Skip to content

Commit

Permalink
fix(core): revert profiles file system storage last commit (#427)
Browse files Browse the repository at this point in the history
This reverts commit f709e01.
  • Loading branch information
jakedoublev authored Nov 15, 2024
1 parent f709e01 commit 79f2079
Show file tree
Hide file tree
Showing 15 changed files with 149 additions and 528 deletions.
72 changes: 22 additions & 50 deletions .github/scripts/verify-checksums.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,60 +2,32 @@

# Check if the required arguments are provided
if [ $# -ne 2 ]; then
echo "Usage: $0 <output_directory> <checksum_file>"
echo "Usage: $0 <outputDir> <checksumFile>"
exit 1
fi

# Assign arguments to variables
output_dir="$1"
checksum_file="$2"
checksum_path="${output_dir}/${checksum_file}" # Full path to the checksum file
lock_file="${checksum_path}.lock" # Append .lock to the full path of the checksum file

# Ensure the checksum file exists
if [ ! -f "$checksum_path" ]; then
echo "ERROR: Checksum file $checksum_path does not exist."
exit 1
fi

# Wait for the lock file to be available for reading
exec 200<"$lock_file" # Open lock file descriptor for reading
flock -s 200 # Acquire shared lock (will wait if exclusive lock is held)

echo "Verifying checksums..."
echo "Looking for checksum file: $checksum_path"
# Location of the checksum file
checksumFile=$1/$2
outputDir=$1

echo "Looking for checksum file: $checksumFile"
test -f "$checksumFile" || { echo "ERROR: Checksum file not found!"; exit 1; }

# Iterate over each line in the checksum file
while read -r line; do
# Extract checksum and filename from the line
expected_checksum=$(echo "$line" | awk '{print $1}')
filename=$(echo "$line" | awk '{print $2}')

# Construct the full path to the file
file_path="$output_dir/$filename"

# Check if the file exists
if [ ! -f "$file_path" ]; then
echo "ERROR: File $filename not found in $output_dir"
continue
fi

# Calculate the actual checksum of the file
actual_checksum=$(shasum -a 256 "$file_path" | awk '{print $1}')

# Compare the expected and actual checksums
if [ "$expected_checksum" != "$actual_checksum" ]; then
echo "ERROR: Checksum for $filename does not match."
else
echo "Checksum for $filename is correct."
fi
done < "$checksum_path"

# Release the lock and close the lock file descriptor
flock -u 200
exec 200>&-

# Clean up the lock file
rm -f "$lock_file"

echo "Checksum verification completed."
# Extract the expected checksum and filename from each line
read -ra ADDR <<< "$line" # Read the line into an array
expectedChecksum="${ADDR[0]}"
fileName="${ADDR[2]}"

# Calculate the actual checksum of the file
actualChecksum=$(shasum -a 256 "$outputDir/$fileName" | awk '{print $1}')

# Compare the expected checksum with the actual checksum
if [ "$expectedChecksum" == "$actualChecksum" ]; then
echo "SUCCESS: Checksum for $fileName is valid."
else
echo "ERROR: Checksum for $fileName does not match."
fi
done < "$checksumFile"
52 changes: 17 additions & 35 deletions .github/scripts/zip-builds.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,41 +16,23 @@ mkdir -p "$output_dir"

# Create a checksums file
checksums_file="$output_dir/${build_semver}_checksums.txt"
touch "$checksums_file"

# Define a lock file for parallel-safe writing to checksums
checksums_lockfile="${checksums_file}.lock"
touch $checksums_file

# Iterate over each binary file
for binary_file in "$binary_dir"/*; do
(
compressed=""
if [[ $binary_file == *.exe ]]; then
# If the file is a Windows binary, zip it
filename=$(basename "$binary_file")
compressed="${filename%.exe}.zip"
zip -j "$output_dir/$compressed" "$binary_file"
else
# For other binaries, tar and gzip them
filename=$(basename "$binary_file")
compressed="${filename}.tar.gz"
tar -czf "$output_dir/$compressed" "$binary_file"
fi

# Compute checksum and append it to the checksums file using a lock
checksum="$(shasum -a 256 "$output_dir/$compressed" | awk '{print $1}')"
(
flock -x 200
echo "$checksum $compressed" >> "$checksums_file"
) 200>"$checksums_lockfile"

) &
done

# Echo message indicating background tasks are running
echo "All zip and tar processes started. Waiting for them to finish..."

