opentdf · dmihalcik-virtru · Apr 4, 2024 · Apr 4, 2024 · Apr 4, 2024 · Apr 4, 2024
@@ -36,7 +36,7 @@ jobs:
         directory:
           - examples
           - sdk
-          - services
+          - service
           - lib/crypto
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
@@ -47,7 +47,7 @@ jobs:
             examples/go.sum
             protocol/go/go.sum
             sdk/go.sum
-            services/go.sum
+            service/go.sum
       - run: make go.work
       - run: go mod download
       - run: go mod verify
@@ -61,7 +61,7 @@ jobs:
           only-new-issues: ${{ (github.event_name == 'pull_request' || github.event_name == 'merge_group') }}
           args: --out-format=colored-line-number
       - name: Install softHSM
-        if: matrix.directory == 'services'
+        if: matrix.directory == 'service'
         run: |-
           sudo apt-get install -y softhsm opensc openssl
           sudo chmod +x /etc/softhsm
@@ -82,14 +82,14 @@ jobs:
         with:
           go-version: "1.21.8"
           cache-dependency-path: |
-            services/go.sum
+            service/go.sum
             examples/go.sum
             protocol/go/go.sum
             sdk/go.sum
       - run: make go.work
       - run: go mod download
       - run: go mod verify
-      - run: go test ./services/integration -race -failfast
+      - run: go test ./service/integration -race -failfast
       - name: Install softHSM
         run: |-
           sudo apt-get install -y softhsm opensc openssl
@@ -103,12 +103,12 @@ jobs:
       - run: .github/scripts/hsm-init-temporary-keys.sh
       - run: docker compose up -d --wait --wait-timeout 240
       - run: cp opentdf-example.yaml opentdf.yaml
-      - run: go run ./services provision keycloak
+      - run: go run ./service provision keycloak
       - uses: JarvusInnovations/background-action@313d37130873d82c33fc907b9b78e932aec8e990
         name: start server in background
         with:
           run: |
-            go run ./services start
+            go run ./service start
           wait-on: |
             tcp:localhost:8080
           log-output-if: true
@@ -142,26 +142,26 @@ jobs:
       - uses: bufbuild/buf-setup-action@382440cdb8ec7bc25a68d7b4711163d95f7cc3aa
       - uses: bufbuild/buf-lint-action@044d13acb1f155179c606aaa2e53aea304d22058
         with:
-          input: services
+          input: service
       - uses: bufbuild/buf-breaking-action@a074e988ee34efcd4927079e79c611f428354c01
         # TODO(#212) Block on breaking changes after protos are frozen
         continue-on-error: true
         with:
-          input: services
-          against: "https://github.com/opentdf/platform.git#branch=main,subdir=services"
+          input: service
+          against: "https://github.com/opentdf/platform.git#branch=main,subdir=service"
       - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
         with:
           go-version: "1.21.8"
           cache-dependency-path: |
-            services/go.sum
+            service/go.sum
             protocol/go/go.sum
             sdk/go.sum
             examples/go.sum
-      - run: cd services && go get github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
-      - run: cd services && go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
+      - run: cd service && go get github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
+      - run: cd service && go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
       - run: make proto-generate
       - name: Restore go.mod after installing protoc-gen-doc
-        run: git restore {services,protocol/go}/go.{mod,sum}
+        run: git restore {service,protocol/go}/go.{mod,sum}
       - run: git diff
       - run: git diff-files --ignore-submodules
       - name: Check that files have been formatted before PR submission
@@ -195,17 +195,17 @@ jobs:
           filters: |
             examples:
               - 'examplesk/go.*'
-            services:
-              - 'services/go.*'
+            service:
+              - 'service/go.*'
             sdk:
               - 'sdk/go.*'
       - name: install go-licenses
         run: go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e
-      - name: check services licenses
-        if: steps.deps-changed.outputs.services == 'true'
+      - name: check service licenses
+        if: steps.deps-changed.outputs.service == 'true'
         run: >
           go-licenses check --disallowed_types=forbidden --include_tests
-          ./services
+          ./service
       - name: check sdk licenses
         if: steps.deps-changed.outputs.sdk == 'true'
         run: >

