From c5b75b1316137a7201c3b59b017809109cb0724c Mon Sep 17 00:00:00 2001 From: Santiago Carmuega Date: Sat, 9 Dec 2023 20:39:42 -0300 Subject: [PATCH] refactor: migrate to monolithic daemon (#2) --- ...6c54d7248b01cbfeaa3649274d855639f7f99.json | 12 + ...2901f8eb2ea8a6899370a874bdefd69ccb64e.json | 12 + ...1b71b766ec9a6a2c3fa9af0921129ab2765f9.json | 20 + Cargo.lock | 1220 ++++++++++++++--- Cargo.toml | 17 +- authtoken1.yaml | 10 - config.toml | 2 - src/authtokens/mod.rs | 91 -- src/bin/dmtrd.rs | 57 + src/bin/dmtrop.rs | 93 -- src/domain/auth.rs | 16 + src/domain/events.rs | 40 + src/domain/mod.rs | 218 +++ src/driven/event_dispatch/mod.rs | 22 + src/driven/fabric_state/example.sqlite | Bin 0 -> 24576 bytes .../fabric_state/migrations/20231209_all.sql | 11 + src/driven/fabric_state/mod.rs | 148 ++ src/driven/mod.rs | 2 + src/drivers/rpc/auth.rs | 48 + src/drivers/rpc/mod.rs | 42 + src/drivers/rpc/ops.rs | 47 + src/lib.rs | 4 +- src/rektor.rs | 142 -- 23 files changed, 1724 insertions(+), 550 deletions(-) create mode 100644 .sqlx/query-094da08af09a7a5a4f4725f40106c54d7248b01cbfeaa3649274d855639f7f99.json create mode 100644 .sqlx/query-7d68a02d0f5acfb4333c60e46772901f8eb2ea8a6899370a874bdefd69ccb64e.json create mode 100644 .sqlx/query-83b030103f1e8b18240b66a8e261b71b766ec9a6a2c3fa9af0921129ab2765f9.json delete mode 100644 authtoken1.yaml delete mode 100644 config.toml delete mode 100644 src/authtokens/mod.rs create mode 100644 src/bin/dmtrd.rs delete mode 100644 src/bin/dmtrop.rs create mode 100644 src/domain/auth.rs create mode 100644 src/domain/events.rs create mode 100644 src/domain/mod.rs create mode 100644 src/driven/event_dispatch/mod.rs create mode 100644 src/driven/fabric_state/example.sqlite create mode 100644 src/driven/fabric_state/migrations/20231209_all.sql create mode 100644 src/driven/fabric_state/mod.rs create mode 100644 src/driven/mod.rs create mode 100644 src/drivers/rpc/auth.rs create mode 100644 src/drivers/rpc/mod.rs create mode 100644 src/drivers/rpc/ops.rs delete mode 100644 src/rektor.rs diff --git a/.sqlx/query-094da08af09a7a5a4f4725f40106c54d7248b01cbfeaa3649274d855639f7f99.json b/.sqlx/query-094da08af09a7a5a4f4725f40106c54d7248b01cbfeaa3649274d855639f7f99.json new file mode 100644 index 0000000..04ca9dc --- /dev/null +++ b/.sqlx/query-094da08af09a7a5a4f4725f40106c54d7248b01cbfeaa3649274d855639f7f99.json @@ -0,0 +1,12 @@ +{ + "db_name": "SQLite", + "query": "\nINSERT INTO apikeys (namespace, digest, salt) \nVALUES ($1, $2, $3)\n", + "describe": { + "columns": [], + "parameters": { + "Right": 3 + }, + "nullable": [] + }, + "hash": "094da08af09a7a5a4f4725f40106c54d7248b01cbfeaa3649274d855639f7f99" +} diff --git a/.sqlx/query-7d68a02d0f5acfb4333c60e46772901f8eb2ea8a6899370a874bdefd69ccb64e.json b/.sqlx/query-7d68a02d0f5acfb4333c60e46772901f8eb2ea8a6899370a874bdefd69ccb64e.json new file mode 100644 index 0000000..d0ce0aa --- /dev/null +++ b/.sqlx/query-7d68a02d0f5acfb4333c60e46772901f8eb2ea8a6899370a874bdefd69ccb64e.json @@ -0,0 +1,12 @@ +{ + "db_name": "SQLite", + "query": "\nINSERT INTO namespaces (name) \nVALUES ($1)\n", + "describe": { + "columns": [], + "parameters": { + "Right": 1 + }, + "nullable": [] + }, + "hash": "7d68a02d0f5acfb4333c60e46772901f8eb2ea8a6899370a874bdefd69ccb64e" +} diff --git a/.sqlx/query-83b030103f1e8b18240b66a8e261b71b766ec9a6a2c3fa9af0921129ab2765f9.json b/.sqlx/query-83b030103f1e8b18240b66a8e261b71b766ec9a6a2c3fa9af0921129ab2765f9.json new file mode 100644 index 0000000..3abcb4c --- /dev/null +++ b/.sqlx/query-83b030103f1e8b18240b66a8e261b71b766ec9a6a2c3fa9af0921129ab2765f9.json @@ -0,0 +1,20 @@ +{ + "db_name": "SQLite", + "query": "\nSELECT *\nFROM namespaces\nWHERE name = $1\n", + "describe": { + "columns": [ + { + "name": "name", + "ordinal": 0, + "type_info": "Text" + } + ], + "parameters": { + "Right": 1 + }, + "nullable": [ + true + ] + }, + "hash": "83b030103f1e8b18240b66a8e261b71b766ec9a6a2c3fa9af0921129ab2765f9" +} diff --git a/Cargo.lock b/Cargo.lock index 6491fb3..fdcc36f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -30,23 +30,15 @@ dependencies = [ [[package]] name = "ahash" -version = "0.8.3" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" +checksum = "91429305e9f0a25f6205c5b8e0d2db09e0708a7a6df0f42212bb56c32c8ac97a" dependencies = [ "cfg-if", "getrandom", "once_cell", "version_check", -] - -[[package]] -name = "aho-corasick" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6748e8def348ed4d14996fa801f4122cd763fff530258cdc03f64b25f89d3a5a" -dependencies = [ - "memchr", + "zerocopy", ] [[package]] @@ -106,7 +98,7 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" dependencies = [ - "windows-sys", + "windows-sys 0.48.0", ] [[package]] @@ -116,7 +108,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c677ab05e09154296dd37acecd46420c17b9713e8366facafa8fc0885167cf4c" dependencies = [ "anstyle", - "windows-sys", + "windows-sys 0.48.0", ] [[package]] @@ -131,6 +123,18 @@ version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "33954243bd79057c2de7338850b85983a44588021f8a5fee574a8888c6de4344" +[[package]] +name = "argon2" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17ba4cac0a46bc1d2912652a751c47f2a9f3a7fe89bcae2275d418f5270402f9" +dependencies = [ + "base64ct", + "blake2", + "cpufeatures", + "password-hash", +] + [[package]] name = "async-trait" version = "0.1.73" @@ -139,7 +143,26 @@ checksum = "bc00ceb34980c03614e35a3a4e218276a0a824e911d07651cd0d858a51e8c0f0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", +] + +[[package]] +name = "atoi" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f28d99ec8bfea296261ca1af174f24225171fea9664ba9003cbebee704810528" +dependencies = [ + "num-traits", +] + +[[package]] +name = "atomic-write-file" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edcdbedc2236483ab103a53415653d6b4442ea6141baf1ffa85df29635e88436" +dependencies = [ + "nix", + "rand", ] [[package]] @@ -148,6 +171,51 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "axum" +version = "0.6.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b829e4e32b91e643de6eafe82b1d90675f5874230191a4ffbc1b336dec4d6bf" +dependencies = [ + "async-trait", + "axum-core", + "bitflags 1.3.2", + "bytes", + "futures-util", + "http", + "http-body", + "hyper", + "itoa", + "matchit", + "memchr", + "mime", + "percent-encoding", + "pin-project-lite", + "rustversion", + "serde", + "sync_wrapper", + "tower", + "tower-layer", + "tower-service", +] + +[[package]] +name = "axum-core" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c" +dependencies = [ + "async-trait", + "bytes", + "futures-util", + "http", + "http-body", + "mime", + "rustversion", + "tower-layer", + "tower-service", +] + [[package]] name = "backoff" version = "0.4.0" @@ -192,6 +260,12 @@ version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" +[[package]] +name = "base64ct" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" + [[package]] name = "bitflags" version = "1.3.2" @@ -203,6 +277,18 @@ name = "bitflags" version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" +dependencies = [ + "serde", +] + +[[package]] +name = "blake2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +dependencies = [ + "digest", +] [[package]] name = "block-buffer" @@ -219,6 +305,12 @@ version = "3.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + [[package]] name = "bytes" version = "1.4.0" @@ -227,9 +319,9 @@ checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" [[package]] name = "cc" -version = "1.0.82" +version = "1.0.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "305fe645edc1442a0fa8b6726ba61d422798d37a52e12eaecf4b022ebbb88f01" +checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0" dependencies = [ "libc", ] @@ -242,15 +334,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "chrono" -version = "0.4.26" +version = "0.4.