Merge branch 'master' of https://github.com/gkeesh7/kraken into repos…

…itory_upkeep
gkeesh7 · Sep 23, 2024 · 207c277 · 207c277
2 parents effb6eb + fd35b87
commit 207c277
Show file tree

Hide file tree

Showing 17 changed files with 158 additions and 45 deletions.
diff --git a/lib/backend/client.go b/lib/backend/client.go
@@ -25,7 +25,7 @@ var _factories = make(map[string]ClientFactory)
 
 // ClientFactory creates backend client given name.
 type ClientFactory interface {
-	Create(config interface{}, authConfig interface{}, stats tally.Scope) (Client, error)
+	Create(config interface{}, masterAuthConfig AuthConfig, stats tally.Scope) (Client, error)
 }
 
 // Register registers new Factory with corresponding backend client name.

diff --git a/lib/backend/gcsbackend/client.go b/lib/backend/gcsbackend/client.go
@@ -42,13 +42,13 @@ func init() {
 type factory struct{}
 
 func (f *factory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {
 		return nil, errors.New("marshal gcs config")
 	}
-	authConfBytes, err := yaml.Marshal(authConfRaw)
+	authConfBytes, err := yaml.Marshal(masterAuthConfig[_gcs])
 	if err != nil {
 		return nil, errors.New("marshal gcs auth config")
 	}

diff --git a/lib/backend/gcsbackend/client_test.go b/lib/backend/gcsbackend/client_test.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//     http://www.apache.org/licenses/LICENSE-2.0
+//	http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -83,8 +83,9 @@ func TestClientFactory(t *testing.T) {
 	var auth AuthConfig
 	auth.GCS.AccessBlob = "access_blob"
 	userAuth := UserAuthConfig{"test-user": auth}
+	masterAuth := backend.AuthConfig{_gcs: userAuth}
 	f := factory{}
-	_, err := f.Create(config, userAuth, tally.NoopScope)
+	_, err := f.Create(config, masterAuth, tally.NoopScope)
 	fmt.Println(err.Error())
 	require.True(strings.Contains(err.Error(), "invalid gcs credentials"))
 }

diff --git a/lib/backend/hdfsbackend/client.go b/lib/backend/hdfsbackend/client.go
@@ -42,7 +42,7 @@ func init() {
 type factory struct{}
 
 func (f *factory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {

diff --git a/lib/backend/httpbackend/http.go b/lib/backend/httpbackend/http.go
@@ -38,7 +38,7 @@ func init() {
 type factory struct{}
 
 func (f *factory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {

diff --git a/lib/backend/manager.go b/lib/backend/manager.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//     http://www.apache.org/licenses/LICENSE-2.0
+//	http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -60,15 +60,15 @@ func NewManager(configs []Config, auth AuthConfig, stats tally.Scope) (*Manager,
 		if len(config.Backend) != 1 {
 			return nil, fmt.Errorf("no backend or more than one backend configured")
 		}
-		var name string
+		var backendName string
 		var backendConfig interface{}
-		for name, backendConfig = range config.Backend { // Pull the only key/value out of map
+		for backendName, backendConfig = range config.Backend { // Pull the only key/value out of map
 		}
-		factory, err := getFactory(name)
+		factory, err := getFactory(backendName)
 		if err != nil {
 			return nil, fmt.Errorf("get backend client factory: %s", err)
 		}
-		c, err = factory.Create(backendConfig, auth[name], stats)
+		c, err = factory.Create(backendConfig, auth, stats)
 		if err != nil {
 			return nil, fmt.Errorf("create backend client: %s", err)
 		}

diff --git a/lib/backend/registrybackend/blobclient.go b/lib/backend/registrybackend/blobclient.go
@@ -39,7 +39,7 @@ func init() {
 type blobClientFactory struct{}
 
 func (f *blobClientFactory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {

diff --git a/lib/backend/registrybackend/security/security.go b/lib/backend/registrybackend/security/security.go
@@ -97,9 +97,12 @@ func (a *authenticator) Authenticate(repo string) ([]httputil.SendOption, error)
 		return opts, nil
 	}
 
-	if !config.EnableHTTPFallback {
+	if config.EnableHTTPFallback {
+		opts = append(opts, httputil.EnableHTTPFallback())
+	} else {
 		opts = append(opts, httputil.DisableHTTPFallback())
 	}
+
 	if !a.shouldAuth() {
 		opts = append(opts, httputil.SendTLSTransport(a.roundTripper))
 		return opts, nil

diff --git a/lib/backend/registrybackend/tagclient.go b/lib/backend/registrybackend/tagclient.go
@@ -40,7 +40,7 @@ func init() {
 type tagClientFactory struct{}
 
 func (f *tagClientFactory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {

diff --git a/lib/backend/s3backend/client.go b/lib/backend/s3backend/client.go
@@ -45,13 +45,13 @@ func init() {
 type factory struct{}
 
 func (f *factory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {
 		return nil, errors.New("marshal s3 config")
 	}
-	authConfBytes, err := yaml.Marshal(authConfRaw)
+	authConfBytes, err := yaml.Marshal(masterAuthConfig[_s3])
 	if err != nil {
 		return nil, errors.New("marshal s3 auth config")
 	}

