NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit87cb577

committed

Refactor CryptoKey usage to use codersdk package

This change streamlines the CryptoKey handling by utilizing thecodersdk package, thereby reducing code duplication and potentiallysimplifying maintenance efforts in the future.

1 parent5f4beaa commit87cb577Copy full SHA for 87cb577

File tree

3 files changed

+57

-85

lines changed

enterprise/wsproxy
- keycache.go
- keycache_test.go
- wsproxysdk
  - wsproxysdk.go

3 files changed

+57

-85

lines changed

`‎enterprise/wsproxy/keycache.go`

Lines changed: 21 additions & 20 deletions

Original file line number	Diff line number	Diff line change
`@@ -9,6 +9,7 @@ import (`
`9`	`9`
`10`	`10`	`"cdr.dev/slog"`
`11`	`11`
	`12`	`+"github.com/coder/coder/v2/codersdk"`
`12`	`13`	`"github.com/coder/coder/v2/enterprise/wsproxy/wsproxysdk"`
`13`	`14`	`"github.com/coder/quartz"`
`14`	`15`	`)`
`@@ -19,8 +20,8 @@ type CryptoKeyCache struct {`
`19`	`20`	`Clock quartz.Clock`
`20`	`21`
`21`	`22`	`keysMu sync.RWMutex`
`22`		`-keysmap[int32]wsproxysdk.CryptoKey`
`23`		`-latestwsproxysdk.CryptoKey`
	`23`	`+keysmap[int32]codersdk.CryptoKey`
	`24`	`+latestcodersdk.CryptoKey`
`24`	`25`	`}`
`25`	`26`
`26`	`27`	`funcNewCryptoKeyCache(ctx context.Context,log slog.Logger,clientwsproxysdk.Client,opts...func(CryptoKeyCache)) (*CryptoKeyCache,error) {`
`@@ -45,37 +46,37 @@ func NewCryptoKeyCache(ctx context.Context, log slog.Logger, client *wsproxysdk.`
`45`	`46`	`returncache,nil`
`46`	`47`	`}`
`47`	`48`
`48`		`-func (k*CryptoKeyCache)Latest(ctx context.Context) (wsproxysdk.CryptoKey,error) {`
	`49`	`+func (k*CryptoKeyCache)Latest(ctx context.Context) (codersdk.CryptoKey,error) {`
`49`	`50`	`k.keysMu.RLock()`
`50`	`51`	`latest:=k.latest`
`51`	`52`	`k.keysMu.RUnlock()`
`52`	`53`
`53`	`54`	`now:=k.Clock.Now().UTC()`
`54`		`-iflatest.Active(now) {`
	`55`	`+iflatest.CanSign(now) {`
`55`	`56`	`returnlatest,nil`
`56`	`57`	`}`
`57`	`58`
`58`	`59`	`k.keysMu.Lock()`
`59`	`60`	`deferk.keysMu.Unlock()`
`60`	`61`
`61`		`-ifk.latest.Active(now) {`
	`62`	`+ifk.latest.CanSign(now) {`
`62`	`63`	`returnk.latest,nil`
`63`	`64`	`}`
`64`	`65`
`65`	`66`	`varerrerror`
`66`	`67`	`k.keys,k.latest,err=k.fetch(ctx)`
`67`	`68`	`iferr!=nil {`
`68`		`-returnwsproxysdk.CryptoKey{},xerrors.Errorf("fetch: %w",err)`
	`69`	`+returncodersdk.CryptoKey{},xerrors.Errorf("fetch: %w",err)`
`69`	`70`	`}`
`70`	`71`
`71`		`-if!k.latest.Active(now) {`
`72`		`-returnwsproxysdk.CryptoKey{},xerrors.Errorf("no active keys found")`
	`72`	`+if!k.latest.CanSign(now) {`
	`73`	`+returncodersdk.CryptoKey{},xerrors.Errorf("no active keys found")`
`73`	`74`	`}`
`74`	`75`
`75`	`76`	`returnk.latest,nil`
`76`	`77`	`}`
`77`	`78`
`78`		`-func (k*CryptoKeyCache)Version(ctx context.Context,sequenceint32) (wsproxysdk.CryptoKey,error) {`
