diff --git a/cmd/spire-server/cli/entry/create.go b/cmd/spire-server/cli/entry/create.go index 62caede981..168148a384 100644 --- a/cmd/spire-server/cli/entry/create.go +++ b/cmd/spire-server/cli/entry/create.go @@ -6,14 +6,14 @@ import ( "flag" "fmt" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" entryv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/entry/v1" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" "github.com/spiffe/spire/pkg/common/idutil" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" ) @@ -23,7 +23,7 @@ func NewCreateCommand() cli.Command { } func newCreateCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &createCommand{env: env}) + return serverutil.AdaptCommand(env, &createCommand{env: env}) } type createCommand struct { @@ -106,7 +106,7 @@ func (c *createCommand) AppendFlags(f *flag.FlagSet) { cliprinter.AppendFlagWithCustomPretty(&c.printer, f, c.env, prettyPrintCreate) } -func (c *createCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient util.ServerClient) error { +func (c *createCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient serverutil.ServerClient) error { if err := c.validate(); err != nil { return err } @@ -177,12 +177,12 @@ func (c *createCommand) parseConfig() ([]*types.Entry, error) { return nil, err } - x509SvidTTL, err := safecast.ToInt32(c.x509SVIDTTL) + x509SvidTTL, err := util.CheckedCast[int32](c.x509SVIDTTL) if err != nil { return nil, fmt.Errorf("X509 SVID TTL: %w", err) } - jwtSvidTTL, err := safecast.ToInt32(c.jwtSVIDTTL) + jwtSvidTTL, err := util.CheckedCast[int32](c.jwtSVIDTTL) if err != nil { return nil, fmt.Errorf("JWT SVID TTL: %w", err) } @@ -202,7 +202,7 @@ func (c *createCommand) parseConfig() ([]*types.Entry, error) { selectors := []*types.Selector{} for _, s := range c.selectors { - cs, err := util.ParseSelector(s) + cs, err := serverutil.ParseSelector(s) if err != nil { return nil, err } @@ -266,7 +266,7 @@ func prettyPrintCreate(env *commoncli.Env, results ...any) error { for _, r := range failed { env.ErrPrintf("Failed to create the following entry (code: %s, msg: %q):\n", - codes.Code(safecast.MustConvert[uint32](r.Status.Code)), + util.MustCast[codes.Code](r.Status.Code), r.Status.Message) printEntry(r.Entry, env.ErrPrintf) } diff --git a/cmd/spire-server/cli/entry/delete.go b/cmd/spire-server/cli/entry/delete.go index bcf3ee34d6..355df69565 100644 --- a/cmd/spire-server/cli/entry/delete.go +++ b/cmd/spire-server/cli/entry/delete.go @@ -8,12 +8,12 @@ import ( "io" "os" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" entryv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/entry/v1" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" ) @@ -23,7 +23,7 @@ func NewDeleteCommand() cli.Command { } func newDeleteCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &deleteCommand{env: env}) + return serverutil.AdaptCommand(env, &deleteCommand{env: env}) } type deleteCommand struct { @@ -71,7 +71,7 @@ func parseEntryDeleteJSON(path string) ([]string, error) { return batchDeleteEntryRequest.Ids, nil } -func (c *deleteCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient util.ServerClient) error { +func (c *deleteCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient serverutil.ServerClient) error { if err := c.validate(); err != nil { return err } @@ -136,7 +136,7 @@ func (c *deleteCommand) prettyPrintDelete(env *commoncli.Env, results ...any) er for _, result := range failed { env.ErrPrintf("Failed to delete entry with ID %s (code: %s, msg: %q)\n", result.Id, - codes.Code(safecast.MustConvert[uint32](result.Status.Code)), + util.MustCast[codes.Code](result.Status.Code), result.Status.Message) } diff --git a/cmd/spire-server/cli/entry/update.go b/cmd/spire-server/cli/entry/update.go index dcd5530c86..f19fd8a559 100644 --- a/cmd/spire-server/cli/entry/update.go +++ b/cmd/spire-server/cli/entry/update.go @@ -6,13 +6,13 @@ import ( "flag" "fmt" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" entryv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/entry/v1" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" ) @@ -22,7 +22,7 @@ func NewUpdateCommand() cli.Command { } func newUpdateCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &updateCommand{env: env}) + return serverutil.AdaptCommand(env, &updateCommand{env: env}) } type updateCommand struct { @@ -101,7 +101,7 @@ func (c *updateCommand) AppendFlags(f *flag.FlagSet) { cliprinter.AppendFlagWithCustomPretty(&c.printer, f, c.env, prettyPrintUpdate) } -func (c *updateCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient util.ServerClient) error { +func (c *updateCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient serverutil.ServerClient) error { if err := c.validate(); err != nil { return err } @@ -171,12 +171,12 @@ func (c *updateCommand) parseConfig() ([]*types.Entry, error) { return nil, err } - x509SvidTTL, err := safecast.ToInt32(c.x509SvidTTL) + x509SvidTTL, err := util.CheckedCast[int32](c.x509SvidTTL) if err != nil { return nil, fmt.Errorf("X509 SVID TTL: %w", err) } - jwtSvidTTL, err := safecast.ToInt32(c.jwtSvidTTL) + jwtSvidTTL, err := util.CheckedCast[int32](c.jwtSvidTTL) if err != nil { return nil, fmt.Errorf("JWT SVID TTL: %w", err) } @@ -195,7 +195,7 @@ func (c *updateCommand) parseConfig() ([]*types.Entry, error) { selectors := []*types.Selector{} for _, s := range c.selectors { - cs, err := util.ParseSelector(s) + cs, err := serverutil.ParseSelector(s) if err != nil { return nil, err } @@ -252,7 +252,7 @@ func prettyPrintUpdate(env *commoncli.Env, results ...any) error { // Print entries that failed to be updated for _, r := range failed { env.ErrPrintf("Failed to update the following entry (code: %s, msg: %q):\n", - codes.Code(safecast.MustConvert[uint32](r.Status.Code)), + util.MustCast[codes.Code](r.Status.Code), r.Status.Message) printEntry(r.Entry, env.ErrPrintf) } diff --git a/cmd/spire-server/cli/federation/create.go b/cmd/spire-server/cli/federation/create.go index 7ce13f88b5..a017e5522d 100644 --- a/cmd/spire-server/cli/federation/create.go +++ b/cmd/spire-server/cli/federation/create.go @@ -6,13 +6,13 @@ import ( "flag" "fmt" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" trustdomainv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/trustdomain/v1" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" ) @@ -27,7 +27,7 @@ func NewCreateCommand() cli.Command { } func newCreateCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &createCommand{env: env}) + return serverutil.AdaptCommand(env, &createCommand{env: env}) } type createCommand struct { @@ -53,7 +53,7 @@ func (c *createCommand) AppendFlags(f *flag.FlagSet) { cliprinter.AppendFlagWithCustomPretty(&c.printer, f, c.env, c.prettyPrintCreate) } -func (c *createCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient util.ServerClient) error { +func (c *createCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient serverutil.ServerClient) error { federationRelationships, err := getRelationships(c.config, c.path) if err != nil { return err @@ -102,7 +102,7 @@ func (c *createCommand) prettyPrintCreate(env *commoncli.Env, results ...any) er for _, r := range failed { env.Println() env.ErrPrintf("Failed to create the following federation relationship (code: %s, msg: %q):\n", - codes.Code(safecast.MustConvert[uint32](r.Status.Code)), + util.MustCast[codes.Code](r.Status.Code), r.Status.Message) printFederationRelationship(r.FederationRelationship, env.ErrPrintf) } diff --git a/cmd/spire-server/cli/federation/update.go b/cmd/spire-server/cli/federation/update.go index ef78cf3df3..bc2f1cc72d 100644 --- a/cmd/spire-server/cli/federation/update.go +++ b/cmd/spire-server/cli/federation/update.go @@ -6,13 +6,13 @@ import ( "flag" "fmt" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" trustdomainv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/trustdomain/v1" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" ) @@ -22,7 +22,7 @@ func NewUpdateCommand() cli.Command { } func newUpdateCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &updateCommand{env: env}) + return serverutil.AdaptCommand(env, &updateCommand{env: env}) } type updateCommand struct { @@ -48,7 +48,7 @@ func (c *updateCommand) AppendFlags(f *flag.FlagSet) { cliprinter.AppendFlagWithCustomPretty(&c.printer, f, c.env, c.prettyPrintUpdate) } -func (c *updateCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient util.ServerClient) error { +func (c *updateCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient serverutil.ServerClient) error { federationRelationships, err := getRelationships(c.config, c.path) if err != nil { return err @@ -98,7 +98,7 @@ func (c *updateCommand) prettyPrintUpdate(env *commoncli.Env, results ...any) er for _, r := range failed { env.Println() env.ErrPrintf("Failed to update the following federation relationship (code: %s, msg: %q):\n", - codes.Code(safecast.MustConvert[uint32](r.Status.Code)), + util.MustCast[codes.Code](r.Status.Code), r.Status.Message) printFederationRelationship(r.FederationRelationship, env.ErrPrintf) } diff --git a/cmd/spire-server/cli/jwt/mint.go b/cmd/spire-server/cli/jwt/mint.go index 9b4b965381..afb4aec40f 100644 --- a/cmd/spire-server/cli/jwt/mint.go +++ b/cmd/spire-server/cli/jwt/mint.go @@ -7,17 +7,17 @@ import ( "fmt" "time" - "github.com/ccoveille/go-safecast" "github.com/go-jose/go-jose/v4/jwt" "github.com/mitchellh/cli" "github.com/spiffe/go-spiffe/v2/spiffeid" svidv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/svid/v1" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" "github.com/spiffe/spire/pkg/common/diskutil" "github.com/spiffe/spire/pkg/common/jwtsvid" + "github.com/spiffe/spire/pkg/common/util" ) func