Required, + Prompt: &survey.Select{ + Message: "Use AWS_APPLICATION_CREDENTIALS env as credentials file", + Options: []string{credFile}, + }, + }) + } else { + qs = append(qs, &survey.Question{ + Name: "creds", + Prompt: &survey.Input{ + Message: "Enter aws service account file path", + }, + Validate: survey.Required, + }) + } + } + } + + credRes := new(Input) + if err := survey.Ask(qs, credRes); err != nil { + return fmt.Errorf("failed to get appropriate input: %w", err) + } + res.ApplicationCredentials = credRes.ApplicationCredentials + return nil +} + func (c *InitCommand) getData(env string) (*Input, error) { - credFile := os.Getenv("GOOGLE_APPLICATION_CREDENTIALS") qs := []*survey.Question{ + { + Name: "cloud_provider", + Validate: survey.Required, + Prompt: &survey.Select{ + Message: "Select Cloud provider", + Options: []string{config.AWS, config.GCS}, + }, + }, { Name: "bucket", Prompt: &survey.Input{ - Message: "Enter the GCS bucket name:", + Message: "Enter the bucket name:", }, Validate: survey.Required, }, @@ -84,28 +151,13 @@ func (c *InitCommand) getData(env string) (*Input, error) { }, }, } - if credFile != "" { - qs = append(qs, &survey.Question{ - Name: "google_creds", - Validate: survey.Required, - Prompt: &survey.Select{ - Message: "Use GOOGLE_APPLICATION_CREDENTIALS env as credentials file", - Options: []string{credFile}, - }, - }) - } else { - qs = append(qs, &survey.Question{ - Name: "google_creds", - Prompt: &survey.Input{ - Message: "Enter google service account file path", - }, - Validate: survey.Required, - }) - } res := new(Input) if err := survey.Ask(qs, res); err != nil { return nil, fmt.Errorf("failed to get appropriate input: %w", err) } + if err := c.getCred(res); err != nil { + return nil, fmt.Errorf("failed to get appropriate input: %w", err) + } return res, nil } diff --git a/config/config.go b/config/config.go index b94a62d..1d636c6 100644 --- a/config/config.go +++ b/config/config.go @@ -40,6 +40,7 @@ type Cloud struct { } type Metadata struct { + CloudProvider string `json:"cloud_provider"` Bucket string `json:"bucket"` Location string `json:"location"` Environment string `json:"environment"` @@ -57,6 +58,9 @@ func (c Client) BucketName() string { } func (c Client) Valid() error { + if c.Provider == "" { + return ErrCloudProviderNotFound + } if c.Cloud.ApplicationCredentials == "" { return ErrInvalidGoogleCreds } @@ -77,7 +81,10 @@ func LoadClient(ctx context.Context, env string) (Client, error) { } md := d.Environments[env].Metadata - cfg.Provider = d.Environments[env].CloudProvider + if cloudProvider := md.CloudProvider; cloudProvider != "" { + cfg.Provider = cloudProvider + } + if cfg.Cloud.ApplicationCredentials == "" { if creds := md.ApplicationCredentials; creds != "" { cfg.Cloud.ApplicationCredentials = creds diff --git a/config/dolores.go b/config/dolores.go index 2bd5120..9c2708f 100644 --- a/config/dolores.go +++ b/config/dolores.go @@ -12,9 +12,8 @@ import ( var ErrInvalidDoloresConfig = errors.New("invalid dolores config") type Environment struct { - Metadata `json:"metadata"` - KeyFile string `json:"key_file"` - CloudProvider string `json:"cloud_provider"` + Metadata `json:"metadata"` + KeyFile string `json:"key_file"` } type Dolores struct { @@ -26,9 +25,8 @@ func (d *Dolores) AddEnvironment(env string, keyFile string, md Metadata) { d.Environments = make(map[string]Environment) } d.Environments[env] = Environment{ - Metadata: md, - KeyFile: keyFile, - CloudProvider: AWS, // Temp adding for testing + Metadata: md, + KeyFile: keyFile, } } From 09b5f2df84384adc4c3d5c639e56b9a7a041f229 Mon Sep 17 00:00:00 2001 From: shubhamvernekar Date: Wed, 15 Nov 2023 14:04:42 +0530 Subject: [PATCH 3/6] error fix --- store/aws/aws.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/store/aws/aws.go b/store/aws/aws.go index 751308c..350d904 100644 --- a/store/aws/aws.go +++ b/store/aws/aws.go @@ -127,6 +127,19 @@ func (s StorageClient) ReadObject(ctx context.Context, bucketName, fileName stri } func (s StorageClient) ExistsObject(ctx context.Context, bucketName, fileName string) (bool, error) { + _, err := s.client.GetObject(ctx, &s3.GetObjectInput{ + Bucket: aws.String(bucketName), + Key: aws.String(fileName), + }) + if err != nil { + var notFoundType *types.NoSuchKey + if errors.As(err, ¬FoundType) { + return false, nil + } else { + return false, err + } + } + return true, nil } From 8706b2a8db4cbf61ed1b9cd0ffbd92dc3af0e954 Mon Sep 17 00:00:00 2001 From: shubhamvernekar Date: Thu, 16 Nov 2023 09:15:09 +0530 Subject: [PATCH 4/6] read aws default creds directly via sdk --- client/client.go | 7 +++--- client/cloud_service.go | 8 +++---- client/service_test.go | 5 ++-- cmd/dolores/init.go | 21 ++--------------- go.mod | 6 ++--- go.sum | 3 --- store/aws/aws.go | 43 +++++++++------------------------- store/{cld => cloud}/object.go | 0 store/google/gcs.go | 2 +- 9 files changed, 27 insertions(+), 68 deletions(-) rename store/{cld => cloud}/object.go (100%) diff --git a/client/client.go b/client/client.go index 14cc94e..90aef1b 100644 --- a/client/client.go +++ b/client/client.go @@ -107,14 +107,13 @@ func (c *Client) GetSecretList(_ SecretListConfig) ([]SecretObject, error) { return objs, nil } -func getStore(ctx context.Context, cfg config.Client) (storeI, error) { - var store storeI +func getStore(ctx context.Context, cfg config.Client) (clouldStore, error) { + var store clouldStore var err error switch cfg.Provider { case config.AWS: { - acfg := aws.Config{ServiceAccountFile: cfg.Cloud.ApplicationCredentials} - store, err = aws.NewStore(ctx, acfg) + store, err = aws.NewStore(ctx) if err != nil { return nil, err } diff --git a/client/cloud_service.go b/client/cloud_service.go index 6d60247..bb79c00 100644 --- a/client/cloud_service.go +++ b/client/cloud_service.go @@ -10,7 +10,7 @@ import ( "github.com/rs/zerolog/log" "github.com/scalescape/dolores/config" - cloud "github.com/scalescape/dolores/store/cld" + "github.com/scalescape/dolores/store/cloud" ) var ErrInvalidPublicKeys = errors.New("invalid public keys") @@ -18,10 +18,10 @@ var ErrInvalidPublicKeys = errors.New("invalid public keys") const metadataFile = "dolores.md" type Service struct { - store storeI + store clouldStore } -type storeI interface { +type clouldStore interface { WriteToObject(ctx context.Context, bucketName, fileName string, data []byte) error ReadObject(ctx context.Context, bucketName, fileName string) ([]byte, error) ListObject(ctx context.Context, bucketName, path string) ([]cloud.Object, error) @@ -146,6 +146,6 @@ func (s Service) ListObject(ctx context.Context, bucket, path string) ([]cloud.O return resp, nil } -func NewService(st storeI) Service { +func NewService(st clouldStore) Service { return Service{store: st} } diff --git a/client/service_test.go b/client/service_test.go index fb020da..d138ba4 100644 --- a/client/service_test.go +++ b/client/service_test.go @@ -7,7 +7,7 @@ import ( "github.com/scalescape/dolores/client" "github.com/scalescape/dolores/config" - cloud "github.com/scalescape/dolores/store/cld" + "github.com/scalescape/dolores/store/cloud" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" @@ -69,7 +69,8 @@ func (s *serviceSuite) TestShouldNotOverwriteMetadata() { cfg := client.Configuration{ PublicKey: "public_key", Metadata: config.Metadata{Location: "secrets"}, - UserID: "test_user"} + UserID: "test_user", + } s.gcs.On("ExistsObject", mock.AnythingOfType("context.backgroundCtx"), s.bucket, name).Return(true, nil).Once() s.gcs.On("WriteToObject", mock.AnythingOfType("context.backgroundCtx"), s.bucket, "secrets/keys/test_user.key", []byte(cfg.PublicKey)).Return(nil).Once() diff --git a/cmd/dolores/init.go b/cmd/dolores/init.go index 678c502..4c43b23 100644 --- a/cmd/dolores/init.go +++ b/cmd/dolores/init.go @@ -87,25 +87,8 @@ func (c *InitCommand) getCred(res *Input) error { } case config.AWS: { - credFile := os.Getenv("AWS_APPLICATION_CREDENTIALS") - if credFile != "" { - qs = append(qs, &survey.Question{ - Name: "creds", - Validate: survey.Required, - Prompt: &survey.Select{ - Message: "Use AWS_APPLICATION_CREDENTIALS env as credentials file", - Options: []string{credFile}, - }, - }) - } else { - qs = append(qs, &survey.Question{ - Name: "creds", - Prompt: &survey.Input{ - Message: "Enter aws service account file path", - }, - Validate: survey.Required, - }) - } + res.ApplicationCredentials = "aws_default" + return nil } } diff --git a/go.mod b/go.mod index d328eaa..256f898 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,6 @@ require ( filippo.io/age v1.1.1 github.com/AlecAivazis/survey/v2 v2.3.7 github.com/aws/aws-sdk-go-v2/config v1.23.0 - github.com/aws/aws-sdk-go-v2/credentials v1.15.2 github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 github.com/kelseyhightower/envconfig v1.4.0 github.com/rs/zerolog v1.29.1 @@ -17,13 +16,14 @@ require ( google.golang.org/api v0.129.0 ) +require github.com/aws/aws-sdk-go-v2/credentials v1.15.2 // indirect + require ( cloud.google.com/go v0.110.0 // indirect cloud.google.com/go/compute v1.19.3 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect cloud.google.com/go/iam v0.13.0 // indirect - github.com/aws/aws-sdk-go v1.47.9 - github.com/aws/aws-sdk-go-v2 v1.22.2 // indirect + github.com/aws/aws-sdk-go-v2 