diff --git a/lib/backend/s3backend/client_test.go b/lib/backend/s3backend/client_test.go
@@ -80,8 +80,9 @@ func TestClientFactory(t *testing.T) {
 	auth.S3.AccessKeyID = "accesskey"
 	auth.S3.AccessSecretKey = "secret"
 	userAuth := UserAuthConfig{"test-user": auth}
+	masterAuth := backend.AuthConfig{_s3: userAuth}
 	f := factory{}
-	_, err := f.Create(config, userAuth, tally.NoopScope)
+	_, err := f.Create(config, masterAuth, tally.NoopScope)
 	require.NoError(err)
 }
 

diff --git a/lib/backend/shadowbackend/client.go b/lib/backend/shadowbackend/client.go
@@ -37,7 +37,7 @@ func (f *factory) Name() string {
 }
 
 func (f *factory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {
@@ -48,7 +48,7 @@ func (f *factory) Create(
 	if err := yaml.Unmarshal(confBytes, &config); err != nil {
 		return nil, fmt.Errorf("unmarshal shadow config: %v", err)
 	}
-	return NewClient(config, authConfRaw, stats)
+	return NewClient(config, masterAuthConfig, stats)
 }
 
 // Client implements a backend.Client for shadow mode. See the README for full details on what shadow mode means.
@@ -63,13 +63,17 @@ type Client struct {
 type Option func(*Client)
 
 // NewClient creates a new shadow Client
-func NewClient(config Config, authConfRaw interface{}, stats tally.Scope) (*Client, error) {
-	a, err := getBackendClient(config.ActiveClientConfig, authConfRaw, stats)
+func NewClient(config Config, masterAuthConfig backend.AuthConfig, stats tally.Scope) (*Client, error) {
+	aAuthConfig, sAuthConfig, err := extractAuthConfigs(config, masterAuthConfig)
+	if err != nil {
+		return nil, err
+	}
+	a, err := getBackendClient(config.ActiveClientConfig, aAuthConfig, stats)
 	if err != nil {
 		return nil, err
 	}
 
-	s, err := getBackendClient(config.ShadowClientConfig, authConfRaw, stats)
+	s, err := getBackendClient(config.ShadowClientConfig, sAuthConfig, stats)
 	if err != nil {
 		return nil, err
 	}
@@ -82,6 +86,39 @@ func NewClient(config Config, authConfRaw interface{}, stats tally.Scope) (*Clie
 	}, nil
 }
 
+func extractAuthConfigs(config Config, masterAuthConfig backend.AuthConfig) (interface{}, interface{}, error) {
+	aName, sName, err := getBackendNames(config)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	aAuth, ok := masterAuthConfig[aName]
+	if !ok {
+		return nil, nil, fmt.Errorf("active backend auth config missing")
+	}
+	sAuth, ok := masterAuthConfig[sName]
+	if !ok {
+		return nil, nil, fmt.Errorf("shadow backend auth config missing")
+	}
+	return aAuth, sAuth, nil
+}
+
+func getBackendNames(config Config) (string, string, error) {
+	if len(config.ActiveClientConfig) != 1 {
+		return "", "", fmt.Errorf("no active backend or more than one active backend configured")
+	}
+	if len(config.ShadowClientConfig) != 1 {
+		return "", "", fmt.Errorf("no shadow backend or more than one shadow backend configured")
+	}
+	var aName string
+	var sName string
+	for aName = range config.ActiveClientConfig { // Map should have only 1 key/value
+	}
+	for sName = range config.ShadowClientConfig { // Map should have only 1 key/value
+	}
+	return aName, sName, nil
+}
+
 func getBackendClient(backendConfig map[string]interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
 	var name string
 	var confRaw interface{}

diff --git a/lib/backend/shadowbackend/client_test.go b/lib/backend/shadowbackend/client_test.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//     http://www.apache.org/licenses/LICENSE-2.0
+//	http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -67,21 +67,83 @@ func newClient(mocks *clientMocks) *Client {
 
 func TestClientFactory(t *testing.T) {
 	sqlCfg := sqlbackend.Config{Dialect: "sqlite3", ConnectionString: ":memory:"}
-	testfsCfg := testfs.Config{Addr: "localhost:1234", NamePath: "docker_tag", Root: "tags"}
-	var auth s3backend.AuthConfig
-	auth.S3.AccessKeyID = "accesskey"
-	auth.S3.AccessSecretKey = "secret"
-	authCfg := s3backend.UserAuthConfig{"test-user": auth}
-
-	config := Config{
-		ActiveClientConfig: map[string]interface{}{"sql": sqlCfg},
-		ShadowClientConfig: map[string]interface{}{"testfs": testfsCfg},
+	s3Cfg := s3backend.Config{
+		Username:      "test-user",
+		Region:        "test-region",
+		Bucket:        "test-bucket",
+		NamePath:      "identity",
+		RootDirectory: "/root",
 	}
 