@@ -43,4 +43,4 @@ jobs:
       - uses: bufbuild/buf-setup-action@382440cdb8ec7bc25a68d7b4711163d95f7cc3aa
       - uses: bufbuild/buf-lint-action@044d13acb1f155179c606aaa2e53aea304d22058
         with:
-          input: services
+          input: service
@@ -36,7 +36,7 @@ tmp-gen/
 /opentdf
 /sdkjava/target
 /serviceapp
-/services/opentdf
+/service/opentdf
 
 *.zip
 sensitive.txt.tdf
@@ -5,14 +5,14 @@ WORKDIR /app
 COPY protocol/ protocol/
 COPY sdk/ sdk/
 COPY lib/crypto lib/crypto
-COPY services/ services/
+COPY service/ service/
 COPY examples/ examples/
 COPY Makefile ./
-RUN cd services \
+RUN cd service \
     && go mod download \
     && go mod verify
 RUN make go.work \
-    && go build -o opentdf ./services
+    && go build -o opentdf ./service
 
 FROM cgr.dev/chainguard/glibc-dynamic
 

@@ -3,10 +3,10 @@
 
 .PHONY: all build clean docker-build fix go-lint lint proto-generate proto-lint sdk/sdk test toolcheck
 
-MODS=protocol/go lib/crypto sdk services examples
-HAND_MODS=lib/crypto sdk services examples
+MODS=protocol/go lib/crypto sdk service examples
+HAND_MODS=lib/crypto sdk service examples
 
-EXCLUDE_OPENAPI=./services/authorization/idp_plugin.proto
+EXCLUDE_OPENAPI=./service/authorization/idp_plugin.proto
 
 ROOT_DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
 
@@ -33,7 +33,7 @@ fix:
 lint: proto-lint go-lint
 
 proto-lint:
-	buf lint services || (exit_code=$$?; \
+	buf lint service || (exit_code=$$?; \
 	 if [ $$exit_code -eq 100 ]; then \
       echo "Buf lint exited with code 100, treating as success"; \
 		else \
@@ -46,9 +46,9 @@ go-lint:
 
 proto-generate:
 	rm -rf protocol/go/[a-fh-z]* docs/grpc docs/openapi
-	buf generate services
-	buf generate services --template buf.gen.grpc.docs.yaml
-	buf generate services --exclude-path $(EXCLUDE_OPENAPI) --template buf.gen.openapi.docs.yaml
+	buf generate service
+	buf generate service --template buf.gen.grpc.docs.yaml
+	buf generate service --exclude-path $(EXCLUDE_OPENAPI) --template buf.gen.openapi.docs.yaml
 
 	buf generate buf.build/grpc-ecosystem/grpc-gateway -o tmp-gen
 	buf generate buf.build/grpc-ecosystem/grpc-gateway -o tmp-gen --template buf.gen.grpc.docs.yaml
@@ -63,8 +63,8 @@ clean:
 
 build: go.work proto-generate opentdf sdk/sdk examples/examples
 
-opentdf: go.work $(shell find services)
-	go build -o opentdf -v services/main.go
+opentdf: go.work $(shell find service)
+	go build -o opentdf -v service/main.go
 
 sdk/sdk: go.work $(shell find sdk)
 	(cd sdk && go build ./...)

@@ -12,7 +12,7 @@
 - [Configuration](./docs/configuration.md)
 - [Development](#development)
 - [Policy Config Schema](./migrations/20240212000000_schema_erd.md)
-- [Policy Config Testing Diagram](./services/integration/testing_diagram.png)
+- [Policy Config Testing Diagram](./service/integration/testing_diagram.png)
 
 ## Development
 
@@ -47,20 +47,20 @@ On macOS, these can be installed with [brew](https://docs.brew.sh/Installation)
 > [!NOTE]
 > Migrations are handled automatically by the server. This can be disabled via the config file, as
 > needed. They can also be run manually using the `migrate` command
-> (`go run github.com/opentdf/platform/services migrate -h`).
+> (`go run github.com/opentdf/platform/service migrate -h`).
 