v1.22.2 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2 // indirect diff --git a/go.sum b/go.sum index f5c4cc7..cf2b6b6 100644 --- a/go.sum +++ b/go.sum @@ -55,8 +55,6 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/aws/aws-sdk-go v1.47.9 h1:rarTsos0mA16q+huicGx0e560aYRtOucV5z2Mw23JRY= -github.com/aws/aws-sdk-go v1.47.9/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go-v2 v1.22.2 h1:lV0U8fnhAnPz8YcdmZVV60+tr6CakHzqA6P8T46ExJI= github.com/aws/aws-sdk-go-v2 v1.22.2/go.mod h1:Kd0OJtkW3Q0M0lUWGszapWjEvrXDzRW+D21JNsroB+c= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 h1:hHgLiIrTRtddC0AKcJr5s7i/hLgcpTt+q/FKxf1Zayk= @@ -219,7 +217,6 @@ github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= diff --git a/store/aws/aws.go b/store/aws/aws.go index 350d904..f55845c 100644 --- a/store/aws/aws.go +++ b/store/aws/aws.go @@ -3,19 +3,16 @@ package aws import ( "bytes" "context" - "encoding/json" "errors" "fmt" "io" - "os" + "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" - "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3/types" - "github.com/aws/aws-sdk-go/aws" "github.com/rs/zerolog/log" - cloud "github.com/scalescape/dolores/store/cld" + "github.com/scalescape/dolores/store/cloud" ) var ErrInvalidServiceAccount = errors.New("invalid service account") @@ -25,16 +22,6 @@ type StorageClient struct { region string } -type Config struct { - ServiceAccountFile string -} - -type ServiceAccount struct { - AccessKeyID string `json:"accessKey"` - SecretAccessKey string `json:"secretKey"` - Region string `json:"region"` -} - func (s StorageClient) bucketExists(ctx context.Context, bucketName string) (bool, error) { _, err := s.client.HeadBucket(ctx, &s3.HeadBucketInput{ Bucket: aws.String(bucketName), @@ -51,8 +38,10 @@ func (s StorageClient) bucketExists(ctx context.Context, bucketName string) (boo func (s StorageClient) CreateBucket(ctx context.Context, bucketName string) error { lconst := types.BucketLocationConstraint(s.region) cbCfg := &types.CreateBucketConfiguration{LocationConstraint: lconst} - bucket := &s3.CreateBucketInput{Bucket: aws.String(bucketName), - CreateBucketConfiguration: cbCfg} + bucket := &s3.CreateBucketInput{ + Bucket: aws.String(bucketName), + CreateBucketConfiguration: cbCfg, + } _, err := s.client.CreateBucket(ctx, bucket) var existsErr *types.BucketAlreadyOwnedByYou = new(types.BucketAlreadyOwnedByYou) if errors.As(err, &existsErr) { @@ -114,7 +103,6 @@ func (s StorageClient) ReadObject(ctx context.Context, bucketName, fileName stri Bucket: aws.String(bucketName), Key: aws.String(fileName), }) - if err != nil { return nil, fmt.Errorf("failed to read object : %w", err) } @@ -135,28 +123,19 @@ func (s StorageClient) ExistsObject(ctx context.Context, bucketName, fileName st var notFoundType *types.NoSuchKey if errors.As(err, ¬FoundType) { return false, nil - } else { - return false, err } + return false, err } return true, nil } -func NewStore(ctx context.Context, acfg Config) (StorageClient, error) { - data, err := os.ReadFile(acfg.ServiceAccountFile) - if err != nil { - return StorageClient{}, fmt.Errorf("failed to read service account file with error %v %w", err, ErrInvalidServiceAccount) - } - sa := new(ServiceAccount) - if err := json.Unmarshal(data, sa); err != nil { - return StorageClient{}, fmt.Errorf("unable to parse service account file: %w", err) - } - cp := credentials.NewStaticCredentialsProvider(sa.AccessKeyID, sa.SecretAccessKey, "") - cfg, err := config.LoadDefaultConfig(ctx, config.WithRegion(sa.Region), config.WithCredentialsProvider(cp)) +func NewStore(ctx context.Context) (StorageClient, error) { + cfg, err := config.LoadDefaultConfig(ctx) if err != nil { return StorageClient{}, err } + cli := s3.NewFromConfig(cfg) - return StorageClient{client: cli, region: sa.Region}, nil + return StorageClient{client: cli, region: cfg.Region}, nil } diff --git a/store/cld/object.go b/store/cloud/object.go similarity index 100% rename from store/cld/object.go rename to store/cloud/object.go diff --git a/store/google/gcs.go b/store/google/gcs.go index 5df1308..03468b2 100644 --- a/store/google/gcs.go +++ b/store/google/gcs.go @@ -10,7 +10,7 @@ import ( "cloud.google.com/go/storage" "github.com/rs/zerolog/log" - cloud "github.com/scalescape/dolores/store/cld" + "github.com/scalescape/dolores/store/cloud" "google.golang.org/api/iterator" "google.golang.org/api/option" ) From c209a0b18373a168d9c6b5d40c0dd38ca69e1232 Mon Sep 17 00:00:00 2001 From: devdinu Date: Sun, 19 Nov 2023 08:49:32 -0800 Subject: [PATCH 5/6] upload public key when it already exists --- client/client.go | 8 +++---- client/cloud_service.go | 1 + cmd/dolores/init.go | 9 +++++-- decrypt.go | 13 +---------- go.mod | 3 ++- parser.go | 52 +++++++++++++++++++++++++++++++++++++++++ store/aws/aws.go | 19 ++++----------- 7 files changed, 71 insertions(+), 34 deletions(-) create mode 100644 parser.go diff --git a/client/client.go b/client/client.go index 14cc94e..8a5d2df 100644 --- a/client/client.go +++ b/client/client.go @@ -116,7 +116,7 @@ func getStore(ctx context.Context, cfg config.Client) (storeI, error) { acfg := aws.Config{ServiceAccountFile: cfg.Cloud.ApplicationCredentials} store, err = aws.NewStore(ctx, acfg) if err != nil { - return nil, err + return nil, fmt.Errorf("(aws) %w", err) } } case config.GCS: @@ -124,11 +124,11 @@ func getStore(ctx context.Context, cfg config.Client) (storeI, error) { gcfg := google.Config{ServiceAccountFile: cfg.Cloud.ApplicationCredentials} store, err = google.NewStore(ctx, gcfg) if err != nil { - return nil, err + return nil, fmt.Errorf("(gcp) %w", err) } } default: - err = fmt.Errorf("failed to get store: %w", config.ErrCloudProviderNotFound) + err = fmt.Errorf("failed to get store for %s: %w", cfg.Provider, config.ErrCloudProviderNotFound) } return store, err @@ -147,7 +147,7 @@ func New(ctx context.Context, cfg config.Client) (*Client, error) { Service: Service{store: st}, bucket: cfg.BucketName(), prefix: cfg.StoragePrefix, - log: log.With().Str("bucket", cfg.BucketName()).Str("prefix", cfg.StoragePrefix).Logger(), + log: log.With().Str("bucket", cfg.BucketName()).Str("prefix", cfg.StoragePrefix).Str("provider", cfg.Provider).Logger(), } return cli, nil } diff --git a/client/cloud_service.go b/client/cloud_service.go index 6d60247..e32c481 100644 --- a/client/cloud_service.go +++ b/client/cloud_service.go @@ -41,6 +41,7 @@ func (s Service) Init(ctx context.Context, bucket string, cfg Configuration) err if err := s.uploadPubKey(ctx, bucket, pubKey, cfg.PublicKey); err != nil { return fmt.Errorf("error writing public key: %w", err) } + log.Info().Msgf("uploaded public key successfully.") } exists, err := s.store.ExistsObject(ctx, bucket, metadataFile) if err != nil { diff --git a/cmd/dolores/init.go b/cmd/dolores/init.go index 678c502..8406fd0 100644 --- a/cmd/dolores/init.go +++ b/cmd/dolores/init.go @@ -12,6 +12,7 @@ import ( "github.com/AlecAivazis/survey/v2" "github.com/rs/zerolog" "github.com/rs/zerolog/log" + "github.com/scalescape/dolores" "github.com/scalescape/dolores/client" "github.com/scalescape/dolores/config" "github.com/urfave/cli/v2" @@ -87,13 +88,13 @@ func (c *InitCommand) getCred(res *Input) error { } case config.AWS: { - credFile := os.Getenv("AWS_APPLICATION_CREDENTIALS") + credFile := os.Getenv("AWS_SHARED_CREDENTIALS_FILE") if credFile != "" { qs = append(qs, &survey.Question{ Name: "creds", Validate: survey.Required, Prompt: &survey.Select{ - Message: "Use AWS_APPLICATION_CREDENTIALS env as credentials file", + Message: "Use AWS_SHARED_CREDENTIALS_FILE env as credentials file", Options: []string{credFile}, }, }) @@ -207,6 +208,10 @@ func (c *InitCommand) initialize(cctx *cli.Context) error { return err } } else { + publicKey, err = dolores.ReadPublicKey(keyFilePath) + if err != nil { + return fmt.Errorf("error reading public key: %s %w", keyFilePath, err) + } log.Info().Msgf("asymmetric key already exists at %s", keyFilePath) } d := &config.Dolores{} diff --git a/decrypt.go b/decrypt.go index 5bf2f23..ebad7de 100644 --- a/decrypt.go +++ b/decrypt.go @@ -4,7 +4,6 @@ import ( "bytes" "fmt" "io" - "os" "filippo.io/age" "filippo.io/age/armor" @@ -26,17 +25,7 @@ func (c *DecryptConfig) Identities() ([]age.Identity, error) { if c.KeyFile == "" { return nil, ErrInvalidKeyFile } - // process identity from keyfile - f, err := os.Open(c.KeyFile) - if err != nil { - return nil, fmt.Errorf("error opening keyfile %s: %w", c.KeyFile, err) - } - defer f.Close() - ids, err := age.ParseIdentities(f) - if err != nil { - return nil, fmt.Errorf("failed to parse identity: %w", err) - } - return ids, nil + return ParseIdentities(c.KeyFile) } func (c *DecryptConfig) Valid() error { diff --git a/go.mod b/go.mod index d328eaa..c5a2c0b 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,6 @@ require ( filippo.io/age v1.1.1 github.com/AlecAivazis/survey/v2 v2.3.7 github.com/aws/aws-sdk-go-v2/config v1.23.0 - github.com/aws/aws-sdk-go-v2/credentials v1.15.2 github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 github.com/kelseyhightower/envconfig v1.4.0 github.com/rs/zerolog v1.29.1 @@ -17,6 +16,8 @@ require ( google.golang.org/api v0.129.0 ) +require github.com/aws/aws-sdk-go-v2/credentials v1.15.2 // indirect + require ( cloud.google.com/go v0.110.0 // indirect cloud.google.com/go/compute v1.19.3 // indirect diff --git a/parser.go b/parser.go new file mode 100644 index 0000000..60a7079 --- /dev/null +++ b/parser.go @@ -0,0 +1,52 @@ +package dolores + +import ( + "bufio" + "fmt" + "io" + "os" + "regexp" + + "filippo.io/age" +) + +func ParseIdentities(keyFile string) ([]age.Identity, error) { + // process identity from keyfile + f, err := os.Open(keyFile) + if err != nil { + return nil, fmt.Errorf("error opening keyfile %s: %w", keyFile, err) + } + defer f.Close() + ids, err := age.ParseIdentities(f) + if err != nil { + return nil, fmt.Errorf("failed to parse identity: %w", err) + } + return ids, nil +} + +func ReadPublicKey(fname string) (string, error) { + keyFile, err := os.Open(fname) + if err != nil { + return "", fmt.Errorf("error opening keyfile %s: %w", fname, err) + } + const recipientFileSizeLimit = 1 << 24 // 16 MiB + scanner := bufio.NewScanner(io.LimitReader(keyFile, recipientFileSizeLimit)) + var n int + re := regexp.MustCompile(`^#\s+public key.*(age1.*)`) + for scanner.Scan() { + n++ + line := scanner.Text() + if line == "" { + continue + } + match := re.FindStringSubmatch(line) + if len(match) > 1 { + r, err := age.ParseX25519Recipient(match[1]) + if err != nil { + return "", fmt.Errorf("malformed recipient at line %d", n) + } + return r.String(), nil + } + } + return "", fmt.Errorf("unable to extract public key") +} diff --git a/store/aws/aws.go b/store/aws/aws.go index 350d904..20f81d7 100644 --- a/store/aws/aws.go +++ b/store/aws/aws.go @@ -3,14 +3,11 @@ package aws import ( "bytes" "context" - "encoding/json" "errors" "fmt" "io" - "os" "github.com/aws/aws-sdk-go-v2/config" - "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/aws/aws-sdk-go/aws" @@ -71,7 +68,7 @@ func (s StorageClient) ListObject(ctx context.Context, bucket, path string) ([]c Prefix: aws.String(path), }) if err != nil { - return nil, fmt.Errorf("failed to get object list: %w", err) + return nil, fmt.Errorf("failed to get object list for %s: %w", bucket, err) } items := resp.Contents @@ -144,19 +141,11 @@ func (s StorageClient) ExistsObject(ctx context.Context, bucketName, fileName st } func NewStore(ctx context.Context, acfg Config) (StorageClient, error) { - data, err := os.ReadFile(acfg.ServiceAccountFile) - if err != nil { - return StorageClient{}, fmt.Errorf("failed to read service account file with error %v %w", err, ErrInvalidServiceAccount) - } - sa := new(ServiceAccount) - if err := json.Unmarshal(data, sa); err != nil { - return StorageClient{}, fmt.Errorf("unable to parse service account file: %w", err) - } - cp := credentials.NewStaticCredentialsProvider(sa.AccessKeyID, sa.SecretAccessKey, "") - cfg, err := config.LoadDefaultConfig(ctx, config.WithRegion(sa.Region), config.WithCredentialsProvider(cp)) + cp := config.WithSharedCredentialsFiles([]string{acfg.ServiceAccountFile}) + cfg, err := config.LoadDefaultConfig(ctx, cp) if err != nil { return StorageClient{}, err } cli := s3.NewFromConfig(cfg) - return StorageClient{client: cli, region: sa.Region}, nil + return StorageClient{client: cli, region: cfg.Region}, nil } From 407afd6a5a3a1aab0c4a42689fc805367028f007 Mon Sep 17 00:00:00 2001 From: devdinu Date: Sun, 19 Nov 2023 09:08:01 -0800 Subject: [PATCH 6/6] fix linter --- .github/workflows/ci.yml | 6 +- .golangci.yml | 343 +++++++++++++++++++++++++++++++++++++++ client/cloud_service.go | 2 +- client/monart.go | 4 +- cmd/dolores/run.go | 2 +- cmd/dolores/version.go | 1 - config/monart.go | 2 +- go.mod | 7 +- go.sum | 18 +- secrets/manager.go | 2 +- store/google/gcs.go | 2 +- 11 files changed, 374 insertions(+), 15 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c619b43..fe1686c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,6 +21,10 @@ jobs: uses: actions/setup-go@v4 with: go-version-file: 'go.mod' + - name: cognitive-complexity + severity: warning + disabled: false + arguments: [7] cache: true - name: Verify Go modules run: go mod verify @@ -75,4 +79,4 @@ jobs: go-version-file: 'go.mod' cache: true - name: Build - run: make build \ No newline at end of file + run: make build diff --git a/.golangci.yml b/.golangci.yml index ed01ef1..4dae5e8 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -100,10 +100,353 @@ linters: - godox - wrapcheck - depguard + - varcheck + - deadcode + - nosnakecase + - ifshort linters-settings: lll: line-length: 160 + revive: + serverity: error + enable-all-rules: true + rules: + - name: add-constant + severity: warning + disabled: false + arguments: + - maxLitCount: "3" + allowStrs: '""' + allowInts: "0,1,2" + allowFloats: "0.0,0.,1.0,1.,2.0,2." + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#argument-limit + - name: argument-limit + severity: warning + disabled: false + arguments: [ 4 ] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#atomic + - name: atomic + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#banned-characters + - name: banned-characters + severity: warning + disabled: false + arguments: [ "Ω","Σ","σ", "7" ] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#bare-return + - name: bare-return + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#blank-imports + - name: blank-imports + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#bool-literal-in-expr + - name: bool-literal-in-expr + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#call-to-gc + - name: call-to-gc + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#cognitive-complexity + - name: cognitive-complexity + severity: warning + disabled: false + arguments: [ 7 ] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#comment-spacings + - name: comment-spacings + severity: warning + disabled: false + arguments: + - mypragma + - otherpragma + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#confusing-naming + - name: confusing-naming + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#confusing-results + - name: confusing-results + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#constant-logical-expr + - name: constant-logical-expr + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#context-as-argument + - name: context-as-argument + severity: warning + disabled: false + arguments: + - allowTypesBefore: "*testing.T,*github.com/user/repo/testing.Harness" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#context-keys-type + - name: context-keys-type + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#cyclomatic + - name: cyclomatic + severity: warning + disabled: false + arguments: [5] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#datarace + - name: datarace + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#deep-exit + - name: deep-exit + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#defer + - name: defer + severity: warning + disabled: false + arguments: + - [ "call-chain", "loop" ] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#dot-imports + - name: dot-imports + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#duplicated-imports + - name: duplicated-imports + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#early-return + - name: empty-block + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-lines + - name: empty-lines + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#error-naming + - name: error-naming + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#error-return + - name: error-return + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#error-strings + - name: error-strings + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#errorf + - name: errorf + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#exported + - name: exported + severity: warning + disabled: false + arguments: + - "checkPrivateReceivers" + - "sayRepetitiveInsteadOfStutters" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#file-header + - name: file-header + severity: warning + disabled: true + arguments: + - This is the text that must appear at the top of source files. + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#flag-parameter + - name: flag-parameter + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#function-result-limit + - name: function-result-limit + severity: warning + disabled: false + arguments: [ 2 ] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#function-length + - name: function-length + severity: warning + disabled: false + arguments: [15, 0] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#get-return + - name: get-return + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#identical-branches + - name: identical-branches + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#if-return + - name: if-return + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#increment-decrement + - name: increment-decrement + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#indent-error-flow + - name: indent-error-flow + severity: warning + disabled: false + arguments: + - "preserveScope" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#imports-blacklist + - name: imports-blacklist + severity: warning + disabled: false + arguments: + - "crypto/md5" + - "crypto/sha1" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#import-shadowing + - name: import-shadowing + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#line-length-limit + - name: line-length-limit + severity: warning + disabled: false + arguments: [160] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#max-public-structs + - name: max-public-structs + severity: warning + disabled: true + arguments: [3] + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#modifies-parameter + - name: modifies-parameter + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#modifies-value-receiver + - name: modifies-value-receiver + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#nested-structs + - name: nested-structs + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#optimize-operands-order + - name: optimize-operands-order + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#package-comments + - name: package-comments + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#range + - name: range + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#range-val-in-closure + - name: range-val-in-closure + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#range-val-address + - name: range-val-address + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#receiver-naming + - name: receiver-naming + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#redefines-builtin-id + - name: redefines-builtin-id + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#string-of-int + - name: string-of-int + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#string-format + - name: string-format + severity: warning + disabled: false + arguments: + - - 'core.WriteError[1].Message' + - '/^([^A-Z]|$)/' + - must not start with a capital letter + - - 'fmt.Errorf[0]' + - '/(^|[^\.!?])$/' + - must not end in punctuation + - - panic + - '/^[^\n]*$/' + - must not contain line breaks + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#struct-tag + - name: struct-tag + arguments: + - "json,inline" + - "bson,outline,gnu" + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#superfluous-else + - name: superfluous-else + severity: warning + disabled: false + arguments: + - "preserveScope" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#time-equal + - name: time-equal + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#time-naming + - name: time-naming + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#var-declaration + - name: var-declaration + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unconditional-recursion + - name: unconditional-recursion + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unexported-naming + - name: unexported-naming + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unexported-return + - name: unexported-return + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unhandled-error + - name: unhandled-error + severity: warning + disabled: false + arguments: + - "fmt.Printf" + - "myFunction" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unnecessary-stmt + - name: unnecessary-stmt + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unreachable-code + - name: unreachable-code + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unused-parameter + - name: unused-parameter + severity: warning + disabled: false + arguments: + - allowRegex: "^_" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unused-receiver + - name: unused-receiver + severity: warning + disabled: false + arguments: + - allowRegex: "^_" + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#useless-break + - name: useless-break + severity: warning + disabled: false + # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#waitgroup-by-value + - name: waitgroup-by-value + severity: warning + disabled: false + - name: unused-parameter + severity: warning + disabled: true + arguments: + - allowRegex: "^_" + ireturn: + allow: + - anon + - error + - empty + - stdlib + - secretsClient tagliatelle: case: use-field-name: true diff --git a/client/cloud_service.go b/client/cloud_service.go index f67b773..c211bc6 100644 --- a/client/cloud_service.go +++ b/client/cloud_service.go @@ -147,6 +147,6 @@ func (s Service) ListObject(ctx context.Context, bucket, path string) ([]cloud.O return resp, nil } -func NewService(st clouldStore) Service { +func NewService(st cloudStore) Service { return Service{store: st} } diff --git a/client/monart.go b/client/monart.go index fa12d3e..fbc37ca 100644 --- a/client/monart.go +++ b/client/monart.go @@ -19,12 +19,12 @@ type credentials struct { } type MonartClient struct { - ctx context.Context + ctx context.Context //nolint:containedctx cred credentials cli *http.Client } -var ErrMethodUndefined = errors.New("Method not yet implemented") +var ErrMethodUndefined = errors.New("method not yet implemented") func (s MonartClient) Init(ctx context.Context, bucket string, cfg Configuration) error { return ErrMethodUndefined diff --git a/cmd/dolores/run.go b/cmd/dolores/run.go index 8adeeee..ea5afea 100644 --- a/cmd/dolores/run.go +++ b/cmd/dolores/run.go @@ -93,7 +93,7 @@ func (c *Runner) runScript(ctx context.Context, cmdName string, args []string) e c.wg.Wait() if err := cmd.Wait(); err != nil { - if err, ok := err.