Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: dynamic secret #574

Merged
merged 34 commits into from
Jul 9, 2022
Merged
Show file tree
Hide file tree
Changes from 26 commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
b258038
dynamic secret&config
ZLBer May 17, 2022
dcc4629
add licence
ZLBer May 17, 2022
dabb78a
add licence
ZLBer May 17, 2022
5133b60
add licence
ZLBer May 17, 2022
7c575c5
add licence
ZLBer May 17, 2022
52762a0
Merge branch 'main' into dynamic_secret&config
seeflood May 17, 2022
79e1220
move
ZLBer May 17, 2022
3432aa1
Merge remote-tracking branch 'origin/dynamic_secret&config' into dyna…
ZLBer May 17, 2022
a301016
move
ZLBer May 17, 2022
2379a79
fix
ZLBer May 17, 2022
c59d519
Merge branch 'main' into dynamic_secret&config
ZLBer May 21, 2022
b1437e4
fix format
ZLBer May 21, 2022
cbb9818
Merge branch 'main' into dynamic_secret&config
ZLBer May 29, 2022
6ba84df
Merge branch 'main' into dynamic_secret&config
Xunzhuo Jun 3, 2022
a2eb044
Merge branch 'main' into dynamic_secret&config
seeflood Jun 4, 2022
747b08f
Merge branch 'main' into dynamic_secret&config
seeflood Jun 11, 2022
63d4d1b
Merge branch 'main' into dynamic_secret&config
seeflood Jun 18, 2022
93ccb23
Merge branch 'main' into dynamic_secret&config
seeflood Jun 29, 2022
7f27f2f
Merge branch 'main' into dynamic_secret&config
seeflood Jun 30, 2022
d98b8aa
Merge branch 'main' into dynamic_secret&config
seeflood Jul 1, 2022
8babbcf
secret ref
ZLBer Jul 3, 2022
30e07da
Merge remote-tracking branch 'origin/dynamic_secret&config' into dyna…
ZLBer Jul 3, 2022
a67ecdc
secret ref
ZLBer Jul 3, 2022
df7ec41
secret ref
ZLBer Jul 3, 2022
94217f8
secret ref
ZLBer Jul 3, 2022
ac48b26
Merge branch 'main' into dynamic_secret&config
Xunzhuo Jul 4, 2022
448174a
add TODO comment
seeflood Jul 5, 2022
08cb6f5
secret ref
ZLBer Jul 6, 2022
4b169d7
secret ref
ZLBer Jul 6, 2022
0b86e35
secret ref
ZLBer Jul 6, 2022
070b1cf
secret ref
ZLBer Jul 6, 2022
f6529eb
Merge branch 'main' into dynamic_secret&config
seeflood Jul 7, 2022
5140183
check nil in InjectSecretRef
seeflood Jul 7, 2022
9e04c75
Merge branch 'main' into dynamic_secret&config
seeflood Jul 8, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions components/lock/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,13 @@
// limitations under the License.
package lock

import "mosn.io/layotto/components/ref"

type Feature string

// Lock's metadata
type Config struct {
ref.Config
Type string `json:"type"`
Metadata map[string]string `json:"metadata"`
}
Expand Down
34 changes: 34 additions & 0 deletions components/ref/config.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
/*
* Copyright 2021 Layotto Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package ref

//Config is ref json config
type Config struct {
ComponentRef []*ComponentRef `json:"component_ref"`
SecretRef []*Item `json:"secret_ref"`
ConfigurationRef []*Item `json:"configuration_ref"`
ZLBer marked this conversation as resolved.
Show resolved Hide resolved
}

type ComponentRef struct {
Type string `json:"type"`
Name string `json:"name"`
}

type Item struct {
Name string `json:"name"`
Key string `json:"key"`
}
4 changes: 4 additions & 0 deletions components/sequencer/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,13 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package sequencer

import "mosn.io/layotto/components/ref"

type Config struct {
ref.Config
Type string `json:"type"`
BiggerThan map[string]int64 `json:"biggerThan"`
Metadata map[string]string `json:"metadata"`
Expand Down
108 changes: 108 additions & 0 deletions configs/config_ref_example.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
{
"servers": [
{
"default_log_path": "stdout",
"default_log_level": "DEBUG",
"routers": [
{
"router_config_name": "actuator_dont_need_router"
}
],
"listeners": [
{
"name": "grpc",
"address": "127.0.0.1:34904",
"bind_port": true,
"filter_chains": [
{
"filters": [
{
"type": "grpc",
"config": {
"server_name": "runtime",
"grpc_config": {
"hellos": {
"helloworld": {
"hello": "greeting"
}
},
"secret_store": {
"local.file": {
ZLBer marked this conversation as resolved.
Show resolved Hide resolved
"metadata": {
"secretsFile": "../../configs/secret/config_secret_local_file.json"
}
},
"local.env": {
"metadata": {
}
}
},
"sequencer": {
"redis": {
"metadata": {
"redisHost": "127.0.0.1:6380",
"redisPassword": ""
},
"componentRef": [
ZLBer marked this conversation as resolved.
Show resolved Hide resolved
{
"type": "config_store",
"name": "apollo"
},
{
"type": "secret_store",
"name": "local.file"
}
],
"secretRef": [
ZLBer marked this conversation as resolved.
Show resolved Hide resolved
{
"name": "local.file",
"key": "db-user-pass:password"
}
],
"configurationRef": [
{
"name": "apollo",
"key": "xxxxx"
}
]
}
},
"app": {
"app_id": "app1",
"grpc_callback_port": 9999
}
}
}
}
]
}
]
},
{
"name": "actuator",
"address": "127.0.0.1:34999",
"bind_port": true,
"filter_chains": [
{
"filters": [
{
"type": "proxy",
"config": {
"downstream_protocol": "Http1",
"upstream_protocol": "Http1",
"router_config_name": "actuator_dont_need_router"
}
}
]
}
],
"stream_filters": [
{
"type": "actuator_filter"
}
]
}
]
}
]
}
3 changes: 3 additions & 0 deletions pkg/runtime/bindings/metadata.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,10 @@