	`79`	`+func (k*CryptoKeyCache)Version(ctx context.Context,sequenceint32) (codersdk.CryptoKey,error) {`
`79`	`80`	`now:=k.Clock.Now().UTC()`
`80`	`81`	`k.keysMu.RLock()`
`81`	`82`	`key,ok:=k.keys[sequence]`
`@@ -94,12 +95,12 @@ func (k *CryptoKeyCache) Version(ctx context.Context, sequence int32) (wsproxysd`
`94`	`95`	`varerrerror`
`95`	`96`	`k.keys,k.latest,err=k.fetch(ctx)`
`96`	`97`	`iferr!=nil {`
`97`		`-returnwsproxysdk.CryptoKey{},xerrors.Errorf("fetch: %w",err)`
	`98`	`+returncodersdk.CryptoKey{},xerrors.Errorf("fetch: %w",err)`
`98`	`99`	`}`
`99`	`100`
`100`	`101`	`key,ok=k.keys[sequence]`
`101`	`102`	`if!ok {`
`102`		`-returnwsproxysdk.CryptoKey{},xerrors.Errorf("key %d not found",sequence)`
	`103`	`+returncodersdk.CryptoKey{},xerrors.Errorf("key %d not found",sequence)`
`103`	`104`	`}`
`104`	`105`
`105`	`106`	`returnvalidKey(key,now)`
`@@ -121,31 +122,31 @@ func (k *CryptoKeyCache) refresh(ctx context.Context) {`
`121`	`122`	`})`
`122`	`123`	`}`
`123`	`124`
`124`		`-func (k*CryptoKeyCache)fetch(ctx context.Context) (map[int32]wsproxysdk.CryptoKey,wsproxysdk.CryptoKey,error) {`
	`125`	`+func (k*CryptoKeyCache)fetch(ctx context.Context) (map[int32]codersdk.CryptoKey,codersdk.CryptoKey,error) {`
`125`	`126`	`keys,err:=k.client.CryptoKeys(ctx)`
`126`	`127`	`iferr!=nil {`
`127`		`-returnnil,wsproxysdk.CryptoKey{},xerrors.Errorf("get security keys: %w",err)`
	`128`	`+returnnil,codersdk.CryptoKey{},xerrors.Errorf("get security keys: %w",err)`
`128`	`129`	`}`
`129`	`130`
`130`	`131`	`kmap,latest:=toKeyMap(keys.CryptoKeys,k.Clock.Now().UTC())`
`131`	`132`	`returnkmap,latest,nil`
`132`	`133`	`}`
`133`	`134`
`134`		`-functoKeyMap(keys []wsproxysdk.CryptoKey,now time.Time) (map[int32]wsproxysdk.CryptoKey,wsproxysdk.CryptoKey) {`
`135`		`-m:=make(map[int32]wsproxysdk.CryptoKey)`
`136`		`-varlatestwsproxysdk.CryptoKey`
	`135`	`+functoKeyMap(keys []codersdk.CryptoKey,now time.Time) (map[int32]codersdk.CryptoKey,codersdk.CryptoKey) {`
	`136`	`+m:=make(map[int32]codersdk.CryptoKey)`
	`137`	`+varlatestcodersdk.CryptoKey`
`137`	`138`	`for_,key:=rangekeys {`
`138`	`139`	`m[key.Sequence]=key`
`139`		`-ifkey.Sequence>latest.Sequence&&key.Active(now) {`
	`140`	`+ifkey.Sequence>latest.Sequence&&key.CanSign(now) {`
`140`	`141`	`latest=key`
`141`	`142`	`}`
`142`	`143`	`}`
`143`	`144`	`returnm,latest`
`144`	`145`	`}`
`145`	`146`
`146`		`-funcvalidKey(keywsproxysdk.CryptoKey,now time.Time) (wsproxysdk.CryptoKey,error) {`
`147`		`-ifkey.Invalid(now) {`
`148`		`-returnwsproxysdk.CryptoKey{},xerrors.Errorf("key %d is invalid",key.Sequence)`
	`147`	`+funcvalidKey(keycodersdk.CryptoKey,now time.Time) (codersdk.CryptoKey,error) {`
	`148`	`+if!key.CanSign(now) {`
	`149`	`+returncodersdk.CryptoKey{},xerrors.Errorf("key %d is invalid",key.Sequence)`
`149`	`150`	`}`
`150`	`151`
`151`	`152`	`returnkey,nil`

