Skip to content

feat: ADD SECRET API #343

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 52 commits into from
Feb 10, 2022
Merged

feat: ADD SECRET API #343

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
df36a2e
增加Secret API
MentosL Oct 29, 2021
2c06d17
提交对应组件实现
MentosL Nov 2, 2021
395b641
Update go.sum
MentosL Nov 2, 2021
58ad59c
Merge branch 'main' into add-secret-api
MentosL Nov 2, 2021
7381c42
提交本地代码
MentosL Nov 5, 2021
35e977d
增加秘钥单元测试
MentosL Nov 28, 2021
b113884
Merge branch 'main' into add-secret-api
MentosL Nov 28, 2021
75de2fe
解决冲突并合并
MentosL Nov 28, 2021
fb31e2d
重新生成文件
MentosL Nov 28, 2021
11a73d8
增加git add操作
MentosL Nov 28, 2021
e64dfa0
提交新增
MentosL Nov 28, 2021
272d458
add license
MentosL Nov 28, 2021
5ced009
修改单测
MentosL Nov 28, 2021
83ca0e0
add
MentosL Nov 28, 2021
ff33827
add
MentosL Nov 28, 2021
ce02ffe
Merge branch 'main' into main
seeflood Nov 30, 2021
b9a571e
修复冲突
MentosL Dec 1, 2021
2ca2dca
Merge branch 'main' of https://github.com/MentosL/layotto
MentosL Dec 1, 2021
3e46e25
合并上游主干
MentosL Dec 18, 2021
2afa917
提交文件
MentosL Dec 18, 2021
ab72d02
引入dapr关于secret api
MentosL Dec 19, 2021
e1213d6
增加修改
MentosL Dec 19, 2021
5526909
增加修改
MentosL Dec 20, 2021
1c41322
Merge branch 'main' into main
MentosL Dec 20, 2021
a51eb36
进行modiy之后提交
MentosL Dec 20, 2021
c8ed122
Merge branch 'main' of https://github.com/MentosL/layotto
MentosL Dec 20, 2021
1363513
增加修改文件
MentosL Dec 20, 2021
fe2b767
修改文件
MentosL Dec 20, 2021
cdcb1aa
增加修改文件
MentosL Dec 20, 2021
0896cf6
Merge branch 'main' into main
seeflood Dec 20, 2021
322570e
Merge branch 'main' into main
seeflood Dec 20, 2021
c73d3a5
Merge branch 'main' into main
MentosL Dec 20, 2021
a84efd4
Merge remote-tracking branch 'upstream/main'
MentosL Dec 22, 2021
190785f
提交修改冲突文件
MentosL Dec 27, 2021
48ce54a
增加dapr中关于秘钥获取的ut
MentosL Dec 27, 2021
2147970
修改方法
MentosL Dec 27, 2021
4f10807
重新触发CI
MentosL Dec 27, 2021
6aa5bc9
修改UT
MentosL Dec 27, 2021
0fb28ee
修改初始化错误
MentosL Dec 27, 2021
13f83ed
更改权限判断方法,留下方法定义后期实现
MentosL Dec 28, 2021
2476a21
move secret api code from dapr_api_unimplement.go to a new file
seeflood Dec 28, 2021
69e3cdf
no actuator support for secret store
seeflood Dec 28, 2021
005b4fa
增加BulkSecret以及对应UT
MentosL Dec 28, 2021
b5dd3e4
Merge branch 'main' of https://github.com/MentosL/layotto
MentosL Dec 28, 2021
8e3696b
fix ut
seeflood Dec 28, 2021
afdc95a
Merge remote-tracking branch 'origin/main' into main
seeflood Dec 28, 2021
a11b726
Merge branch 'main' into main
seeflood Jan 7, 2022
67ccc6f
Merge branch 'main' of https://github.com/mosn/layotto
MentosL Feb 8, 2022
e2a12be
modify secretstores' registry logic
seeflood Feb 8, 2022
d2c6e12
fix ut
seeflood Feb 8, 2022
aaeca29
remove unused functions
seeflood Feb 8, 2022
195af07
add comments
seeflood Feb 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 40 additions & 4 deletions cmd/layotto/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,22 @@ package main
import (
"encoding/json"
"fmt"
"os"
"strconv"
"time"

