Merge pull request #343 from IABTechLab/cbc-UID2-4379-rename-s3-encryption-cloud-encryption

Rename in admin

Author: cody-constine-ttd

.github/workflows/check-stable-dependency.yaml

@@ -3,7 +3,7 @@ on: [pull_request, workflow_dispatch]
 
 jobs:
   check_dependency:
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-check-stable-dependency.yaml@v2
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-check-stable-dependency.yaml@v3
     secrets: inherit
 
 

.github/workflows/validate-image.yaml

@@ -20,7 +20,7 @@ on:
 jobs:
   build-publish-docker:
     uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@v3
-    with: 
+    with:
       failure_severity: ${{ inputs.failure_severity || 'CRITICAL,HIGH' }}
       fail_on_error: ${{ inputs.fail_on_error || true }}
       java_version: 21

conf/local-config.json

@@ -18,7 +18,7 @@
   "keysets_metadata_path": "keysets/metadata.json",
   "admin_keysets_metadata_path": "admin_keysets/metadata.json",
   "keyset_keys_metadata_path": "keyset_keys/metadata.json",
-  "s3_keys_metadata_path": "s3encryption_keys/metadata.json",
+  "cloud_encryption_keys_metadata_path": "cloud_encryption_keys/metadata.json",
   "aws_access_key_id": "no access key needed for test",
   "aws_secret_access_key": "no secret key needed for test",
   "client_side_keypair_public_prefix": "UID2-X-L-",
@@ -44,6 +44,6 @@
   "role_okta_group_map_maintainer": "developer",
   "role_okta_group_map_privileged": "developer",
   "role_okta_group_map_super_user": "developer",
-  "s3_key_activates_in_seconds": 86400,
-  "s3_key_count_per_site": 2
+  "cloud_encryption_key_activates_in_seconds": 86400,
+  "cloud_encryption_key_count_per_site": 2
 }

conf/local-e2e-docker-config.json

@@ -18,7 +18,7 @@
   "keysets_metadata_path": "keysets/metadata.json",
   "admin_keysets_metadata_path": "admin_keysets/metadata.json",
   "keyset_keys_metadata_path": "keyset_keys/metadata.json",
-  "s3_keys_metadata_path": "s3encryption_keys/metadata.json",
+  "cloud_keys_metadata_path": "cloud_encryption_keys/metadata.json",
   "aws_access_key_id": "no access key needed for test",
   "aws_secret_access_key": "no secret key needed for test",
   "client_side_keypair_public_prefix": "UID2-X-L-",
@@ -44,6 +44,6 @@
   "role_okta_group_map_maintainer": "developer",
   "role_okta_group_map_privileged": "developer",
   "role_okta_group_map_super_user": "developer",
-  "s3_key_activates_in_seconds": 86400,
-  "s3_key_count_per_site": 2
+  "cloud_encryption_key_activates_in_seconds": 86400,
+  "cloud_encryption_key_count_per_site": 2
 }

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.uid2</groupId>
     <artifactId>uid2-admin</artifactId>
-    <version>5.15.24</version>
+    <version>5.15.25-alpha-94-SNAPSHOT</version>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -16,7 +16,7 @@
         <!-- check micrometer.version vertx-micrometer-metrics consumes before bumping up -->
         <micrometer.version>1.12.2</micrometer.version>
         <junit-jupiter.version>5.11.2</junit-jupiter.version>
-        <uid2-shared.version>7.21.7</uid2-shared.version>
+        <uid2-shared.version>8.0.0</uid2-shared.version>
         <okta-jwt.version>0.5.10</okta-jwt.version>
         <image.version>${project.version}</image.version>
     </properties>

src/main/java/com/uid2/admin/Main.java

@@ -13,7 +13,7 @@
 import com.uid2.admin.legacy.RotatingLegacyClientKeyProvider;
 import com.uid2.admin.managers.KeysetManager;
 import com.uid2.admin.monitoring.DataStoreMetrics;
-import com.uid2.admin.managers.S3KeyManager;
+import com.uid2.admin.managers.CloudEncryptionKeyManager;
 import com.uid2.admin.secret.*;
 import com.uid2.admin.store.*;
 import com.uid2.admin.store.reader.RotatingAdminKeysetStore;
@@ -197,18 +197,18 @@ public void run() {
             operatorKeyProvider.loadContent(operatorKeyProvider.getMetadata());
             OperatorKeyStoreWriter operatorKeyStoreWriter = new OperatorKeyStoreWriter(operatorKeyProvider, fileManager, jsonWriter, versionGenerator);
 