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec837a71355b28f6556dbd569b37b3f363091c0bd4b2e735674521b4c5fd9bc5" +checksum = "7f2c685bad3eb3d45a01354cedb7d5faa66194d1d58ba6e267a8de788f79db38" dependencies = [ "android-tzdata", "iana-time-zone", "num-traits", "serde", - "winapi", + "windows-targets 0.48.3", ] [[package]] @@ -285,7 +377,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -319,6 +411,12 @@ dependencies = [ "yaml-rust", ] +[[package]] +name = "const-oid" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28c122c3980598d243d63d9a704629a2d748d101f278052ff068be5a4423ab6f" + [[package]] name = "core-foundation-sys" version = "0.8.4" @@ -334,6 +432,40 @@ dependencies = [ "libc", ] +[[package]] +name = "crc" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86ec7a15cbe22e59248fc7eadb1907dab5ba09372595da4d73dd805ed4417dfe" +dependencies = [ + "crc-catalog", +] + +[[package]] +name = "crc-catalog" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19d374276b40fb8bbdee95aef7c7fa6b5316ec764510eb64b8dd0e2ed0d7e7f5" + +[[package]] +name = "crossbeam-queue" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1cfb3ea8a53f37c40dea2c7bedcbd88bdfae54f5e2175d6ecaff1c988353add" +dependencies = [ + "cfg-if", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" +dependencies = [ + "cfg-if", +] + [[package]] name = "crypto-common" version = "0.1.6" @@ -344,12 +476,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "ct-codecs" -version = "1.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3b7eb4404b8195a9abb6356f4ac07d8ba267045c8d6d220ac4dc992e6cc75df" - [[package]] name = "darling" version = "0.14.4" @@ -386,35 +512,16 @@ dependencies = [ ] [[package]] -name = "demeter-operator" -version = "0.1.0" +name = "der" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" dependencies = [ - "anyhow", - "anymap", - "clap", - "config", - "futures", - "hex", - "k8s-openapi", - "kube", - "openssl", - "pasetors", - "schemars", - "serde", - "serde_json", - "serde_yaml", - "thiserror", - "tokio", - "tracing", - "tracing-subscriber", + "const-oid", + "pem-rfc7468", + "zeroize", ] -[[package]] -name = "deranged" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7684a49fb1af197853ef7b2ee694bc1f5b4179556f1e5710e1760c5db6f5e929" - [[package]] name = "derivative" version = "2.2.0" @@ -433,7 +540,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ "block-buffer", + "const-oid", "crypto-common", + "subtle", ] [[package]] @@ -443,25 +552,51 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0688c2a7f92e427f44895cd63841bff7b29f8d7a1648b9e7e07a4a365b2e1257" [[package]] -name = "dyn-clone" -version = "1.0.13" +name = "dmtrd" +version = "0.1.0" +dependencies = [ + "anyhow", + "anymap", + "argon2", + "base64 0.21.2", + "clap", + "config", + "futures", + "hex", + "k8s-openapi", + "kube", + "schemars", + "serde", + "serde_json", + "serde_yaml", + "sqlx", + "thiserror", + "tokio", + "tonic", + "tracing", + "tracing-subscriber", +] + +[[package]] +name = "dotenvy" +version = "0.15.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbfc4744c1b8f2a09adc0e55242f60b1af195d88596bd8700be74418c056c555" +checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b" [[package]] -name = "ed25519-compact" -version = "2.0.4" +name = "dyn-clone" +version = "1.