"github.com/dapr/components-contrib/secretstores"
"github.com/dapr/components-contrib/secretstores/aws/parameterstore"
"github.com/dapr/components-contrib/secretstores/aws/secretmanager"
"github.com/dapr/components-contrib/secretstores/azure/keyvault"
gcp_secretmanager "github.com/dapr/components-contrib/secretstores/gcp/secretmanager"
"github.com/dapr/components-contrib/secretstores/hashicorp/vault"
sercetstores_kubernetes "github.com/dapr/components-contrib/secretstores/kubernetes"
secretstore_env "github.com/dapr/components-contrib/secretstores/local/env"
secretstore_file "github.com/dapr/components-contrib/secretstores/local/file"
"mosn.io/api"
"mosn.io/layotto/diagnostics"
"mosn.io/layotto/pkg/grpc/default_api"
secretstores_loader "mosn.io/layotto/pkg/runtime/secretstores"
"os"
"strconv"
"time"

"mosn.io/layotto/components/file/local"
"mosn.io/layotto/components/file/s3/alicloud"
Expand Down Expand Up @@ -339,6 +348,33 @@ func NewRuntimeGrpcServer(data json.RawMessage, opts ...grpc.ServerOption) (mgrp
runtime_sequencer.NewFactory("mongo", func() sequencer.Store {
return sequencer_mongo.NewMongoSequencer(log.DefaultLogger)
}),
),
// secretstores
runtime.WithSecretStoresFactory(
secretstores_loader.NewFactory("kubernetes", func() secretstores.SecretStore {
return sercetstores_kubernetes.NewKubernetesSecretStore(loggerForDaprComp)
}),
secretstores_loader.NewFactory("azure.keyvault", func() secretstores.SecretStore {
return keyvault.NewAzureKeyvaultSecretStore(loggerForDaprComp)
}),
secretstores_loader.NewFactory("hashicorp.vault", func() secretstores.SecretStore {
return vault.NewHashiCorpVaultSecretStore(loggerForDaprComp)
}),
secretstores_loader.NewFactory("aws.secretmanager", func() secretstores.SecretStore {
return secretmanager.NewSecretManager(loggerForDaprComp)
}),
secretstores_loader.NewFactory("aws.parameterstore", func() secretstores.SecretStore {
return parameterstore.NewParameterStore(loggerForDaprComp)
}),
secretstores_loader.NewFactory("gcp.secretmanager", func() secretstores.SecretStore {
return gcp_secretmanager.NewSecreteManager(loggerForDaprComp)
}),
secretstores_loader.NewFactory("local.file", func() secretstores.SecretStore {
return secretstore_file.NewLocalSecretStore(loggerForDaprComp)
}),
secretstores_loader.NewFactory("local.env", func() secretstores.SecretStore {
return secretstore_env.NewEnvSecretStore(loggerForDaprComp)
}),
))
// 4. check if unhealthy
if err != nil {
Expand Down
3 changes: 2 additions & 1 deletion components/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,8 @@ require (
github.com/hashicorp/consul/api v1.3.0
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
github.com/minio/minio-go/v7 v7.0.15
github.com/mitchellh/mapstructure v1.3.3 // indirect
github.com/mitchellh/mapstructure v1.4.1
github.com/pkg/errors v0.9.1
github.com/spf13/afero v1.2.2 // indirect
github.com/stretchr/testify v1.7.0
github.com/valyala/fasthttp v1.26.0
Expand Down
11 changes: 7 additions & 4 deletions components/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -503,8 +503,11 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW
github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.13.1 h1:wXr2uRxZTJXHLly6qhJabee5JqIhTRoLBhDOA74hDEQ=
github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
github.com/klauspost/compress v1.10.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
github.com/klauspost/compress v1.12.2/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc=
github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
github.com/klauspost/cpuid v1.3.1 h1:5JNjFYYQrZeKRJ0734q51WCEEn2huer72Dc7K+R/b6s=
github.com/klauspost/cpuid v1.3.1/go.mod h1:bYW4mA6ZgKPob1/Dlai2LviZJO7KGI3uoWLd42rAQw4=
Expand Down Expand Up @@ -569,8 +572,8 @@ github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS4
github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/mitchellh/mapstructure v1.3.3 h1:SzB1nHZ2Xi+17FP0zVQBHIZqvwRN9408fJO8h+eeNA8=
github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.4.1 h1:CpVNEelQCZBooIPDn+AR3NpivK/TIKU8bDxdASFVQag=
github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ require (
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/json-iterator/go v1.1.11
github.com/phayes/freeport v0.0.0-20171002181615-b8543db493a5
github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2
github.com/pkg/errors v0.9.1
github.com/shirou/gopsutil v3.21.3+incompatible
github.com/stretchr/testify v1.7.0
Expand Down
16 changes: 14 additions & 2 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -470,6 +470,7 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-logr/logr v0.3.0 h1:q4c+kbcR0d5rSurhBR8dIgieOaYpXtsdTYfx22Cu6rs=
