Skip to content

Commit b9adbf2

Browse files
JoshVanLcicoyle
JoshVanL
authored and
cicoyle
committed
Refactor SPIFFE from pkg/security to kit (dapr#7669)
* Refactor SPIFFE from `pkg/security` to `kit` Updates the `pkg/security` package to move the SPIFFE implementation to a new kit package. This new kit package is more modulated and fuller test coverage. This package has been moved so that it can be both imported by dapr & components-contrib, as well as making the package more suitable for further development to support X.509 Component auth. dapr/proposals#51 Also moves in test/utils from dapr to crypto/test for shared usage. Part of dapr/proposals#51 Uses go mod fork of dapr/kit#92 Signed-off-by: joshvanl <[email protected]> * Include SVID context with `Init`ing Component Signed-off-by: joshvanl <[email protected]> * Adds security to processor options Signed-off-by: joshvanl <[email protected]> * Update github.com/dapr/dapr to master Signed-off-by: joshvanl <[email protected]> * Update `util` to new `test` package import Signed-off-by: joshvanl <[email protected]> * Update go.sum Signed-off-by: joshvanl <[email protected]> --------- Signed-off-by: joshvanl <[email protected]>
1 parent 06acc7c commit b9adbf2

File tree

37 files changed

+429
-1336
lines changed

37 files changed

+429
-1336
lines changed

cmd/injector/app/app.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,7 @@ func Run() {
9191
SentryAddress: cfg.SentryAddress,
9292
ControlPlaneTrustDomain: cfg.ControlPlaneTrustDomain,
9393
ControlPlaneNamespace: namespace,
94-
TrustAnchorsFile: cfg.TrustAnchorsFile,
94+
TrustAnchorsFile: &cfg.TrustAnchorsFile,
9595
AppID: "dapr-injector",
9696
MTLSEnabled: true,
9797
Mode: modes.KubernetesMode,
@@ -165,7 +165,7 @@ func Run() {
165165
return rerr
166166
}
167167

168-
caBundle, rErr := sec.CurrentTrustAnchors()
168+
caBundle, rErr := sec.CurrentTrustAnchors(ctx)
169169
if rErr != nil {
170170
return rErr
171171
}

cmd/placement/app/app.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ func Run() {
7474
SentryAddress: opts.SentryAddress,
7575
ControlPlaneTrustDomain: opts.TrustDomain,
7676
ControlPlaneNamespace: security.CurrentNamespace(),
77-
TrustAnchorsFile: opts.TrustAnchorsFile,
77+
TrustAnchorsFile: &opts.TrustAnchorsFile,
7878
AppID: "dapr-placement",
7979
MTLSEnabled: opts.TLSEnabled,
8080
Mode: modes.DaprMode(opts.Mode),

go.mod

Lines changed: 14 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ require (
1212
github.com/cloudevents/sdk-go/v2 v2.14.0
1313
github.com/dapr/components-contrib v1.13.0-rc.2.0.20240503231149-1f46231d875c
1414
github.com/dapr/kit v0.13.1-0.20240415171926-a3f906d60908
15-
github.com/diagridio/go-etcd-cron v0.0.0-20240513144201-9d76b648b787
15+
github.com/diagridio/go-etcd-cron v0.0.0-20240521170733-c7c1a7109a7b
1616
github.com/evanphx/json-patch/v5 v5.8.1
1717
github.com/go-chi/chi/v5 v5.0.11
1818
github.com/go-chi/cors v1.2.1
@@ -67,10 +67,9 @@ require (
6767
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a
6868
golang.org/x/net v0.24.0
6969
golang.org/x/sync v0.6.0
70-
google.golang.org/genproto/googleapis/api v0.0.0-20240304212257-790db918fca8
71-
google.golang.org/genproto/googleapis/rpc v0.0.0-20240304212257-790db918fca8
72-
google.golang.org/grpc v1.62.1
73-
google.golang.org/grpc/examples v0.0.0-20230224211313-3775f633ce20
70+
google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f
71+
google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0
72+
google.golang.org/grpc v1.60.1
7473
google.golang.org/protobuf v1.33.0
7574
gopkg.in/yaml.v3 v3.0.1
7675
k8s.io/api v0.28.4
@@ -88,14 +87,14 @@ require (
8887
)
8988