NewMintCommand() cli.Command { @@ -25,7 +25,7 @@ func NewMintCommand() cli.Command { } func newMintCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &mintCommand{env: env}) + return serverutil.AdaptCommand(env, &mintCommand{env: env}) } type mintCommand struct { @@ -53,7 +53,7 @@ func (c *mintCommand) AppendFlags(fs *flag.FlagSet) { cliprinter.AppendFlagWithCustomPretty(&c.printer, fs, c.env, prettyPrintMint) } -func (c *mintCommand) Run(ctx context.Context, env *commoncli.Env, serverClient util.ServerClient) error { +func (c *mintCommand) Run(ctx context.Context, env *commoncli.Env, serverClient serverutil.ServerClient) error { if c.spiffeID == "" { return errors.New("spiffeID must be specified") } @@ -138,7 +138,7 @@ func getJWTSVIDEndOfLife(token string) (time.Time, error) { // ttlToSeconds returns the number of seconds in a duration, rounded up to // the nearest second func ttlToSeconds(ttl time.Duration) (int32, error) { - return safecast.ToInt32(int64((ttl + time.Second - 1) / time.Second)) + return util.CheckedCast[int32]((ttl + time.Second - 1) / time.Second) } func prettyPrintMint(env *commoncli.Env, results ...any) error { diff --git a/cmd/spire-server/cli/token/generate.go b/cmd/spire-server/cli/token/generate.go index 1dbc79f134..eecf5af135 100644 --- a/cmd/spire-server/cli/token/generate.go +++ b/cmd/spire-server/cli/token/generate.go @@ -5,14 +5,14 @@ import ( "flag" "fmt" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" "github.com/spiffe/go-spiffe/v2/spiffeid" agentv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/agent/v1" prototypes "github.com/spiffe/spire-api-sdk/proto/spire/api/types" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" + "github.com/spiffe/spire/pkg/common/util" ) func NewGenerateCommand() cli.Command { @@ -20,7 +20,7 @@ func NewGenerateCommand() cli.Command { } func newGenerateCommand(env *commoncli.Env) cli.Command { - return util.AdaptCommand(env, &generateCommand{env: env}) + return serverutil.AdaptCommand(env, &generateCommand{env: env}) } type generateCommand struct { @@ -41,12 +41,12 @@ func (g *generateCommand) Synopsis() string { return "Generates a join token" } -func (g *generateCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient util.ServerClient) error { +func (g *generateCommand) Run(ctx context.Context, _ *commoncli.Env, serverClient serverutil.ServerClient) error { id, err := getID(g.SpiffeID) if err != nil { return err } - ttl, err := safecast.ToInt32(g.TTL) + ttl, err := util.CheckedCast[int32](g.TTL) if err != nil { return fmt.Errorf("TTL: %w", err) } diff --git a/cmd/spire-server/cli/x509/mint.go b/cmd/spire-server/cli/x509/mint.go index 227a74595e..0ad83dc869 100644 --- a/cmd/spire-server/cli/x509/mint.go +++ b/cmd/spire-server/cli/x509/mint.go @@ -15,15 +15,15 @@ import ( "net/url" "time" - "github.com/ccoveille/go-safecast" "github.com/mitchellh/cli" "github.com/spiffe/go-spiffe/v2/spiffeid" bundlev1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/bundle/v1" svidv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/server/svid/v1" - "github.com/spiffe/spire/cmd/spire-server/util" + serverutil "github.com/spiffe/spire/cmd/spire-server/util" commoncli "github.com/spiffe/spire/pkg/common/cli" "github.com/spiffe/spire/pkg/common/cliprinter" "github.com/spiffe/spire/pkg/common/diskutil" + "github.com/spiffe/spire/pkg/common/util" ) type generateKeyFunc func() (crypto.Signer, error) @@ -38,7 +38,7 @@ func newMintCommand(env *commoncli.Env, generateKey generateKeyFunc) cli.Command return ecdsa.GenerateKey(elliptic.P256(), rand.Reader) } } - return util.AdaptCommand(env, &mintCommand{ + return serverutil.AdaptCommand(env, &mintCommand{ generateKey: generateKey, env: env, }) @@ -71,7 +71,7 @@ func (c *mintCommand) AppendFlags(fs *flag.FlagSet) { cliprinter.AppendFlagWithCustomPretty(&c.printer, fs, c.env, c.prettyPrintMint) } -func (c *mintCommand) Run(ctx context.Context, env *commoncli.Env, serverClient util.ServerClient) error { +func (c *mintCommand) Run(ctx context.Context, env *commoncli.Env, serverClient serverutil.ServerClient) error { if c.spiffeID == "" { return errors.New("spiffeID must be specified") } @@ -174,7 +174,7 @@ func (c *mintCommand) Run(ctx context.Context, env *commoncli.Env, serverClient // ttlToSeconds returns the number of seconds in a duration, rounded up to // the nearest second func ttlToSeconds(ttl time.Duration) (int32, error) { - return safecast.ToInt32(int64((ttl + time.Second - 1) / time.Second)) + return util.CheckedCast[int32]((ttl + time.Second - 1) / time.Second) } type mintResult struct { diff --git a/go.mod b/go.mod index 81cb811e2c..8fc39df4a1 