github.com/go-logr/logr v0.3.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-ole/go-ole v1.2.4/go.mod h1:XCwSNxSkXRo4vlyPy93sltvi/qJq0jqQhjqQNIwKuxM=
github.com/go-ole/go-ole v1.2.5 h1:t4MGB5xEDZvXI+0rMjjsfBsD7yAgp/s9ZDkL1JndXwY=
Expand Down Expand Up @@ -632,6 +633,7 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
Expand All @@ -656,6 +658,7 @@ github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
github.com/googleapis/gnostic v0.5.1 h1:A8Yhf6EtqTv9RMsU6MQTyrtV1TjWlR6xU9BsZIwuTCM=
github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
Expand Down Expand Up @@ -753,6 +756,7 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO
github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/imdario/mergo v0.3.10 h1:6q5mVkdH/vYmqngx7kZQTjJ5HRsx+ImorDIEQ+beJgc=
github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
Expand Down Expand Up @@ -1128,8 +1132,8 @@ github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCko
github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac=
github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
github.com/peterh/liner v0.0.0-20170211195444-bf27d3ba8e1d/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
github.com/phayes/freeport v0.0.0-20171002181615-b8543db493a5 h1:rZQtoozkfsiNs36c7Tdv/gyGNzD1X1XWKO8rptVNZuM=
github.com/phayes/freeport v0.0.0-20171002181615-b8543db493a5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc=
github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
github.com/pierrec/lz4 v0.0.0-20190327172049-315a67e90e41/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
github.com/pierrec/lz4 v2.0.5+incompatible h1:2xWsjqPFWcplujydGg4WmhC/6fZqK42wMM8aXeqhl0I=
Expand Down Expand Up @@ -2041,24 +2045,30 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
istio.io/api v0.0.0-20200227213531-891bf31f3c32/go.mod h1:bcY3prusO/6vA6zGHz4PNG2v79clPyTw06Xx3fprJSQ=
istio.io/gogo-genproto v0.0.0-20190930162913-45029607206a/go.mod h1:OzpAts7jljZceG4Vqi5/zXy/pOg1b209T3jb7Nv5wIs=
k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI=
k8s.io/api v0.20.0 h1:WwrYoZNM1W1aQEbyl8HNG+oWGzLpZQBlcerS9BQw9yI=
k8s.io/api v0.20.0/go.mod h1:HyLC5l5eoS/ygQYl1BXBgFzWNlkHiAuyNAbevIn+FKg=
k8s.io/apiextensions-apiserver v0.20.0/go.mod h1:ZH+C33L2Bh1LY1+HphoRmN1IQVLTShVcTojivK3N9xg=
k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg=
k8s.io/apimachinery v0.20.0 h1:jjzbTJRXk0unNS71L7h3lxGDH/2HPxMPaQY+MjECKL8=
k8s.io/apimachinery v0.20.0/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
k8s.io/apiserver v0.20.0/go.mod h1:6gRIWiOkvGvQt12WTYmsiYoUyYW0FXSiMdNl4m+sxY8=
k8s.io/client-go v0.20.0 h1:Xlax8PKbZsjX4gFvNtt4F5MoJ1V5prDvCuoq9B7iax0=
k8s.io/client-go v0.20.0/go.mod h1:4KWh/g+Ocd8KkCwKF8vUNnmqgv+EVnQDK4MBF4oB5tY=
k8s.io/code-generator v0.20.0/go.mod h1:UsqdF+VX4PU2g46NC2JRs4gc+IfrctnwHb76RNbWHJg=
k8s.io/component-base v0.20.0/go.mod h1:wKPj+RHnAr8LW2EIBIK7AxOHPde4gme2lzXwVSoRXeA=
k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
k8s.io/klog/v2 v2.4.0 h1:7+X0fUguPyrKEC4WjH8iGDg3laWgMo5tMnRTIGTTxGQ=
k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM=
k8s.io/utils v0.0.0-20201110183641-67b214c5f920 h1:CbnUZsM497iRC5QMVkHwyl8s2tB3g7yaSHkYPkpgelw=
k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
launchpad.net/gocheck v0.0.0-20140225173054-000000000087/go.mod h1:hj7XX3B/0A+80Vse0e+BUHsHMTEhd0O4cpUHr/e/BUM=
launchpad.net/xmlpath v0.0.0-20130614043138-000000000004/go.mod h1:vqyExLOM3qBx7mvYRkoxjSCF945s0mbe7YynlKYXtsA=
Expand All @@ -2077,7 +2087,9 @@ rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e h1:4Z09Hglb792X0kfOBBJUPFEyvVfQWrYT/l8h5EKA6JQ=
sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI=
sigs.k8s.io/structured-merge-diff/v4 v4.0.2 h1:YHQV7Dajm86OuqnIR6zAelnDWBRjo+YhYV9PmGrh1s8=
sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q=
Expand Down
11 changes: 10 additions & 1 deletion pkg/grpc/dapr/dapr_api.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
"errors"
"github.com/dapr/components-contrib/bindings"
"github.com/dapr/components-contrib/pubsub"
"github.com/dapr/components-contrib/secretstores"
"github.com/dapr/components-contrib/state"
jsoniter "github.com/json-iterator/go"
"google.golang.org/grpc"
Expand Down Expand Up @@ -63,6 +64,7 @@ type daprGrpcAPI struct {
lockStores map[string]lock.LockStore
sequencers map[string]sequencer.Store
sendToOutputBindingFn func(name string, req *bindings.InvokeRequest) (*bindings.InvokeResponse, error)
secretStores map[string]secretstores.SecretStore
// app callback
AppCallbackConn *grpc.ClientConn
// json
Expand Down Expand Up @@ -161,6 +163,11 @@ func (d *daprGrpcAPI) InvokeBinding(ctx context.Context, in *runtime.InvokeBindi
return r, nil
}