9089
require (
91-
cloud.google.com/go v0.112.0 // indirect
90+
cloud.google.com/go v0.110.10 // indirect
9291
cloud.google.com/go/compute v1.23.3 // indirect
9392
cloud.google.com/go/compute/metadata v0.2.3 // indirect
9493
cloud.google.com/go/datastore v1.15.0 // indirect
9594
cloud.google.com/go/iam v1.1.5 // indirect
96-
cloud.google.com/go/pubsub v1.34.0 // indirect
95+
cloud.google.com/go/pubsub v1.33.0 // indirect
9796
cloud.google.com/go/secretmanager v1.11.4 // indirect
98-
cloud.google.com/go/storage v1.36.0 // indirect
97+
cloud.google.com/go/storage v1.33.0 // indirect
9998
dubbo.apache.org/dubbo-go/v3 v3.0.3-0.20230118042253-4f159a2b38f3 // indirect
10099
github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
101100
github.com/99designs/keyring v1.2.1 // indirect
@@ -212,7 +211,6 @@ require (
212211
github.com/evanphx/json-patch v5.7.0+incompatible // indirect
213212
github.com/fasthttp-contrib/sessions v0.0.0-20160905201309-74f6ac73d5d5 // indirect
214213
github.com/fatih/color v1.15.0 // indirect
215-
github.com/felixge/httpsnoop v1.0.4 // indirect
216214
github.com/fsnotify/fsnotify v1.7.0 // indirect
217215
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 // indirect
218216
github.com/go-errors/errors v1.4.2 // indirect
@@ -410,26 +408,27 @@ require (
410408
go.etcd.io/etcd/client/v2 v2.305.13 // indirect
411409
go.etcd.io/etcd/pkg/v3 v3.5.13 // indirect
412410
go.etcd.io/etcd/raft/v3 v3.5.13 // indirect
413-
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect
414-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
411+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0 // indirect
415412
go.opentelemetry.io/otel/metric v1.21.0 // indirect
416413
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
417414
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
418415
go.uber.org/atomic v1.10.0 // indirect
419416
go.uber.org/multierr v1.11.0 // indirect
420-
go.uber.org/zap v1.27.0 // indirect
417+
go.uber.org/zap v1.26.0 // indirect
421418
golang.org/x/arch v0.3.0 // indirect
422419
golang.org/x/mod v0.14.0 // indirect
423420
golang.org/x/oauth2 v0.16.0 // indirect
424421
golang.org/x/sys v0.19.0 // indirect
425422
golang.org/x/term v0.19.0 // indirect
426423
golang.org/x/text v0.14.0 // indirect
427-
golang.org/x/time v0.5.0 // indirect
424+
golang.org/x/time v0.3.0 // indirect
428425
golang.org/x/tools v0.17.0 // indirect
426+
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
429427
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
430-
google.golang.org/api v0.155.0 // indirect
428+
google.golang.org/api v0.149.0 // indirect
431429
google.golang.org/appengine v1.6.8 // indirect
432-
google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 // indirect
430+
google.golang.org/genproto v0.0.0-20231211222908-989df2bf70f3 // indirect
431+
google.golang.org/grpc/examples v0.0.0-20230224211313-3775f633ce20 // indirect
433432
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
434433
gopkg.in/couchbase/gocb.v1 v1.6.7 // indirect
435434
gopkg.in/couchbase/gocbcore.v7 v7.1.18 // indirect
@@ -482,9 +481,6 @@ replace (
482481
// check for retracted versions: go list -mod=mod -f '{{if .Retracted}}{{.}}{{end}}' -u -m all
483482
replace github.com/microcosm-cc/bluemonday => github.com/microcosm-cc/bluemonday v1.0.24
484483

485-
// Needed due to a deprecated method used in functional tests
486-
replace github.com/stretchr/testify => github.com/stretchr/testify v1.8.4
487-
488484
// Uncomment for local development for testing with changes in the components-contrib && kit repositories.
489485
// Don't commit with this uncommented!
490486
//

0 commit comments

Comments
 (0)