100644 --- a/go.mod +++ b/go.mod @@ -35,7 +35,6 @@ require ( github.com/aws/aws-sdk-go-v2/service/sts v1.33.8 github.com/aws/smithy-go v1.22.1 github.com/blang/semver/v4 v4.0.0 - github.com/ccoveille/go-safecast v1.5.0 github.com/cenkalti/backoff/v4 v4.3.0 github.com/docker/docker v27.5.0+incompatible github.com/envoyproxy/go-control-plane/envoy v1.32.3 diff --git a/go.sum b/go.sum index ddc1fb98cb..cab68b43e6 100644 --- a/go.sum +++ b/go.sum @@ -643,8 +643,6 @@ github.com/buildkite/roko v1.2.0/go.mod h1:23R9e6nHxgedznkwwfmqZ6+0VJZJZ2Sg/uVcp github.com/bytecodealliance/wasmtime-go/v3 v3.0.2 h1:3uZCA/BLTIu+DqCfguByNMJa2HVHpXvjfy0Dy7g6fuA= github.com/bytecodealliance/wasmtime-go/v3 v3.0.2/go.mod h1:RnUjnIXxEJcL6BgCvNyzCCRzZcxCgsZCi+RNlvYor5Q= github.com/cactus/go-statsd-client/v5 v5.0.0/go.mod h1:COEvJ1E+/E2L4q6QE5CkjWPi4eeDw9maJBMIuMPBZbY= -github.com/ccoveille/go-safecast v1.5.0 h1:cT/3uVQ/i5PTiJvhvkSU81HeKNurtyQtBndXEH3hDg4= -github.com/ccoveille/go-safecast v1.5.0/go.mod h1:QqwNjxQ7DAqY0C721OIO9InMk9zCwcsO7tnRuHytad8= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= diff --git a/pkg/agent/api/debug/v1/service.go b/pkg/agent/api/debug/v1/service.go index b6a2edb9ac..bf2fe07ed9 100644 --- a/pkg/agent/api/debug/v1/service.go +++ b/pkg/agent/api/debug/v1/service.go @@ -7,7 +7,6 @@ import ( "sync" "time" - "github.com/ccoveille/go-safecast" "github.com/sirupsen/logrus" "github.com/spiffe/go-spiffe/v2/bundle/x509bundle" "github.com/spiffe/go-spiffe/v2/spiffeid" @@ -15,6 +14,7 @@ import ( debugv1 "github.com/spiffe/spire-api-sdk/proto/spire/api/agent/debug/v1" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" "github.com/spiffe/spire/pkg/agent/manager" + "github.com/spiffe/spire/pkg/common/util" "github.com/spiffe/spire/test/clock" "google.golang.org/grpc" "google.golang.org/grpc/codes" @@ -94,19 +94,19 @@ func (s *Service) GetInfo(context.Context, *debugv1.GetInfoRequest) (*debugv1.Ge }) } - uptime, err := safecast.ToInt32(s.uptime().Seconds()) + uptime, err := util.CheckedCast[int32](int64(s.uptime().Seconds())) if err != nil { return nil, fmt.Errorf("uptime: %w", err) } - x509SvidsCount, err := safecast.ToInt32(s.m.CountX509SVIDs()) + x509SvidsCount, err := util.CheckedCast[int32](s.m.CountX509SVIDs()) if err != nil { return nil, fmt.Errorf("X.509 SVIDs count: %w", err) } - jwtSvidsCount, err := safecast.ToInt32(s.m.CountJWTSVIDs()) + jwtSvidsCount, err := util.CheckedCast[int32](s.m.CountJWTSVIDs()) if err != nil { return nil, fmt.Errorf("JWT SVIDs count: %w", err) } - svidstoreX509SvidsCount, err := safecast.ToInt32(s.m.CountSVIDStoreX509SVIDs()) + svidstoreX509SvidsCount, err := util.CheckedCast[int32](s.m.CountSVIDStoreX509SVIDs()) if err != nil { return nil, fmt.Errorf("SVIDStore X.509 SVIDs count: %w", err) } diff --git a/pkg/agent/plugin/keymanager/base/keymanagerbase.go b/pkg/agent/plugin/keymanager/base/keymanagerbase.go index e6b5504b55..cc3d8d0bbf 100644 --- a/pkg/agent/plugin/keymanager/base/keymanagerbase.go +++ b/pkg/agent/plugin/keymanager/base/keymanagerbase.go @@ -14,8 +14,8 @@ import ( "sort" "sync" - "github.com/ccoveille/go-safecast" keymanagerv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/keymanager/v1" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/proto" @@ -171,7 +171,7 @@ func (m *Base) signData(req *keymanagerv1.SignDataRequest) (*keymanagerv1.SignDa if opts.HashAlgorithm == keymanagerv1.HashAlgorithm_UNSPECIFIED_HASH_ALGORITHM { return nil, status.Error(codes.InvalidArgument, "hash algorithm is required") } - signerOpts = crypto.Hash(safecast.MustConvert[uint](int32(opts.HashAlgorithm))) + signerOpts = util.MustCast[crypto.Hash](opts.HashAlgorithm) case *keymanagerv1.SignDataRequest_PssOptions: if opts.PssOptions == nil { return nil, status.Error(codes.InvalidArgument, "PSS options are nil") @@ -181,7 +181,7 @@ func (m *Base) signData(req *keymanagerv1.SignDataRequest) (*keymanagerv1.SignDa } signerOpts = &rsa.PSSOptions{ SaltLength: int(opts.PssOptions.SaltLength), - Hash: crypto.Hash(safecast.MustConvert[uint](int32(opts.PssOptions.HashAlgorithm))), + Hash: util.MustCast[crypto.Hash](opts.PssOptions.HashAlgorithm), } default: return nil, status.Errorf(codes.InvalidArgument, "unsupported signer opts type %T", opts) diff --git a/pkg/agent/plugin/keymanager/v1.go b/pkg/agent/plugin/keymanager/v1.go index 159ecb3427..f3cc11f068 100644 --- a/pkg/agent/plugin/keymanager/v1.go +++ b/pkg/agent/plugin/keymanager/v1.go @@ -7,9 +7,9 @@ import ( "crypto/x509" "io" - "github.com/ccoveille/go-safecast" keymanagerv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/keymanager/v1" "github.com/spiffe/spire/pkg/common/plugin" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -119,7 +119,7 @@ func (v1 *V1) convertKeyType(t KeyType) (keymanagerv1.KeyType, error) { func (v1 *V1) convertHashAlgorithm(h crypto.Hash) keymanagerv1.HashAlgorithm { // Hash algorithm constants are aligned. - return keymanagerv1.HashAlgorithm(safecast.MustConvert[int32](uint(h))) + return util.MustCast[keymanagerv1.HashAlgorithm](h) } type v1Key struct { @@ -156,7 +156,7 @@ func (s *v1Key) signContext(ctx context.Context, digest []byte, opts crypto.Sign case *rsa.PSSOptions: req.SignerOpts = &keymanagerv1.SignDataRequest_PssOptions{ PssOptions: &keymanagerv1.SignDataRequest_PSSOptions{ - SaltLength: safecast.MustConvert[int32](opts.SaltLength), + SaltLength: util.MustCast[int32](opts.SaltLength), HashAlgorithm: s.v1.convertHashAlgorithm(opts.Hash), }, } diff --git a/pkg/agent/plugin/workloadattestor/systemd/systemd_posix.go b/pkg/agent/plugin/workloadattestor/systemd/systemd_posix.go index 851db2f7f1..b2915856d9 100644 --- a/pkg/agent/plugin/workloadattestor/systemd/systemd_posix.go +++ b/pkg/agent/plugin/workloadattestor/systemd/systemd_posix.go @@ -7,11 +7,11 @@ import ( "fmt" "sync" - "github.com/ccoveille/go-safecast" "github.com/godbus/dbus/v5" "github.com/hashicorp/go-hclog" workloadattestorv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/workloadattestor/v1" "github.com/spiffe/spire/pkg/common/catalog" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -56,7 +56,7 @@ func (p *Plugin) SetLogger(log hclog.Logger) { } func (p *Plugin) Attest(ctx context.Context, req *workloadattestorv1.AttestRequest) (*workloadattestorv1.AttestResponse, error) { - pid, err := safecast.ToUint(req.Pid) + pid, err := util.CheckedCast[uint](req.Pid) if err != nil { return nil, fmt.Errorf("PID: %w", err) } diff --git a/pkg/agent/plugin/workloadattestor/v1.go b/pkg/agent/plugin/workloadattestor/v1.go index 22adeb6e53..647095d399 100644 --- a/pkg/agent/plugin/workloadattestor/v1.go +++ b/pkg/agent/plugin/workloadattestor/v1.go @@ -4,9 +4,9 @@ import ( "context" "fmt" - "github.com/ccoveille/go-safecast" workloadattestorv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/workloadattestor/v1" "github.com/spiffe/spire/pkg/common/plugin" + "github.com/spiffe/spire/pkg/common/util" "github.com/spiffe/spire/proto/spire/common" ) @@ -16,7 +16,7 @@ type V1 struct { } func (v1 *V1) Attest(ctx context.Context, pid int) ([]*common.Selector, error) { - pidInt32, err := safecast.ToInt32(pid) + pidInt32, err := util.CheckedCast[int32](pid) if err != nil { return nil, v1.WrapErr(fmt.Errorf("PID: %w", err)) } diff --git a/pkg/agent/plugin/workloadattestor/windows/windows_windows.go b/pkg/agent/plugin/workloadattestor/windows/windows_windows.go index 147f31546a..0e122e4f1f 100644 --- a/pkg/agent/plugin/workloadattestor/windows/windows_windows.go +++ b/pkg/agent/plugin/workloadattestor/windows/windows_windows.go @@ -7,7 +7,6 @@ import ( "fmt" "sync" - "github.com/ccoveille/go-safecast" "github.com/hashicorp/go-hclog" "github.com/hashicorp/hcl" workloadattestorv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/workloadattestor/v1" @@ -255,7 +254,7 @@ type processQueryer interface { type processQuery struct{} func (q *processQuery) OpenProcess(pid int32) (handle windows.Handle, err error) { - pidUint32, err := safecast.ToUint32(pid) + pidUint32, err := util.CheckedCast[uint32](pid) if err != nil { return 0, fmt.Errorf("PID: %w", err) } diff --git a/pkg/common/container/process/helper.go b/pkg/common/container/process/helper.go index 85641e2caf..1f16c8c893 100644 --- a/pkg/common/container/process/helper.go +++ b/pkg/common/container/process/helper.go @@ -8,9 +8,9 @@ import ( "strings" "unsafe" - "github.com/ccoveille/go-safecast" "github.com/hashicorp/go-hclog" "github.com/spiffe/spire/pkg/common/telemetry" + "github.com/spiffe/spire/pkg/common/util" "golang.org/x/sys/windows" ) @@ -47,7 +47,7 @@ func (h *helper) GetContainerIDByProcess(pID int32, log hclog.Logger) (string, e currentProcess := h.wapi.CurrentProcess() // Duplicate the process handle that we want to validate, with limited permissions. - pidUint32, err := safecast.ToUint32(pID) + pidUint32, err := util.CheckedCast[uint32](pID) if err != nil { return "", fmt.Errorf("PID: %w", err) } diff --git a/pkg/common/container/process/winapi.go b/pkg/common/container/process/winapi.go index 94585c1b36..bc4345e917 100644 --- a/pkg/common/container/process/winapi.go +++ b/pkg/common/container/process/winapi.go @@ -6,7 +6,7 @@ import ( "syscall" "unsafe" - "github.com/ccoveille/go-safecast" + "github.com/spiffe/spire/pkg/common/util" "golang.org/x/sys/windows" ) @@ -91,7 +91,7 @@ func (a *api) GetObjectType(handle windows.Handle) (string, error) { length := uint32(0) status := ntQueryObject(handle, ObjectTypeInformationClass, - &buffer[0], safecast.MustConvert[uint32](len(buffer)), &length) + &buffer[0], util.MustCast[uint32](len(buffer)), &length) if