func (d *daprGrpcAPI) isSecretAllowed(storeName string, key string) bool {
// TODO: add permission control
return true
}

// NewDaprAPI_Alpha construct a grpc_api.GrpcAPI which implements DaprServer.
// Currently it only support Dapr's InvokeService and InvokeBinding API.
// Note: this feature is still in Alpha state and we don't recommend that you use it in your production environment.
Expand All @@ -175,7 +182,7 @@ func NewDaprAPI_Alpha(ac *grpc_api.ApplicationContext) grpc_api.GrpcAPI {
return NewDaprServer(ac.AppId,
ac.Hellos, ac.ConfigStores, ac.Rpcs, ac.PubSubs, ac.StateStores, transactionalStateStores,
ac.Files, ac.LockStores, ac.Sequencers,
ac.SendToOutputBindingFn)
ac.SendToOutputBindingFn, ac.SecretStores)
}

func NewDaprServer(
Expand All @@ -190,6 +197,7 @@ func NewDaprServer(
lockStores map[string]lock.LockStore,
sequencers map[string]sequencer.Store,
sendToOutputBindingFn func(name string, req *bindings.InvokeRequest) (*bindings.InvokeResponse, error),
secretStores map[string]secretstores.SecretStore,
) DaprGrpcAPI {
// construct
return &daprGrpcAPI{
Expand All @@ -205,5 +213,6 @@ func NewDaprServer(
sequencers: sequencers,
sendToOutputBindingFn: sendToOutputBindingFn,
json: jsoniter.ConfigFastest,
secretStores: secretStores,
}
}
114 changes: 114 additions & 0 deletions pkg/grpc/dapr/dapr_api_secret.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
/*
* Copyright 2021 Layotto Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package dapr