package bindings

import "mosn.io/layotto/components/ref"

type Metadata struct {
ref.Config
Type string `json:"type"`
Version string
Metadata map[string]string `json:"metadata"`
Expand Down
3 changes: 3 additions & 0 deletions pkg/runtime/pubsub/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,11 @@

package pubsub

import "mosn.io/layotto/components/ref"

// Config wraps configuration for a pubsub implementation
type Config struct {
ref.Config
Type string `json:"type"`
Metadata map[string]string `json:"metadata"`
}
44 changes: 44 additions & 0 deletions pkg/runtime/ref/contianer.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
/*
* Copyright 2021 Layotto Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package ref

import (
"github.com/dapr/components-contrib/secretstores"

"mosn.io/layotto/components/configstores"
)

// RefContainer hold all secret&config store
type RefContainer struct {
SecretRef map[string]secretstores.SecretStore
ConfigRef map[string]configstores.Store
}

func NewRefContainer() *RefContainer {
return &RefContainer{
SecretRef: make(map[string]secretstores.SecretStore),
ConfigRef: make(map[string]configstores.Store),
}
}

func (r *RefContainer) GetSecretStore(key string) secretstores.SecretStore {
return r.SecretRef[key]
}

func (r *RefContainer) GetConfigStore(key string) configstores.Store {
return r.ConfigRef[key]
}
39 changes: 39 additions & 0 deletions pkg/runtime/ref/contianer_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
/*
* Copyright 2021 Layotto Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package ref

import (
"testing"

"github.com/stretchr/testify/assert"

"mosn.io/layotto/pkg/mock"
"mosn.io/layotto/pkg/mock/components/secret"
)

func TestRefContainer(t *testing.T) {

container := NewRefContainer()

ss := &secret.FakeSecretStore{}
container.SecretRef["fake"] = ss
cf := &mock.MockStore{}
container.ConfigRef["mock"] = cf
assert.Equal(t, ss, container.GetSecretStore("fake"))
assert.Equal(t, cf, container.GetConfigStore("mock"))

}
54 changes: 54 additions & 0 deletions pkg/runtime/ref/injector.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
/*
* Copyright 2021 Layotto Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package ref

import (
"github.com/dapr/components-contrib/secretstores"

"mosn.io/layotto/components/ref"
)

type DefaultInjector struct {
Container RefContainer
}

//InjectSecretRef inject secret to metaData
func (i *DefaultInjector) InjectSecretRef(items []*ref.Item, metaData map[string]string) error {

if len(items) == 0 {
return nil
}

meta := make(map[string]string)
ZLBer marked this conversation as resolved.
Show resolved Hide resolved
for _, item := range items {
store := i.Container.GetSecretStore(item.Name)
secret, err := store.GetSecret(secretstores.GetSecretRequest{
Name: item.Key,
})
if err != nil {
return err
}
for k, v := range secret.Data {
meta[k] = v
}
}
//avoid part of assign because of err
for k, v := range meta {
metaData[k] = v
}
return nil
}
48 changes: 48 additions & 0 deletions pkg/runtime/ref/injector_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
/*
* Copyright 2021 Layotto Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package ref

import (
"testing"

"github.com/stretchr/testify/assert"

"mosn.io/layotto/components/ref"
"mosn.io/layotto/pkg/mock"
"mosn.io/layotto/pkg/mock/components/secret"
)

func TestInject(t *testing.T) {

container := NewRefContainer()

ss := &secret.FakeSecretStore{}
container.SecretRef["fake_secret_store"] = ss
cf := &mock.MockStore{}
container.ConfigRef["mock_config_store"] = cf

injector := DefaultInjector{Container: *container}
meta := make(map[string]string)
var items []*ref.Item
items = append(items, &ref.Item{
Name: "fake_secret_store",
Key: "good-key",
})
injector.InjectSecretRef(items, meta)
assert.Equal(t, meta["good-key"], "life is good")

}
Loading