First cut at Data Contract rules (#77)

* First cut at encryption rules (#74)

* First cut at encryption rules

* Add tests

* Clean up package.json

* Clean up package.json

* Add kms clients

* Minor fix

* First cut at additional serde tests (#75)

* First cut at additional serde tests

* Add JSON test

* Add protobuf ref test

* Add format params

* Checkpoint

* Add coverage to gitignore

* Remove coverage

* Minor fix

* Minor fix

* Avro ref test

* Add json ref test

* Add nested tests

* First cut at Data Contract rules

* Remove CEL executors for now

* Minor refactor to use RuleRegistry

* Move DEK registry under encryption

* Clean up package.json

* Add CSFLE test with logical type

* Minor fix

* Add CEL executors

* Revert "Add CEL executors"

This reverts commit 850c3de.

* Minor fixes

* Minor fixes

Author: rayokota

.gitignore

@@ -1,4 +1,5 @@
 build/
+dist/
 node_modules/
 deps/librdkafka
 npm-debug.log
@@ -15,3 +16,4 @@ deps/*
 
 .idea
 .vscode
+coverage

Makefile.schemaregistry

@@ -9,7 +9,7 @@ TS_NODE ?= ./node_modules/.bin/ts-node
 # Paths
 SRC_DIR = schemaregistry
 SR_TEST_DIR = test/schemaregistry
-DEK_TEST_DIR = test/schemaregistry/dekregistry
+DEK_TEST_DIR = test/schemaregistry/rules/encryption/dekregistry
 INTEG_DIR = e2e/schemaregistry
 
 # Tasks

jest.config.js

@@ -3,4 +3,3 @@ module.exports = {
       '^.+\\.tsx?$': 'ts-jest',
     },
   };
-  

package-lock.json

@@ -32,9 +32,11 @@
   },
   "license": "MIT",
   "devDependencies": {
+    "@bufbuild/buf": "^1.37.0",
+    "@bufbuild/protoc-gen-es": "^2.0.0",
     "@eslint/js": "^9.9.0",
     "@types/eslint__js": "^8.42.3",
-    "@types/node": "^20.4.5",
+    "@types/node": "^20.16.1",
     "bluebird": "^3.5.3",
     "eslint": "^8.57.0",
     "eslint-plugin-jest": "^28.6.0",
@@ -46,23 +48,27 @@
     "typescript-eslint": "^8.2.0"
   },
   "dependencies": {
-    "@bufbuild/buf": "^1.37.0",
+    "@aws-sdk/client-kms": "^3.637.0",
+    "@azure/identity": "^4.4.1",
+    "@azure/keyvault-keys": "^4.8.0",
     "@bufbuild/protobuf": "^2.0.0",
-    "@bufbuild/protoc-gen-es": "^2.0.0",
     "@criteria/json-schema": "^0.10.0",
     "@criteria/json-schema-validation": "^0.10.0",
+    "@google-cloud/kms": "^4.5.0",
     "@hackbg/miscreant-esm": "^0.3.2-patch.3",
     "@mapbox/node-pre-gyp": "^1.0.11",
+    "@smithy/types": "^3.3.0",
     "@types/validator": "^13.12.0",
     "ajv": "^8.17.1",
     "async-mutex": "^0.5.0",
     "avsc": "^5.7.7",
     "axios": "^1.7.3",
     "bindings": "^1.3.1",
     "json-stringify-deterministic": "^1.0.12",
+    "jsonata": "^2.0.5",
     "lru-cache": "^11.0.0",
-    "miscreant": "^0.3.2",
     "nan": "^2.17.0",
+    "node-vault": "^0.10.2",
     "ts-jest": "^29.2.4",
     "validator": "^13.12.0"
   },

package.json

@@ -0,0 +1,9 @@
+syntax = "proto3";
+
+package test;
+option go_package="../test";
+
+message LinkedList {
+  int32 value = 1;
+  LinkedList next = 10;
+}

proto/test/schemaregistry/serde/cycle.proto

@@ -0,0 +1,11 @@
+syntax = "proto3";
+
+package test;
+option go_package="../test";
+
+import "test/schemaregistry/serde/test.proto";
+
+message DependencyMessage {
+    bool is_active = 1;
+    TestMessage test_messsage = 2;
+}

proto/test/schemaregistry/serde/dep.proto

@@ -0,0 +1,22 @@
+syntax = "proto3";
+
+package test;
+option go_package="../test";
+
+import "confluent/meta.proto";
+
+message Author {
+  string name = 1 [
+    (confluent.field_meta).tags = "PII"
+  ];
+  int32 id = 2;
+  bytes picture = 3 [
+    (confluent.field_meta).tags = "PII"
+  ];
+  repeated string works = 4;
+}
+
+message Pizza {
+  string size = 1;
+  repeated string toppings = 2;
+}

proto/test/schemaregistry/serde/example.proto

@@ -0,0 +1,59 @@
+syntax = "proto3";
+
+package test;
+option go_package="../test";
+
+import "google/protobuf/timestamp.proto";
+
+message UserId {
+    oneof user_id {
+        string kafka_user_id = 1;
+        int32 other_user_id = 2;
+        MessageId another_id = 3;
+    }
+}
+
+message MessageId {
+    string id = 1;
+}
+
+enum Status {
+    ACTIVE = 0;
+    INACTIVE = 1;
+}
+
+message ComplexType {
+    oneof some_val {
+        string one_id = 1;
+        int32 other_id = 2;
+    }
+    bool is_active = 3;
+}
+
+/*
+ * Complex message using nested protos and repeated fields
+ */
+message NestedMessage {
+    UserId user_id = 1;
+    bool is_active = 2;
+    repeated string experiments_active = 3;
+    google.protobuf.Timestamp updated_at = 4;
+    Status status = 5;
+    ComplexType complex_type = 6;
+    map<string, string> map_type = 7;
+    InnerMessage inner = 8;
+
+    message InnerMessage {
+        string id = 1 [json_name="id"];
+        repeated int32 ids = 2 [packed=true];
+    }
+
+    enum InnerEnum {
+        option allow_alias = true;
+        ZERO = 0;
+        ALSO_ZERO = 0;
+    }
+
+    reserved 14, 15, 9 to 11;
+    reserved "foo", "bar";
+}

proto/test/schemaregistry/serde/nested.proto

@@ -0,0 +1,10 @@
+syntax = "proto3";
+
+package test;
+option go_package="../test";
+
+message NewerWidget {
+    string name = 1;
+    int32 length = 2;
+    int32 version = 3;
+}