# Wait for all background processes to complete
wait

echo "All compression and checksum operations completed."
compressed=""
if [[ $binary_file == *.exe ]]; then
# If the file is a Windows binary, zip it
filename=$(basename "$binary_file")
compressed="${filename%.exe}.zip"
zip -j "$output_dir/$compressed" "$binary_file"
else
# For other binaries, tar and gzip them
filename=$(basename "$binary_file")
compressed="${filename}.tar.gz"
tar -czf "$output_dir/$compressed" "$binary_file"
fi

# Append checksums to the file
echo "$(cat "$output_dir/$compressed" | shasum -a 256) $compressed" >> $checksums_file
done
5 changes: 2 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -58,10 +58,10 @@ build-%:
go build $(GO_BUILD_FLAGS) \
-o $(GO_BUILD_PREFIX)-$(word 1,$(subst -, ,$*))-$(word 2,$(subst -, ,$*))$(word 3,$(subst -, ,$*))

zip-builds: $(addprefix build-,$(PLATFORMS))
zip-builds:
./.github/scripts/zip-builds.sh $(BINARY_NAME)-$(CURR_VERSION) $(TARGET_DIR) $(OUTPUT_DIR)

verify-checksums: zip-builds
verify-checksums:
./.github/scripts/verify-checksums.sh $(OUTPUT_DIR) $(BINARY_NAME)-$(CURR_VERSION)_checksums.txt

# Target for running the project (adjust as necessary for your project)
Expand Down Expand Up @@ -93,4 +93,3 @@ test-bats: build-test
.PHONY: clean
clean:
rm -rf $(TARGET_DIR)
rm -rf $(OUTPUT_DIR)
9 changes: 2 additions & 7 deletions cmd/auth-login.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,16 +13,11 @@ func auth_codeLogin(cmd *cobra.Command, args []string) {
_, cp := InitProfile(c, false)

c.Print("Initiating login...")

// Use profile values as defaults, with command-line overrides
tlsNoVerify := c.FlagHelper.GetOptionalBoolWithDefault("tls-no-verify", cp.GetTLSNoVerify())
clientId := c.FlagHelper.GetOptionalStringWithDefault("client-id", cp.GetAuthCredentials().ClientId)

tok, publicClientID, err := auth.LoginWithPKCE(
cmd.Context(),
cp.GetEndpoint(),
clientId,
tlsNoVerify,
c.FlagHelper.GetOptionalString("client-id"),
c.FlagHelper.GetOptionalBool("tls-no-verify"),
)
if err != nil {
c.Println("failed")
Expand Down
6 changes: 0 additions & 6 deletions cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -279,11 +279,5 @@ func init() {
rootCmd.GetDocFlag("with-access-token").Default,
rootCmd.GetDocFlag("with-access-token").Description,
)

RootCmd.PersistentFlags().String(
rootCmd.GetDocFlag("profile-driver").Name,
rootCmd.GetDocFlag("profile-driver").Default,
rootCmd.GetDocFlag("profile-driver").Description,
)
RootCmd.AddGroup(&cobra.Group{ID: TDF})
}
7 changes: 0 additions & 7 deletions docs/man/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,4 @@ command:
- name: debug
description: enable debug output
default: false
- name: profile-driver
description: storage driver for managing profiles
enum:
- keyring
- in-memory
- file
default: file
---
5 changes: 4 additions & 1 deletion e2e/profile.bats
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,10 @@ teardown() {
@test "profile create" {
run_otdfctl profile create test http://localhost:8080
assert_output --regexp "Creating profile .* ok"


run_otdfctl profile create test localhost:8080
assert_output --regexp "Failed .* invalid scheme"