-            CloudPath s3KeyMetadataPath = new CloudPath(config.getString(Const.Config.S3keysMetadataPathProp));
-            GlobalScope s3KeyGlobalScope = new GlobalScope(s3KeyMetadataPath);
-            RotatingS3KeyProvider s3KeyProvider = new RotatingS3KeyProvider(cloudStorage, s3KeyGlobalScope);
-            S3KeyStoreWriter s3KeyStoreWriter = new S3KeyStoreWriter(s3KeyProvider, fileManager, jsonWriter, versionGenerator, clock, s3KeyGlobalScope);
+            CloudPath cloudEncryptionKeyMetadataPath = new CloudPath(config.getString(Const.Config.CloudEncryptionKeysMetadataPathProp));
+            GlobalScope cloudEncryptionKeyGlobalScope = new GlobalScope(cloudEncryptionKeyMetadataPath);
+            RotatingCloudEncryptionKeyProvider RotatingCloudEncryptionKeyProvider = new RotatingCloudEncryptionKeyProvider(cloudStorage, cloudEncryptionKeyGlobalScope);
+            CloudEncryptionKeyStoreWriter cloudEncryptionKeyStoreWriter = new CloudEncryptionKeyStoreWriter(RotatingCloudEncryptionKeyProvider, fileManager, jsonWriter, versionGenerator, clock, cloudEncryptionKeyGlobalScope);
             IKeyGenerator keyGenerator = new SecureKeyGenerator();
-            S3KeyManager s3KeyManager = new S3KeyManager(s3KeyProvider, s3KeyStoreWriter,keyGenerator);
+            CloudEncryptionKeyManager cloudEncryptionKeyManager = new CloudEncryptionKeyManager(RotatingCloudEncryptionKeyProvider, cloudEncryptionKeyStoreWriter,keyGenerator);
             try {
-                s3KeyProvider.loadContent();
+                RotatingCloudEncryptionKeyProvider.loadContent();
             } catch (CloudStorageException e) {
                 if (e.getMessage().contains("The specified key does not exist")) {
-                    s3KeyStoreWriter.upload(new HashMap<>(), null);
-                    s3KeyProvider.loadContent();
+                    cloudEncryptionKeyStoreWriter.upload(new HashMap<>(), null);
+                    RotatingCloudEncryptionKeyProvider.loadContent();
                 } else {
                     throw e;
                 }
@@ -255,11 +255,11 @@ public void run() {
                     clientSideKeypairService,
                     new ServiceService(auth, writeLock, serviceStoreWriter, serviceProvider, siteProvider, serviceLinkProvider),
                     new ServiceLinkService(auth, writeLock, serviceLinkStoreWriter, serviceLinkProvider, serviceProvider, siteProvider),
-                    new OperatorKeyService(config, auth, writeLock, operatorKeyStoreWriter, operatorKeyProvider, siteProvider, keyGenerator, keyHasher, s3KeyManager),
+                    new OperatorKeyService(config, auth, writeLock, operatorKeyStoreWriter, operatorKeyProvider, siteProvider, keyGenerator, keyHasher, cloudEncryptionKeyManager),
                     new SaltService(auth, writeLock, saltStoreWriter, saltProvider, saltRotation),
                     new SiteService(auth, writeLock, siteStoreWriter, siteProvider, clientKeyProvider),
                     new PartnerConfigService(auth, writeLock, partnerStoreWriter, partnerConfigProvider),
-                    new PrivateSiteDataRefreshService(auth, jobDispatcher, writeLock, config, s3KeyProvider),
+                    new PrivateSiteDataRefreshService(auth, jobDispatcher, writeLock, config, RotatingCloudEncryptionKeyProvider),
                     new JobDispatcherService(auth, jobDispatcher),
                     new SearchService(auth, clientKeyProvider, operatorKeyProvider)
             };
@@ -286,8 +286,8 @@ public void run() {
             }
 
             synchronized (writeLock) {
-                s3KeyManager.generateKeysForOperators(operatorKeyProvider.getAll(), config.getLong("s3_key_activates_in_seconds"), config.getInteger("s3_key_count_per_site"));
-                s3KeyProvider.loadContent();
+                cloudEncryptionKeyManager.generateKeysForOperators(operatorKeyProvider.getAll(), config.getLong("cloud_encryption_key_activates_in_seconds"), config.getInteger("cloud_encryption_key_count_per_site"));
+                RotatingCloudEncryptionKeyProvider.loadContent();
             }
 
             /*
@@ -336,7 +336,7 @@ public void run() {
             CompletableFuture<Boolean> privateSiteDataSyncJobFuture = jobDispatcher.executeNextJob();
             privateSiteDataSyncJobFuture.get();
 
-            EncryptedFilesSyncJob encryptedFilesSyncJob = new EncryptedFilesSyncJob(config, writeLock,s3KeyProvider);
+            EncryptedFilesSyncJob encryptedFilesSyncJob = new EncryptedFilesSyncJob(config, writeLock,RotatingCloudEncryptionKeyProvider);
             jobDispatcher.enqueue(encryptedFilesSyncJob);
             CompletableFuture<Boolean> encryptedFilesSyncJobFuture = jobDispatcher.executeNextJob();
             encryptedFilesSyncJobFuture.get();

src/main/java/com/uid2/admin/job/EncryptionJob/ClientKeyEncryptionJob.java

@@ -26,7 +26,7 @@ public ClientKeyEncryptionJob(
 
     @Override
     public String getId() {
-        return "s3-encryption-sync-clientKeys";
+        return "cloud-encryption-sync-clientKeys";
     }
 
     @Override

src/main/java/com/uid2/admin/job/EncryptionJob/EncryptionKeyEncryptionJob.java

@@ -40,7 +40,7 @@ public EncryptionKeyEncryptionJob(
 
     @Override
     public String getId() {
-        return "s3-encryption-sync-encryptionKeys";
+        return "cloud-encryption-sync-encryptionKeys";
     }
 
     @Override

src/main/java/com/uid2/admin/job/EncryptionJob/KeyAclEncryptionJob.java

@@ -27,7 +27,7 @@ public KeyAclEncryptionJob(
 
     @Override
     public String getId() {
-        return "s3-encryption-sync-keyAcls";
+        return "cloud-encryption-sync-keyAcls";
     }
 
     @Override

src/main/java/com/uid2/admin/job/EncryptionJob/KeysetKeyEncryptionJob.java

@@ -35,7 +35,7 @@ public KeysetKeyEncryptionJob(Collection<OperatorKey> globalOperators,
 
     @Override
     public String getId() {
-        return "s3-encryption-sync-keysetKeys";
+        return "cloud-encryption-sync-keysetKeys";
     }
 
     @Override