 1. `docker-compose up`
 2. Create an OpenTDF config file: `opentdf.yaml`
    1. The `opentdf-example.yaml` file is a good starting point, but you may need to modify it to match your environment.
    2. The `opentdf-example-no-kas.yaml` file configures the platform to run insecurely without KAS and without endpoint auth.
-3. Provision keycloak `go run github.com/opentdf/platform/services provision keycloak`
+3. Provision keycloak `go run github.com/opentdf/platform/service provision keycloak`
 4. Configure KAS keys and your HSM with `.github/scripts/hsm-init-temporary-keys.sh`
-5. Run the server `go run github.com/opentdf/platform/services start`
+5. Run the server `go run github.com/opentdf/platform/service start`
    1. _Alt_ use the hot-reload development environment `air`
 6. The server is now running on `localhost:8080` (or the port specified in the config file)
 
 Note: support was added to provision a set of fixture data into the database.
-Run `go run github.com/opentdf/platform/services provision fixtures -h` for more information.
+Run `go run github.com/opentdf/platform/service provision fixtures -h` for more information.
 
 ### Test
 

@@ -17,11 +17,11 @@ import (
 	"github.com/opentdf/platform/protocol/go/policy"
 	attr "github.com/opentdf/platform/protocol/go/policy/attributes"
 	otdf "github.com/opentdf/platform/sdk"
-	services "github.com/opentdf/platform/services/err"
-	"github.com/opentdf/platform/services/internal/access"
-	"github.com/opentdf/platform/services/internal/entitlements"
-	"github.com/opentdf/platform/services/internal/opa"
-	"github.com/opentdf/platform/services/pkg/serviceregistry"
+	"github.com/opentdf/platform/service/internal/access"
+	"github.com/opentdf/platform/service/internal/db"
+	"github.com/opentdf/platform/service/internal/entitlements"
+	"github.com/opentdf/platform/service/internal/opa"
+	"github.com/opentdf/platform/service/pkg/serviceregistry"
 )
 
 type AuthorizationService struct {
@@ -77,7 +77,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat
 			dataAttrDefsAndVals, err := retrieveAttributeDefinitions(ctx, ra, as.sdk)
 			if err != nil {
 				// TODO: should all decisions in a request fail if one FQN lookup fails?
-				return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("fqns", strings.Join(ra.GetAttributeValueFqns(), ", ")))
+				return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("fqns", strings.Join(ra.GetAttributeValueFqns(), ", ")))
 			}
 			var attrDefs []*policy.Attribute
 			var attrVals []*policy.Value
@@ -98,7 +98,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat
 				ecEntitlements, err := retrieveEntitlements(ctx, &req, as)
 				if err != nil {
 					// TODO: should all decisions in a request fail if one entity entitlement lookup fails?
-					return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("getEntitlements request failed ", req.String()))
+					return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("getEntitlements request failed ", req.String()))
 				}
 
 				// currently just adding each entity retuned to same list
@@ -117,7 +117,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat
 				)
 				if err != nil {
 					// TODO: should all decisions in a request fail if one entity entitlement lookup fails?
-					return nil, services.HandleError(err, services.ErrGetRetrievalFailed, slog.String("DetermineAccess request to Access PDP failed", ""))
+					return nil, db.StatusifyError(err, db.ErrTextGetRetrievalFailed, slog.String("DetermineAccess request to Access PDP failed", ""))
 				}
 				// check the decisions
 				decision := authorization.DecisionResponse_DECISION_PERMIT
@@ -129,7 +129,7 @@ func (as AuthorizationService) GetDecisions(ctx context.Context, req *authorizat
 
 				decisionResp := &authorization.DecisionResponse{
 					Decision:      decision,
-					EntityChainId: ec.Id,
+					EntityChainId: ec.GetId(),
 					Action: &policy.Action{
 						Value: &policy.Action_Standard{
 							Standard: policy.Action_STANDARD_ACTION_TRANSMIT,
@@ -150,7 +150,7 @@ func (as AuthorizationService) GetEntitlements(ctx context.Context, req *authori
 	// https://github.com/opentdf/platform/issues/365
 	if req.GetScope() == nil {
 		slog.ErrorContext(ctx, "requires scope")
-		return nil, errors.New(services.ErrFqnMissingValue)
+		return nil, errors.New(db.ErrTextFqnMissingValue)
 	}
 	// get subject mappings
 	request := attr.GetAttributeValuesByFqnsRequest{