import (
"context"
"github.com/dapr/components-contrib/secretstores"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"mosn.io/layotto/pkg/grpc/dapr/proto/runtime/v1"
"mosn.io/layotto/pkg/messages"
"mosn.io/pkg/log"
)

func (d *daprGrpcAPI) GetSecret(ctx context.Context, request *runtime.GetSecretRequest) (*runtime.GetSecretResponse, error) {
// 1. check parameters
if d.secretStores == nil || len(d.secretStores) == 0 {
err := status.Error(codes.FailedPrecondition, messages.ErrSecretStoreNotConfigured)
log.DefaultLogger.Errorf("GetSecret fail,not configured err:%+v", err)
return &runtime.GetSecretResponse{}, err
}
secretStoreName := request.StoreName

if d.secretStores[secretStoreName] == nil {
err := status.Errorf(codes.InvalidArgument, messages.ErrSecretStoreNotFound, secretStoreName)
log.DefaultLogger.Errorf("GetSecret fail,not find err:%+v", err)
return &runtime.GetSecretResponse{}, err
}

// 2. TODO permission control
if !d.isSecretAllowed(request.StoreName, request.Key) {
err := status.Errorf(codes.PermissionDenied, messages.ErrPermissionDenied, request.Key, request.StoreName)
return &runtime.GetSecretResponse{}, err
}

// 3. delegate to components
req := secretstores.GetSecretRequest{
Name: request.Key,
Metadata: request.Metadata,
}
getResponse, err := d.secretStores[secretStoreName].GetSecret(req)
// 4. parse result
if err != nil {
err = status.Errorf(codes.Internal, messages.ErrSecretGet, req.Name, secretStoreName, err.Error())
log.DefaultLogger.Errorf("GetSecret fail,get secret err:%+v", err)
return &runtime.GetSecretResponse{}, err
}

response := &runtime.GetSecretResponse{}
if getResponse.Data != nil {
response.Data = getResponse.Data
}
return response, nil
}

func (d *daprGrpcAPI) GetBulkSecret(ctx context.Context, in *runtime.GetBulkSecretRequest) (*runtime.GetBulkSecretResponse, error) {
// 1. check parameters
if d.secretStores == nil || len(d.secretStores) == 0 {
err := status.Error(codes.FailedPrecondition, messages.ErrSecretStoreNotConfigured)
log.DefaultLogger.Errorf("GetBulkSecret fail,not configured err:%+v", err)
return &runtime.GetBulkSecretResponse{}, err
}
secretStoreName := in.StoreName

if d.secretStores[secretStoreName] == nil {
err := status.Errorf(codes.InvalidArgument, messages.ErrSecretStoreNotFound, secretStoreName)
log.DefaultLogger.Errorf("GetBulkSecret fail,not find err:%+v", err)
return &runtime.GetBulkSecretResponse{}, err
}
// 2. delegate to components
req := secretstores.BulkGetSecretRequest{
Metadata: in.Metadata,
}
getResponse, err := d.secretStores[secretStoreName].BulkGetSecret(req)
// 3. parse result
if err != nil {
err = status.Errorf(codes.Internal, messages.ErrBulkSecretGet, secretStoreName, err.Error())
log.DefaultLogger.Errorf("GetBulkSecret fail,bulk secret err:%+v", err)
return &runtime.GetBulkSecretResponse{}, err
}

// 4. filter result
filteredSecrets := map[string]map[string]string{}
for key, v := range getResponse.Data {
// TODO: permission control
if d.isSecretAllowed(secretStoreName, key) {
filteredSecrets[key] = v
} else {
log.DefaultLogger.Debugf(messages.ErrPermissionDenied, key, in.StoreName)
}
}
response := &runtime.GetBulkSecretResponse{}
if getResponse.Data != nil {
response.Data = map[string]*runtime.SecretResponse{}
for key, v := range filteredSecrets {
response.Data[key] = &runtime.SecretResponse{Secrets: v}
}
}
return response, nil
}
Loading