`‎enterprise/wsproxy/keycache_test.go`

Lines changed: 36 additions & 35 deletions

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@ import (`
`12`	`12`
`13`	`13`	`"cdr.dev/slog/sloggers/slogtest"`
`14`	`14`
	`15`	`+"github.com/coder/coder/v2/codersdk"`
`15`	`16`	`"github.com/coder/coder/v2/enterprise/wsproxy"`
`16`	`17`	`"github.com/coder/coder/v2/enterprise/wsproxy/wsproxysdk"`
`17`	`18`	`"github.com/coder/coder/v2/testutil"`
`@@ -33,23 +34,23 @@ func TestCryptoKeyCache(t *testing.T) {`
`33`	`34`	`)`
`34`	`35`
`35`	`36`	`now:=clock.Now().UTC()`
`36`		`-expected:=wsproxysdk.CryptoKey{`
`37`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`37`	`+expected:=codersdk.CryptoKey{`
	`38`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`38`	`39`	`Secret:"key2",`
`39`	`40`	`Sequence:2,`
`40`	`41`	`StartsAt:now,`
`41`	`42`	`}`
`42`	`43`
`43`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{`
	`44`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{`
`44`	`45`	`{`
`45`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`46`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`46`	`47`	`Secret:"key1",`
`47`	`48`	`Sequence:1,`
`48`	`49`	`StartsAt:now,`
`49`	`50`	`},`
`50`	`51`	`// Should be ignored since it hasn't breached its starts_at time yet.`
`51`	`52`	`{`
`52`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`53`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`53`	`54`	`Secret:"key3",`
`54`	`55`	`Sequence:3,`
`55`	`56`	`StartsAt:now.Add(time.Second*2),`
`@@ -74,18 +75,18 @@ func TestCryptoKeyCache(t *testing.T) {`
`74`	`75`	`clock=quartz.NewMock(t)`
`75`	`76`	`)`
`76`	`77`
`77`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{})`
	`78`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{})`
`78`	`79`
`79`	`80`	`cache,err:=wsproxy.NewCryptoKeyCache(ctx,logger,wsproxysdk.New(fc.url),withClock(clock))`
`80`	`81`	`require.NoError(t,err)`
`81`	`82`
`82`		`-expected:=wsproxysdk.CryptoKey{`
`83`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`83`	`+expected:=codersdk.CryptoKey{`
	`84`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`84`	`85`	`Secret:"key1",`
`85`	`86`	`Sequence:12,`
`86`	`87`	`StartsAt:clock.Now().UTC(),`
`87`	`88`	`}`
`88`		`-fc.keys= []wsproxysdk.CryptoKey{expected}`
	`89`	`+fc.keys= []codersdk.CryptoKey{expected}`
`89`	`90`
`90`	`91`	`got,err:=cache.Latest(ctx)`
`91`	`92`	`require.NoError(t,err)`
`@@ -110,17 +111,17 @@ func TestCryptoKeyCache(t *testing.T) {`
`110`	`111`	`clock=quartz.NewMock(t)`
`111`	`112`	`)`
`112`	`113`	`now:=clock.Now().UTC()`
`113`		`-expected:=wsproxysdk.CryptoKey{`
`114`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`114`	`+expected:=codersdk.CryptoKey{`
	`115`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`115`	`116`	`Secret:"key1",`
`116`	`117`	`Sequence:1,`
`117`	`118`	`StartsAt:clock.Now().UTC(),`
`118`	`119`	`}`
`119`	`120`
`120`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{`
	`121`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{`
`121`	`122`	`expected,`
`122`	`123`	`{`
`123`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`124`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`124`	`125`	`Secret:"key2",`
`125`	`126`	`Sequence:2,`
`126`	`127`	`StartsAt:now.Add(-time.Second),`
`@@ -151,16 +152,16 @@ func TestCryptoKeyCache(t *testing.T) {`
`151`	`152`	`)`
`152`	`153`
`153`	`154`	`now:=clock.Now().UTC()`
`154`		`-expected:=wsproxysdk.CryptoKey{`
`155`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`155`	`+expected:=codersdk.CryptoKey{`
	`156`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`156`	`157`	`Secret:"key1",`
`157`	`158`	`Sequence:12,`
`158`	`159`	`StartsAt:now,`
`159`	`160`	`}`
`160`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{`
	`161`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{`
`161`	`162`	`expected,`
`162`	`163`	`{`
`163`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`164`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`164`	`165`	`Secret:"key2",`
`165`	`166`	`Sequence:13,`