(*exec.ExitError); ok { // nolint:errorlint + if err, ok := err.(*exec.ExitError); ok { //nolint:errorlint if status, ok := err.Sys().(syscall.WaitStatus); ok { // TODO: Report this error exit status c.exitStatus = status.ExitStatus() diff --git a/cmd/dolores/version.go b/cmd/dolores/version.go index 64003a1..0873da4 100644 --- a/cmd/dolores/version.go +++ b/cmd/dolores/version.go @@ -3,5 +3,4 @@ package main var ( version = "version-undefined" commit = "sha-undefined" - date = "unknown" ) diff --git a/config/monart.go b/config/monart.go index 47ec47a..020f699 100644 --- a/config/monart.go +++ b/config/monart.go @@ -33,7 +33,7 @@ func LoadMonartClient() (*Monart, error) { ID: os.Getenv("MONART_ID"), } if err := mon.Valid(); err != nil { - return nil, fmt.Errorf("Invalid monart config: %v %w", ErrInvalidMonartConfig, err) + return nil, fmt.Errorf("failed to validate config: %w %w", ErrInvalidMonartConfig, err) } return mon, nil } diff --git a/go.mod b/go.mod index 256f898..4eb3d23 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/scalescape/dolores -go 1.19 +go 1.20 require ( cloud.google.com/go/storage v1.30.1 @@ -51,8 +51,9 @@ require ( github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect github.com/googleapis/gax-go/v2 v2.11.0 // indirect github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect + github.com/kr/pretty v0.3.0 // indirect github.com/mattn/go-colorable v0.1.12 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mattn/go-isatty v0.0.16 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect github.com/pmezard/go-difflib v1.0.0 // indirect @@ -60,6 +61,7 @@ require ( github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect + github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/stretchr/objx v0.5.0 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect @@ -77,5 +79,6 @@ require ( google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect google.golang.org/grpc v1.56.1 // indirect google.golang.org/protobuf v1.31.0 // indirect + gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index cf2b6b6..36cdef9 100644 --- a/go.sum +++ b/go.sum @@ -115,6 +115,7 @@ github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWH github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI= github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -234,17 +235,21 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4= @@ -289,6 +294,9 @@ github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5 github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= +github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.29.1 h1:cO+d60CHkknCbvzEWxP0S9K6KqyTjrCNUy1LdQLCGPc= github.com/rs/zerolog v1.29.1/go.mod h1:Le6ESbR7hc+DP6Lt1THiV8CQSdkkNrd3R0XbEgp3ZBU= @@ -473,6 +481,7 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -637,8 +646,9 @@ google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/secrets/manager.go b/secrets/manager.go index ba0106d..440ff86 100644 --- a/secrets/manager.go +++ b/secrets/manager.go @@ -110,7 +110,7 @@ func (c DecryptConfig) Valid() error { func (sm SecretManager) Decrypt(cfg DecryptConfig) error { if err := cfg.Valid(); err != nil { - return fmt.Errorf("invalid config: %w: %v", ErrInvalidDecryptConfig, err) + return fmt.Errorf("invalid config: %w: %w", ErrInvalidDecryptConfig, err) } req := client.FetchSecretRequest{Name: cfg.Name, Environment: cfg.Environment} data, err := sm.client.FetchSecrets(req) diff --git a/store/google/gcs.go b/store/google/gcs.go index 03468b2..0bf12fd 100644 --- a/store/google/gcs.go +++ b/store/google/gcs.go @@ -164,7 +164,7 @@ func (s StorageClient) createNewBucket(ctx context.Context, name string) error { func NewStore(ctx context.Context, cfg Config) (StorageClient, error) { data, err := os.ReadFile(cfg.ServiceAccountFile) if err != nil { - return StorageClient{}, fmt.Errorf("failed to read service account file with error %v %w", err, ErrInvalidServiceAccount) + return StorageClient{}, fmt.Errorf("failed to read service account file with error %w %w", err, ErrInvalidServiceAccount) } sa := new(ServiceAccount) if err := json.Unmarshal(data, sa); err != nil {