Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-23 00:10:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

keyservice: move kms code to internal/kms

Browse Source 
Recovery (disk-mapper) and init (bootstrapper)
will have to work with multiple external KMSes
in the future.
This commit is contained in:
Otto Bittner 2023-01-12 16:22:47 +01:00
parent 59664f7020
commit 0e71322e2e
33 changed files with 49 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bootstrapper/internal/initserver/initserver.go
View File

@ -22,6 +22,8 @@ import (
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/grpc/atlscredentials" "github.com/edgelesssys/constellation/v2/internal/grpc/atlscredentials"
"github.com/edgelesssys/constellation/v2/internal/grpc/grpclog" "github.com/edgelesssys/constellation/v2/internal/grpc/grpclog"
"github.com/edgelesssys/constellation/v2/internal/kms/kms"
kmsSetup "github.com/edgelesssys/constellation/v2/internal/kms/setup"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/internal/nodestate" "github.com/edgelesssys/constellation/v2/internal/nodestate"
"github.com/edgelesssys/constellation/v2/internal/role" "github.com/edgelesssys/constellation/v2/internal/role"

2
cli/internal/cmd/init.go
View File

@ -30,10 +30,10 @@ import (
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/grpc/dialer" "github.com/edgelesssys/constellation/v2/internal/grpc/dialer"
grpcRetry "github.com/edgelesssys/constellation/v2/internal/grpc/retry" grpcRetry "github.com/edgelesssys/constellation/v2/internal/grpc/retry"
keyservice "github.com/edgelesssys/constellation/v2/internal/kms/setup"
"github.com/edgelesssys/constellation/v2/internal/license" "github.com/edgelesssys/constellation/v2/internal/license"
"github.com/edgelesssys/constellation/v2/internal/retry" "github.com/edgelesssys/constellation/v2/internal/retry"
"github.com/edgelesssys/constellation/v2/internal/versions" "github.com/edgelesssys/constellation/v2/internal/versions"
keyservice "github.com/edgelesssys/constellation/v2/keyservice/setup"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"google.golang.org/grpc" "google.golang.org/grpc"

0
keyservice/internal/config/config.go → internal/kms/config/config.go
View File

8
keyservice/kms/aws/aws.go → internal/kms/kms/aws/aws.go
View File

@ -17,10 +17,10 @@ import (
awsconfig "github.com/aws/aws-sdk-go-v2/config" awsconfig "github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/kms" "github.com/aws/aws-sdk-go-v2/service/kms"
"github.com/aws/aws-sdk-go-v2/service/kms/types" "github.com/aws/aws-sdk-go-v2/service/kms/types"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" kmsInterface "github.com/edgelesssys/constellation/v2/internal/kms/kms"
kmsInterface "github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/kms/util"
"github.com/edgelesssys/constellation/v2/keyservice/kms/util" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
) )
const ( const (

6
keyservice/kms/aws/aws_test.go → internal/kms/kms/aws/aws_test.go
View File

@ -22,9 +22,9 @@ import (
"github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/kms" "github.com/aws/aws-sdk-go-v2/service/kms"
"github.com/aws/aws-sdk-go-v2/service/kms/types" "github.com/aws/aws-sdk-go-v2/service/kms/types"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" kmsInterface "github.com/edgelesssys/constellation/v2/internal/kms/kms"
kmsInterface "github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"go.uber.org/goleak" "go.uber.org/goleak"
) )

8
keyservice/kms/azure/azure.go → internal/kms/kms/azure/azure.go
View File

@ -17,10 +17,10 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys" "github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys"
"github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets" "github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms"
"github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/kms/util"
"github.com/edgelesssys/constellation/v2/keyservice/kms/util" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
) )
const ( const (

4
keyservice/kms/azure/azure_test.go → internal/kms/kms/azure/azure_test.go
View File

@ -14,8 +14,8 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets" "github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms"
"github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"go.uber.org/goleak" "go.uber.org/goleak"
) )

8
keyservice/kms/azure/hsm.go → internal/kms/kms/azure/hsm.go
View File

@ -15,10 +15,10 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys" "github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms"
"github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/kms/util"
"github.com/edgelesssys/constellation/v2/keyservice/kms/util" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
) )
type hsmClientAPI interface { type hsmClientAPI interface {

4
keyservice/kms/azure/hsm_test.go → internal/kms/kms/azure/hsm_test.go
View File