`166`	`167`	`StartsAt:now,`
`@@ -184,18 +185,18 @@ func TestCryptoKeyCache(t *testing.T) {`
`184`	`185`	`clock=quartz.NewMock(t)`
`185`	`186`	`)`
`186`	`187`
`187`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{})`
	`188`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{})`
`188`	`189`
`189`	`190`	`cache,err:=wsproxy.NewCryptoKeyCache(ctx,logger,wsproxysdk.New(fc.url),withClock(clock))`
`190`	`191`	`require.NoError(t,err)`
`191`	`192`
`192`		`-expected:=wsproxysdk.CryptoKey{`
`193`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`193`	`+expected:=codersdk.CryptoKey{`
	`194`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`194`	`195`	`Secret:"key1",`
`195`	`196`	`Sequence:12,`
`196`	`197`	`StartsAt:clock.Now().UTC(),`
`197`	`198`	`}`
`198`		`-fc.keys= []wsproxysdk.CryptoKey{expected}`
	`199`	`+fc.keys= []codersdk.CryptoKey{expected}`
`199`	`200`
`200`	`201`	`got,err:=cache.Version(ctx,expected.Sequence)`
`201`	`202`	`require.NoError(t,err)`
`@@ -219,14 +220,14 @@ func TestCryptoKeyCache(t *testing.T) {`
`219`	`220`	`)`
`220`	`221`
`221`	`222`	`now:=clock.Now().UTC()`
`222`		`-expected:=wsproxysdk.CryptoKey{`
`223`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`223`	`+expected:=codersdk.CryptoKey{`
	`224`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`224`	`225`	`Secret:"key1",`
`225`	`226`	`Sequence:12,`
`226`	`227`	`StartsAt:now.Add(-time.Second),`
`227`	`228`	`}`
`228`	`229`
`229`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{`
	`230`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{`
`230`	`231`	`expected,`
`231`	`232`	`})`
`232`	`233`
`@@ -249,15 +250,15 @@ func TestCryptoKeyCache(t *testing.T) {`
`249`	`250`	`)`
`250`	`251`
`251`	`252`	`now:=clock.Now().UTC()`
`252`		`-expected:=wsproxysdk.CryptoKey{`
`253`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`253`	`+expected:=codersdk.CryptoKey{`
	`254`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`254`	`255`	`Secret:"key1",`
`255`	`256`	`Sequence:12,`
`256`	`257`	`StartsAt:now.Add(-time.Second),`
`257`	`258`	`DeletesAt:now,`
`258`	`259`	`}`
`259`	`260`
`260`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{`
	`261`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{`
`261`	`262`	`expected,`
`262`	`263`	`})`
`263`	`264`
`@@ -282,14 +283,14 @@ func TestCryptoKeyCache(t *testing.T) {`
`282`	`283`	`trap:=clock.Trap().TickerFunc()`
`283`	`284`
`284`	`285`	`now:=clock.Now().UTC()`
`285`		`-expected:=wsproxysdk.CryptoKey{`
`286`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`286`	`+expected:=codersdk.CryptoKey{`
	`287`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`287`	`288`	`Secret:"key1",`
`288`	`289`	`Sequence:12,`
`289`	`290`	`StartsAt:now,`
`290`	`291`	`DeletesAt:now.Add(time.Minute*10),`
`291`	`292`	`}`
`292`		`-fc:=newFakeCoderd(t, []wsproxysdk.CryptoKey{`
	`293`	`+fc:=newFakeCoderd(t, []codersdk.CryptoKey{`
`293`	`294`	`expected,`
`294`	`295`	`})`
`295`	`296`
`@@ -303,13 +304,13 @@ func TestCryptoKeyCache(t *testing.T) {`
`303`	`304`
`304`	`305`	`wait:=trap.MustWait(ctx)`
`305`	`306`
`306`		`-newKey:=wsproxysdk.CryptoKey{`
`307`		`-Feature:wsproxysdk.CryptoKeyFeatureWorkspaceApp,`
	`307`	`+newKey:=codersdk.CryptoKey{`
	`308`	`+Feature:codersdk.CryptoKeyFeatureWorkspaceApp,`
`308`	`309`	`Secret:"key2",`
`309`	`310`	`Sequence:13,`
`310`	`311`	`StartsAt:now,`
`311`	`312`	`}`
`312`		`-fc.keys= []wsproxysdk.CryptoKey{newKey}`
	`313`	`+fc.keys= []codersdk.CryptoKey{newKey}`
`313`	`314`
`314`	`315`	`wait.Release()`
`315`	`316`
`@@ -332,12 +333,12 @@ func TestCryptoKeyCache(t *testing.T) {`
`332`	`333`
`333`	`334`	`typefakeCoderdstruct {`
`334`	`335`	`server*httptest.Server`
`335`		`-keys []wsproxysdk.CryptoKey`
	`336`	`+keys []codersdk.CryptoKey`
`336`	`337`	`calledint`
`337`	`338`	`url*url.URL`
`338`	`339`	`}`
`339`	`340`
`340`		`-funcnewFakeCoderd(ttesting.T,keys []wsproxysdk.CryptoKey)fakeCoderd {`
	`341`	`+funcnewFakeCoderd(ttesting.T,keys []codersdk.CryptoKey)fakeCoderd {`
`341`	`342`	`t.Helper()`
`342`	`343`
`343`	`344`	`c:=&fakeCoderd{`