# TODO figure out how to test the case where the profile already exists
}

Expand Down
11 changes: 6 additions & 5 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@ require (
github.com/go-jose/go-jose/v3 v3.0.3
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/google/uuid v1.6.0
github.com/opentdf/platform/lib/flattening v0.1.2
github.com/opentdf/platform/protocol/go v0.2.22
github.com/opentdf/platform/sdk v0.3.20
github.com/opentdf/platform/lib/flattening v0.1.1
github.com/opentdf/platform/protocol/go v0.2.20
github.com/opentdf/platform/sdk v0.3.19
github.com/spf13/cobra v1.8.1
github.com/spf13/viper v1.19.0
github.com/stretchr/testify v1.9.0
Expand Down Expand Up @@ -86,6 +86,7 @@ require (
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
github.com/rogpeppe/go-internal v1.12.0 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sahilm/fuzzy v0.1.1-0.20230530133925-c48e322e2a8f // indirect
Expand All @@ -108,9 +109,9 @@ require (
go.opentelemetry.io/otel/metric v1.29.0 // indirect
go.opentelemetry.io/otel/trace v1.29.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.26.0 // indirect
golang.org/x/crypto v0.25.0 // indirect
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
golang.org/x/net v0.28.0 // indirect
golang.org/x/net v0.27.0 // indirect
golang.org/x/sync v0.8.0 // indirect
golang.org/x/sys v0.27.0 // indirect
golang.org/x/text v0.17.0 // indirect
Expand Down
30 changes: 18 additions & 12 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -215,16 +215,22 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
github.com/opentdf/platform/lib/fixtures v0.2.8 h1:lGYrMnbORtU62lxsJi8qPsxjFuNIkc4Dop8rVkH6pD0=
github.com/opentdf/platform/lib/fixtures v0.2.8/go.mod h1:8yCSe+oUzW9jbM573r9qgE68rjwDMNzktObiGVsO/W8=
github.com/opentdf/platform/lib/flattening v0.1.2 h1:7/fUlBY08PR6UItfVU2CVF5rcCxf5oZZ4MGLABj4NAU=
github.com/opentdf/platform/lib/flattening v0.1.2/go.mod h1:Gs/T+6FGZKk9OAdz2Jf1R8CTGeNRYrq1lZGDeYT3hrY=
github.com/opentdf/platform/lib/fixtures v0.2.7 h1:2LxWmLBBISONVJnVDH8yMsV72VHQyirua0DwDBBoq+g=
github.com/opentdf/platform/lib/fixtures v0.2.7/go.mod h1:8yCSe+oUzW9jbM573r9qgE68rjwDMNzktObiGVsO/W8=
github.com/opentdf/platform/lib/flattening v0.1.1 h1:la1f6PcRsc+yLH8+9UEr0ux6IRKu+6+oMaMVt05+8HU=
github.com/opentdf/platform/lib/flattening v0.1.1/go.mod h1:eyG7pe5UZlV+GI5/CymQD3xTAJxNhnP9M4QnBzaad1M=
github.com/opentdf/platform/lib/ocrypto v0.1.6 h1:rd4ctCZOE/c3qDJORtkSK9tw6dEXb+jbJXRRk4LcxII=
github.com/opentdf/platform/lib/ocrypto v0.1.6/go.mod h1:ne+l8Q922OdzA0xesK3XJmfECBnn5vLSGYU3/3OhiHM=
github.com/opentdf/platform/protocol/go v0.2.22 h1:C/jjtwu5yTon8g0ewuN29QE7VXSQHyb2dx9W0U6Oqok=
github.com/opentdf/platform/protocol/go v0.2.22/go.mod h1:skpOCVuWSjUHazLKOkh3nSB057OB4sHICe7MpmJY9KU=
github.com/opentdf/platform/sdk v0.3.20 h1:zyBAZLhQaIv4X2twyPbmbdBd9Vc1vsTwxr1BIuESJWg=
github.com/opentdf/platform/sdk v0.3.20/go.mod h1:O4tyqjK9sJwp+6jUeiJjECe9TQfqaD1kTr6wgsRxkWc=
github.com/opentdf/platform/protocol/go v0.2.18 h1:s+TVZkOPGCzy7WyObtJWJNaFeOGDUTuSmAsq3omvugY=
github.com/opentdf/platform/protocol/go v0.2.18/go.mod h1:WqDcnFQJb0v8ivRQPidbehcL8ils5ZSZYXkuv0nyvsI=
github.com/opentdf/platform/protocol/go v0.2.20 h1:FPU1ZcXvPm/QeE2nqgbD/HMTOCICQSD0DoncQbAZ1ws=
github.com/opentdf/platform/protocol/go v0.2.20/go.mod h1:TWIuf387VeR3q0TL4nAMKQTWEqqID+8Yjao76EX9Dto=
github.com/opentdf/platform/sdk v0.3.17 h1:Uo/kTMneB18i0gZNfTRtvw34bGLFUc8BEnA/BMK0VVs=
github.com/opentdf/platform/sdk v0.3.17/go.mod h1:c2+nrsRLvLf2OOryXnNy0iGZN/TScc21Pul7uqKVXIs=
github.com/opentdf/platform/sdk v0.3.18 h1:IY6fNrOfQD9lF/hZp9ewZsH0PMuLe17HlSE1A5kyIWc=
github.com/opentdf/platform/sdk v0.3.18/go.mod h1:u+XZhVRsMq5blukCFCHcjk6HLCp4Y5mmIQu7GhtKQ3E=
github.com/opentdf/platform/sdk v0.3.19 h1:4Ign6HPrxOH6ZllLO/cI6joSuqz8CqPlpxpTKunpMQs=
github.com/opentdf/platform/sdk v0.3.19/go.mod h1:u+XZhVRsMq5blukCFCHcjk6HLCp4Y5mmIQu7GhtKQ3E=
github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
Expand Down Expand Up @@ -332,8 +338,8 @@ go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN8
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
Expand All @@ -345,8 +351,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
Expand Down
13 changes: 3 additions & 10 deletions pkg/auth/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,7 @@ const (