@ -13,8 +13,8 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys" "github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms"
"github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )

0
keyservice/kms/cluster/cluster.go → internal/kms/kms/cluster/cluster.go
View File

0
keyservice/kms/cluster/cluster_test.go → internal/kms/kms/cluster/cluster_test.go
View File

8
keyservice/kms/gcp/gcp.go → internal/kms/kms/gcp/gcp.go
View File

@ -19,10 +19,10 @@ import (
kms "cloud.google.com/go/kms/apiv1" kms "cloud.google.com/go/kms/apiv1"
"cloud.google.com/go/kms/apiv1/kmspb" "cloud.google.com/go/kms/apiv1/kmspb"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" kmsInterface "github.com/edgelesssys/constellation/v2/internal/kms/kms"
kmsInterface "github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/kms/util"
"github.com/edgelesssys/constellation/v2/keyservice/kms/util" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/googleapis/gax-go/v2" "github.com/googleapis/gax-go/v2"
"google.golang.org/api/option" "google.golang.org/api/option"
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"

6
keyservice/kms/gcp/gcp_test.go → internal/kms/kms/gcp/gcp_test.go
View File

@ -12,9 +12,9 @@ import (
"testing" "testing"
"cloud.google.com/go/kms/apiv1/kmspb" "cloud.google.com/go/kms/apiv1/kmspb"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" kmsInterface "github.com/edgelesssys/constellation/v2/internal/kms/kms"
kmsInterface "github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/kms/util"
"github.com/edgelesssys/constellation/v2/keyservice/kms/util" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/googleapis/gax-go/v2" "github.com/googleapis/gax-go/v2"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"go.uber.org/goleak" "go.uber.org/goleak"

0
keyservice/kms/kms.go → internal/kms/kms/kms.go
View File

0
keyservice/kms/util/crypto.go → internal/kms/kms/util/crypto.go
View File

0
keyservice/kms/util/crypto_test.go → internal/kms/kms/util/crypto_test.go
View File

14
keyservice/setup/setup.go → internal/kms/setup/setup.go
View File

@ -14,12 +14,12 @@ import (
"strconv" "strconv"
"cloud.google.com/go/kms/apiv1/kmspb" "cloud.google.com/go/kms/apiv1/kmspb"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms"
"github.com/edgelesssys/constellation/v2/keyservice/kms" "github.com/edgelesssys/constellation/v2/internal/kms/kms/aws"
"github.com/edgelesssys/constellation/v2/keyservice/kms/aws" "github.com/edgelesssys/constellation/v2/internal/kms/kms/azure"
"github.com/edgelesssys/constellation/v2/keyservice/kms/azure" "github.com/edgelesssys/constellation/v2/internal/kms/kms/cluster"
"github.com/edgelesssys/constellation/v2/keyservice/kms/cluster" "github.com/edgelesssys/constellation/v2/internal/kms/kms/gcp"
"github.com/edgelesssys/constellation/v2/keyservice/kms/gcp" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
) )
// Well known endpoints for KMS services. // Well known endpoints for KMS services.
@ -28,7 +28,7 @@ const (
AzureKMSURI = "kms://azure-kms?name=%s&type=%s" AzureKMSURI = "kms://azure-kms?name=%s&type=%s"
AzureHSMURI = "kms://azure-hsm?name=%s" AzureHSMURI = "kms://azure-hsm?name=%s"
GCPKMSURI = "kms://gcp?project=%s&location=%s&keyRing=%s&protectionLvl=%s" GCPKMSURI = "kms://gcp?project=%s&location=%s&keyRing=%s&protectionLvl=%s"
ClusterKMSURI = "kms://cluster-kms" ClusterKMSURI = "kms://cluster-kms?key=%s&salt=%s"
AWSS3URI = "storage://aws?bucket=%s" AWSS3URI = "storage://aws?bucket=%s"
AzureBlobURI = "storage://azure?container=%s&connectionString=%s" AzureBlobURI = "storage://azure?container=%s&connectionString=%s"
GCPStorageURI = "storage://gcp?projects=%s&bucket=%s" GCPStorageURI = "storage://gcp?projects=%s&bucket=%s"

0
keyservice/setup/setup_test.go → internal/kms/setup/setup_test.go
View File

2
keyservice/internal/storage/awss3storage.go → internal/kms/storage/awss3storage.go
View File