@@ -115,8 +115,8 @@ func Test_GetDecisionsAllOf_Pass(t *testing.T) {
 
 	// one entitlement, one attribute value throughout
 	fmt.Print(resp.String())
-	assert.Equal(t, 1, len(resp.DecisionResponses))
-	assert.Equal(t, resp.DecisionResponses[0].Decision, authorization.DecisionResponse_DECISION_PERMIT)
+	assert.Equal(t, 1, len(resp.GetDecisionResponses()))
+	assert.Equal(t, resp.GetDecisionResponses()[0].GetDecision(), authorization.DecisionResponse_DECISION_PERMIT)
 
 	// run again with two attribute values throughout
 	// set the request
@@ -163,9 +163,9 @@ func Test_GetDecisionsAllOf_Pass(t *testing.T) {
 
 	resp, err = as.GetDecisions(ctxb, &req)
 	assert.Nil(t, err)
-	assert.Equal(t, 2, len(resp.DecisionResponses))
-	assert.Equal(t, resp.DecisionResponses[0].Decision, authorization.DecisionResponse_DECISION_DENY)
-	assert.Equal(t, resp.DecisionResponses[1].Decision, authorization.DecisionResponse_DECISION_DENY)
+	assert.Equal(t, 2, len(resp.GetDecisionResponses()))
+	assert.Equal(t, resp.GetDecisionResponses()[0].GetDecision(), authorization.DecisionResponse_DECISION_DENY)
+	assert.Equal(t, resp.GetDecisionResponses()[1].GetDecision(), authorization.DecisionResponse_DECISION_DENY)
 }
 
 func Test_GetDecisions_AllOf_Fail(t *testing.T) {
@@ -245,6 +245,6 @@ func Test_GetDecisions_AllOf_Fail(t *testing.T) {
 	// only responds with one permit/deny at the moment
 	// entitlements only contain the first FQN, so we have a deny decision
 	fmt.Print(resp.String())
-	assert.Equal(t, len(resp.DecisionResponses), 1)
-	assert.Equal(t, resp.DecisionResponses[0].Decision, authorization.DecisionResponse_DECISION_DENY)
+	assert.Equal(t, len(resp.GetDecisionResponses()), 1)
+	assert.Equal(t, resp.GetDecisionResponses()[0].GetDecision(), authorization.DecisionResponse_DECISION_DENY)
 }
@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"log/slog"
 
-	"github.com/opentdf/platform/services/internal/config"
-	"github.com/opentdf/platform/services/internal/db"
+	"github.com/opentdf/platform/service/internal/config"
+	"github.com/opentdf/platform/service/internal/db"
 	"github.com/spf13/cobra"
 )
 

@@ -4,9 +4,9 @@ import (
 	"fmt"
 	"log/slog"
 
-	"github.com/opentdf/platform/services/internal/config"
-	"github.com/opentdf/platform/services/internal/db"
-	policydb "github.com/opentdf/platform/services/policy/db"
+	"github.com/opentdf/platform/service/internal/config"
+	"github.com/opentdf/platform/service/internal/db"
+	policydb "github.com/opentdf/platform/service/policy/db"
 	"github.com/spf13/cobra"
 )
 

@@ -3,9 +3,9 @@ package cmd
 import (
 	"fmt"
 
-	"github.com/opentdf/platform/services/internal/config"
-	"github.com/opentdf/platform/services/internal/db"
-	"github.com/opentdf/platform/services/internal/fixtures"
+	"github.com/opentdf/platform/service/internal/config"
+	"github.com/opentdf/platform/service/internal/db"
+	"github.com/opentdf/platform/service/internal/fixtures"
 	"github.com/spf13/cobra"
 )
 

@@ -10,7 +10,7 @@ import (
 	"strings"
 
 	"github.com/Nerzal/gocloak/v13"
-	"github.com/opentdf/platform/services/internal/config"
+	"github.com/opentdf/platform/service/internal/config"
 	"github.com/spf13/cobra"
 )
 

@@ -1,7 +1,7 @@
 package cmd
 
 import (
-	"github.com/opentdf/platform/services/pkg/server"
+	"github.com/opentdf/platform/service/pkg/server"
 	"github.com/spf13/cobra"
 )
 

@@ -1,4 +1,4 @@
-module github.com/opentdf/platform/services
+module github.com/opentdf/platform/service
 
 go 1.21.8