constellation/s3proxy/internal/kms/BUILD.bazel
Otto Bittner 887dcda78b s3proxy: add keyservice integration
Encrypt each object with a random DEK and attach
the encrypted DEK as object metadata.
Encrpt the DEK with a key from the keyservice.
All objects use the same KEK until a keyrotation
takes place.
2023-10-06 11:23:32 +02:00

30 lines
849 B
Python

load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("//bazel/go:go_test.bzl", "go_test")
go_library(
name = "kms",
srcs = ["kms.go"],
importpath = "github.com/edgelesssys/constellation/v2/s3proxy/internal/kms",
visibility = ["//s3proxy:__subpackages__"],
deps = [
"//internal/logger",
"//keyservice/keyserviceproto",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//credentials/insecure",
],
)
go_test(
name = "kms_test",
srcs = ["kms_test.go"],
embed = [":kms"],
deps = [
"//internal/logger",
"//keyservice/keyserviceproto",
"@com_github_stretchr_testify//assert",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//test/bufconn",
"@org_uber_go_goleak//:goleak",
],
)