@ -16,7 +16,7 @@ import (
awsconfig "github.com/aws/aws-sdk-go-v2/config" awsconfig "github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/aws/aws-sdk-go-v2/service/s3/types"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
) )
type awsS3ClientAPI interface { type awsS3ClientAPI interface {

0
keyservice/internal/storage/awss3storage_test.go → internal/kms/storage/awss3storage_test.go
View File

2
keyservice/internal/storage/azurestorage.go → internal/kms/storage/azurestorage.go
View File

@ -16,7 +16,7 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/bloberror" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/bloberror"
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
) )
type azureBlobAPI interface { type azureBlobAPI interface {

0
keyservice/internal/storage/azurestorage_test.go → internal/kms/storage/azurestorage_test.go
View File

0
keyservice/internal/storage/gcloudstorage.go → internal/kms/storage/gcloudstorage.go
View File

0
keyservice/internal/storage/gcloudstorage_integration_test.go → internal/kms/storage/gcloudstorage_integration_test.go
View File

0
keyservice/internal/storage/gcloudstorage_test.go → internal/kms/storage/gcloudstorage_test.go
View File

0
keyservice/internal/storage/memfsstorage.go → internal/kms/storage/memfsstorage.go
View File

0
keyservice/internal/storage/memfsstroage_test.go → internal/kms/storage/memfsstroage_test.go
View File

0
keyservice/internal/storage/storage.go → internal/kms/storage/storage.go
View File

2
keyservice/cmd/main.go
View File

@ -18,9 +18,9 @@ import (
"github.com/edgelesssys/constellation/v2/internal/constants" "github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/crypto" "github.com/edgelesssys/constellation/v2/internal/crypto"
"github.com/edgelesssys/constellation/v2/internal/file" "github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/kms/setup"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/keyservice/internal/server" "github.com/edgelesssys/constellation/v2/keyservice/internal/server"
"github.com/edgelesssys/constellation/v2/keyservice/setup"
"github.com/spf13/afero" "github.com/spf13/afero"
"go.uber.org/zap" "go.uber.org/zap"
) )

2
keyservice/internal/server/server.go
View File

@ -14,9 +14,9 @@ import (
"github.com/edgelesssys/constellation/v2/internal/crypto" "github.com/edgelesssys/constellation/v2/internal/crypto"
"github.com/edgelesssys/constellation/v2/internal/grpc/grpclog" "github.com/edgelesssys/constellation/v2/internal/grpc/grpclog"
"github.com/edgelesssys/constellation/v2/internal/kms/kms"
"github.com/edgelesssys/constellation/v2/internal/logger" "github.com/edgelesssys/constellation/v2/internal/logger"
"github.com/edgelesssys/constellation/v2/keyservice/keyserviceproto" "github.com/edgelesssys/constellation/v2/keyservice/keyserviceproto"
"github.com/edgelesssys/constellation/v2/keyservice/kms"
"go.uber.org/zap" "go.uber.org/zap"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
"google.golang.org/grpc" "google.golang.org/grpc"

6
keyservice/internal/test/aws_test.go
View File

@ -19,9 +19,9 @@ import (
"github.com/aws/aws-sdk-go-v2/service/kms" "github.com/aws/aws-sdk-go-v2/service/kms"
"github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/aws/aws-sdk-go-v2/service/s3/types"
kmsconfig "github.com/edgelesssys/constellation/v2/keyservice/internal/config" kmsconfig "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" awsInterface "github.com/edgelesssys/constellation/v2/internal/kms/kms/aws"
awsInterface "github.com/edgelesssys/constellation/v2/keyservice/kms/aws" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )

6
keyservice/internal/test/azure_test.go
View File

@ -13,9 +13,9 @@ import (
"testing" "testing"
"time" "time"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms/azure"
"github.com/edgelesssys/constellation/v2/keyservice/kms/azure" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )

6
keyservice/internal/test/gcp_test.go
View File

@ -14,9 +14,9 @@ import (
"time" "time"
"cloud.google.com/go/kms/apiv1/kmspb" "cloud.google.com/go/kms/apiv1/kmspb"
"github.com/edgelesssys/constellation/v2/keyservice/internal/config" "github.com/edgelesssys/constellation/v2/internal/kms/config"
"github.com/edgelesssys/constellation/v2/keyservice/internal/storage" "github.com/edgelesssys/constellation/v2/internal/kms/kms/gcp"
"github.com/edgelesssys/constellation/v2/keyservice/kms/gcp" "github.com/edgelesssys/constellation/v2/internal/kms/storage"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )