diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index 8d5794750d..3aa0d6c57a 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -36,7 +36,7 @@ jobs: directory: - examples - sdk - - services + - service - lib/crypto steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 @@ -47,7 +47,7 @@ jobs: examples/go.sum protocol/go/go.sum sdk/go.sum - services/go.sum + service/go.sum - run: make go.work - run: go mod download - run: go mod verify @@ -61,7 +61,7 @@ jobs: only-new-issues: ${{ (github.event_name == 'pull_request' || github.event_name == 'merge_group') }} args: --out-format=colored-line-number - name: Install softHSM - if: matrix.directory == 'services' + if: matrix.directory == 'service' run: |- sudo apt-get install -y softhsm opensc openssl sudo chmod +x /etc/softhsm @@ -82,14 +82,14 @@ jobs: with: go-version: "1.21.8" cache-dependency-path: | - services/go.sum + service/go.sum examples/go.sum protocol/go/go.sum sdk/go.sum - run: make go.work - run: go mod download - run: go mod verify - - run: go test ./services/integration -race -failfast + - run: go test ./service/integration -race -failfast - name: Install softHSM run: |- sudo apt-get install -y softhsm opensc openssl @@ -103,12 +103,12 @@ jobs: - run: .github/scripts/hsm-init-temporary-keys.sh - run: docker compose up -d --wait --wait-timeout 240 - run: cp opentdf-example.yaml opentdf.yaml - - run: go run ./services provision keycloak + - run: go run ./service provision keycloak - uses: JarvusInnovations/background-action@313d37130873d82c33fc907b9b78e932aec8e990 name: start server in background with: run: | - go run ./services start + go run ./service start wait-on: | tcp:localhost:8080 log-output-if: true @@ -142,26 +142,26 @@ jobs: - uses: bufbuild/buf-setup-action@382440cdb8ec7bc25a68d7b4711163d95f7cc3aa - uses: bufbuild/buf-lint-action@044d13acb1f155179c606aaa2e53aea304d22058 with: - input: services + input: service - uses: bufbuild/buf-breaking-action@a074e988ee34efcd4927079e79c611f428354c01 # TODO(#212) Block on breaking changes after protos are frozen continue-on-error: true with: - input: services - against: "https://github.com/opentdf/platform.git#branch=main,subdir=services" + input: service + against: "https://github.com/opentdf/platform.git#branch=main,subdir=service" - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 with: go-version: "1.21.8" cache-dependency-path: | - services/go.sum + service/go.sum protocol/go/go.sum sdk/go.sum examples/go.sum - - run: cd services && go get github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc - - run: cd services && go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc + - run: cd service && go get github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc + - run: cd service && go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc - run: make proto-generate - name: Restore go.mod after installing protoc-gen-doc - run: git restore {services,protocol/go}/go.{mod,sum} + run: git restore {service,protocol/go}/go.{mod,sum} - run: git diff - run: git diff-files --ignore-submodules - name: Check that files have been formatted before PR submission @@ -195,17 +195,17 @@ jobs: filters: | examples: - 'examplesk/go.*' - services: - - 'services/go.*' + service: + - 'service/go.*' sdk: - 'sdk/go.*' - name: install go-licenses run: go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e - - name: check services licenses - if: steps.deps-changed.outputs.services == 'true' + - name: check service licenses + if: steps.deps-changed.outputs.service == 'true' run: > go-licenses check --disallowed_types=forbidden --include_tests - ./services + ./service - name: check sdk licenses if: steps.deps-changed.outputs.sdk == 'true' run: > diff --git a/.github/workflows/lint-all.yaml b/.github/workflows/lint-all.yaml index d8dd09f501..06dc30bc3d 100644 --- a/.github/workflows/lint-all.yaml +++ b/.github/workflows/lint-all.yaml @@ -43,4 +43,4 @@ jobs: - uses: bufbuild/buf-setup-action@382440cdb8ec7bc25a68d7b4711163d95f7cc3aa - uses: bufbuild/buf-lint-action@044d13acb1f155179c606aaa2e53aea304d22058 with: - input: services + input: service diff --git a/.gitignore b/.gitignore index ef58ba70f9..f4890e5afb 100644 --- a/.gitignore +++ b/.gitignore @@ -36,7 +36,7 @@ tmp-gen/ /opentdf /sdkjava/target /serviceapp -/services/opentdf +/service/opentdf *.zip sensitive.txt.tdf diff --git a/Dockerfile b/Dockerfile index c7ef36cc67..c6f9aa8981 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,14 +5,14 @@ WORKDIR /app COPY protocol/ protocol/ COPY sdk/ sdk/ COPY lib/crypto lib/crypto -COPY services/ services/ +COPY service/ service/ COPY examples/ examples/ COPY Makefile ./ -RUN cd services \ +RUN cd service \ && go mod download \ && go mod verify RUN make go.work \ - && go build -o opentdf ./services + && go build -o opentdf ./service FROM cgr.dev/chainguard/glibc-dynamic diff --git a/Makefile b/Makefile index 2e6361c63d..36f04d1707 100644 --- a/Makefile +++ b/Makefile @@ -3,10 +3,10 @@ .PHONY: all build clean docker-build fix go-lint lint proto-generate proto-lint sdk/sdk test toolcheck -MODS=protocol/go lib/crypto sdk services examples -HAND_MODS=lib/crypto sdk services examples +MODS=protocol/go lib/crypto sdk service examples +HAND_MODS=lib/crypto sdk service examples -EXCLUDE_OPENAPI=./services/authorization/idp_plugin.proto +EXCLUDE_OPENAPI=./service/authorization/idp_plugin.proto ROOT_DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST)))) @@ -33,7 +33,7 @@ fix: lint: proto-lint go-lint proto-lint: - buf lint services || (exit_code=$$?; \ + buf lint service || (exit_code=$$?; \ if [ $$exit_code -eq 100 ]; then \ echo "Buf lint exited with code 100, treating as success"; \ else \ @@ -46,9 +46,9 @@ go-lint: proto-generate: rm -rf protocol/go/[a-fh-z]* docs/grpc docs/openapi - buf generate services - buf generate services --template buf.gen.grpc.docs.yaml - buf generate services --exclude-path $(EXCLUDE_OPENAPI) --template buf.gen.openapi.docs.yaml + buf generate service + buf generate service --template buf.gen.grpc.docs.yaml + buf generate service --exclude-path $(EXCLUDE_OPENAPI) --template buf.gen.openapi.docs.yaml buf generate buf.build/grpc-ecosystem/grpc-gateway -o tmp-gen buf generate buf.build/grpc-ecosystem/grpc-gateway -o tmp-gen --template buf.gen.grpc.docs.yaml @@ -63,8 +63,8 @@ clean: build: go.work proto-generate opentdf sdk/sdk examples/examples -opentdf: go.work $(shell find services) - go build -o opentdf -v services/main.go +opentdf: go.work $(shell find service) + go build -o opentdf -v service/main.go sdk/sdk: go.work $(shell find sdk) (cd sdk && go build ./...) diff --git a/README.md b/README.md index 43853b77c3..1883543d57 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ - [Configuration](./docs/configuration.md) - [Development](#development) - [Policy Config Schema](./migrations/20240212000000_schema_erd.md) -- [Policy Config Testing Diagram](./services/integration/testing_diagram.png) +- [Policy Config Testing Diagram](./service/integration/testing_diagram.png) ## Development @@ -47,20 +47,20 @@ On macOS, these can be installed with [brew](https://docs.brew.sh/Installation) > [!NOTE] > Migrations are handled automatically by the server. This can be disabled via the config file, as > needed. They can also be run manually using the `migrate` command -> (`go run github.com/opentdf/platform/services migrate -h`). +> (`go run github.com/opentdf/platform/service migrate -h`). 1. `docker-compose up` 2. Create an OpenTDF config file: `opentdf.yaml` 1. The `opentdf-example.yaml` file is a good starting point, but you may need to modify it to match your environment. 2. The `opentdf-example-no-kas.yaml` file configures the platform to run insecurely without KAS and without endpoint auth. -3. Provision keycloak `go run github.com/opentdf/platform/services provision keycloak` +3. Provision keycloak `go run github.com/opentdf/platform/service provision keycloak` 4. Configure KAS keys and your HSM with `.github/scripts/hsm-init-temporary-keys.sh` -5. Run the server `go run github.com/opentdf/platform/services start` +5. Run the server `go run github.com/opentdf/platform/service start` 1. _Alt_ use the hot-reload development environment `air` 6. The server is now running on `localhost:8080` (or the port specified in the config file) Note: support was added to provision a set of fixture data into the database. -Run `go run github.com/opentdf/platform/services provision fixtures -h` for more information. +Run `go run github.com/opentdf/platform/service provision fixtures -h` for more information. ### Test diff --git a/services/LICENSE b/service/LICENSE similarity index 100% rename from services/LICENSE rename to service/LICENSE diff --git a/services/authorization/authorization.go b/service/authorization/authorization.go similarity index 90% rename from services/authorization/authorization.go rename to service/authorization/authorization.go index 274e61a11b..b4a349964f 100644 --- a/services/authorization/authorization.go +++ b/service/authorization/authorization.go @@ -17,11 +17,11 @@ import ( "github.com/opentdf/platform/protocol/go/policy" attr "github.com/opentdf/platform/protocol/go/policy/attributes" otdf "github.com/opentdf/platform/sdk" - services "github.com/opentdf/platform/services/err" - "github.com/opentdf/platform/services/internal/access" - "github.com/opentdf/platform/services/internal/entitlements" - "github.com/opentdf/platform/services/internal/opa" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/internal/access" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/entitlements" + "github.com/opentdf/platform/service/internal/opa" + "github.com/opentdf/platform/service/pkg/serviceregistry" ) type AuthorizationService struct { @@ -77,7 +77,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat dataAttrDefsAndVals, err := retrieveAttributeDefinitions(ctx, ra, as.sdk) if err != nil { // TODO: should all decisions in a request fail if one FQN lookup fails? - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("fqns", strings.Join(ra.GetAttributeValueFqns(), ", "))) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("fqns", strings.Join(ra.GetAttributeValueFqns(), ", "))) } var attrDefs []*policy.Attribute var attrVals []*policy.Value @@ -98,7 +98,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat ecEntitlements, err := retrieveEntitlements(ctx, &req, as) if err != nil { // TODO: should all decisions in a request fail if one entity entitlement lookup fails? - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("getEntitlements request failed ", req.String())) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("getEntitlements request failed ", req.String())) } // currently just adding each entity retuned to same list @@ -117,7 +117,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat ) if err != nil { // TODO: should all decisions in a request fail if one entity entitlement lookup fails? - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("DetermineAccess request to Access PDP failed", "")) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("DetermineAccess request to Access PDP failed", "")) } // check the decisions decision := authorization.DecisionResponse_DECISION_PERMIT @@ -129,7 +129,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat decisionResp := &authorization.DecisionResponse{ Decision: decision, - EntityChainId: ec.Id, + EntityChainId: ec.GetId(), Action: &policy.Action{ Value: &policy.Action_Standard{ Standard: policy.Action_STANDARD_ACTION_TRANSMIT, @@ -150,7 +150,7 @@ func (as AuthorizationService) GetEntitlements(ctx context.Context, req *authori // https://github.com/opentdf/platform/issues/365 if req.GetScope() == nil { slog.ErrorContext(ctx, "requires scope") - return nil, errors.New(services.ErrFqnMissingValue) + return nil, errors.New(db.ErrTextFqnMissingValue) } // get subject mappings request := attr.GetAttributeValuesByFqnsRequest{ diff --git a/services/authorization/authorization.proto b/service/authorization/authorization.proto similarity index 100% rename from services/authorization/authorization.proto rename to service/authorization/authorization.proto diff --git a/services/authorization/authorization_test.go b/service/authorization/authorization_test.go similarity index 92% rename from services/authorization/authorization_test.go rename to service/authorization/authorization_test.go index fbc666cf99..f2d1b82811 100644 --- a/services/authorization/authorization_test.go +++ b/service/authorization/authorization_test.go @@ -115,8 +115,8 @@ func Test_GetDecisionsAllOf_Pass(t *testing.T) { // one entitlement, one attribute value throughout fmt.Print(resp.String()) - assert.Equal(t, 1, len(resp.DecisionResponses)) - assert.Equal(t, resp.DecisionResponses[0].Decision, authorization.DecisionResponse_DECISION_PERMIT) + assert.Equal(t, 1, len(resp.GetDecisionResponses())) + assert.Equal(t, resp.GetDecisionResponses()[0].GetDecision(), authorization.DecisionResponse_DECISION_PERMIT) // run again with two attribute values throughout // set the request @@ -163,9 +163,9 @@ func Test_GetDecisionsAllOf_Pass(t *testing.T) { resp, err = as.GetDecisions(ctxb, &req) assert.Nil(t, err) - assert.Equal(t, 2, len(resp.DecisionResponses)) - assert.Equal(t, resp.DecisionResponses[0].Decision, authorization.DecisionResponse_DECISION_DENY) - assert.Equal(t, resp.DecisionResponses[1].Decision, authorization.DecisionResponse_DECISION_DENY) + assert.Equal(t, 2, len(resp.GetDecisionResponses())) + assert.Equal(t, resp.GetDecisionResponses()[0].GetDecision(), authorization.DecisionResponse_DECISION_DENY) + assert.Equal(t, resp.GetDecisionResponses()[1].GetDecision(), authorization.DecisionResponse_DECISION_DENY) } func Test_GetDecisions_AllOf_Fail(t *testing.T) { @@ -245,6 +245,6 @@ func Test_GetDecisions_AllOf_Fail(t *testing.T) { // only responds with one permit/deny at the moment // entitlements only contain the first FQN, so we have a deny decision fmt.Print(resp.String()) - assert.Equal(t, len(resp.DecisionResponses), 1) - assert.Equal(t, resp.DecisionResponses[0].Decision, authorization.DecisionResponse_DECISION_DENY) + assert.Equal(t, len(resp.GetDecisionResponses()), 1) + assert.Equal(t, resp.GetDecisionResponses()[0].GetDecision(), authorization.DecisionResponse_DECISION_DENY) } diff --git a/services/authorization/idp_plugin.proto b/service/authorization/idp_plugin.proto similarity index 100% rename from services/authorization/idp_plugin.proto rename to service/authorization/idp_plugin.proto diff --git a/services/buf.lock b/service/buf.lock similarity index 100% rename from services/buf.lock rename to service/buf.lock diff --git a/services/buf.yaml b/service/buf.yaml similarity index 100% rename from services/buf.yaml rename to service/buf.yaml diff --git a/services/cmd/migrate.go b/service/cmd/migrate.go similarity index 95% rename from services/cmd/migrate.go rename to service/cmd/migrate.go index 993b9e0bc3..2ddf82c727 100644 --- a/services/cmd/migrate.go +++ b/service/cmd/migrate.go @@ -4,8 +4,8 @@ import ( "fmt" "log/slog" - "github.com/opentdf/platform/services/internal/config" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/config" + "github.com/opentdf/platform/service/internal/db" "github.com/spf13/cobra" ) diff --git a/services/cmd/policy.go b/service/cmd/policy.go similarity index 91% rename from services/cmd/policy.go rename to service/cmd/policy.go index b0a78baa3d..d51a9a28ee 100644 --- a/services/cmd/policy.go +++ b/service/cmd/policy.go @@ -4,9 +4,9 @@ import ( "fmt" "log/slog" - "github.com/opentdf/platform/services/internal/config" - "github.com/opentdf/platform/services/internal/db" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/config" + "github.com/opentdf/platform/service/internal/db" + policydb "github.com/opentdf/platform/service/policy/db" "github.com/spf13/cobra" ) diff --git a/services/cmd/provisionFixtures.go b/service/cmd/provisionFixtures.go similarity index 92% rename from services/cmd/provisionFixtures.go rename to service/cmd/provisionFixtures.go index 8512abf7c1..6a7329dcc4 100644 --- a/services/cmd/provisionFixtures.go +++ b/service/cmd/provisionFixtures.go @@ -3,9 +3,9 @@ package cmd import ( "fmt" - "github.com/opentdf/platform/services/internal/config" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" + "github.com/opentdf/platform/service/internal/config" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" "github.com/spf13/cobra" ) diff --git a/services/cmd/provisionKeyloak.go b/service/cmd/provisionKeyloak.go similarity index 99% rename from services/cmd/provisionKeyloak.go rename to service/cmd/provisionKeyloak.go index a9e955abe5..0ee21f6405 100644 --- a/services/cmd/provisionKeyloak.go +++ b/service/cmd/provisionKeyloak.go @@ -10,7 +10,7 @@ import ( "strings" "github.com/Nerzal/gocloak/v13" - "github.com/opentdf/platform/services/internal/config" + "github.com/opentdf/platform/service/internal/config" "github.com/spf13/cobra" ) diff --git a/services/cmd/root.go b/service/cmd/root.go similarity index 100% rename from services/cmd/root.go rename to service/cmd/root.go diff --git a/services/cmd/start.go b/service/cmd/start.go similarity index 86% rename from services/cmd/start.go rename to service/cmd/start.go index be5ec06173..1c19fad6e3 100644 --- a/services/cmd/start.go +++ b/service/cmd/start.go @@ -1,7 +1,7 @@ package cmd import ( - "github.com/opentdf/platform/services/pkg/server" + "github.com/opentdf/platform/service/pkg/server" "github.com/spf13/cobra" ) diff --git a/services/common/common.proto b/service/common/common.proto similarity index 100% rename from services/common/common.proto rename to service/common/common.proto diff --git a/services/go.mod b/service/go.mod similarity index 99% rename from services/go.mod rename to service/go.mod index e41f2b832f..f8f11f8514 100644 --- a/services/go.mod +++ b/service/go.mod @@ -1,4 +1,4 @@ -module github.com/opentdf/platform/services +module github.com/opentdf/platform/service go 1.21.8 diff --git a/services/go.sum b/service/go.sum similarity index 100% rename from services/go.sum rename to service/go.sum diff --git a/services/health/health.go b/service/health/health.go similarity index 90% rename from services/health/health.go rename to service/health/health.go index f4b37efac5..95f2d4bbbb 100644 --- a/services/health/health.go +++ b/service/health/health.go @@ -5,8 +5,8 @@ import ( "log/slog" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/pkg/serviceregistry" "google.golang.org/grpc/codes" healthpb "google.golang.org/grpc/health/grpc_health_v1" "google.golang.org/grpc/status" @@ -39,14 +39,14 @@ func NewRegistration() serviceregistry.Registration { } func (s HealthService) Check(ctx context.Context, req *healthpb.HealthCheckRequest) (*healthpb.HealthCheckResponse, error) { - if req.Service == "" { + if req.GetService() == "" { return &healthpb.HealthCheckResponse{ Status: healthpb.HealthCheckResponse_SERVING, }, nil } // Check to see if we are doing a readiness probe - if req.Service == "readiness" { + if req.GetService() == "readiness" { // Check the database connection if err := s.db.Pgx.Ping(ctx); err != nil { slog.Error("database connection is not ready", slog.String("error", err.Error())) diff --git a/services/integration/attribute_fqns_test.go b/service/integration/attribute_fqns_test.go similarity index 98% rename from services/integration/attribute_fqns_test.go rename to service/integration/attribute_fqns_test.go index 083a077679..619d2bc17b 100644 --- a/services/integration/attribute_fqns_test.go +++ b/service/integration/attribute_fqns_test.go @@ -9,8 +9,8 @@ import ( "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" "github.com/opentdf/platform/protocol/go/policy/namespaces" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" "github.com/stretchr/testify/suite" ) diff --git a/services/integration/attribute_values_test.go b/service/integration/attribute_values_test.go similarity index 98% rename from services/integration/attribute_values_test.go rename to service/integration/attribute_values_test.go index b826fb5402..681c43e38c 100644 --- a/services/integration/attribute_values_test.go +++ b/service/integration/attribute_values_test.go @@ -10,9 +10,9 @@ import ( "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" "github.com/opentdf/platform/protocol/go/policy/namespaces" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" + policydb "github.com/opentdf/platform/service/policy/db" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" ) @@ -234,7 +234,7 @@ func (s *AttributeValuesSuite) Test_CreateAttributeValue_WithInvalidMember_Fails createdValue, err = s.db.PolicyClient.CreateAttributeValue(s.ctx, attrDef.Id, value) s.Nil(createdValue) s.NotNil(err) - s.ErrorIs(err, db.ErrUuidInvalid) + s.ErrorIs(err, db.ErrUUIDInvalid) } func (s *AttributeValuesSuite) Test_UpdateAttributeValue() { diff --git a/services/integration/attributes_test.go b/service/integration/attributes_test.go similarity index 98% rename from services/integration/attributes_test.go rename to service/integration/attributes_test.go index 8746a52fbd..98d49076df 100644 --- a/services/integration/attributes_test.go +++ b/service/integration/attributes_test.go @@ -10,9 +10,9 @@ import ( "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" "github.com/opentdf/platform/protocol/go/policy/namespaces" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" + policydb "github.com/opentdf/platform/service/policy/db" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" ) @@ -215,7 +215,7 @@ func (s *AttributesSuite) Test_GetAttribute_OrderOfValuesIsPreserved() { // add a fourth value val := &attributes.CreateAttributeValueRequest{ Value: "FOURTH", - AttributeId: createdAttr.Id, + AttributeId: createdAttr.GetId(), } createdVal, err := s.db.PolicyClient.CreateAttributeValue(s.ctx, createdAttr.GetId(), val) @@ -234,12 +234,12 @@ func (s *AttributesSuite) Test_GetAttribute_OrderOfValuesIsPreserved() { assert.Equal(s.T(), policy.AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY, gotAttr.GetRule()) // deactivate one of the values - deactivatedVal, err := s.db.PolicyClient.DeactivateAttributeValue(s.ctx, gotAttr.Values[1].Id) + deactivatedVal, err := s.db.PolicyClient.DeactivateAttributeValue(s.ctx, gotAttr.GetValues()[1].GetId()) assert.Nil(s.T(), err) assert.NotNil(s.T(), deactivatedVal) // get attribute and ensure order stays consistent - gotAttr, err = s.db.PolicyClient.GetAttribute(s.ctx, createdAttr.Id) + gotAttr, err = s.db.PolicyClient.GetAttribute(s.ctx, createdAttr.GetId()) assert.Nil(s.T(), err) assert.NotNil(s.T(), gotAttr) assert.Equal(s.T(), 4, len(gotAttr.GetValues())) diff --git a/services/integration/config.go b/service/integration/config.go similarity index 79% rename from services/integration/config.go rename to service/integration/config.go index 9e781959bf..64ad2b2b77 100644 --- a/services/integration/config.go +++ b/service/integration/config.go @@ -1,6 +1,6 @@ package integration -import "github.com/opentdf/platform/services/internal/config" +import "github.com/opentdf/platform/service/internal/config" var Config *config.Config diff --git a/services/integration/kas_registry_test.go b/service/integration/kas_registry_test.go similarity index 98% rename from services/integration/kas_registry_test.go rename to service/integration/kas_registry_test.go index a6715c32ca..e4af5faa62 100644 --- a/services/integration/kas_registry_test.go +++ b/service/integration/kas_registry_test.go @@ -7,8 +7,8 @@ import ( "github.com/opentdf/platform/protocol/go/common" kasr "github.com/opentdf/platform/protocol/go/kasregistry" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" "github.com/stretchr/testify/suite" ) diff --git a/services/integration/main_test.go b/service/integration/main_test.go similarity index 98% rename from services/integration/main_test.go rename to service/integration/main_test.go index 9c8d2d91e1..48e2ea67b1 100644 --- a/services/integration/main_test.go +++ b/service/integration/main_test.go @@ -9,7 +9,7 @@ import ( "time" "github.com/creasty/defaults" - "github.com/opentdf/platform/services/internal/fixtures" + "github.com/opentdf/platform/service/internal/fixtures" tc "github.com/testcontainers/testcontainers-go" "github.com/testcontainers/testcontainers-go/wait" ) diff --git a/services/integration/namespaces_test.go b/service/integration/namespaces_test.go similarity index 98% rename from services/integration/namespaces_test.go rename to service/integration/namespaces_test.go index 58541af192..aefe1240ec 100644 --- a/services/integration/namespaces_test.go +++ b/service/integration/namespaces_test.go @@ -11,9 +11,9 @@ import ( "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" "github.com/opentdf/platform/protocol/go/policy/namespaces" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" + policydb "github.com/opentdf/platform/service/policy/db" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" ) diff --git a/services/integration/resource_mappings_test.go b/service/integration/resource_mappings_test.go similarity index 98% rename from services/integration/resource_mappings_test.go rename to service/integration/resource_mappings_test.go index 6aea1431d5..16b00f26a2 100644 --- a/services/integration/resource_mappings_test.go +++ b/service/integration/resource_mappings_test.go @@ -8,8 +8,8 @@ import ( "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy/resourcemapping" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" "github.com/stretchr/testify/suite" ) diff --git a/services/integration/subject_mappings_test.go b/service/integration/subject_mappings_test.go similarity index 99% rename from services/integration/subject_mappings_test.go rename to service/integration/subject_mappings_test.go index 58e80c0b6b..8340104a58 100644 --- a/services/integration/subject_mappings_test.go +++ b/service/integration/subject_mappings_test.go @@ -8,8 +8,8 @@ import ( "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/subjectmapping" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/fixtures" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/fixtures" "github.com/stretchr/testify/suite" ) @@ -541,7 +541,7 @@ func (s *SubjectMappingsSuite) TestGetSubjectConditionSet_WithNoId_Fails() { scs, err := s.db.PolicyClient.GetSubjectConditionSet(s.ctx, "") s.NotNil(err) s.Nil(scs) - s.ErrorIs(err, db.ErrUuidInvalid) + s.ErrorIs(err, db.ErrUUIDInvalid) } func (s *SubjectMappingsSuite) TestGetSubjectConditionSet_NonExistentId_Fails() { diff --git a/services/integration/testing_diagram.png b/service/integration/testing_diagram.png similarity index 100% rename from services/integration/testing_diagram.png rename to service/integration/testing_diagram.png diff --git a/services/integration/wiremock/Dockerfile b/service/integration/wiremock/Dockerfile similarity index 100% rename from services/integration/wiremock/Dockerfile rename to service/integration/wiremock/Dockerfile diff --git a/services/integration/wiremock/README.md b/service/integration/wiremock/README.md similarity index 64% rename from services/integration/wiremock/README.md rename to service/integration/wiremock/README.md index e4379ab34f..944850bd59 100644 --- a/services/integration/wiremock/README.md +++ b/service/integration/wiremock/README.md @@ -6,7 +6,7 @@ WireMock requires service decriptions for the proto spec. To generate service d ```shell buf build ../../proto \ --o grpc/services.dsc +-o grpc/service.dsc ``` Service Mappings are located in [mapping](mappings) @@ -23,19 +23,19 @@ Note, wiremock does not support server reflection. Therefore, the `-protoset` op List Namespaces ```shell -grpcurl -plaintext -d '{}' -protoset grpc/services.dsc localhost:8080 namespaces.NamespaceService/ListNamespaces +grpcurl -plaintext -d '{}' -protoset grpc/service.dsc localhost:8080 namespaces.NamespaceService/ListNamespaces ``` List Attributes ```shell -grpcurl -plaintext -d '{}' -protoset grpc/services.dsc localhost:8080 attributes.AttributesService/ListAttributes +grpcurl -plaintext -d '{}' -protoset grpc/service.dsc localhost:8080 attributes.AttributesService/ListAttributes ``` Get Decision: ```shell -grpcurl -plaintext -d '{}' -protoset grpc/services.dsc localhost:8080 authorization.AuthorizationService/GetDecisions +grpcurl -plaintext -d '{}' -protoset grpc/service.dsc localhost:8080 authorization.AuthorizationService/GetDecisions ``` diff --git a/services/integration/wiremock/docker-compose.yaml b/service/integration/wiremock/docker-compose.yaml similarity index 100% rename from services/integration/wiremock/docker-compose.yaml rename to service/integration/wiremock/docker-compose.yaml diff --git a/services/integration/wiremock/grpc/services.dsc b/service/integration/wiremock/grpc/services.dsc similarity index 100% rename from services/integration/wiremock/grpc/services.dsc rename to service/integration/wiremock/grpc/services.dsc diff --git a/services/integration/wiremock/mappings/attributes.json b/service/integration/wiremock/mappings/attributes.json similarity index 100% rename from services/integration/wiremock/mappings/attributes.json rename to service/integration/wiremock/mappings/attributes.json diff --git a/services/integration/wiremock/mappings/authorization_service.json b/service/integration/wiremock/mappings/authorization_service.json similarity index 100% rename from services/integration/wiremock/mappings/authorization_service.json rename to service/integration/wiremock/mappings/authorization_service.json diff --git a/services/integration/wiremock/mappings/create_attribute.json b/service/integration/wiremock/mappings/create_attribute.json similarity index 100% rename from services/integration/wiremock/mappings/create_attribute.json rename to service/integration/wiremock/mappings/create_attribute.json diff --git a/services/integration/wiremock/mappings/create_namespace.json b/service/integration/wiremock/mappings/create_namespace.json similarity index 100% rename from services/integration/wiremock/mappings/create_namespace.json rename to service/integration/wiremock/mappings/create_namespace.json diff --git a/services/integration/wiremock/mappings/namespaces.json b/service/integration/wiremock/mappings/namespaces.json similarity index 100% rename from services/integration/wiremock/mappings/namespaces.json rename to service/integration/wiremock/mappings/namespaces.json diff --git a/services/integration/wiremock/mappings/oidc_jks.json b/service/integration/wiremock/mappings/oidc_jks.json similarity index 100% rename from services/integration/wiremock/mappings/oidc_jks.json rename to service/integration/wiremock/mappings/oidc_jks.json diff --git a/services/integration/wiremock/messages/create_attribute.json b/service/integration/wiremock/messages/create_attribute.json similarity index 100% rename from services/integration/wiremock/messages/create_attribute.json rename to service/integration/wiremock/messages/create_attribute.json diff --git a/services/integration/wiremock/messages/get_decisions_1.json b/service/integration/wiremock/messages/get_decisions_1.json similarity index 100% rename from services/integration/wiremock/messages/get_decisions_1.json rename to service/integration/wiremock/messages/get_decisions_1.json diff --git a/services/integration/wiremock/messages/list_attributes.json b/service/integration/wiremock/messages/list_attributes.json similarity index 100% rename from services/integration/wiremock/messages/list_attributes.json rename to service/integration/wiremock/messages/list_attributes.json diff --git a/services/integration/wiremock/messages/list_namespaces.json b/service/integration/wiremock/messages/list_namespaces.json similarity index 100% rename from services/integration/wiremock/messages/list_namespaces.json rename to service/integration/wiremock/messages/list_namespaces.json diff --git a/services/integration/wiremock/messages/oidc_jwks.json b/service/integration/wiremock/messages/oidc_jwks.json similarity index 100% rename from services/integration/wiremock/messages/oidc_jwks.json rename to service/integration/wiremock/messages/oidc_jwks.json diff --git a/services/internal/access/pdp.go b/service/internal/access/pdp.go similarity index 99% rename from services/internal/access/pdp.go rename to service/internal/access/pdp.go index 00ada3e35c..cccf89870b 100644 --- a/services/internal/access/pdp.go +++ b/service/internal/access/pdp.go @@ -501,8 +501,8 @@ type Decision struct { // on the AttributeDefinition for a given data Attribute Value, however, then there may be // FEWER DataRuleResults then there are DataRules // - //e.g. there are 5 data Attribute Values, and two entities each with a set of Attribute Values, - //the definition for one of those data Attribute Values has a GroupBy clause that excludes the second entity + // e.g. there are 5 data Attribute Values, and two entities each with a set of Attribute Values, + // the definition for one of those data Attribute Values has a GroupBy clause that excludes the second entity //-> the first entity will have 5 DataRuleResults with Passed = true //-> the second entity will have 4 DataRuleResults Passed = true //-> both will have Access == true. @@ -527,7 +527,7 @@ type DataRuleResult struct { // For an AnyOf rule, there should be fewer entity value failures than // there are data attribute values in total if Passed=TRUE // For a Hierarchy rule, there should be either no value failures if Passed=TRUE, - //or exactly one value failure if Passed=FALSE + // or exactly one value failure if Passed=FALSE ValueFailures []ValueFailure `json:"value_failures"` } diff --git a/services/internal/access/pdp_test.go b/service/internal/access/pdp_test.go similarity index 100% rename from services/internal/access/pdp_test.go rename to service/internal/access/pdp_test.go diff --git a/services/internal/auth/authn.go b/service/internal/auth/authn.go similarity index 99% rename from services/internal/auth/authn.go rename to service/internal/auth/authn.go index 1a04f8a93c..5f47405bc7 100644 --- a/services/internal/auth/authn.go +++ b/service/internal/auth/authn.go @@ -16,7 +16,7 @@ import ( "github.com/lestrrat-go/jwx/v2/jwk" "github.com/lestrrat-go/jwx/v2/jws" "github.com/lestrrat-go/jwx/v2/jwt" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/grpc" "google.golang.org/grpc/codes" "google.golang.org/grpc/metadata" diff --git a/services/internal/auth/authn_test.go b/service/internal/auth/authn_test.go similarity index 100% rename from services/internal/auth/authn_test.go rename to service/internal/auth/authn_test.go diff --git a/services/internal/auth/casbin.go b/service/internal/auth/casbin.go similarity index 99% rename from services/internal/auth/casbin.go rename to service/internal/auth/casbin.go index ab827b4dcf..1952cd90be 100644 --- a/services/internal/auth/casbin.go +++ b/service/internal/auth/casbin.go @@ -9,7 +9,7 @@ import ( casbinModel "github.com/casbin/casbin/v2/model" stringadapter "github.com/casbin/casbin/v2/persist/string-adapter" "github.com/lestrrat-go/jwx/v2/jwt" - "github.com/opentdf/platform/services/pkg/util" + "github.com/opentdf/platform/service/pkg/util" "golang.org/x/exp/slog" ) diff --git a/services/internal/auth/casbin_test.go b/service/internal/auth/casbin_test.go similarity index 100% rename from services/internal/auth/casbin_test.go rename to service/internal/auth/casbin_test.go diff --git a/services/internal/auth/config.go b/service/internal/auth/config.go similarity index 100% rename from services/internal/auth/config.go rename to service/internal/auth/config.go diff --git a/services/internal/auth/discovery.go b/service/internal/auth/discovery.go similarity index 100% rename from services/internal/auth/discovery.go rename to service/internal/auth/discovery.go diff --git a/services/internal/config/config.go b/service/internal/config/config.go similarity index 85% rename from services/internal/config/config.go rename to service/internal/config/config.go index d7922e081f..f3cb3ea118 100644 --- a/services/internal/config/config.go +++ b/service/internal/config/config.go @@ -8,11 +8,11 @@ import ( "strings" "github.com/creasty/defaults" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/logger" - "github.com/opentdf/platform/services/internal/opa" - "github.com/opentdf/platform/services/internal/server" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/logger" + "github.com/opentdf/platform/service/internal/opa" + "github.com/opentdf/platform/service/internal/server" + "github.com/opentdf/platform/service/pkg/serviceregistry" "github.com/spf13/viper" ) @@ -74,7 +74,7 @@ func LoadConfig(key string) (*Config, error) { // Manually handle unmarshaling of ExtraProps for each service for serviceKey, service := range config.Services { var extraProps map[string]interface{} - if err := viper.UnmarshalKey("services."