status != windows.STATUS_SUCCESS { return "", status } @@ -105,7 +105,7 @@ func (a *api) GetObjectName(handle windows.Handle) (string, error) { var length uint32 status := ntQueryObject(handle, ObjectNameInformationClass, - &buffer[0], safecast.MustConvert[uint32](len(buffer)), &length) + &buffer[0], util.MustCast[uint32](len(buffer)), &length) if status != windows.STATUS_SUCCESS { return "", status } @@ -122,7 +122,7 @@ func (a *api) QuerySystemExtendedHandleInformation() ([]SystemHandleInformationE status = ntQuerySystemInformation( windows.SystemExtendedHandleInformation, unsafe.Pointer(&buffer[0]), - safecast.MustConvert[uint32](len(buffer)), + util.MustCast[uint32](len(buffer)), &retLen, ) diff --git a/pkg/common/peertracker/tracker_windows.go b/pkg/common/peertracker/tracker_windows.go index 33f3545fd9..46fb67e12a 100644 --- a/pkg/common/peertracker/tracker_windows.go +++ b/pkg/common/peertracker/tracker_windows.go @@ -7,9 +7,9 @@ import ( "fmt" "sync" - "github.com/ccoveille/go-safecast" "github.com/sirupsen/logrus" "github.com/spiffe/spire/pkg/common/telemetry" + "github.com/spiffe/spire/pkg/common/util" "golang.org/x/sys/windows" ) @@ -87,7 +87,7 @@ func (t *windowsTracker) newWindowsWatcher(info CallerInfo, log logrus.FieldLogg if err != nil { return nil, fmt.Errorf("error getting process id from handle: %w", err) } - pidInt32, err := safecast.ToInt32(pid) + pidInt32, err := util.CheckedCast[int32](pid) if err != nil { return nil, fmt.Errorf("process ID: %w", err) } @@ -213,7 +213,7 @@ func (s *systemCall) GetProcessID(h windows.Handle) (uint32, error) { } func (s *systemCall) OpenProcess(pid int32) (handle windows.Handle, err error) { - pidUint32, err := safecast.ToUint32(pid) + pidUint32, err := util.CheckedCast[uint32](pid) if err != nil { return 0, fmt.Errorf("PID: %w", err) } diff --git a/pkg/common/util/cast.go b/pkg/common/util/cast.go new file mode 100644 index 0000000000..7fe14d138d --- /dev/null +++ b/pkg/common/util/cast.go @@ -0,0 +1,26 @@ +package util + +import "fmt" + +type Int interface { + ~int | ~int8 | ~int16 | ~int32 | ~int64 | ~uint | ~uint8 | ~uint16 | ~uint32 | ~uint64 +} + +func CheckedCast[To, From Int](v From) (To, error) { + result := To(v) + // Check sign is unchanged. This is violated e.g. by int8(-3) -> uint8. + // Check converting back gives original value. This is violated e.g. by uint16(300) -> uint8. + if (v < 0) != (result < 0) || From(result) != v { + return 0, fmt.Errorf("overflow converting %T(%v) to %T", v, v, result) + } + // If we got here, then the value can correctly be represented as the 'To' type: success. + return result, nil +} + +func MustCast[To, From Int](v From) To { + x, err := CheckedCast[To](v) + if err != nil { + panic(err) + } + return x +} diff --git a/pkg/common/util/cast_test.go b/pkg/common/util/cast_test.go new file mode 100644 index 0000000000..181b32e038 --- /dev/null +++ b/pkg/common/util/cast_test.go @@ -0,0 +1,77 @@ +package util + +import ( + "math" + "testing" + + "github.com/stretchr/testify/assert" +) + +type ( + int8Wrapper int8 + int16Wrapper int16 + int32Wrapper int32 + uint8Wrapper uint8 +) + +func TestCheckedCast(t *testing.T) { + assertCastOK[uint8](t, int8(3)) + assertCastOK[int16](t, int8(3)) + assertCastFail[uint8](t, int8(-3)) + assertCastOK[int16](t, int8(-3)) + assertCastOK[uint8](t, int16(200)) + assertCastOK[uint16](t, int16(200)) + assertCastFail[uint8](t, int16(300)) + assertCastOK[int16](t, int16(300)) + assertCastOK[uint8](t, uint64(1)) + assertCastOK[int16](t, uint64(1)) + + assertCastOK[int16](t, int32(0)) + assertCastOK[int16](t, int32(-1)) + assertCastFail[int16](t, int32(1_000_000)) + + assertCastFail[int8](t, uint64(math.MaxUint64)) + assertCastFail[int16](t, uint64(math.MaxUint64)) + assertCastFail[int32](t, uint64(math.MaxUint64)) + assertCastFail[int64](t, uint64(math.MaxUint64)) + assertCastFail[uint8](t, uint64(math.MaxInt64)) + assertCastFail[uint16](t, uint64(math.MaxInt64)) + assertCastFail[uint32](t, uint64(math.MaxInt64)) + assertCastOK[uint64](t, uint64(math.MaxInt64)) + + assertCastOK[int32](t, int16Wrapper(3)) + assertCastOK[uint8](t, int8Wrapper(3)) + assertCastFail[uint8](t, int8Wrapper(-3)) + + assertCastOK[int32Wrapper](t, int16(3)) + assertCastOK[uint8Wrapper](t, int8Wrapper(3)) + assertCastFail[uint8Wrapper](t, int8Wrapper(-3)) + + assertCastOK[int32Wrapper](t, int16Wrapper(3)) + assertCastOK[uint8Wrapper](t, int8(3)) + assertCastFail[uint8Wrapper](t, int8(-3)) +} + +func assertCastOK[To, From Int](t *testing.T, v From) { + t.Helper() + assert := assert.New(t) + + x, err := CheckedCast[To](v) + assert.Equal(To(v), x) + assert.NoError(err) + + var y To + assert.NotPanics(func() { y = MustCast[To](v) }) + assert.Equal(To(v), y) +} + +func assertCastFail[To, From Int](t *testing.T, v From) { + t.Helper() + assert := assert.New(t) + + x, err := CheckedCast[To](v) + assert.ErrorContains(err, "overflow") + assert.Equal(To(0), x) + + assert.Panics(func() { MustCast[To](v) }) +} diff --git a/pkg/server/api/audit/audit.go b/pkg/server/api/audit/audit.go index 8d9fe47008..106f457a20 100644 --- a/pkg/server/api/audit/audit.go +++ b/pkg/server/api/audit/audit.go @@ -1,10 +1,10 @@ package audit import ( - "github.com/ccoveille/go-safecast" "github.com/sirupsen/logrus" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" "github.com/spiffe/spire/pkg/common/telemetry" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -62,7 +62,7 @@ func (l *logger) AuditWithTypesStatus(fields logrus.Fields, s *types.Status) { } func fieldsFromStatus(s *types.Status) logrus.Fields { - err := status.Error(codes.Code(safecast.MustConvert[uint32](s.Code)), s.Message) + err := status.Error(util.MustCast[codes.Code](s.Code), s.Message) return fieldsFromError(err) } diff --git a/pkg/server/api/middleware/audit_windows.go b/pkg/server/api/middleware/audit_windows.go index 1531175156..8264bc85f5 100644 --- a/pkg/server/api/middleware/audit_windows.go +++ b/pkg/server/api/middleware/audit_windows.go @@ -5,10 +5,10 @@ package middleware import ( "fmt" - "github.com/ccoveille/go-safecast" "github.com/shirou/gopsutil/v4/process" "github.com/sirupsen/logrus" "github.com/spiffe/spire/pkg/common/telemetry" + "github.com/spiffe/spire/pkg/common/util" "golang.org/x/sys/windows" ) @@ -26,7 +26,7 @@ func setFields(p *process.Process, fields logrus.Fields) error { } func getUserSID(pID int32) (string, error) { - pidUint32, err := safecast.ToUint32(pID) + pidUint32, err := util.CheckedCast[uint32](pID) if err != nil { return "", fmt.Errorf("PID: %w", err) } diff --git a/pkg/server/api/status.go b/pkg/server/api/status.go index 4653ec5c26..85cf145bfc 100644 --- a/pkg/server/api/status.go +++ b/pkg/server/api/status.go @@ -4,9 +4,9 @@ import ( "fmt" "strings" - "github.com/ccoveille/go-safecast" "github.com/sirupsen/logrus" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -14,7 +14,7 @@ import ( // CreateStatus creates a proto Status func CreateStatus(code codes.Code, msg string) *types.Status { return &types.Status{ - Code: safecast.MustConvert[int32](uint32(code)), + Code: util.MustCast[int32](code), Message: msg, } } @@ -22,7 +22,7 @@ func CreateStatus(code codes.Code, msg string) *types.Status { // CreateStatus creates a proto Status func CreateStatusf(code codes.Code, format string, a ...any) *types.Status { return &types.Status{ - Code: safecast.MustConvert[int32](uint32(code)), + Code: util.MustCast[int32](code), Message: fmt.Sprintf(format, a...), } } diff --git a/pkg/server/datastore/sqlstore/sqlstore.go b/pkg/server/datastore/sqlstore/sqlstore.go index aaccd5ddca..1acc132823 100644 --- a/pkg/server/datastore/sqlstore/sqlstore.go +++ b/pkg/server/datastore/sqlstore/sqlstore.go @@ -14,13 +14,13 @@ import ( "time" "unicode" - "github.com/ccoveille/go-safecast" "github.com/gofrs/uuid/v5" "github.com/hashicorp/hcl" "github.com/hashicorp/hcl/hcl/ast" "github.com/hashicorp/hcl/hcl/printer" "github.com/jinzhu/gorm" "github.com/sirupsen/logrus" + "github.com/spiffe/spire/pkg/common/util" "github.com/spiffe/go-spiffe/v2/spiffeid" "github.com/spiffe/spire-api-sdk/proto/spire/api/types" @@ -1304,7 +1304,7 @@ func countBundles(tx *gorm.DB) (int32, error) { return 0, newWrappedSQLError(err) } - return safecast.ToInt32(count) + return util.CheckedCast[int32](count) } // listBundles can be used to fetch all existing bundles. @@ -1590,7 +1590,7 @@ func countAttestedNodes(tx *gorm.DB) (int32, error) { return 0, newWrappedSQLError(err) } - return safecast.ToInt32(count) + return util.CheckedCast[int32](count) } func countAttestedNodesHasFilters(req *datastore.CountAttestedNodesRequest) bool { @@ -1689,7 +1689,7 @@ func countAttestedNodesWithFilters(ctx context.Context, db *sqlDB, _ logrus.Fiel } } - val += safecast.MustConvert[int32](len(resp.Nodes)) + val += util.MustCast[int32](len(resp.Nodes)) listReq.Pagination = resp.Pagination } @@ -3328,7 +3328,7 @@ func countRegistrationEntries(ctx context.Context, db *sqlDB, _ logrus.FieldLogg } } - val += safecast.MustConvert[int32](len(resp.Entries)) + val += util.MustCast[int32](len(resp.Entries)) listReq.Pagination = resp.Pagination } @@ -3854,13 +3854,13 @@ func fillEntryFromRow(entry *common.RegistrationEntry, r *entryRow) error { } if r.RegTTL.Valid { var err error - if entry.X509SvidTtl, err = safecast.ToInt32(r.RegTTL.Int64); err != nil { + if entry.X509SvidTtl, err = util.CheckedCast[int32](r.RegTTL.Int64); err != nil { return newSQLError("RegTTL: %s", err) } } if r.RegJwtSvidTTL.Valid { var err error - if entry.JwtSvidTtl, err = safecast.ToInt32(r.RegJwtSvidTTL.Int64); err != nil { + if entry.JwtSvidTtl, err = util.CheckedCast[int32](r.RegJwtSvidTTL.Int64); err != nil { return newSQLError("RegJwtSvidTTL: %s", err) } } diff --git a/pkg/server/endpoints/eventTracker.go b/pkg/server/endpoints/eventTracker.go index c0105b3037..41bef44a49 100644 --- a/pkg/server/endpoints/eventTracker.go +++ b/pkg/server/endpoints/eventTracker.go @@ -4,7 +4,7 @@ import ( "sync" "time" - "github.com/ccoveille/go-safecast" + "github.com/spiffe/spire/pkg/common/util" ) type eventTracker struct { @@ -22,7 +22,7 @@ func PollPeriods(pollTime time.Duration, trackTime time.Duration) uint { if trackTime < time.Second { trackTime = time.Second } - return safecast.MustConvert[uint](int64(1 + (trackTime-1)/pollTime)) + return util.MustCast[uint](1 + (trackTime-1)/pollTime) } func NewEventTracker(pollPeriods uint) *eventTracker { diff --git a/pkg/server/plugin/keymanager/base/keymanagerbase.go b/pkg/server/plugin/keymanager/base/keymanagerbase.go index 481e465687..9764a8eb1e 100644 --- a/pkg/server/plugin/keymanager/base/keymanagerbase.go +++ b/pkg/server/plugin/keymanager/base/keymanagerbase.go @@ -14,8 +14,8 @@ import ( "sort" "sync" - "github.com/ccoveille/go-safecast" keymanagerv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/server/keymanager/v1" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/proto" @@ -171,7 +171,7 @@ func (m *Base) signData(req *keymanagerv1.SignDataRequest) (*keymanagerv1.SignDa if opts.HashAlgorithm == keymanagerv1.HashAlgorithm_UNSPECIFIED_HASH_ALGORITHM { return nil, status.Error(codes.InvalidArgument, "hash algorithm is required") } - signerOpts = crypto.Hash(safecast.MustConvert[uint](int32(opts.HashAlgorithm))) + signerOpts = util.MustCast[crypto.Hash](opts.HashAlgorithm) case *keymanagerv1.SignDataRequest_PssOptions: if opts.PssOptions == nil { return nil, status.Error(codes.InvalidArgument, "PSS options are nil") @@ -181,7 +181,7 @@ func (m *Base) signData(req *keymanagerv1.SignDataRequest) (*keymanagerv1.SignDa } signerOpts = &rsa.PSSOptions{ SaltLength: int(opts.PssOptions.SaltLength), - Hash: crypto.Hash(safecast.MustConvert[uint](int32(opts.PssOptions.HashAlgorithm))), + Hash: util.MustCast[crypto.Hash](opts.PssOptions.HashAlgorithm), } default: return nil, status.Errorf(codes.InvalidArgument, "unsupported signer opts type %T", opts) diff --git a/pkg/server/plugin/keymanager/v1.go b/pkg/server/plugin/keymanager/v1.go index 33bccb09da..9eaa7a4934 100644 --- a/pkg/server/plugin/keymanager/v1.go +++ b/pkg/server/plugin/keymanager/v1.go @@ -7,9 +7,9 @@ import ( "crypto/x509" "io" - "github.com/ccoveille/go-safecast" keymanagerv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/server/keymanager/v1" "github.com/spiffe/spire/pkg/common/plugin" + "github.com/spiffe/spire/pkg/common/util" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -119,7 +119,7 @@ func (v1 *V1) convertKeyType(t KeyType) (keymanagerv1.KeyType, error) { func (v1 *V1) convertHashAlgorithm(h crypto.Hash) keymanagerv1.HashAlgorithm { // Hash algorithm constants are aligned. - return keymanagerv1.HashAlgorithm(safecast.MustConvert[int32](uint(h))) + return util.MustCast[keymanagerv1.HashAlgorithm](h) } type v1Key struct { @@ -156,7 +156,7 @@ func (s *v1Key) signContext(ctx context.Context, digest []byte, opts crypto.Sign case *rsa.PSSOptions: req.SignerOpts = &keymanagerv1.SignDataRequest_PssOptions{ PssOptions: &keymanagerv1.SignDataRequest_PSSOptions{ - SaltLength: safecast.MustConvert[int32](opts.SaltLength), + SaltLength: util.MustCast[int32](opts.SaltLength), HashAlgorithm: s.v1.convertHashAlgorithm(opts.Hash), }, } diff --git a/pkg/server/plugin/upstreamauthority/v1.go b/pkg/server/plugin/upstreamauthority/v1.go index 8de009c5f1..5cb90df5f8 100644 --- a/pkg/server/plugin/upstreamauthority/v1.go +++ b/pkg/server/plugin/upstreamauthority/v1.go @@ -7,12 +7,12 @@ import ( "io" "time" - "github.com/ccoveille/go-safecast" upstreamauthorityv1 "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/server/upstreamauthority/v1" "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/types" "github.com/spiffe/spire/pkg/common/coretypes/jwtkey" "github.com/spiffe/spire/pkg/common/coretypes/x509certificate" "github.com/spiffe/spire/pkg/common/plugin" + "github.com/spiffe/spire/pkg/common/util" "github.com/spiffe/spire/proto/spire/common" "google.golang.org/grpc/codes" ) @@ -36,7 +36,7 @@ func (v1 *V1) MintX509CA(ctx context.Context, csr []byte, preferredTTL time.Dura stream, err := v1.UpstreamAuthorityPluginClient.MintX509CAAndSubscribe(ctx, &upstreamauthorityv1.MintX509CARequest{ Csr: csr, - PreferredTtl: safecast.MustConvert[int32](int64(preferredTTL / time.Second)), + PreferredTtl: util.MustCast[int32](preferredTTL / time.Second), }) if err != nil { return nil, nil, nil, v1.WrapErr(err)