`‎enterprise/wsproxy/wsproxysdk/wsproxysdk.go`

Lines changed: 0 additions & 30 deletions

Original file line number	Diff line number	Diff line change
`@@ -204,37 +204,7 @@ type RegisterWorkspaceProxyRequest struct {`
`204`	`204`	Versionstring`json:"version"`
`205`	`205`	`}`
`206`	`206`
`207`		`-typeCryptoKeyFeaturestring`
`208`		`-`
`209`		`-const (`
`210`		`-CryptoKeyFeatureWorkspaceAppCryptoKeyFeature="workspace_apps"`
`211`		`-CryptoKeyFeatureOIDCConvertCryptoKeyFeature="oidc_convert"`
`212`		`-CryptoKeyFeatureTailnetResumeCryptoKeyFeature="tailnet_resume"`
`213`		`-)`
`214`		`-`
`215`		`-typeCryptoKeystruct {`
`216`		-FeatureCryptoKeyFeature`json:"feature"`
`217`		-Secretstring`json:"secret"`
`218`		-DeletesAt time.Time`json:"deletes_at"`
`219`		-Sequenceint32`json:"sequence"`
`220`		-StartsAt time.Time`json:"starts_at"`
`221`		`-}`
`222`		`-`
`223`		`-func (cCryptoKey)Active(now time.Time)bool {`
`224`		`-now=now.UTC()`
`225`		`-isAfterStartsAt:=!c.StartsAt.IsZero()&&!now.Before(c.StartsAt)`
`226`		`-returnisAfterStartsAt&&!c.Invalid(now)`
`227`		`-}`
`228`		`-`
`229`		`-func (cCryptoKey)Invalid(now time.Time)bool {`
`230`		`-now=now.UTC()`
`231`		`-noSecret:=c.Secret==""`
`232`		`-afterDelete:=!c.DeletesAt.IsZero()&&!now.Before(c.DeletesAt.UTC())`
`233`		`-returnnoSecret\|\|afterDelete`
`234`		`-}`
`235`		`-`
`236`	`207`	`typeRegisterWorkspaceProxyResponsestruct {`
`237`		-Keys []CryptoKey`json:"keys"`
`238`	`208`	AppSecurityKeystring`json:"app_security_key"`
`239`	`209`	DERPMeshKeystring`json:"derp_mesh_key"`
`240`	`210`	DERPRegionIDint32`json:"derp_region_id"`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit87cb577

File tree

3 files changed

3 files changed

`‎enterprise/wsproxy/keycache.go`

`‎enterprise/wsproxy/keycache_test.go`

`‎enterprise/wsproxy/wsproxysdk/wsproxysdk.go`

0 commit comments