+serviceKey, &extraProps); err != nil { + if err := viper.UnmarshalKey("service."+serviceKey, &extraProps); err != nil { return nil, errors.Join(err, ErrLoadingConfig) } service.ExtraProps = extraProps diff --git a/services/internal/credentials/credentials.go b/service/internal/credentials/credentials.go similarity index 100% rename from services/internal/credentials/credentials.go rename to service/internal/credentials/credentials.go diff --git a/services/internal/db/db.go b/service/internal/db/db.go similarity index 100% rename from services/internal/db/db.go rename to service/internal/db/db.go diff --git a/services/internal/db/db_migration.go b/service/internal/db/db_migration.go similarity index 98% rename from services/internal/db/db_migration.go rename to service/internal/db/db_migration.go index b9f8a141c5..4a0bcb170a 100644 --- a/services/internal/db/db_migration.go +++ b/service/internal/db/db_migration.go @@ -9,7 +9,7 @@ import ( "github.com/jackc/pgx/v5/pgconn" "github.com/jackc/pgx/v5/pgxpool" "github.com/jackc/pgx/v5/stdlib" - "github.com/opentdf/platform/services/migrations" + "github.com/opentdf/platform/service/migrations" "github.com/pressly/goose/v3" ) diff --git a/services/internal/db/db_test.go b/service/internal/db/db_test.go similarity index 100% rename from services/internal/db/db_test.go rename to service/internal/db/db_test.go diff --git a/services/internal/db/errors.go b/service/internal/db/errors.go similarity index 55% rename from services/internal/db/errors.go rename to service/internal/db/errors.go index e0f3f5eb85..eace624cfc 100644 --- a/services/internal/db/errors.go +++ b/service/internal/db/errors.go @@ -9,6 +9,8 @@ import ( "github.com/jackc/pgerrcode" "github.com/jackc/pgx/v5" "github.com/jackc/pgx/v5/pgconn" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" ) type DBError string @@ -24,7 +26,7 @@ const ( ErrRestrictViolation DBError = "ErrRestrictViolation: value cannot be deleted due to restriction" ErrNotFound DBError = "ErrNotFound: value not found" ErrEnumValueInvalid DBError = "ErrEnumValueInvalid: not a valid enum value" - ErrUuidInvalid DBError = "ErrUuidInvalid: value not a valid UUID" + ErrUUIDInvalid DBError = "ErrUUIDInvalid: value not a valid UUID" ErrFqnMissingValue DBError = "ErrFqnMissingValue: FQN must include a value" ErrMissingValue DBError = "ErrMissingValue: value must be included" ) @@ -46,7 +48,7 @@ func WrapIfKnownInvalidQueryErr(err error) error { return errors.Join(ErrNotFound, e) case pgerrcode.InvalidTextRepresentation: if strings.Contains(e.Message, "invalid input syntax for type uuid") { - return errors.Join(ErrUuidInvalid, e) + return errors.Join(ErrUUIDInvalid, e) } return errors.Join(ErrEnumValueInvalid, e) default: @@ -88,3 +90,53 @@ func IsQueryBuilderSetClauseError(err error) bool { func NewUniqueAlreadyExistsError(value string) error { return errors.Join(fmt.Errorf("value [%s] already exists and must be unique", value), ErrUniqueConstraintViolation) } + +const ( + ErrTextCreationFailed = "resource creation failed" + ErrTextDeletionFailed = "resource deletion failed" + ErrTextDeactivationFailed = "resource deactivation failed" + ErrTextGetRetrievalFailed = "resource retrieval failed" + ErrTextListRetrievalFailed = "resource list retrieval failed" + ErrTextUpdateFailed = "resource update failed" + ErrTextNotFound = "resource not found" + ErrTextConflict = "resource unique field violation" + ErrTextRelationInvalid = "resource relation invalid" + ErrTextEnumValueInvalid = "enum value invalid" + ErrTextUUIDInvalid = "value not a valid uuid" + ErrTextRestrictViolation = "intended action would violate a restriction" + ErrTextFqnMissingValue = "FQN must specify a valid value and be of format 'https:///attr//value/'" +) + +func StatusifyError(err error, fallbackErr string, log ...any) error { + l := append([]any{"error", err}, log...) + if errors.Is(err, ErrUniqueConstraintViolation) { + slog.Error(ErrTextConflict, l...) + return status.Error(codes.AlreadyExists, ErrTextConflict) + } + if errors.Is(err, ErrNotFound) { + slog.Error(ErrTextNotFound, l...) + return status.Error(codes.NotFound, ErrTextNotFound) + } + if errors.Is(err, ErrForeignKeyViolation) { + slog.Error(ErrTextRelationInvalid, l...) + return status.Error(codes.InvalidArgument, ErrTextRelationInvalid) + } + if errors.Is(err, ErrEnumValueInvalid) { + slog.Error(ErrTextEnumValueInvalid, l...) + return status.Error(codes.InvalidArgument, ErrTextEnumValueInvalid) + } + if errors.Is(err, ErrUUIDInvalid) { + slog.Error(ErrTextUUIDInvalid, l...) + return status.Error(codes.InvalidArgument, ErrTextUUIDInvalid) + } + if errors.Is(err, ErrRestrictViolation) { + slog.Error(ErrTextRestrictViolation, l...) + return status.Error(codes.InvalidArgument, ErrTextRestrictViolation) + } + if errors.Is(err, ErrFqnMissingValue) { + slog.Error(ErrTextFqnMissingValue, l...) + return status.Error(codes.InvalidArgument, ErrTextFqnMissingValue) + } + slog.Error(err.Error(), l...) + return status.Error(codes.Internal, fallbackErr) +} diff --git a/services/internal/db/errors_test.go b/service/internal/db/errors_test.go similarity index 100% rename from services/internal/db/errors_test.go rename to service/internal/db/errors_test.go diff --git a/services/internal/db/marshalHelpers.go b/service/internal/db/marshalHelpers.go similarity index 100% rename from services/internal/db/marshalHelpers.go rename to service/internal/db/marshalHelpers.go diff --git a/services/internal/entitlements/pdp.go b/service/internal/entitlements/pdp.go similarity index 100% rename from services/internal/entitlements/pdp.go rename to service/internal/entitlements/pdp.go diff --git a/services/internal/fixtures/db.go b/service/internal/fixtures/db.go similarity index 90% rename from services/internal/fixtures/db.go rename to service/internal/fixtures/db.go index c9d87176ac..5b22f00112 100644 --- a/services/internal/fixtures/db.go +++ b/service/internal/fixtures/db.go @@ -6,11 +6,11 @@ import ( "strconv" "strings" - "github.com/opentdf/platform/services/internal/config" + "github.com/opentdf/platform/service/internal/config" - "github.com/opentdf/platform/services/internal/db" - kasdb "github.com/opentdf/platform/services/kasregistry/db" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + kasdb "github.com/opentdf/platform/service/kasregistry/db" + policydb "github.com/opentdf/platform/service/policy/db" ) type DBInterface struct { diff --git a/services/internal/fixtures/fixtures.go b/service/internal/fixtures/fixtures.go similarity index 100% rename from services/internal/fixtures/fixtures.go rename to service/internal/fixtures/fixtures.go diff --git a/services/internal/fixtures/policy_fixtures.yaml b/service/internal/fixtures/policy_fixtures.yaml similarity index 100% rename from services/internal/fixtures/policy_fixtures.yaml rename to service/internal/fixtures/policy_fixtures.yaml diff --git a/services/internal/idpplugin/keycloak_builtins.go b/service/internal/idpplugin/keycloak_builtins.go similarity index 100% rename from services/internal/idpplugin/keycloak_builtins.go rename to service/internal/idpplugin/keycloak_builtins.go diff --git a/services/internal/idpplugin/keycloak_plugin.go b/service/internal/idpplugin/keycloak_plugin.go similarity index 89% rename from services/internal/idpplugin/keycloak_plugin.go rename to service/internal/idpplugin/keycloak_plugin.go index 11926d8edd..f2a71924cc 100644 --- a/services/internal/idpplugin/keycloak_plugin.go +++ b/service/internal/idpplugin/keycloak_plugin.go @@ -9,7 +9,7 @@ import ( "github.com/Nerzal/gocloak/v11" "github.com/opentdf/platform/protocol/go/authorization" - services "github.com/opentdf/platform/services/err" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/types/known/structpb" @@ -42,12 +42,12 @@ func EntityResolution(ctx context.Context, err = json.Unmarshal(jsonString, &kcConfig) if err != nil { return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrCreationFailed) + status.Error(codes.Internal, db.ErrTextCreationFailed) } connector, err := getKCClient(kcConfig, ctx) if err != nil { return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrCreationFailed) + status.Error(codes.Internal, db.ErrTextCreationFailed) } payload := req.GetEntities() @@ -69,7 +69,7 @@ func EntityResolution(ctx context.Context, if err != nil { slog.Error(err.Error()) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrGetRetrievalFailed) + status.Error(codes.Internal, db.ErrTextGetRetrievalFailed) } var jsonEntities []*structpb.Struct for _, client := range clients { @@ -77,13 +77,13 @@ func EntityResolution(ctx context.Context, if err != nil { slog.Error("Error serializing entity representation!", "error", err) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrCreationFailed) + status.Error(codes.Internal, db.ErrTextCreationFailed) } var mystruct, struct_err = structpb.NewStruct(json) if struct_err != nil { slog.Error("Error making struct!", "error", err) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrCreationFailed) + status.Error(codes.Internal, db.ErrTextCreationFailed) } jsonEntities = append(jsonEntities, mystruct) } @@ -107,7 +107,7 @@ func EntityResolution(ctx context.Context, if err != nil { slog.Error(err.Error()) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrGetRetrievalFailed) + status.Error(codes.Internal, db.ErrTextGetRetrievalFailed) } else if len(users) == 1 { user := users[0] slog.Debug("User found", "user", *user.ID, "entity", ident.String()) @@ -127,14 +127,14 @@ func EntityResolution(ctx context.Context, if groupErr != nil { slog.Error("Error getting group", "group", groupErr) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrGetRetrievalFailed) + status.Error(codes.Internal, db.ErrTextGetRetrievalFailed) } else if len(groups) == 1 { slog.Info("Group found for", "entity", ident.String()) group := groups[0] expandedRepresentations, exErr := expandGroup(*group.ID, connector, &kcConfig, ctx) if exErr != nil { return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrNotFound) + status.Error(codes.Internal, db.ErrTextNotFound) } else { keycloakEntities = expandedRepresentations } @@ -143,15 +143,15 @@ func EntityResolution(ctx context.Context, var entityNotFoundErr authorization.EntityNotFoundError switch ident.GetEntityType().(type) { case *authorization.Entity_EmailAddress: - entityNotFoundErr = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: services.ErrGetRetrievalFailed, Entity: ident.GetEmailAddress()} + entityNotFoundErr = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: db.ErrTextGetRetrievalFailed, Entity: ident.GetEmailAddress()} case *authorization.Entity_UserName: - entityNotFoundErr = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: services.ErrGetRetrievalFailed, Entity: ident.GetUserName()} + entityNotFoundErr = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: db.ErrTextGetRetrievalFailed, Entity: ident.GetUserName()} // case "": // return &authorization.IdpPluginResponse{}, - // status.Error(codes.InvalidArgument, services.ErrNotFound) + // status.Error(codes.InvalidArgument, db.ErrTextNotFound) default: slog.Error("Unsupported/unknown type for", "entity", ident.String()) - entityNotFoundErr = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: services.ErrGetRetrievalFailed, Entity: ident.String()} + entityNotFoundErr = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: db.ErrTextGetRetrievalFailed, Entity: ident.String()} } slog.Error(entityNotFoundErr.String()) return &authorization.IdpPluginResponse{}, errors.New(entityNotFoundErr.String()) @@ -165,13 +165,13 @@ func EntityResolution(ctx context.Context, if err != nil { slog.Error("Error serializing entity representation!", "error", err) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrCreationFailed) + status.Error(codes.Internal, db.ErrTextCreationFailed) } var mystruct, struct_err = structpb.NewStruct(json) if struct_err != nil { slog.Error("Error making struct!", "error", err) return &authorization.IdpPluginResponse{}, - status.Error(codes.Internal, services.ErrCreationFailed) + status.Error(codes.Internal, db.ErrTextCreationFailed) } jsonEntities = append(jsonEntities, mystruct) } diff --git a/services/internal/idpplugin/keycloak_plugin_test.go b/service/internal/idpplugin/keycloak_plugin_test.go similarity index 98% rename from services/internal/idpplugin/keycloak_plugin_test.go rename to service/internal/idpplugin/keycloak_plugin_test.go index fa95cc2b54..b99695f80d 100644 --- a/services/internal/idpplugin/keycloak_plugin_test.go +++ b/service/internal/idpplugin/keycloak_plugin_test.go @@ -12,8 +12,8 @@ import ( "testing" "github.com/opentdf/platform/protocol/go/authorization" - services "github.com/opentdf/platform/services/err" - "github.com/opentdf/platform/services/internal/idpplugin" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/idpplugin" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "google.golang.org/grpc/codes" @@ -302,7 +302,7 @@ func Test_KCEntityResolutionNotFoundError(t *testing.T) { assert.NotNil(t, reserr) assert.Equal(t, &authorization.IdpPluginResponse{}, resp) - var entityNotFound = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: services.ErrGetRetrievalFailed, Entity: "random@sample.org"} + var entityNotFound = authorization.EntityNotFoundError{Code: int32(codes.NotFound), Message: db.ErrTextGetRetrievalFailed, Entity: "random@sample.org"} var expectedError = errors.New(entityNotFound.String()) assert.Equal(t, expectedError, reserr) } diff --git a/services/internal/logger/logger.go b/service/internal/logger/logger.go similarity index 100% rename from services/internal/logger/logger.go rename to service/internal/logger/logger.go diff --git a/services/internal/opa/mock_bundle_server.go b/service/internal/opa/mock_bundle_server.go similarity index 95% rename from services/internal/opa/mock_bundle_server.go rename to service/internal/opa/mock_bundle_server.go index 8d75b46411..502c7b0ce4 100644 --- a/services/internal/opa/mock_bundle_server.go +++ b/service/internal/opa/mock_bundle_server.go @@ -4,7 +4,7 @@ import ( "fmt" sdktest "github.com/open-policy-agent/opa/sdk/test" - "github.com/opentdf/platform/services/policies" + "github.com/opentdf/platform/service/policies" ) // MockBundleServer is a mock HTTP server that serves a bundle. This should be used for local development only. diff --git a/services/internal/opa/opa.go b/service/internal/opa/opa.go similarity index 98% rename from services/internal/opa/opa.go rename to service/internal/opa/opa.go index e98bcd761b..da36174e9c 100644 --- a/services/internal/opa/opa.go +++ b/service/internal/opa/opa.go @@ -10,7 +10,7 @@ import ( "github.com/open-policy-agent/opa/hooks" opalog "github.com/open-policy-agent/opa/logging" "github.com/open-policy-agent/opa/sdk" - "github.com/opentdf/platform/services/internal/idpplugin" + "github.com/opentdf/platform/service/internal/idpplugin" ) type Engine struct { diff --git a/services/internal/opa/opa_test.go b/service/internal/opa/opa_test.go similarity index 100% rename from services/internal/opa/opa_test.go rename to service/internal/opa/opa_test.go diff --git a/services/internal/security/hsm.go b/service/internal/security/hsm.go similarity index 100% rename from services/internal/security/hsm.go rename to service/internal/security/hsm.go diff --git a/services/internal/security/hsm_test.go b/service/internal/security/hsm_test.go similarity index 100% rename from services/internal/security/hsm_test.go rename to service/internal/security/hsm_test.go diff --git a/services/internal/server/server.go b/service/internal/server/server.go similarity index 98% rename from services/internal/server/server.go rename to service/internal/server/server.go index 823e2c0580..35ea5ddbce 100644 --- a/services/internal/server/server.go +++ b/service/internal/server/server.go @@ -11,7 +11,7 @@ import ( "strings" "time" - "github.com/opentdf/platform/services/internal/security" + "github.com/opentdf/platform/service/internal/security" "golang.org/x/net/http2" "golang.org/x/net/http2/h2c" @@ -19,8 +19,8 @@ import ( "github.com/go-chi/cors" protovalidate_middleware "github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/protovalidate" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" - "github.com/opentdf/platform/services/internal/auth" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/auth" + "github.com/opentdf/platform/service/internal/db" "github.com/valyala/fasthttp/fasthttputil" "google.golang.org/grpc" "google.golang.org/grpc/credentials" diff --git a/services/kas/access/accessPdp.go b/service/kas/access/accessPdp.go similarity index 93% rename from services/kas/access/accessPdp.go rename to service/kas/access/accessPdp.go index b8102491ad..2104563e59 100644 --- a/services/kas/access/accessPdp.go +++ b/service/kas/access/accessPdp.go @@ -70,11 +70,11 @@ func checkAttributes(ctx context.Context, dataAttrs []Attribute, ent authorizati slog.ErrorContext(ctx, "Error received from GetDecisions", "err", err) return false, errors.Join(ErrDecisionUnexpected, err) } - if len(dr.DecisionResponses) != 1 { - slog.ErrorContext(ctx, ErrDecisionCountUnexpected.Error(), "count", len(dr.DecisionResponses)) + if len(dr.GetDecisionResponses()) != 1 { + slog.ErrorContext(ctx, ErrDecisionCountUnexpected.Error(), "count", len(dr.GetDecisionResponses())) return false, ErrDecisionCountUnexpected } - if dr.DecisionResponses[0].Decision == authorization.DecisionResponse_DECISION_PERMIT { + if dr.GetDecisionResponses()[0].GetDecision() == authorization.DecisionResponse_DECISION_PERMIT { return true, nil } return false, nil diff --git a/services/kas/access/accessPdp_test.go b/service/kas/access/accessPdp_test.go similarity index 99% rename from services/kas/access/accessPdp_test.go rename to service/kas/access/accessPdp_test.go index 15cd502f33..6ca4f2c411 100644 --- a/services/kas/access/accessPdp_test.go +++ b/service/kas/access/accessPdp_test.go @@ -2,10 +2,11 @@ package access import ( "context" + "testing" + "github.com/google/uuid" "github.com/opentdf/platform/protocol/go/authorization" "github.com/opentdf/platform/sdk" - "testing" ) var c = context.Background() diff --git a/services/kas/access/attribute.go b/service/kas/access/attribute.go similarity index 100% rename from services/kas/access/attribute.go rename to service/kas/access/attribute.go diff --git a/services/kas/access/claimsObject.go b/service/kas/access/claimsObject.go similarity index 100% rename from services/kas/access/claimsObject.go rename to service/kas/access/claimsObject.go diff --git a/services/kas/access/policy.go b/service/kas/access/policy.go similarity index 100% rename from services/kas/access/policy.go rename to service/kas/access/policy.go diff --git a/services/kas/access/policy_test.go b/service/kas/access/policy_test.go similarity index 100% rename from services/kas/access/policy_test.go rename to service/kas/access/policy_test.go diff --git a/services/kas/access/provider.go b/service/kas/access/provider.go similarity index 88% rename from services/kas/access/provider.go rename to service/kas/access/provider.go index 4238be9f6f..3f85263ee0 100644 --- a/services/kas/access/provider.go +++ b/service/kas/access/provider.go @@ -1,13 +1,12 @@ package access import ( - otdf "github.com/opentdf/platform/sdk" "net/url" - "github.com/opentdf/platform/services/internal/security" - "github.com/coreos/go-oidc/v3/oidc" kaspb "github.com/opentdf/platform/protocol/go/kas" + otdf "github.com/opentdf/platform/sdk" + "github.com/opentdf/platform/service/internal/security" ) const ( diff --git a/services/kas/access/publicKey.go b/service/kas/access/publicKey.go similarity index 97% rename from services/kas/access/publicKey.go rename to service/kas/access/publicKey.go index 736a6ba7e9..5bb19efdee 100644 --- a/services/kas/access/publicKey.go +++ b/service/kas/access/publicKey.go @@ -24,7 +24,7 @@ const ( ) func (p *Provider) LegacyPublicKey(ctx context.Context, in *kaspb.LegacyPublicKeyRequest) (*wrapperspb.StringValue, error) { - algorithm := in.Algorithm + algorithm := in.GetAlgorithm() var pem string var err error if algorithm == algorithmEc256 { @@ -48,7 +48,7 @@ func (p *Provider) LegacyPublicKey(ctx context.Context, in *kaspb.LegacyPublicKe } func (p *Provider) PublicKey(ctx context.Context, in *kaspb.PublicKeyRequest) (*kaspb.PublicKeyResponse, error) { - algorithm := in.Algorithm + algorithm := in.GetAlgorithm() if algorithm == algorithmEc256 { if p.Session.EC == nil { return nil, err404("not found") @@ -65,7 +65,7 @@ func (p *Provider) PublicKey(ctx context.Context, in *kaspb.PublicKeyRequest) (* if p.Session.RSA == nil { return nil, err404("not found") } - if in.Fmt == "jwk" { + if in.GetFmt() == "jwk" { rsaPublicKeyJwk, err := jwk.FromRaw(p.Session.RSA.PublicKey) if err != nil { slog.ErrorContext(ctx, "failed to parse JWK", "err", err) @@ -81,7 +81,7 @@ func (p *Provider) PublicKey(ctx context.Context, in *kaspb.PublicKeyRequest) (* return &kaspb.PublicKeyResponse{PublicKey: string(jsonPublicKey)}, nil } - if in.Fmt == "pkcs8" { + if in.GetFmt() == "pkcs8" { certificatePem, err := exportCertificateAsPemStr(p.Session.RSA.Certificate) if err != nil { slog.ErrorContext(ctx, "RSA public key from PKCS11", "err", err) diff --git a/services/kas/access/publicKey_test.go b/service/kas/access/publicKey_test.go similarity index 94% rename from services/kas/access/publicKey_test.go rename to service/kas/access/publicKey_test.go index 2a00b5ed62..84c4caadf2 100644 --- a/services/kas/access/publicKey_test.go +++ b/service/kas/access/publicKey_test.go @@ -16,7 +16,7 @@ import ( "strings" "testing" - "github.com/opentdf/platform/services/internal/security" + "github.com/opentdf/platform/service/internal/security" kaspb "github.com/opentdf/platform/protocol/go/kas" "github.com/stretchr/testify/assert" @@ -169,7 +169,7 @@ func TestCertificateHandlerWithEc256(t *testing.T) { if err != nil { t.Errorf("got %s, but should be nil", err) } - if result == nil || !strings.Contains(result.Value, "BEGIN CERTIFICATE") { + if result == nil || !strings.Contains(result.GetValue(), "BEGIN CERTIFICATE") { t.Errorf("got %s, but should be cert", result) } } @@ -195,7 +195,7 @@ func TestPublicKeyHandlerWithEc256(t *testing.T) { if err != nil { t.Errorf("got %s, but should be nil", err) } - if result == nil || !strings.Contains(result.PublicKey, "BEGIN PUBLIC KEY") { + if result == nil || !strings.Contains(result.GetPublicKey(), "BEGIN PUBLIC KEY") { t.Errorf("got %s, but should be public key", result) } } @@ -230,7 +230,7 @@ func TestPublicKeyHandlerV2(t *testing.T) { if err != nil { t.Errorf("got %s, but should be nil", err) } - if !strings.Contains(result.PublicKey, "BEGIN PUBLIC KEY") { + if !strings.Contains(result.GetPublicKey(), "BEGIN PUBLIC KEY") { t.Errorf("got %s, but should be pubkey", result) } } @@ -288,7 +288,7 @@ func TestPublicKeyHandlerV2WithEc256(t *testing.T) { if err != nil { t.Errorf("got %s, but should be nil", err) } - if !strings.Contains(result.PublicKey, "BEGIN PUBLIC KEY") { + if !strings.Contains(result.GetPublicKey(), "BEGIN PUBLIC KEY") { t.Errorf("got %s, but should be pubkey", result) } } @@ -326,7 +326,7 @@ func TestPublicKeyHandlerV2WithJwk(t *testing.T) { if err != nil { t.Errorf("got %s, but should be nil", err) } - if !strings.Contains(result.PublicKey, "\"kty\"") { - t.Errorf("got %s, but should be JSON Web Key", result.PublicKey) + if !strings.Contains(result.GetPublicKey(), "\"kty\"") { + t.Errorf("got %s, but should be JSON Web Key", result.GetPublicKey()) } } diff --git a/services/kas/access/rewrap.go b/service/kas/access/rewrap.go similarity index 96% rename from services/kas/access/rewrap.go rename to service/kas/access/rewrap.go index 6b6b2d5b7f..ff363f8485 100644 --- a/services/kas/access/rewrap.go +++ b/service/kas/access/rewrap.go @@ -19,17 +19,16 @@ import ( "encoding/pem" "errors" "fmt" - "github.com/opentdf/platform/protocol/go/authorization" "io" "log/slog" "strings" - "github.com/opentdf/platform/services/internal/auth" - "github.com/opentdf/platform/services/internal/security" - + "github.com/opentdf/platform/protocol/go/authorization" kaspb "github.com/opentdf/platform/protocol/go/kas" - "github.com/opentdf/platform/services/kas/nanotdf" - "github.com/opentdf/platform/services/kas/tdf3" + "github.com/opentdf/platform/service/internal/auth" + "github.com/opentdf/platform/service/internal/security" + "github.com/opentdf/platform/service/kas/nanotdf" + "github.com/opentdf/platform/service/kas/tdf3" "google.golang.org/grpc/codes" "google.golang.org/grpc/metadata" "google.golang.org/grpc/status" @@ -132,9 +131,9 @@ type verifiedRequest struct { } func (p *Provider) verifyBearerAndParseRequestBody(ctx context.Context, in *kaspb.RewrapRequest) (*verifiedRequest, error) { - idToken, err := p.OIDCVerifier.Verify(ctx, in.Bearer) + idToken, err := p.OIDCVerifier.Verify(ctx, in.GetBearer()) if err != nil { - slog.WarnContext(ctx, "unable verify bearer token", "err", err, "bearer", in.Bearer, "oidc", p.OIDCVerifier) + slog.WarnContext(ctx, "unable verify bearer token", "err", err, "bearer", in.GetBearer(), "oidc", p.OIDCVerifier) return nil, err403("403") } @@ -146,7 +145,7 @@ func (p *Provider) verifyBearerAndParseRequestBody(ctx context.Context, in *kasp } slog.DebugContext(ctx, "verified", "claims", cl) - requestToken, err := jwt.ParseSigned(in.SignedRequestToken) + requestToken, err := jwt.ParseSigned(in.GetSignedRequestToken()) if err != nil { slog.WarnContext(ctx, "unable parse request", "err", err) return nil, err400("bad request") @@ -197,9 +196,9 @@ func (p *Provider) verifyBearerAndParseRequestBody(ctx context.Context, in *kasp } switch clientPublicKey.(type) { case *rsa.PublicKey: - return &verifiedRequest{clientPublicKey, &requestBody, &cl, in.Bearer}, nil + return &verifiedRequest{clientPublicKey, &requestBody, &cl, in.GetBearer()}, nil case *ecdsa.PublicKey: - return &verifiedRequest{clientPublicKey, &requestBody, &cl, in.Bearer}, nil + return &verifiedRequest{clientPublicKey, &requestBody, &cl, in.GetBearer()}, nil } slog.WarnContext(ctx, fmt.Sprintf("clientPublicKey not a supported key, was [%T]", clientPublicKey)) return nil, err400("clientPublicKey unsupported type") @@ -242,7 +241,7 @@ func (p *Provider) verifyAndParsePolicy(ctx context.Context, requestBody *Reques func (p *Provider) Rewrap(ctx context.Context, in *kaspb.RewrapRequest) (*kaspb.RewrapResponse, error) { slog.DebugContext(ctx, "REWRAP") - bearer, err := legacyBearerToken(ctx, in.Bearer) + bearer, err := legacyBearerToken(ctx, in.GetBearer()) if err != nil { return nil, err } diff --git a/services/kas/access/rewrap_test.go b/service/kas/access/rewrap_test.go similarity index 99% rename from services/kas/access/rewrap_test.go rename to service/kas/access/rewrap_test.go index 27b31834d6..19259b6e4c 100644 --- a/services/kas/access/rewrap_test.go +++ b/service/kas/access/rewrap_test.go @@ -14,13 +14,13 @@ import ( "testing" "github.com/lestrrat-go/jwx/v2/jwk" - "github.com/opentdf/platform/services/internal/auth" - "github.com/opentdf/platform/services/internal/security" + "github.com/opentdf/platform/service/internal/auth" + "github.com/opentdf/platform/service/internal/security" "github.com/coreos/go-oidc/v3/oidc" "github.com/google/uuid" kaspb "github.com/opentdf/platform/protocol/go/kas" - "github.com/opentdf/platform/services/kas/tdf3" + "github.com/opentdf/platform/service/kas/tdf3" "google.golang.org/grpc/codes" "google.golang.org/grpc/metadata" "google.golang.org/grpc/status" diff --git a/services/kas/access/testdata/README.md b/service/kas/access/testdata/README.md similarity index 100% rename from services/kas/access/testdata/README.md rename to service/kas/access/testdata/README.md diff --git a/services/kas/access/testdata/access-provider-000-certificate.pem b/service/kas/access/testdata/access-provider-000-certificate.pem similarity index 100% rename from services/kas/access/testdata/access-provider-000-certificate.pem rename to service/kas/access/testdata/access-provider-000-certificate.pem diff --git a/services/kas/access/testdata/access-provider-000-private.pem b/service/kas/access/testdata/access-provider-000-private.pem similarity index 100% rename from services/kas/access/testdata/access-provider-000-private.pem rename to service/kas/access/testdata/access-provider-000-private.pem diff --git a/services/kas/access/testdata/access-provider-000.json b/service/kas/access/testdata/access-provider-000.json similarity index 100% rename from services/kas/access/testdata/access-provider-000.json rename to service/kas/access/testdata/access-provider-000.json diff --git a/services/kas/access/testdata/access-provider-001-certificate.pem b/service/kas/access/testdata/access-provider-001-certificate.pem similarity index 100% rename from services/kas/access/testdata/access-provider-001-certificate.pem rename to service/kas/access/testdata/access-provider-001-certificate.pem diff --git a/services/kas/access/testdata/access-provider-001-private.pem b/service/kas/access/testdata/access-provider-001-private.pem similarity index 100% rename from services/kas/access/testdata/access-provider-001-private.pem rename to service/kas/access/testdata/access-provider-001-private.pem diff --git a/services/kas/access/testdata/access-provider-010-certificate.pem b/service/kas/access/testdata/access-provider-010-certificate.pem similarity index 100% rename from services/kas/access/testdata/access-provider-010-certificate.pem rename to service/kas/access/testdata/access-provider-010-certificate.pem diff --git a/services/kas/access/testdata/access-provider-010-private.pem b/service/kas/access/testdata/access-provider-010-private.pem similarity index 100% rename from services/kas/access/testdata/access-provider-010-private.pem rename to service/kas/access/testdata/access-provider-010-private.pem diff --git a/services/kas/access/testdata/access-provider-100-certificate.pem b/service/kas/access/testdata/access-provider-100-certificate.pem similarity index 100% rename from services/kas/access/testdata/access-provider-100-certificate.pem rename to service/kas/access/testdata/access-provider-100-certificate.pem diff --git a/services/kas/access/testdata/access-provider-100-private.pem b/service/kas/access/testdata/access-provider-100-private.pem similarity index 100% rename from services/kas/access/testdata/access-provider-100-private.pem rename to service/kas/access/testdata/access-provider-100-private.pem diff --git a/services/kas/access/testdata/attribute-000.json b/service/kas/access/testdata/attribute-000.json similarity index 100% rename from services/kas/access/testdata/attribute-000.json rename to service/kas/access/testdata/attribute-000.json diff --git a/services/kas/access/testdata/cert.der b/service/kas/access/testdata/cert.der similarity index 100% rename from services/kas/access/testdata/cert.der rename to service/kas/access/testdata/cert.der diff --git a/services/kas/access/testdata/entity-000-certificate.pem b/service/kas/access/testdata/entity-000-certificate.pem similarity index 100% rename from services/kas/access/testdata/entity-000-certificate.pem rename to service/kas/access/testdata/entity-000-certificate.pem diff --git a/services/kas/access/testdata/entity-000-private.pem b/service/kas/access/testdata/entity-000-private.pem similarity index 100% rename from services/kas/access/testdata/entity-000-private.pem rename to service/kas/access/testdata/entity-000-private.pem diff --git a/services/kas/access/testdata/entity-000.json b/service/kas/access/testdata/entity-000.json similarity index 100% rename from services/kas/access/testdata/entity-000.json rename to service/kas/access/testdata/entity-000.json diff --git a/services/kas/access/testdata/entity-provider-000-certificate.pem b/service/kas/access/testdata/entity-provider-000-certificate.pem similarity index 100% rename from services/kas/access/testdata/entity-provider-000-certificate.pem rename to service/kas/access/testdata/entity-provider-000-certificate.pem diff --git a/services/kas/access/testdata/entity-provider-000-private.pem b/service/kas/access/testdata/entity-provider-000-private.pem similarity index 100% rename from services/kas/access/testdata/entity-provider-000-private.pem rename to service/kas/access/testdata/entity-provider-000-private.pem diff --git a/services/kas/access/testdata/kas-log.txt b/service/kas/access/testdata/kas-log.txt similarity index 99% rename from services/kas/access/testdata/kas-log.txt rename to service/kas/access/testdata/kas-log.txt index 9cf10ca657..bac904341c 100644 --- a/services/kas/access/testdata/kas-log.txt +++ b/service/kas/access/testdata/kas-log.txt @@ -253,7 +253,7 @@ December 26th 2019, 15:37:15.437 response = service(request) December 26th 2019, 15:37:15.437 File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/kas.py", line 60, in session_upsert December 26th 2019, 15:37:15.437 return upsert(data, options, plugin_runner, key_master) - December 26th 2019, 15:37:15.437 File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/services/upsert.py", line 59, in upsert + December 26th 2019, 15:37:15.437 File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/service/upsert.py", line 59, in upsert December 26th 2019, 15:37:15.437 File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/models/plugin_runner/upsert_plugin_runner.py", line 56, in upsert December 26th 2019, 15:37:15.437 tdf3_kas_core.errors.PluginFailedError December 26th 2019, 15:37:15.437 @@ -291,7 +291,7 @@ December 26th 2019, 15:37:15.446 #033[36mkas_1 |#033[0m Traceback (most recent call last): December 26th 2019, 15:37:15.446 #033[36mkas_1 |#033[0m File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/kas.py", line 60, in session_upsert December 26th 2019, 15:37:15.447 #033[36mkas_1 |#033[0m 1CN-0106 | 2019-12-26 15:37:15,437 | 20 | run_service_with_exceptions.py:38 | +=+=+=+=+=+ Request 1CN-0106 Fail - December 26th 2019, 15:37:15.447 #033[36mkas_1 |#033[0m File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/services/upsert.py", line 59, in upsert + December 26th 2019, 15:37:15.447 #033[36mkas_1 |#033[0m File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/service/upsert.py", line 59, in upsert December 26th 2019, 15:37:15.447 #033[36mkas_1 |#033[0m File "/usr/local/lib/python3.8/site-packages/tdf3_kas_core/models/plugin_runner/upsert_plugin_runner.py", line 56, in upsert December 26th 2019, 15:37:15.447 #033[36mkas_1 |#033[0m tdf3_kas_core.errors.PluginFailedError December 26th 2019, 15:37:15.447 #033[36mkas_1 |#033[0m diff --git a/services/kas/access/testdata/kas-policy-create.json b/service/kas/access/testdata/kas-policy-create.json similarity index 100% rename from services/kas/access/testdata/kas-policy-create.json rename to service/kas/access/testdata/kas-policy-create.json diff --git a/services/kas/access/testdata/kas.json b/service/kas/access/testdata/kas.json similarity index 100% rename from services/kas/access/testdata/kas.json rename to service/kas/access/testdata/kas.json diff --git a/services/kas/access/testdata/keyaccess-000.json b/service/kas/access/testdata/keyaccess-000.json similarity index 100% rename from services/kas/access/testdata/keyaccess-000.json rename to service/kas/access/testdata/keyaccess-000.json diff --git a/services/kas/access/testdata/manifest-000.json b/service/kas/access/testdata/manifest-000.json similarity index 100% rename from services/kas/access/testdata/manifest-000.json rename to service/kas/access/testdata/manifest-000.json diff --git a/services/kas/access/testdata/policy-000.json b/service/kas/access/testdata/policy-000.json similarity index 100% rename from services/kas/access/testdata/policy-000.json rename to service/kas/access/testdata/policy-000.json diff --git a/services/kas/access/version.gof b/service/kas/access/version.gof similarity index 100% rename from services/kas/access/version.gof rename to service/kas/access/version.gof diff --git a/services/kas/kas.go b/service/kas/kas.go similarity index 95% rename from services/kas/kas.go rename to service/kas/kas.go index 7850919e69..cef2dc5bc6 100644 --- a/services/kas/kas.go +++ b/service/kas/kas.go @@ -10,8 +10,8 @@ import ( "github.com/coreos/go-oidc/v3/oidc" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" kaspb "github.com/opentdf/platform/protocol/go/kas" - "github.com/opentdf/platform/services/kas/access" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/kas/access" + "github.com/opentdf/platform/service/pkg/serviceregistry" "golang.org/x/oauth2" ) diff --git a/services/kas/kas.proto b/service/kas/kas.proto similarity index 100% rename from services/kas/kas.proto rename to service/kas/kas.proto diff --git a/services/kas/nanotdf/nanotdf.go b/service/kas/nanotdf/nanotdf.go similarity index 99% rename from services/kas/nanotdf/nanotdf.go rename to service/kas/nanotdf/nanotdf.go index fc020ec4fe..5ac0ff44d2 100644 --- a/services/kas/nanotdf/nanotdf.go +++ b/service/kas/nanotdf/nanotdf.go @@ -173,7 +173,6 @@ func readEphemeralPublicKey(reader io.Reader, curve eccMode) (*eccKey, error) { } func ReadNanoTDFHeader(reader io.Reader) (*nanoTdf, error) { - var nanoTDF nanoTdf if err := binary.Read(reader, binary.BigEndian, &nanoTDF.magicNumber); err != nil { diff --git a/services/kas/nanotdf/nanotdf_test.go b/service/kas/nanotdf/nanotdf_test.go similarity index 100% rename from services/kas/nanotdf/nanotdf_test.go rename to service/kas/nanotdf/nanotdf_test.go diff --git a/services/kas/nanotdf/nanotdfspec.ntdf b/service/kas/nanotdf/nanotdfspec.ntdf similarity index 100% rename from services/kas/nanotdf/nanotdfspec.ntdf rename to service/kas/nanotdf/nanotdfspec.ntdf diff --git a/services/kas/tdf3/encrypter.go b/service/kas/tdf3/encrypter.go similarity index 100% rename from services/kas/tdf3/encrypter.go rename to service/kas/tdf3/encrypter.go diff --git a/services/kas/tdf3/encrypter_test.go b/service/kas/tdf3/encrypter_test.go similarity index 100% rename from services/kas/tdf3/encrypter_test.go rename to service/kas/tdf3/encrypter_test.go diff --git a/services/kas/tdf3/keyaccess.go b/service/kas/tdf3/keyaccess.go similarity index 100% rename from services/kas/tdf3/keyaccess.go rename to service/kas/tdf3/keyaccess.go diff --git a/services/kasregistry/db/key_access_server_registry.go b/service/kasregistry/db/key_access_server_registry.go similarity index 94% rename from services/kasregistry/db/key_access_server_registry.go rename to service/kasregistry/db/key_access_server_registry.go index d636d49db2..510347c1e2 100644 --- a/services/kasregistry/db/key_access_server_registry.go +++ b/service/kasregistry/db/key_access_server_registry.go @@ -7,7 +7,7 @@ import ( "github.com/jackc/pgx/v5" "github.com/opentdf/platform/protocol/go/common" kasr "github.com/opentdf/platform/protocol/go/kasregistry" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/protobuf/encoding/protojson" ) @@ -156,17 +156,17 @@ func createKeyAccessServerSQL(uri string, publicKey, metadata []byte) (string, [ } func (c KasRegistryDBClient) CreateKeyAccessServer(ctx context.Context, r *kasr.CreateKeyAccessServerRequest) (*kasr.KeyAccessServer, error) { - metadataBytes, _, err := db.MarshalCreateMetadata(r.Metadata) + metadataBytes, _, err := db.MarshalCreateMetadata(r.GetMetadata()) if err != nil { return nil, err } - pkBytes, err := protojson.Marshal(r.PublicKey) + pkBytes, err := protojson.Marshal(r.GetPublicKey()) if err != nil { return nil, err } - sql, args, err := createKeyAccessServerSQL(r.Uri, pkBytes, metadataBytes) + sql, args, err := createKeyAccessServerSQL(r.GetUri(), pkBytes, metadataBytes) if err != nil { return nil, err } @@ -213,15 +213,15 @@ func (c KasRegistryDBClient) UpdateKeyAccessServer(ctx context.Context, id strin if err != nil { return nil, err } - return k.Metadata, nil + return k.GetMetadata(), nil }) if err != nil { return nil, err } var publicKeyJSON []byte - if r.PublicKey != nil { - publicKeyJSON, err = protojson.Marshal(r.PublicKey) + if r.GetPublicKey() != nil { + publicKeyJSON, err = protojson.Marshal(r.GetPublicKey()) if err != nil { return nil, err } diff --git a/services/kasregistry/key_access_server_registry.go b/service/kasregistry/key_access_server_registry.go similarity index 76% rename from services/kasregistry/key_access_server_registry.go rename to service/kasregistry/key_access_server_registry.go index f3137ea5f6..c2326dc4b2 100644 --- a/services/kasregistry/key_access_server_registry.go +++ b/service/kasregistry/key_access_server_registry.go @@ -6,9 +6,9 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" kasr "github.com/opentdf/platform/protocol/go/kasregistry" - services "github.com/opentdf/platform/services/err" - kasDB "github.com/opentdf/platform/services/kasregistry/db" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/internal/db" + kasDB "github.com/opentdf/platform/service/kasregistry/db" + "github.com/opentdf/platform/service/pkg/serviceregistry" ) type KeyAccessServerRegistry struct { @@ -35,7 +35,7 @@ func (s KeyAccessServerRegistry) CreateKeyAccessServer(ctx context.Context, ks, err := s.dbClient.CreateKeyAccessServer(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("keyAccessServer", req.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("keyAccessServer", req.String())) } return &kasr.CreateKeyAccessServerResponse{ @@ -48,7 +48,7 @@ func (s KeyAccessServerRegistry) ListKeyAccessServers(ctx context.Context, ) (*kasr.ListKeyAccessServersResponse, error) { keyAccessServers, err := s.dbClient.ListKeyAccessServers(ctx) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed) } return &kasr.ListKeyAccessServersResponse{ @@ -59,9 +59,9 @@ func (s KeyAccessServerRegistry) ListKeyAccessServers(ctx context.Context, func (s KeyAccessServerRegistry) GetKeyAccessServer(ctx context.Context, req *kasr.GetKeyAccessServerRequest, ) (*kasr.GetKeyAccessServerResponse, error) { - keyAccessServer, err := s.dbClient.GetKeyAccessServer(ctx, req.Id) + keyAccessServer, err := s.dbClient.GetKeyAccessServer(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("id", req.GetId())) } return &kasr.GetKeyAccessServerResponse{ @@ -72,9 +72,9 @@ func (s KeyAccessServerRegistry) GetKeyAccessServer(ctx context.Context, func (s KeyAccessServerRegistry) UpdateKeyAccessServer(ctx context.Context, req *kasr.UpdateKeyAccessServerRequest, ) (*kasr.UpdateKeyAccessServerResponse, error) { - k, err := s.dbClient.UpdateKeyAccessServer(ctx, req.Id, req) + k, err := s.dbClient.UpdateKeyAccessServer(ctx, req.GetId(), req) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id), slog.String("keyAccessServer", req.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId()), slog.String("keyAccessServer", req.String())) } return &kasr.UpdateKeyAccessServerResponse{ KeyAccessServer: k, @@ -84,9 +84,9 @@ func (s KeyAccessServerRegistry) UpdateKeyAccessServer(ctx context.Context, func (s KeyAccessServerRegistry) DeleteKeyAccessServer(ctx context.Context, req *kasr.DeleteKeyAccessServerRequest, ) (*kasr.DeleteKeyAccessServerResponse, error) { - keyAccessServer, err := s.dbClient.DeleteKeyAccessServer(ctx, req.Id) + keyAccessServer, err := s.dbClient.DeleteKeyAccessServer(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrDeletionFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextDeletionFailed, slog.String("id", req.GetId())) } return &kasr.DeleteKeyAccessServerResponse{ KeyAccessServer: keyAccessServer, diff --git a/services/kasregistry/key_access_server_registry.proto b/service/kasregistry/key_access_server_registry.proto similarity index 100% rename from services/kasregistry/key_access_server_registry.proto rename to service/kasregistry/key_access_server_registry.proto diff --git a/service/main.go b/service/main.go new file mode 100644 index 0000000000..fadf053a4d --- /dev/null +++ b/service/main.go @@ -0,0 +1,7 @@ +package main + +import "github.com/opentdf/platform/service/cmd" + +func main() { + cmd.Execute() +} diff --git a/services/migrations/20230101000000_create_schema.sql b/service/migrations/20230101000000_create_schema.sql similarity index 100% rename from services/migrations/20230101000000_create_schema.sql rename to service/migrations/20230101000000_create_schema.sql diff --git a/services/migrations/20231208092252_create_opentdf.sql b/service/migrations/20231208092252_create_opentdf.sql similarity index 100% rename from services/migrations/20231208092252_create_opentdf.sql rename to service/migrations/20231208092252_create_opentdf.sql diff --git a/services/migrations/202400402000000_preserve_value_order.md b/service/migrations/202400402000000_preserve_value_order.md similarity index 100% rename from services/migrations/202400402000000_preserve_value_order.md rename to service/migrations/202400402000000_preserve_value_order.md diff --git a/services/migrations/20240131000000_create_new_tables.sql b/service/migrations/20240131000000_create_new_tables.sql similarity index 100% rename from services/migrations/20240131000000_create_new_tables.sql rename to service/migrations/20240131000000_create_new_tables.sql diff --git a/services/migrations/20240131000000_schema_erd.md b/service/migrations/20240131000000_schema_erd.md similarity index 100% rename from services/migrations/20240131000000_schema_erd.md rename to service/migrations/20240131000000_schema_erd.md diff --git a/services/migrations/20240212000000_add_active_state_enums.sql b/service/migrations/20240212000000_add_active_state_enums.sql similarity index 100% rename from services/migrations/20240212000000_add_active_state_enums.sql rename to service/migrations/20240212000000_add_active_state_enums.sql diff --git a/services/migrations/20240212000000_schema_erd.md b/service/migrations/20240212000000_schema_erd.md similarity index 100% rename from services/migrations/20240212000000_schema_erd.md rename to service/migrations/20240212000000_schema_erd.md diff --git a/services/migrations/20240213000000_create_attribute_fqn.md b/service/migrations/20240213000000_create_attribute_fqn.md similarity index 100% rename from services/migrations/20240213000000_create_attribute_fqn.md rename to service/migrations/20240213000000_create_attribute_fqn.md diff --git a/services/migrations/20240213000000_create_attribute_fqn.sql b/service/migrations/20240213000000_create_attribute_fqn.sql similarity index 100% rename from services/migrations/20240213000000_create_attribute_fqn.sql rename to service/migrations/20240213000000_create_attribute_fqn.sql diff --git a/services/migrations/20240304000000_add_namespace_metadata_field.sql b/service/migrations/20240304000000_add_namespace_metadata_field.sql similarity index 100% rename from services/migrations/20240304000000_add_namespace_metadata_field.sql rename to service/migrations/20240304000000_add_namespace_metadata_field.sql diff --git a/services/migrations/20240304000010_add_created_updated_fields.sql b/service/migrations/20240304000010_add_created_updated_fields.sql similarity index 100% rename from services/migrations/20240304000010_add_created_updated_fields.sql rename to service/migrations/20240304000010_add_created_updated_fields.sql diff --git a/services/migrations/20240305000000_add_subject_condition_sets.md b/service/migrations/20240305000000_add_subject_condition_sets.md similarity index 100% rename from services/migrations/20240305000000_add_subject_condition_sets.md rename to service/migrations/20240305000000_add_subject_condition_sets.md diff --git a/services/migrations/20240305000000_add_subject_condition_sets.sql b/service/migrations/20240305000000_add_subject_condition_sets.sql similarity index 100% rename from services/migrations/20240305000000_add_subject_condition_sets.sql rename to service/migrations/20240305000000_add_subject_condition_sets.sql diff --git a/services/migrations/20240313000000_create_val_members.md b/service/migrations/20240313000000_create_val_members.md similarity index 100% rename from services/migrations/20240313000000_create_val_members.md rename to service/migrations/20240313000000_create_val_members.md diff --git a/services/migrations/20240313000000_create_val_members.sql b/service/migrations/20240313000000_create_val_members.sql similarity index 100% rename from services/migrations/20240313000000_create_val_members.sql rename to service/migrations/20240313000000_create_val_members.sql diff --git a/services/migrations/20240402000000_preserve_value_order.sql b/service/migrations/20240402000000_preserve_value_order.sql similarity index 100% rename from services/migrations/20240402000000_preserve_value_order.sql rename to service/migrations/20240402000000_preserve_value_order.sql diff --git a/services/migrations/embed.go b/service/migrations/embed.go similarity index 100% rename from services/migrations/embed.go rename to service/migrations/embed.go diff --git a/services/pkg/server/services.go b/service/pkg/server/services.go similarity index 50% rename from services/pkg/server/services.go rename to service/pkg/server/services.go index bc95effbf1..6cceffece3 100644 --- a/services/pkg/server/services.go +++ b/service/pkg/server/services.go @@ -1,16 +1,16 @@ package server import ( - "github.com/opentdf/platform/services/authorization" - "github.com/opentdf/platform/services/health" - "github.com/opentdf/platform/services/kas" - "github.com/opentdf/platform/services/kasregistry" - "github.com/opentdf/platform/services/pkg/serviceregistry" - "github.com/opentdf/platform/services/policy/attributes" - "github.com/opentdf/platform/services/policy/namespaces" - "github.com/opentdf/platform/services/policy/resourcemapping" - "github.com/opentdf/platform/services/policy/subjectmapping" - wellknown "github.com/opentdf/platform/services/wellknownconfiguration" + "github.com/opentdf/platform/service/authorization" + "github.com/opentdf/platform/service/health" + "github.com/opentdf/platform/service/kas" + "github.com/opentdf/platform/service/kasregistry" + "github.com/opentdf/platform/service/pkg/serviceregistry" + "github.com/opentdf/platform/service/policy/attributes" + "github.com/opentdf/platform/service/policy/namespaces" + "github.com/opentdf/platform/service/policy/resourcemapping" + "github.com/opentdf/platform/service/policy/subjectmapping" + wellknown "github.com/opentdf/platform/service/wellknownconfiguration" ) func registerServices() error { diff --git a/services/pkg/server/start.go b/service/pkg/server/start.go similarity index 92% rename from services/pkg/server/start.go rename to service/pkg/server/start.go index 1fd52c127f..971cbc0eb7 100644 --- a/services/pkg/server/start.go +++ b/service/pkg/server/start.go @@ -9,13 +9,13 @@ import ( "syscall" "github.com/opentdf/platform/sdk" - "github.com/opentdf/platform/services/internal/config" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/logger" - "github.com/opentdf/platform/services/internal/opa" - "github.com/opentdf/platform/services/internal/server" - "github.com/opentdf/platform/services/pkg/serviceregistry" - wellknown "github.com/opentdf/platform/services/wellknownconfiguration" + "github.com/opentdf/platform/service/internal/config" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/logger" + "github.com/opentdf/platform/service/internal/opa" + "github.com/opentdf/platform/service/internal/server" + "github.com/opentdf/platform/service/pkg/serviceregistry" + wellknown "github.com/opentdf/platform/service/wellknownconfiguration" ) type StartOptions func(StartConfig) StartConfig diff --git a/services/pkg/server/start_test.go b/service/pkg/server/start_test.go similarity index 90% rename from services/pkg/server/start_test.go rename to service/pkg/server/start_test.go index 1eb6e10f2d..d84c40dbf7 100644 --- a/services/pkg/server/start_test.go +++ b/service/pkg/server/start_test.go @@ -9,11 +9,11 @@ import ( "time" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" - "github.com/opentdf/platform/services/internal/auth" - "github.com/opentdf/platform/services/internal/config" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/server" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/internal/auth" + "github.com/opentdf/platform/service/internal/config" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/server" + "github.com/opentdf/platform/service/pkg/serviceregistry" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "golang.org/x/exp/slog" diff --git a/services/pkg/serviceregistry/serviceregistry.go b/service/pkg/serviceregistry/serviceregistry.go similarity index 91% rename from services/pkg/serviceregistry/serviceregistry.go rename to service/pkg/serviceregistry/serviceregistry.go index e9444a4d9a..25ce13b1d0 100644 --- a/services/pkg/serviceregistry/serviceregistry.go +++ b/service/pkg/serviceregistry/serviceregistry.go @@ -8,9 +8,9 @@ import ( "github.com/opentdf/platform/sdk" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" - "github.com/opentdf/platform/services/internal/db" - "github.com/opentdf/platform/services/internal/opa" - "github.com/opentdf/platform/services/internal/server" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/internal/opa" + "github.com/opentdf/platform/service/internal/server" "google.golang.org/grpc" ) diff --git a/services/pkg/util/dotnotation.go b/service/pkg/util/dotnotation.go similarity index 100% rename from services/pkg/util/dotnotation.go rename to service/pkg/util/dotnotation.go diff --git a/services/policies/embed.go b/service/policies/embed.go similarity index 100% rename from services/policies/embed.go rename to service/policies/embed.go diff --git a/services/policies/entitlements/README.md b/service/policies/entitlements/README.md similarity index 100% rename from services/policies/entitlements/README.md rename to service/policies/entitlements/README.md diff --git a/services/policies/entitlements/entitlements-keycloak.rego b/service/policies/entitlements/entitlements-keycloak.rego similarity index 100% rename from services/policies/entitlements/entitlements-keycloak.rego rename to service/policies/entitlements/entitlements-keycloak.rego diff --git a/services/policies/entitlements/entitlements.rego b/service/policies/entitlements/entitlements.rego similarity index 100% rename from services/policies/entitlements/entitlements.rego rename to service/policies/entitlements/entitlements.rego diff --git a/services/policies/entitlements/input.json b/service/policies/entitlements/input.json similarity index 100% rename from services/policies/entitlements/input.json rename to service/policies/entitlements/input.json diff --git a/services/policy/attributes/attributes.go b/service/policy/attributes/attributes.go similarity index 70% rename from services/policy/attributes/attributes.go rename to service/policy/attributes/attributes.go index 51f2a9aff4..7e8e2859a9 100644 --- a/services/policy/attributes/attributes.go +++ b/service/policy/attributes/attributes.go @@ -7,9 +7,9 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" "github.com/opentdf/platform/protocol/go/policy/attributes" - services "github.com/opentdf/platform/services/err" - "github.com/opentdf/platform/services/pkg/serviceregistry" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/pkg/serviceregistry" + policydb "github.com/opentdf/platform/service/policy/db" ) type AttributesService struct { @@ -32,16 +32,16 @@ func NewRegistration() serviceregistry.Registration { func (s AttributesService) CreateAttribute(ctx context.Context, req *attributes.CreateAttributeRequest, ) (*attributes.CreateAttributeResponse, error) { - slog.Debug("creating new attribute definition", slog.String("name", req.Name)) + slog.Debug("creating new attribute definition", slog.String("name", req.GetName())) rsp := &attributes.CreateAttributeResponse{} item, err := s.dbClient.CreateAttribute(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("attribute", req.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("attribute", req.String())) } rsp.Attribute = item - slog.Debug("created new attribute definition", slog.String("name", req.Name)) + slog.Debug("created new attribute definition", slog.String("name", req.GetName())) return rsp, nil } @@ -49,13 +49,13 @@ func (s *AttributesService) ListAttributes(ctx context.Context, req *attributes.ListAttributesRequest, ) (*attributes.ListAttributesResponse, error) { state := policydb.GetDBStateTypeTransformedEnum(req.GetState()) - namespace := req.Namespace + namespace := req.GetNamespace() slog.Debug("listing attribute definitions", slog.String("state", state)) rsp := &attributes.ListAttributesResponse{} list, err := s.dbClient.ListAllAttributes(ctx, state, namespace) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed) } rsp.Attributes = list @@ -67,9 +67,9 @@ func (s *AttributesService) GetAttribute(ctx context.Context, ) (*attributes.GetAttributeResponse, error) { rsp := &attributes.GetAttributeResponse{} - item, err := s.dbClient.GetAttribute(ctx, req.Id) + item, err := s.dbClient.GetAttribute(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("id", req.GetId())) } rsp.Attribute = item @@ -83,7 +83,7 @@ func (s *AttributesService) GetAttributeValuesByFqns(ctx context.Context, fqnsToAttributes, err := s.dbClient.GetAttributesByValueFqns(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("fqns", fmt.Sprintf("%v", req.Fqns))) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("fqns", fmt.Sprintf("%v", req.GetFqns()))) } rsp.FqnAttributeValues = fqnsToAttributes @@ -95,9 +95,9 @@ func (s *AttributesService) UpdateAttribute(ctx context.Context, ) (*attributes.UpdateAttributeResponse, error) { rsp := &attributes.UpdateAttributeResponse{} - a, err := s.dbClient.UpdateAttribute(ctx, req.Id, req) + a, err := s.dbClient.UpdateAttribute(ctx, req.GetId(), req) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id), slog.String("attribute", req.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId()), slog.String("attribute", req.String())) } rsp.Attribute = a return rsp, nil @@ -108,9 +108,9 @@ func (s *AttributesService) DeactivateAttribute(ctx context.Context, ) (*attributes.DeactivateAttributeResponse, error) { rsp := &attributes.DeactivateAttributeResponse{} - a, err := s.dbClient.DeactivateAttribute(ctx, req.Id) + a, err := s.dbClient.DeactivateAttribute(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrDeactivationFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextDeactivationFailed, slog.String("id", req.GetId())) } rsp.Attribute = a @@ -122,9 +122,9 @@ func (s *AttributesService) DeactivateAttribute(ctx context.Context, /// func (s *AttributesService) CreateAttributeValue(ctx context.Context, req *attributes.CreateAttributeValueRequest) (*attributes.CreateAttributeValueResponse, error) { - item, err := s.dbClient.CreateAttributeValue(ctx, req.AttributeId, req) + item, err := s.dbClient.CreateAttributeValue(ctx, req.GetAttributeId(), req) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("attributeId", req.AttributeId), slog.String("value", req.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("attributeId", req.GetAttributeId()), slog.String("value", req.String())) } return &attributes.CreateAttributeValueResponse{ @@ -134,10 +134,10 @@ func (s *AttributesService) CreateAttributeValue(ctx context.Context, req *attri func (s *AttributesService) ListAttributeValues(ctx context.Context, req *attributes.ListAttributeValuesRequest) (*attributes.ListAttributeValuesResponse, error) { state := policydb.GetDBStateTypeTransformedEnum(req.GetState()) - slog.Debug("listing attribute values", slog.String("attributeId", req.AttributeId), slog.String("state", state)) - list, err := s.dbClient.ListAttributeValues(ctx, req.AttributeId, state) + slog.Debug("listing attribute values", slog.String("attributeId", req.GetAttributeId()), slog.String("state", state)) + list, err := s.dbClient.ListAttributeValues(ctx, req.GetAttributeId(), state) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed, slog.String("attributeId", req.AttributeId)) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed, slog.String("attributeId", req.GetAttributeId())) } return &attributes.ListAttributeValuesResponse{ @@ -146,9 +146,9 @@ func (s *AttributesService) ListAttributeValues(ctx context.Context, req *attrib } func (s *AttributesService) GetAttributeValue(ctx context.Context, req *attributes.GetAttributeValueRequest) (*attributes.GetAttributeValueResponse, error) { - item, err := s.dbClient.GetAttributeValue(ctx, req.Id) + item, err := s.dbClient.GetAttributeValue(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("id", req.GetId())) } return &attributes.GetAttributeValueResponse{ @@ -159,7 +159,7 @@ func (s *AttributesService) GetAttributeValue(ctx context.Context, req *attribut func (s *AttributesService) UpdateAttributeValue(ctx context.Context, req *attributes.UpdateAttributeValueRequest) (*attributes.UpdateAttributeValueResponse, error) { a, err := s.dbClient.UpdateAttributeValue(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id), slog.String("value", req.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId()), slog.String("value", req.String())) } return &attributes.UpdateAttributeValueResponse{ @@ -168,9 +168,9 @@ func (s *AttributesService) UpdateAttributeValue(ctx context.Context, req *attri } func (s *AttributesService) DeactivateAttributeValue(ctx context.Context, req *attributes.DeactivateAttributeValueRequest) (*attributes.DeactivateAttributeValueResponse, error) { - a, err := s.dbClient.DeactivateAttributeValue(ctx, req.Id) + a, err := s.dbClient.DeactivateAttributeValue(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrDeactivationFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextDeactivationFailed, slog.String("id", req.GetId())) } return &attributes.DeactivateAttributeValueResponse{ @@ -179,9 +179,9 @@ func (s *AttributesService) DeactivateAttributeValue(ctx context.Context, req *a } func (s *AttributesService) AssignKeyAccessServerToAttribute(ctx context.Context, req *attributes.AssignKeyAccessServerToAttributeRequest) (*attributes.AssignKeyAccessServerToAttributeResponse, error) { - attributeKas, err := s.dbClient.AssignKeyAccessServerToAttribute(ctx, req.AttributeKeyAccessServer) + attributeKas, err := s.dbClient.AssignKeyAccessServerToAttribute(ctx, req.GetAttributeKeyAccessServer()) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("attributeKas", req.AttributeKeyAccessServer.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("attributeKas", req.GetAttributeKeyAccessServer().String())) } return &attributes.AssignKeyAccessServerToAttributeResponse{ @@ -190,9 +190,9 @@ func (s *AttributesService) AssignKeyAccessServerToAttribute(ctx context.Context } func (s *AttributesService) RemoveKeyAccessServerFromAttribute(ctx context.Context, req *attributes.RemoveKeyAccessServerFromAttributeRequest) (*attributes.RemoveKeyAccessServerFromAttributeResponse, error) { - attributeKas, err := s.dbClient.RemoveKeyAccessServerFromAttribute(ctx, req.AttributeKeyAccessServer) + attributeKas, err := s.dbClient.RemoveKeyAccessServerFromAttribute(ctx, req.GetAttributeKeyAccessServer()) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("attributeKas", req.AttributeKeyAccessServer.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("attributeKas", req.GetAttributeKeyAccessServer().String())) } return &attributes.RemoveKeyAccessServerFromAttributeResponse{ @@ -201,9 +201,9 @@ func (s *AttributesService) RemoveKeyAccessServerFromAttribute(ctx context.Conte } func (s *AttributesService) AssignKeyAccessServerToValue(ctx context.Context, req *attributes.AssignKeyAccessServerToValueRequest) (*attributes.AssignKeyAccessServerToValueResponse, error) { - valueKas, err := s.dbClient.AssignKeyAccessServerToValue(ctx, req.ValueKeyAccessServer) + valueKas, err := s.dbClient.AssignKeyAccessServerToValue(ctx, req.GetValueKeyAccessServer()) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("attributeValueKas", req.ValueKeyAccessServer.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("attributeValueKas", req.GetValueKeyAccessServer().String())) } return &attributes.AssignKeyAccessServerToValueResponse{ @@ -212,9 +212,9 @@ func (s *AttributesService) AssignKeyAccessServerToValue(ctx context.Context, re } func (s *AttributesService) RemoveKeyAccessServerFromValue(ctx context.Context, req *attributes.RemoveKeyAccessServerFromValueRequest) (*attributes.RemoveKeyAccessServerFromValueResponse, error) { - valueKas, err := s.dbClient.RemoveKeyAccessServerFromValue(ctx, req.ValueKeyAccessServer) + valueKas, err := s.dbClient.RemoveKeyAccessServerFromValue(ctx, req.GetValueKeyAccessServer()) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("attributeValueKas", req.ValueKeyAccessServer.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("attributeValueKas", req.GetValueKeyAccessServer().String())) } return &attributes.RemoveKeyAccessServerFromValueResponse{ diff --git a/services/policy/attributes/attributes.proto b/service/policy/attributes/attributes.proto similarity index 100% rename from services/policy/attributes/attributes.proto rename to service/policy/attributes/attributes.proto diff --git a/services/policy/db/attribute_fqn.go b/service/policy/db/attribute_fqn.go similarity index 87% rename from services/policy/db/attribute_fqn.go rename to service/policy/db/attribute_fqn.go index e513e044ab..e06e5fb7a6 100644 --- a/services/policy/db/attribute_fqn.go +++ b/service/policy/db/attribute_fqn.go @@ -10,7 +10,7 @@ import ( "github.com/Masterminds/squirrel" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" ) // These values are optional, but at least one must be set. The other values will be derived from @@ -129,7 +129,7 @@ func (c *PolicyDBClient) AttrFqnReindex() (res struct { //nolint:nonamedreturns res.Namespaces = append(res.Namespaces, struct { Id string Fqn string - }{Id: n.Id, Fqn: c.upsertAttrFqn(context.Background(), attrFqnUpsertOptions{namespaceId: n.Id})}) + }{Id: n.GetId(), Fqn: c.upsertAttrFqn(context.Background(), attrFqnUpsertOptions{namespaceId: n.GetId()})}) } // Reindex all attributes @@ -137,7 +137,7 @@ func (c *PolicyDBClient) AttrFqnReindex() (res struct { //nolint:nonamedreturns res.Attributes = append(res.Attributes, struct { Id string Fqn string - }{Id: a.Id, Fqn: c.upsertAttrFqn(context.Background(), attrFqnUpsertOptions{attributeId: a.Id})}) + }{Id: a.GetId(), Fqn: c.upsertAttrFqn(context.Background(), attrFqnUpsertOptions{attributeId: a.GetId()})}) } // Reindex all attribute values @@ -145,7 +145,7 @@ func (c *PolicyDBClient) AttrFqnReindex() (res struct { //nolint:nonamedreturns res.Values = append(res.Values, struct { Id string Fqn string - }{Id: av.Id, Fqn: c.upsertAttrFqn(context.Background(), attrFqnUpsertOptions{valueId: av.Id})}) + }{Id: av.GetId(), Fqn: c.upsertAttrFqn(context.Background(), attrFqnUpsertOptions{valueId: av.GetId()})}) } return res @@ -154,16 +154,16 @@ func (c *PolicyDBClient) AttrFqnReindex() (res struct { //nolint:nonamedreturns func filterValues(values []*policy.Value, fqn string) ([]*policy.Value, *policy.Value) { val := strings.Split(fqn, "/value/")[1] for i, v := range values { - if v.Value == val { + if v.GetValue() == val { unaltered := &policy.Value{ - Id: v.Id, - Value: v.Value, - Members: v.Members, - Grants: v.Grants, - Fqn: v.Fqn, - Active: v.Active, - SubjectMappings: v.SubjectMappings, - Metadata: v.Metadata, + Id: v.GetId(), + Value: v.GetValue(), + Members: v.GetMembers(), + Grants: v.GetGrants(), + Fqn: v.GetFqn(), + Active: v.GetActive(), + SubjectMappings: v.GetSubjectMappings(), + Metadata: v.GetMetadata(), } values[i].SubjectMappings = nil return values, unaltered @@ -173,11 +173,11 @@ func filterValues(values []*policy.Value, fqn string) ([]*policy.Value, *policy. } func (c *PolicyDBClient) GetAttributesByValueFqns(ctx context.Context, r *attributes.GetAttributeValuesByFqnsRequest) (map[string]*attributes.GetAttributeValuesByFqnsResponse_AttributeAndValue, error) { - if r.Fqns == nil || r.WithValue == nil { + if r.Fqns == nil || r.GetWithValue() == nil { return nil, errors.Join(db.ErrMissingValue, errors.New("error: one or more FQNs and a WithValue selector must be provided")) } - list := make(map[string]*attributes.GetAttributeValuesByFqnsResponse_AttributeAndValue, len(r.Fqns)) - for _, fqn := range r.Fqns { + list := make(map[string]*attributes.GetAttributeValuesByFqnsResponse_AttributeAndValue, len(r.GetFqns())) + for _, fqn := range r.GetFqns() { // ensure the FQN corresponds to an attribute value and not a definition or namespace alone if !strings.Contains(fqn, "/value/") { return nil, db.ErrFqnMissingValue diff --git a/services/policy/db/attribute_values.go b/service/policy/db/attribute_values.go similarity index 96% rename from services/policy/db/attribute_values.go rename to service/policy/db/attribute_values.go index 6a57ca6d53..172eda4e27 100644 --- a/services/policy/db/attribute_values.go +++ b/service/policy/db/attribute_values.go @@ -10,7 +10,7 @@ import ( "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/types/known/wrapperspb" ) @@ -156,7 +156,7 @@ func (c PolicyDBClient) CreateAttributeValue(ctx context.Context, attributeID st sql, args, err := createAttributeValueSql( attributeID, - v.Value, + v.GetValue(), metadataJSON, ) if err != nil { @@ -173,7 +173,7 @@ func (c PolicyDBClient) CreateAttributeValue(ctx context.Context, attributeID st var members []*policy.Value // Add members - for _, member := range v.Members { + for _, member := range v.GetMembers() { var vm_id string sql, args, err := addMemberSql(id, member) if err != nil { @@ -197,7 +197,7 @@ func (c PolicyDBClient) CreateAttributeValue(ctx context.Context, attributeID st rV := &policy.Value{ Id: id, Attribute: &policy.Attribute{Id: attributeID}, - Value: v.Value, + Value: v.GetValue(), Members: members, Metadata: metadata, Active: &wrapperspb.BoolValue{Value: true}, @@ -424,7 +424,7 @@ func (c PolicyDBClient) UpdateAttributeValue(ctx context.Context, r *attributes. if err != nil { return nil, err } - return v.Metadata, nil + return v.GetMetadata(), nil }) if err != nil { return nil, err @@ -453,12 +453,12 @@ func (c PolicyDBClient) UpdateAttributeValue(ctx context.Context, r *attributes. } prevMembersSet := map[string]bool{} - for _, member := range prev.Members { - prevMembersSet[member.Id] = true + for _, member := range prev.GetMembers() { + prevMembersSet[member.GetId()] = true } membersSet := map[string]bool{} - for _, member := range r.Members { + for _, member := range r.GetMembers() { membersSet[member] = true } @@ -564,7 +564,7 @@ func assignKeyAccessServerToValueSql(valueID, keyAccessServerID string) (string, } func (c PolicyDBClient) AssignKeyAccessServerToValue(ctx context.Context, k *attributes.ValueKeyAccessServer) (*attributes.ValueKeyAccessServer, error) { - sql, args, err := assignKeyAccessServerToValueSql(k.ValueId, k.KeyAccessServerId) + sql, args, err := assignKeyAccessServerToValueSql(k.GetValueId(), k.GetKeyAccessServerId()) if err != nil { return nil, err } @@ -586,7 +586,7 @@ func removeKeyAccessServerFromValueSql(valueID, keyAccessServerID string) (strin } func (c PolicyDBClient) RemoveKeyAccessServerFromValue(ctx context.Context, k *attributes.ValueKeyAccessServer) (*attributes.ValueKeyAccessServer, error) { - sql, args, err := removeKeyAccessServerFromValueSql(k.ValueId, k.KeyAccessServerId) + sql, args, err := removeKeyAccessServerFromValueSql(k.GetValueId(), k.GetKeyAccessServerId()) if err != nil { return nil, err } diff --git a/services/policy/db/attributes.go b/service/policy/db/attributes.go similarity index 97% rename from services/policy/db/attributes.go rename to service/policy/db/attributes.go index a3dc3c4cff..a5b388a5d7 100644 --- a/services/policy/db/attributes.go +++ b/service/policy/db/attributes.go @@ -15,8 +15,8 @@ import ( "github.com/opentdf/platform/protocol/go/kasregistry" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/attributes" - "github.com/opentdf/platform/services/internal/db" - kasrDB "github.com/opentdf/platform/services/kasregistry/db" + "github.com/opentdf/platform/service/internal/db" + kasrDB "github.com/opentdf/platform/service/kasregistry/db" "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/types/known/wrapperspb" ) @@ -495,7 +495,7 @@ func (c PolicyDBClient) CreateAttribute(ctx context.Context, r *attributes.Creat // Add values var values []*policy.Value - for _, v := range r.Values { + for _, v := range r.GetValues() { req := &attributes.CreateAttributeValueRequest{AttributeId: id, Value: v} value, err := c.CreateAttributeValue(ctx, id, req) if err != nil { @@ -506,11 +506,11 @@ func (c PolicyDBClient) CreateAttribute(ctx context.Context, r *attributes.Creat a := &policy.Attribute{ Id: id, - Name: r.Name, - Rule: r.Rule, + Name: r.GetName(), + Rule: r.GetRule(), Metadata: metadata, Namespace: &policy.Namespace{ - Id: r.NamespaceId, + Id: r.GetNamespaceId(), }, Active: &wrapperspb.BoolValue{Value: true}, Values: values, @@ -560,7 +560,7 @@ func (c PolicyDBClient) UpdateAttribute(ctx context.Context, id string, r *attri if err != nil { return nil, err } - return a.Metadata, nil + return a.GetMetadata(), nil }) if err != nil { return nil, err @@ -648,7 +648,7 @@ func assignKeyAccessServerToAttributeSql(attributeID, keyAccessServerID string) } func (c PolicyDBClient) AssignKeyAccessServerToAttribute(ctx context.Context, k *attributes.AttributeKeyAccessServer) (*attributes.AttributeKeyAccessServer, error) { - sql, args, err := assignKeyAccessServerToAttributeSql(k.AttributeId, k.KeyAccessServerId) + sql, args, err := assignKeyAccessServerToAttributeSql(k.GetAttributeId(), k.GetKeyAccessServerId()) if err != nil { return nil, db.WrapIfKnownInvalidQueryErr(err) } @@ -670,7 +670,7 @@ func removeKeyAccessServerFromAttributeSql(attributeID, keyAccessServerID string } func (c PolicyDBClient) RemoveKeyAccessServerFromAttribute(ctx context.Context, k *attributes.AttributeKeyAccessServer) (*attributes.AttributeKeyAccessServer, error) { - sql, args, err := removeKeyAccessServerFromAttributeSql(k.AttributeId, k.KeyAccessServerId) + sql, args, err := removeKeyAccessServerFromAttributeSql(k.GetAttributeId(), k.GetKeyAccessServerId()) if err != nil { return nil, err } diff --git a/services/policy/db/namespaces.go b/service/policy/db/namespaces.go similarity index 98% rename from services/policy/db/namespaces.go rename to service/policy/db/namespaces.go index f852c528f7..784682bb3e 100644 --- a/services/policy/db/namespaces.go +++ b/service/policy/db/namespaces.go @@ -10,7 +10,7 @@ import ( "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/namespaces" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/types/known/wrapperspb" ) @@ -206,7 +206,7 @@ func (c PolicyDBClient) CreateNamespace(ctx context.Context, r *namespaces.Creat return &policy.Namespace{ Id: id, - Name: r.Name, + Name: r.GetName(), Active: &wrapperspb.BoolValue{Value: true}, Metadata: m, }, nil @@ -230,10 +230,10 @@ func (c PolicyDBClient) UpdateNamespace(ctx context.Context, id string, r *names if err != nil { return nil, err } - if n.Metadata == nil { + if n.GetMetadata() == nil { return nil, nil } - return n.Metadata, nil + return n.GetMetadata(), nil }) if err != nil { return nil, err diff --git a/services/policy/db/policy.go b/service/policy/db/policy.go similarity index 97% rename from services/policy/db/policy.go rename to service/policy/db/policy.go index 7eb73eadd1..d05c5f50f8 100644 --- a/services/policy/db/policy.go +++ b/service/policy/db/policy.go @@ -2,7 +2,7 @@ package db import ( "github.com/opentdf/platform/protocol/go/common" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" ) const ( diff --git a/services/policy/db/resource_mapping.go b/service/policy/db/resource_mapping.go similarity index 91% rename from services/policy/db/resource_mapping.go rename to service/policy/db/resource_mapping.go index 2ad873cc96..c12671b262 100644 --- a/services/policy/db/resource_mapping.go +++ b/service/policy/db/resource_mapping.go @@ -9,7 +9,7 @@ import ( "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/resourcemapping" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/protobuf/encoding/protojson" ) @@ -116,12 +116,12 @@ func createResourceMappingSQL(attributeValueID string, metadata []byte, terms [] } func (c PolicyDBClient) CreateResourceMapping(ctx context.Context, r *resourcemapping.CreateResourceMappingRequest) (*policy.ResourceMapping, error) { - metadataJSON, metadata, err := db.MarshalCreateMetadata(r.Metadata) + metadataJSON, metadata, err := db.MarshalCreateMetadata(r.GetMetadata()) if err != nil { return nil, err } - sql, args, err := createResourceMappingSQL(r.AttributeValueId, metadataJSON, r.Terms) + sql, args, err := createResourceMappingSQL(r.GetAttributeValueId(), metadataJSON, r.GetTerms()) if err != nil { return nil, err } @@ -136,9 +136,9 @@ func (c PolicyDBClient) CreateResourceMapping(ctx context.Context, r *resourcema return nil, db.WrapIfKnownInvalidQueryErr(err) } - av, err := c.GetAttributeValue(ctx, r.AttributeValueId) + av, err := c.GetAttributeValue(ctx, r.GetAttributeValueId()) if err != nil { - slog.Error("failed to get attribute value", "id", r.AttributeValueId, "err", err) + slog.Error("failed to get attribute value", "id", r.GetAttributeValueId(), "err", err) return nil, db.WrapIfKnownInvalidQueryErr(err) } @@ -146,7 +146,7 @@ func (c PolicyDBClient) CreateResourceMapping(ctx context.Context, r *resourcema Id: id, Metadata: metadata, AttributeValue: av, - Terms: r.Terms, + Terms: r.GetTerms(), }, nil } @@ -226,12 +226,12 @@ func updateResourceMappingSQL(id string, attribute_value_id string, metadata []b } func (c PolicyDBClient) UpdateResourceMapping(ctx context.Context, id string, r *resourcemapping.UpdateResourceMappingRequest) (*policy.ResourceMapping, error) { - metadataJSON, _, err := db.MarshalUpdateMetadata(r.Metadata, r.MetadataUpdateBehavior, func() (*common.Metadata, error) { + metadataJSON, _, err := db.MarshalUpdateMetadata(r.GetMetadata(), r.GetMetadataUpdateBehavior(), func() (*common.Metadata, error) { rm, err := c.GetResourceMapping(ctx, id) if err != nil { return nil, db.WrapIfKnownInvalidQueryErr(err) } - return rm.Metadata, nil + return rm.GetMetadata(), nil }) if err != nil { return nil, err @@ -239,9 +239,9 @@ func (c PolicyDBClient) UpdateResourceMapping(ctx context.Context, id string, r sql, args, err := updateResourceMappingSQL( id, - r.AttributeValueId, + r.GetAttributeValueId(), metadataJSON, - r.Terms, + r.GetTerms(), ) if db.IsQueryBuilderSetClauseError(err) { return &policy.ResourceMapping{ diff --git a/services/policy/db/subject_mappings.go b/service/policy/db/subject_mappings.go similarity index 93% rename from services/policy/db/subject_mappings.go rename to service/policy/db/subject_mappings.go index 0ba0bf4631..6d146aa7c7 100644 --- a/services/policy/db/subject_mappings.go +++ b/service/policy/db/subject_mappings.go @@ -11,7 +11,7 @@ import ( "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/subjectmapping" - "github.com/opentdf/platform/services/internal/db" + "github.com/opentdf/platform/service/internal/db" "google.golang.org/protobuf/encoding/protojson" ) @@ -279,12 +279,12 @@ func createSubjectConditionSetSql(subjectSets []*policy.SubjectSet, metadataJSON // Creates a new subject condition set and returns the id of the created func (c PolicyDBClient) CreateSubjectConditionSet(ctx context.Context, s *subjectmapping.SubjectConditionSetCreate) (*policy.SubjectConditionSet, error) { - metadataJSON, m, err := db.MarshalCreateMetadata(s.Metadata) + metadataJSON, m, err := db.MarshalCreateMetadata(s.GetMetadata()) if err != nil { return nil, err } - sql, args, err := createSubjectConditionSetSql(s.SubjectSets, metadataJSON) + sql, args, err := createSubjectConditionSetSql(s.GetSubjectSets(), metadataJSON) if err != nil { return nil, err } @@ -299,7 +299,7 @@ func (c PolicyDBClient) CreateSubjectConditionSet(ctx context.Context, s *subjec } return &policy.SubjectConditionSet{ Id: id, - SubjectSets: s.SubjectSets, + SubjectSets: s.GetSubjectSets(), Metadata: m, }, nil } @@ -369,19 +369,19 @@ func (c PolicyDBClient) UpdateSubjectConditionSet(ctx context.Context, r *subjec var condition []byte // if extend we need to merge the metadata - metadataJSON, _, err := db.MarshalUpdateMetadata(r.Metadata, r.MetadataUpdateBehavior, func() (*common.Metadata, error) { - scs, err := c.GetSubjectConditionSet(ctx, r.Id) + metadataJSON, _, err := db.MarshalUpdateMetadata(r.GetMetadata(), r.GetMetadataUpdateBehavior(), func() (*common.Metadata, error) { + scs, err := c.GetSubjectConditionSet(ctx, r.GetId()) if err != nil { return nil, err } - return scs.Metadata, nil + return scs.GetMetadata(), nil }) if err != nil { return nil, err } if r.SubjectSets != nil { - condition, err = marshalSubjectSetsProto(r.SubjectSets) + condition, err = marshalSubjectSetsProto(r.GetSubjectSets()) if err != nil { slog.Error("failed to marshal subject sets", slog.String("error", err.Error())) return nil, err @@ -389,13 +389,13 @@ func (c PolicyDBClient) UpdateSubjectConditionSet(ctx context.Context, r *subjec } sql, args, err := updateSubjectConditionSetSql( - r.Id, + r.GetId(), metadataJSON, condition, ) if db.IsQueryBuilderSetClauseError(err) { return &policy.SubjectConditionSet{ - Id: r.Id, + Id: r.GetId(), }, nil } if err != nil { @@ -407,7 +407,7 @@ func (c PolicyDBClient) UpdateSubjectConditionSet(ctx context.Context, r *subjec } return &policy.SubjectConditionSet{ - Id: r.Id, + Id: r.GetId(), }, nil } @@ -469,14 +469,14 @@ func (c PolicyDBClient) CreateSubjectMapping(ctx context.Context, s *subjectmapp ) // Prefer existing id over new creation per documented proto behavior. - if s.ExistingSubjectConditionSetId != "" { - scs, err = c.GetSubjectConditionSet(ctx, s.ExistingSubjectConditionSetId) + if s.GetExistingSubjectConditionSetId() != "" { + scs, err = c.GetSubjectConditionSet(ctx, s.GetExistingSubjectConditionSetId()) if err != nil { return nil, err } - } else if s.NewSubjectConditionSet != nil { + } else if s.GetNewSubjectConditionSet() != nil { // create the new subject condition set - scs, err = c.CreateSubjectConditionSet(ctx, s.NewSubjectConditionSet) + scs, err = c.CreateSubjectConditionSet(ctx, s.GetNewSubjectConditionSet()) if err != nil { return nil, err } @@ -484,24 +484,24 @@ func (c PolicyDBClient) CreateSubjectMapping(ctx context.Context, s *subjectmapp return nil, errors.Join(db.ErrMissingValue, errors.New("either an existing Subject Condition Set ID or a new Subject Condition Set is required when creating a subject mapping")) } - metadataJSON, m, err := db.MarshalCreateMetadata(s.Metadata) + metadataJSON, m, err := db.MarshalCreateMetadata(s.GetMetadata()) if err != nil { return nil, err } if s.Actions == nil { return nil, errors.Join(db.ErrMissingValue, errors.New("actions are required when creating a subject mapping")) } - actionsJSON, err := marshalActionsProto(s.Actions) + actionsJSON, err := marshalActionsProto(s.GetActions()) if err != nil { return nil, err } // Create the subject mapping sql, args, err := createSubjectMappingSql( - s.AttributeValueId, + s.GetAttributeValueId(), actionsJSON, metadataJSON, - scs.Id, + scs.GetId(), ) if err != nil { return nil, err @@ -517,10 +517,10 @@ func (c PolicyDBClient) CreateSubjectMapping(ctx context.Context, s *subjectmapp return &policy.SubjectMapping{ Id: id, AttributeValue: &policy.Value{ - Id: s.AttributeValueId, + Id: s.GetAttributeValueId(), }, SubjectConditionSet: scs, - Actions: s.Actions, + Actions: s.GetActions(), Metadata: m, }, nil } @@ -600,11 +600,11 @@ func updateSubjectMappingSql(id string, metadataJSON []byte, subject_condition_s func (c PolicyDBClient) UpdateSubjectMapping(ctx context.Context, r *subjectmapping.UpdateSubjectMappingRequest) (*policy.SubjectMapping, error) { // if extend we need to merge the metadata metadataJSON, _, err := db.MarshalUpdateMetadata(r.GetMetadata(), r.GetMetadataUpdateBehavior(), func() (*common.Metadata, error) { - a, err := c.GetSubjectMapping(ctx, r.Id) + a, err := c.GetSubjectMapping(ctx, r.GetId()) if err != nil { return nil, err } - return a.Metadata, nil + return a.GetMetadata(), nil }) if err != nil { return nil, err @@ -612,21 +612,21 @@ func (c PolicyDBClient) UpdateSubjectMapping(ctx context.Context, r *subjectmapp var actionsJSON []byte if r.Actions != nil { - actionsJSON, err = marshalActionsProto(r.Actions) + actionsJSON, err = marshalActionsProto(r.GetActions()) if err != nil { return nil, err } } sql, args, err := updateSubjectMappingSql( - r.Id, + r.GetId(), metadataJSON, - r.SubjectConditionSetId, + r.GetSubjectConditionSetId(), actionsJSON, ) if db.IsQueryBuilderSetClauseError(err) { return &policy.SubjectMapping{ - Id: r.Id, + Id: r.GetId(), }, nil } if err != nil { @@ -638,7 +638,7 @@ func (c PolicyDBClient) UpdateSubjectMapping(ctx context.Context, r *subjectmapp } return &policy.SubjectMapping{ - Id: r.Id, + Id: r.GetId(), }, nil } @@ -691,7 +691,7 @@ func selectMatchedSubjectMappingsSql(subjectProperties []*policy.SubjectProperty } where := "(" for i, sp := range subjectProperties { - if sp.ExternalField == "" || sp.ExternalValue == "" { + if sp.GetExternalField() == "" || sp.GetExternalValue() == "" { err = errors.Join(db.ErrMissingValue, errors.New("all subject properties must include defined external field and value")) slog.Error("subject property missing required value", slog.Any("properties provided", subjectProperties), slog.String("error", err.Error())) return "", nil, err @@ -700,15 +700,15 @@ func selectMatchedSubjectMappingsSql(subjectProperties []*policy.SubjectProperty where += " OR " } - hasField := "each_condition->>'subject_external_field' = '" + sp.ExternalField + "'" - hasValue := "(each_condition->>'subject_external_values')::jsonb @> '[\"" + sp.ExternalValue + "\"]'::jsonb" + hasField := "each_condition->>'subject_external_field' = '" + sp.GetExternalField() + "'" + hasValue := "(each_condition->>'subject_external_values')::jsonb @> '[\"" + sp.GetExternalValue() + "\"]'::jsonb" hasInOperator := "each_condition->>'operator' = 'SUBJECT_MAPPING_OPERATOR_ENUM_IN'" hasNotInOperator := "each_condition->>'operator' = 'SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN'" // Parses the json and matches the row if either of the following conditions are met: where += "((" + hasField + " AND " + hasValue + " AND " + hasInOperator + ")" + " OR " + "(" + hasField + " AND NOT " + hasValue + " AND " + hasNotInOperator + "))" - slog.Debug("current condition filter WHERE clause", slog.String("subject_external_field", sp.ExternalField), slog.String("subject_external_value", sp.ExternalValue), slog.String("where", where)) + slog.Debug("current condition filter WHERE clause", slog.String("subject_external_field", sp.GetExternalField()), slog.String("subject_external_value", sp.GetExternalValue()), slog.String("where", where)) } where += ")" diff --git a/services/policy/namespaces/namespaces.go b/service/policy/namespaces/namespaces.go similarity index 64% rename from services/policy/namespaces/namespaces.go rename to service/policy/namespaces/namespaces.go index 68b4504efb..76fa9ff6fc 100644 --- a/services/policy/namespaces/namespaces.go +++ b/service/policy/namespaces/namespaces.go @@ -6,9 +6,9 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" "github.com/opentdf/platform/protocol/go/policy/namespaces" - services "github.com/opentdf/platform/services/err" - "github.com/opentdf/platform/services/pkg/serviceregistry" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/pkg/serviceregistry" + policydb "github.com/opentdf/platform/service/policy/db" ) type NamespacesService struct { @@ -35,7 +35,7 @@ func (ns NamespacesService) ListNamespaces(ctx context.Context, req *namespaces. rsp := &namespaces.ListNamespacesResponse{} list, err := ns.dbClient.ListNamespaces(ctx, state) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed) } slog.Debug("listed namespaces") @@ -45,13 +45,13 @@ func (ns NamespacesService) ListNamespaces(ctx context.Context, req *namespaces. } func (ns NamespacesService) GetNamespace(ctx context.Context, req *namespaces.GetNamespaceRequest) (*namespaces.GetNamespaceResponse, error) { - slog.Debug("getting namespace", slog.String("id", req.Id)) + slog.Debug("getting namespace", slog.String("id", req.GetId())) rsp := &namespaces.GetNamespaceResponse{} - namespace, err := ns.dbClient.GetNamespace(ctx, req.Id) + namespace, err := ns.dbClient.GetNamespace(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, "id", req.Id) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, "id", req.GetId()) } rsp.Namespace = namespace @@ -60,43 +60,43 @@ func (ns NamespacesService) GetNamespace(ctx context.Context, req *namespaces.Ge } func (ns NamespacesService) CreateNamespace(ctx context.Context, req *namespaces.CreateNamespaceRequest) (*namespaces.CreateNamespaceResponse, error) { - slog.Debug("creating new namespace", slog.String("name", req.Name)) + slog.Debug("creating new namespace", slog.String("name", req.GetName())) rsp := &namespaces.CreateNamespaceResponse{} n, err := ns.dbClient.CreateNamespace(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("name", req.Name)) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("name", req.GetName())) } - slog.Debug("created new namespace", slog.String("name", req.Name)) + slog.Debug("created new namespace", slog.String("name", req.GetName())) rsp.Namespace = n return rsp, nil } func (ns NamespacesService) UpdateNamespace(ctx context.Context, req *namespaces.UpdateNamespaceRequest) (*namespaces.UpdateNamespaceResponse, error) { - slog.Debug("updating namespace", slog.String("name", req.Id)) + slog.Debug("updating namespace", slog.String("name", req.GetId())) rsp := &namespaces.UpdateNamespaceResponse{} - namespace, err := ns.dbClient.UpdateNamespace(ctx, req.Id, req) + namespace, err := ns.dbClient.UpdateNamespace(ctx, req.GetId(), req) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId())) } - slog.Debug("updated namespace", slog.String("id", req.Id)) + slog.Debug("updated namespace", slog.String("id", req.GetId())) rsp.Namespace = namespace return rsp, nil } func (ns NamespacesService) DeactivateNamespace(ctx context.Context, req *namespaces.DeactivateNamespaceRequest) (*namespaces.DeactivateNamespaceResponse, error) { - slog.Debug("deactivating namespace", slog.String("id", req.Id)) + slog.Debug("deactivating namespace", slog.String("id", req.GetId())) rsp := &namespaces.DeactivateNamespaceResponse{} - if _, err := ns.dbClient.DeactivateNamespace(ctx, req.Id); err != nil { - return nil, services.HandleError(err, services.ErrDeletionFailed, slog.String("id", req.Id)) + if _, err := ns.dbClient.DeactivateNamespace(ctx, req.GetId()); err != nil { + return nil, db.StatusifyError(err, db.ErrTextDeletionFailed, slog.String("id", req.GetId())) } - slog.Debug("soft-deleted namespace", slog.String("id", req.Id)) + slog.Debug("soft-deleted namespace", slog.String("id", req.GetId())) return rsp, nil } diff --git a/services/policy/namespaces/namespaces.proto b/service/policy/namespaces/namespaces.proto similarity index 100% rename from services/policy/namespaces/namespaces.proto rename to service/policy/namespaces/namespaces.proto diff --git a/services/policy/objects.proto b/service/policy/objects.proto similarity index 100% rename from services/policy/objects.proto rename to service/policy/objects.proto diff --git a/services/policy/resourcemapping/resource_mapping.go b/service/policy/resourcemapping/resource_mapping.go similarity index 76% rename from services/policy/resourcemapping/resource_mapping.go rename to service/policy/resourcemapping/resource_mapping.go index b5dacb5c21..008026a124 100644 --- a/services/policy/resourcemapping/resource_mapping.go +++ b/service/policy/resourcemapping/resource_mapping.go @@ -6,9 +6,9 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" "github.com/opentdf/platform/protocol/go/policy/resourcemapping" - services "github.com/opentdf/platform/services/err" - "github.com/opentdf/platform/services/pkg/serviceregistry" - policydb "github.com/opentdf/platform/services/policy/db" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/pkg/serviceregistry" + policydb "github.com/opentdf/platform/service/policy/db" ) type ResourceMappingService struct { @@ -39,7 +39,7 @@ func (s ResourceMappingService) CreateResourceMapping(ctx context.Context, rm, err := s.dbClient.CreateResourceMapping(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("resourceMapping", req.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("resourceMapping", req.String())) } return &resourcemapping.CreateResourceMappingResponse{ @@ -52,7 +52,7 @@ func (s ResourceMappingService) ListResourceMappings(ctx context.Context, ) (*resourcemapping.ListResourceMappingsResponse, error) { resourceMappings, err := s.dbClient.ListResourceMappings(ctx) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed) } return &resourcemapping.ListResourceMappingsResponse{ @@ -63,9 +63,9 @@ func (s ResourceMappingService) ListResourceMappings(ctx context.Context, func (s ResourceMappingService) GetResourceMapping(ctx context.Context, req *resourcemapping.GetResourceMappingRequest, ) (*resourcemapping.GetResourceMappingResponse, error) { - rm, err := s.dbClient.GetResourceMapping(ctx, req.Id) + rm, err := s.dbClient.GetResourceMapping(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("id", req.GetId())) } return &resourcemapping.GetResourceMappingResponse{ @@ -78,11 +78,11 @@ func (s ResourceMappingService) UpdateResourceMapping(ctx context.Context, ) (*resourcemapping.UpdateResourceMappingResponse, error) { rm, err := s.dbClient.UpdateResourceMapping( ctx, - req.Id, + req.GetId(), req, ) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id), slog.String("resourceMapping", req.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId()), slog.String("resourceMapping", req.String())) } return &resourcemapping.UpdateResourceMappingResponse{ ResourceMapping: rm, @@ -92,9 +92,9 @@ func (s ResourceMappingService) UpdateResourceMapping(ctx context.Context, func (s ResourceMappingService) DeleteResourceMapping(ctx context.Context, req *resourcemapping.DeleteResourceMappingRequest, ) (*resourcemapping.DeleteResourceMappingResponse, error) { - rm, err := s.dbClient.DeleteResourceMapping(ctx, req.Id) + rm, err := s.dbClient.DeleteResourceMapping(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrDeletionFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextDeletionFailed, slog.String("id", req.GetId())) } return &resourcemapping.DeleteResourceMappingResponse{ ResourceMapping: rm, diff --git a/services/policy/resourcemapping/resource_mapping.proto b/service/policy/resourcemapping/resource_mapping.proto similarity index 100% rename from services/policy/resourcemapping/resource_mapping.proto rename to service/policy/resourcemapping/resource_mapping.proto diff --git a/services/policy/selectors.proto b/service/policy/selectors.proto similarity index 100% rename from services/policy/selectors.proto rename to service/policy/selectors.proto diff --git a/services/policy/subjectmapping/subject_mapping.go b/service/policy/subjectmapping/subject_mapping.go similarity index 75% rename from services/policy/subjectmapping/subject_mapping.go rename to service/policy/subjectmapping/subject_mapping.go index 1eaeb6d9b8..353a2480cd 100644 --- a/services/policy/subjectmapping/subject_mapping.go +++ b/service/policy/subjectmapping/subject_mapping.go @@ -6,10 +6,9 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" sm "github.com/opentdf/platform/protocol/go/policy/subjectmapping" - "github.com/opentdf/platform/services/pkg/serviceregistry" - policydb "github.com/opentdf/platform/services/policy/db" - - services "github.com/opentdf/platform/services/err" + "github.com/opentdf/platform/service/internal/db" + "github.com/opentdf/platform/service/pkg/serviceregistry" + policydb "github.com/opentdf/platform/service/policy/db" ) type SubjectMappingService struct { @@ -41,7 +40,7 @@ func (s SubjectMappingService) CreateSubjectMapping(ctx context.Context, sm, err := s.dbClient.CreateSubjectMapping(context.Background(), req) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("subjectMapping", req.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("subjectMapping", req.String())) } rsp.SubjectMapping = sm @@ -56,7 +55,7 @@ func (s SubjectMappingService) ListSubjectMappings(ctx context.Context, mappings, err := s.dbClient.ListSubjectMappings(ctx) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed) } rsp.SubjectMappings = mappings @@ -67,11 +66,11 @@ func (s SubjectMappingService) GetSubjectMapping(ctx context.Context, req *sm.GetSubjectMappingRequest, ) (*sm.GetSubjectMappingResponse, error) { rsp := &sm.GetSubjectMappingResponse{} - slog.Debug("getting subject mapping", slog.String("id", req.Id)) + slog.Debug("getting subject mapping", slog.String("id", req.GetId())) - mapping, err := s.dbClient.GetSubjectMapping(ctx, req.Id) + mapping, err := s.dbClient.GetSubjectMapping(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("id", req.GetId())) } rsp.SubjectMapping = mapping @@ -86,7 +85,7 @@ func (s SubjectMappingService) UpdateSubjectMapping(ctx context.Context, sm, err := s.dbClient.UpdateSubjectMapping(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id), slog.String("subjectMapping fields", req.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId()), slog.String("subjectMapping fields", req.String())) } rsp.SubjectMapping = sm @@ -97,11 +96,11 @@ func (s SubjectMappingService) DeleteSubjectMapping(ctx context.Context, req *sm.DeleteSubjectMappingRequest, ) (*sm.DeleteSubjectMappingResponse, error) { rsp := &sm.DeleteSubjectMappingResponse{} - slog.Debug("deleting subject mapping", slog.String("id", req.Id)) + slog.Debug("deleting subject mapping", slog.String("id", req.GetId())) - sm, err := s.dbClient.DeleteSubjectMapping(ctx, req.Id) + sm, err := s.dbClient.DeleteSubjectMapping(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrDeletionFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextDeletionFailed, slog.String("id", req.GetId())) } rsp.SubjectMapping = sm @@ -112,11 +111,11 @@ func (s SubjectMappingService) MatchSubjectMappings(ctx context.Context, req *sm.MatchSubjectMappingsRequest, ) (*sm.MatchSubjectMappingsResponse, error) { rsp := &sm.MatchSubjectMappingsResponse{} - slog.Debug("matching subject mappings", slog.Any("subjectProperties", req.SubjectProperties)) + slog.Debug("matching subject mappings", slog.Any("subjectProperties", req.GetSubjectProperties())) - smList, err := s.dbClient.GetMatchedSubjectMappings(ctx, req.SubjectProperties) + smList, err := s.dbClient.GetMatchedSubjectMappings(ctx, req.GetSubjectProperties()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.Any("subjectProperties", req.SubjectProperties)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.Any("subjectProperties", req.GetSubjectProperties())) } rsp.SubjectMappings = smList @@ -131,11 +130,11 @@ func (s SubjectMappingService) GetSubjectConditionSet(ctx context.Context, req *sm.GetSubjectConditionSetRequest, ) (*sm.GetSubjectConditionSetResponse, error) { rsp := &sm.GetSubjectConditionSetResponse{} - slog.Debug("getting subject condition set", slog.String("id", req.Id)) + slog.Debug("getting subject condition set", slog.String("id", req.GetId())) - conditionSet, err := s.dbClient.GetSubjectConditionSet(ctx, req.Id) + conditionSet, err := s.dbClient.GetSubjectConditionSet(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("id", req.GetId())) } rsp.SubjectConditionSet = conditionSet @@ -150,7 +149,7 @@ func (s SubjectMappingService) ListSubjectConditionSets(ctx context.Context, conditionSets, err := s.dbClient.ListSubjectConditionSets(ctx) if err != nil { - return nil, services.HandleError(err, services.ErrListRetrievalFailed) + return nil, db.StatusifyError(err, db.ErrTextListRetrievalFailed) } rsp.SubjectConditionSets = conditionSets @@ -163,9 +162,9 @@ func (s SubjectMappingService) CreateSubjectConditionSet(ctx context.Context, rsp := &sm.CreateSubjectConditionSetResponse{} slog.Debug("creating subject condition set", slog.String("subjectConditionSet", req.String())) - conditionSet, err := s.dbClient.CreateSubjectConditionSet(context.Background(), req.SubjectConditionSet) + conditionSet, err := s.dbClient.CreateSubjectConditionSet(context.Background(), req.GetSubjectConditionSet()) if err != nil { - return nil, services.HandleError(err, services.ErrCreationFailed, slog.String("subjectConditionSet", req.String())) + return nil, db.StatusifyError(err, db.ErrTextCreationFailed, slog.String("subjectConditionSet", req.String())) } rsp.SubjectConditionSet = conditionSet @@ -180,7 +179,7 @@ func (s SubjectMappingService) UpdateSubjectConditionSet(ctx context.Context, conditionSet, err := s.dbClient.UpdateSubjectConditionSet(ctx, req) if err != nil { - return nil, services.HandleError(err, services.ErrUpdateFailed, slog.String("id", req.Id), slog.String("subjectConditionSet fields", req.String())) + return nil, db.StatusifyError(err, db.ErrTextUpdateFailed, slog.String("id", req.GetId()), slog.String("subjectConditionSet fields", req.String())) } rsp.SubjectConditionSet = conditionSet @@ -191,11 +190,11 @@ func (s SubjectMappingService) DeleteSubjectConditionSet(ctx context.Context, req *sm.DeleteSubjectConditionSetRequest, ) (*sm.DeleteSubjectConditionSetResponse, error) { rsp := &sm.DeleteSubjectConditionSetResponse{} - slog.Debug("deleting subject condition set", slog.String("id", req.Id)) + slog.Debug("deleting subject condition set", slog.String("id", req.GetId())) - conditionSet, err := s.dbClient.DeleteSubjectConditionSet(ctx, req.Id) + conditionSet, err := s.dbClient.DeleteSubjectConditionSet(ctx, req.GetId()) if err != nil { - return nil, services.HandleError(err, services.ErrDeletionFailed, slog.String("id", req.Id)) + return nil, db.StatusifyError(err, db.ErrTextDeletionFailed, slog.String("id", req.GetId())) } rsp.SubjectConditionSet = conditionSet diff --git a/services/policy/subjectmapping/subject_mapping.proto b/service/policy/subjectmapping/subject_mapping.proto similarity index 100% rename from services/policy/subjectmapping/subject_mapping.proto rename to service/policy/subjectmapping/subject_mapping.proto diff --git a/services/wellknownconfiguration/wellknown_configuration.go b/service/wellknownconfiguration/wellknown_configuration.go similarity index 96% rename from services/wellknownconfiguration/wellknown_configuration.go rename to service/wellknownconfiguration/wellknown_configuration.go index 55bfda8195..8dcd28724d 100644 --- a/services/wellknownconfiguration/wellknown_configuration.go +++ b/service/wellknownconfiguration/wellknown_configuration.go @@ -8,7 +8,7 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" wellknown "github.com/opentdf/platform/protocol/go/wellknownconfiguration" - "github.com/opentdf/platform/services/pkg/serviceregistry" + "github.com/opentdf/platform/service/pkg/serviceregistry" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/types/known/structpb" diff --git a/services/wellknownconfiguration/wellknown_configuration.proto b/service/wellknownconfiguration/wellknown_configuration.proto similarity index 100% rename from services/wellknownconfiguration/wellknown_configuration.proto rename to service/wellknownconfiguration/wellknown_configuration.proto diff --git a/services/err/response_messages.go b/services/err/response_messages.go deleted file mode 100644 index fa59b76328..0000000000 --- a/services/err/response_messages.go +++ /dev/null @@ -1,60 +0,0 @@ -package err - -import ( - "errors" - "log/slog" - - "github.com/opentdf/platform/services/internal/db" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" -) - -const ( - ErrCreationFailed = "resource creation failed" - ErrDeletionFailed = "resource deletion failed" - ErrDeactivationFailed = "resource deactivation failed" - ErrGetRetrievalFailed = "resource retrieval failed" - ErrListRetrievalFailed = "resource list retrieval failed" - ErrUpdateFailed = "resource update failed" - ErrNotFound = "resource not found" - ErrConflict = "resource unique field violation" - ErrRelationInvalid = "resource relation invalid" - ErrEnumValueInvalid = "enum value invalid" - ErrUuidInvalid = "value not a valid uuid" - ErrRestrictViolation = "intended action would violate a restriction" - ErrFqnMissingValue = "FQN must specify a valid value and be of format 'https:///attr//value/'" -) - -func HandleError(err error, fallbackErr string, log ...any) error { - l := append([]any{"error", err.Error()}, log...) - if errors.Is(err, db.ErrUniqueConstraintViolation) { - slog.Error(ErrConflict, l...) - return status.Error(codes.AlreadyExists, ErrConflict) - } - if errors.Is(err, db.ErrNotFound) { - slog.Error(ErrNotFound, l...) - return status.Error(codes.NotFound, ErrNotFound) - } - if errors.Is(err, db.ErrForeignKeyViolation) { - slog.Error(ErrRelationInvalid, l...) - return status.Error(codes.InvalidArgument, ErrRelationInvalid) - } - if errors.Is(err, db.ErrEnumValueInvalid) { - slog.Error(ErrEnumValueInvalid, l...) - return status.Error(codes.InvalidArgument, ErrEnumValueInvalid) - } - if errors.Is(err, db.ErrUuidInvalid) { - slog.Error(ErrUuidInvalid, l...) - return status.Error(codes.InvalidArgument, ErrUuidInvalid) - } - if errors.Is(err, db.ErrRestrictViolation) { - slog.Error(ErrRestrictViolation, l...) - return status.Error(codes.InvalidArgument, ErrRestrictViolation) - } - if errors.Is(err, db.ErrFqnMissingValue) { - slog.Error(err.Error(), l...) - return status.Error(codes.InvalidArgument, ErrFqnMissingValue) - } - slog.Error(err.Error(), l...) - return status.Error(codes.Internal, fallbackErr) -} diff --git a/services/main.go b/services/main.go deleted file mode 100644 index dadca02be4..0000000000 --- a/services/main.go +++ /dev/null @@ -1,7 +0,0 @@ -package main - -import "github.com/opentdf/platform/services/cmd" - -func main() { - cmd.Execute() -} diff --git a/ubuntu.Dockerfile b/ubuntu.Dockerfile index 22ac2dcdb4..719c1db22d 100644 --- a/ubuntu.Dockerfile +++ b/ubuntu.Dockerfile @@ -19,7 +19,7 @@ COPY cmd/ cmd/ COPY internal/ internal/ COPY migrations/ migrations/ COPY policies/ policies/ -COPY services/ services/ +COPY service service/ COPY protocol/ protocol/ COPY pkg/ pkg/