// Facilitates an auth code PKCE flow to obtain OIDC tokens.
// Spawns a local server to handle the callback and opens a browser window in each respective OS.
func Login(ctx context.Context, platformEndpoint, tokenURL, authURL, publicClientID string, tlsNoVerify bool) (*oauth2.Token, error) {
func Login(ctx context.Context, platformEndpoint, tokenURL, authURL, publicClientID string) (*oauth2.Token, error) {
// Generate random hash and encryption keys for cookie handling
hashKey := make([]byte, keyLength)
encryptKey := make([]byte, keyLength)
Expand All @@ -239,16 +239,9 @@ func Login(ctx context.Context, platformEndpoint, tokenURL, authURL, publicClien
},
}

var cookieOpts []httphelper.CookieHandlerOpt
if tlsNoVerify {
cookieOpts = append(cookieOpts, httphelper.WithUnsecure())
}

cookiehandler := httphelper.NewCookieHandler(hashKey, encryptKey, cookieOpts...)
cookiehandler := httphelper.NewCookieHandler(hashKey, encryptKey)

relyingParty, err := oidcrp.NewRelyingPartyOAuth(conf,
// respect tlsNoVerify
oidcrp.WithHTTPClient(utils.NewHttpClient(tlsNoVerify)),
// allow cookie handling for PKCE
oidcrp.WithCookieHandler(cookiehandler),
// use PKCE
Expand Down Expand Up @@ -278,7 +271,7 @@ func LoginWithPKCE(ctx context.Context, host, publicClientID string, tlsNoVerify
return nil, "", fmt.Errorf("failed to get platform configuration: %w", err)
}

tok, err := Login(ctx, host, pc.tokenEndpoint, pc.authzEndpoint, pc.publicClientID, tlsNoVerify)
tok, err := Login(ctx, host, pc.tokenEndpoint, pc.authzEndpoint, pc.publicClientID)
if err != nil {
return nil, "", fmt.Errorf("failed to login: %w", err)
}
Expand Down
29 changes: 6 additions & 23 deletions pkg/cli/flagValues.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,18 +52,11 @@ func (f flagHelper) GetOptionalID(idFlag string) string {
}

func (f flagHelper) GetOptionalString(flag string) string {
return f.GetOptionalStringWithDefault(flag, "")
}

// GetOptionalStringWithDefault retrieves a string flag, or returns the default value if the flag is not set
func (f flagHelper) GetOptionalStringWithDefault(flagName string, defaultValue string) string {
if f.cmd.Flags().Changed(flagName) {
value, err := f.cmd.Flags().GetString(flagName)
if err == nil {
return value
}
p := f.cmd.Flag(flag)
if p == nil {
return ""
}
return defaultValue
return p.Value.String()
}

func (f flagHelper) GetStringSlice(flag string, v []string, opts FlagsStringSliceOptions) []string {
Expand All @@ -89,18 +82,8 @@ func (f flagHelper) GetRequiredInt32(flag string) int32 {
}

func (f flagHelper) GetOptionalBool(flag string) bool {
return f.GetOptionalBoolWithDefault(flag, false)
}

// GetOptionalBoolWithDefault retrieves a boolean flag, or returns the default value if the flag is not set
func (f flagHelper) GetOptionalBoolWithDefault(flagName string, defaultValue bool) bool {
if f.cmd.Flags().Changed(flagName) {
value, err := f.cmd.Flags().GetBool(flagName)
if err == nil {
return value
}
}
return defaultValue
v, _ := f.cmd.Flags().GetBool(flag)
return v
}

func (f flagHelper) GetRequiredBool(flag string) bool {
Expand Down
Loading

0 comments on commit 79f2079

Please sign in to comment.