-	f := factory{}
-	c, err := f.Create(config, authCfg, tally.NoopScope)
-	require.NoError(t, err)
-	require.NotNil(t, c)
+	var s3Auth s3backend.AuthConfig
+	s3Auth.S3.AccessKeyID = "accesskey"
+	s3Auth.S3.AccessSecretKey = "secret"
+	s3AuthCfg := s3backend.UserAuthConfig{"test-user": s3Auth}
+	sqlAuthCfg := sqlbackend.UserAuthConfig{
+		"testuser": sqlbackend.AuthConfig{
+			SQL: sqlbackend.SQL{
+				User:     "captain_marvel",
+				Password: "higher_further_faster",
+			},
+		},
+	}
+
+	for _, tc := range []struct {
+		config           Config
+		masterAuthConfig backend.AuthConfig
+		wantErrMsg       string
+	}{
+		{
+			config: Config{
+				ActiveClientConfig: map[string]interface{}{"sql": sqlCfg},
+				ShadowClientConfig: map[string]interface{}{"s3": s3Cfg},
+			},
+			masterAuthConfig: backend.AuthConfig{"s3": s3AuthCfg, "sql": sqlAuthCfg},
+			wantErrMsg:       "",
+		},
+		{
+			config: Config{
+				ActiveClientConfig: map[string]interface{}{"sql": sqlCfg, "s3": s3Cfg},
+				ShadowClientConfig: map[string]interface{}{"s3": s3Cfg},
+			},
+			masterAuthConfig: backend.AuthConfig{"s3": s3AuthCfg, "sql": sqlAuthCfg},
+			wantErrMsg:       "no active backend or more than one active backend configured",
+		},
+		{
+			config: Config{
+				ActiveClientConfig: map[string]interface{}{"s3": s3Cfg},
+				ShadowClientConfig: map[string]interface{}{"sql": sqlCfg, "s3": s3Cfg},
+			},
+			masterAuthConfig: backend.AuthConfig{"s3": s3AuthCfg, "sql": sqlAuthCfg},
+			wantErrMsg:       "no shadow backend or more than one shadow backend configured",
+		},
+		{
+			config: Config{
+				ActiveClientConfig: map[string]interface{}{"gcs": sqlCfg},
+				ShadowClientConfig: map[string]interface{}{"s3": s3Cfg},
+			},
+			masterAuthConfig: backend.AuthConfig{"s3": s3AuthCfg, "sql": sqlAuthCfg},
+			wantErrMsg:       "active backend auth config missing",
+		},
+		{
+			config: Config{
+				ActiveClientConfig: map[string]interface{}{"sql": sqlCfg},
+				ShadowClientConfig: map[string]interface{}{"gcs": s3Cfg},
+			},
+			masterAuthConfig: backend.AuthConfig{"s3": s3AuthCfg, "sql": sqlAuthCfg},
+			wantErrMsg:       "shadow backend auth config missing",
+		},
+	} {
+		f := factory{}
+		c, err := f.Create(tc.config, tc.masterAuthConfig, tally.NoopScope)
+		if tc.wantErrMsg == "" {
+			require.NoError(t, err)
+			require.NotNil(t, c)
+		} else {
+			require.Equal(t, tc.wantErrMsg, err.Error())
+			require.Nil(t, c)
+		}
+	}
 }
 
 func TestGetBackendClient(t *testing.T) {

diff --git a/lib/backend/shadowbackend/config.go b/lib/backend/shadowbackend/config.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//     http://www.apache.org/licenses/LICENSE-2.0
+//	http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,

diff --git a/lib/backend/sqlbackend/client.go b/lib/backend/sqlbackend/client.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//     http://www.apache.org/licenses/LICENSE-2.0
+//	http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -31,23 +31,25 @@ import (
 	"gopkg.in/yaml.v2"
 )
 
+const _sql = "sql"
+
 type factory struct{}
 
 func (f *factory) Name() string {
-	return "sql"
+	return _sql
 }
 
 func (f *factory) Create(
-	confRaw interface{}, authConfRaw interface{}, stats tally.Scope) (backend.Client, error) {
+	confRaw interface{}, masterAuthConfig backend.AuthConfig, stats tally.Scope) (backend.Client, error) {
 
 	confBytes, err := yaml.Marshal(confRaw)
 	if err != nil {
 		return nil, errors.New("marshal sql config")
 	}
 
-	authConfBytes, err := yaml.Marshal(authConfRaw)
+	authConfBytes, err := yaml.Marshal(masterAuthConfig[_sql])
 	if err != nil {
-		return nil, errors.New("marshal s3 auth config")
+		return nil, errors.New("marshal sql auth config")
 	}
 
 	var config Config
@@ -56,7 +58,7 @@ func (f *factory) Create(
 	}
 	var userAuth UserAuthConfig
 	if err := yaml.Unmarshal(authConfBytes, &userAuth); err != nil {
-		return nil, errors.New("unmarshal s3 auth config")
+		return nil, errors.New("unmarshal sql auth config")
 	}
 
 	return NewClient(config, userAuth, stats)