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a3d382e8464107391c8706b4c14b087808ecb909f6c15c34114bc42e53a9e4c" -dependencies = [ - "getrandom", -] +checksum = "bbfc4744c1b8f2a09adc0e55242f60b1af195d88596bd8700be74418c056c555" [[package]] name = "either" version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" +dependencies = [ + "serde", +] [[package]] name = "equivalent" @@ -471,30 +606,53 @@ checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" [[package]] name = "errno" -version = "0.3.2" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b30f669a7961ef1631673d2766cc92f52d64f7ef354d4fe0ddfd30ed52f0f4f" +checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" dependencies = [ - "errno-dragonfly", "libc", - "windows-sys", + "windows-sys 0.52.0", ] [[package]] -name = "errno-dragonfly" -version = "0.1.2" +name = "etcetera" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +checksum = "136d1b5283a1ab77bd9257427ffd09d8667ced0570b6f938942bc7568ed5b943" dependencies = [ - "cc", - "libc", + "cfg-if", + "home", + "windows-sys 0.48.0", ] [[package]] -name = "fiat-crypto" -version = "0.1.20" +name = "event-listener" +version = "2.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" + +[[package]] +name = "fastrand" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" + +[[package]] +name = "finl_unicode" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fcfdc7a0362c9f4444381a9e697c79d435fe65b52a37466fc2c1184cee9edc6" + +[[package]] +name = "flume" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e825f6987101665dea6ec934c09ec6d721de7bc1bf92248e1d5810c8cd636b77" +checksum = "55ac459de2512911e4b674ce33cf20befaba382d05b62b008afc1c8b57cbf181" +dependencies = [ + "futures-core", + "futures-sink", + "spin 0.9.8", +] [[package]] name = "fnv" @@ -568,6 +726,17 @@ dependencies = [ "futures-util", ] +[[package]] +name = "futures-intrusive" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d930c203dd0b6ff06e0201a4a2fe9149b43c684fd4420555b26d21b1a02956f" +dependencies = [ + "futures-core", + "lock_api", + "parking_lot", +] + [[package]] name = "futures-io" version = "0.3.28" @@ -582,7 +751,7 @@ checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -632,10 +801,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" dependencies = [ "cfg-if", - "js-sys", "libc", "wasi", - "wasm-bindgen", ] [[package]] @@ -644,6 +811,25 @@ version = "0.27.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e" +[[package]] +name = "h2" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91fc23aa11be92976ef4729127f1a74adf36d8436f7816b185d18df956790833" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap 1.9.3", + "slab", + "tokio", + "tokio-util", + "tracing", +] + [[package]] name = "hashbrown" version = "0.12.3" @@ -659,15 +845,27 @@ version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" dependencies = [ - "ahash 0.8.3", + "ahash 0.8.6", "allocator-api2", ] +[[package]] +name = "hashlink" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8094feaf31ff591f651a2664fb9cfd92bba7a60ce3197265e9482ebe753c8f7" +dependencies = [ + "hashbrown 0.14.0", +] + [[package]] name = "heck" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" +dependencies = [ + "unicode-segmentation", +] [[package]] name = "hermit-abi" @@ -684,13 +882,31 @@ dependencies = [ "serde", ] +[[package]] +name = "hkdf" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437" +dependencies = [ + "hmac", +] + +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest", +] + [[package]] name = "home" version = "0.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5444c27eef6923071f7ebcc33e3444508466a76f7a2b93da00ed6e19f30c1ddb" dependencies = [ - "windows-sys", + "windows-sys 0.48.0", ] [[package]] @@ -743,6 +959,7 @@ dependencies = [ "futures-channel", "futures-core", "futures-util", + "h2", "http", "http-body", "httparse", @@ -825,6 +1042,16 @@ dependencies = [ "unicode-normalization", ] +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", +] + [[package]] name = "indexmap" version = "2.0.0" @@ -852,7 +1079,16 @@ checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" dependencies = [ "hermit-abi", "rustix", - "windows-sys", + "windows-sys 0.48.0", +] + +[[package]] +name = "itertools" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25db6b064527c5d482d0423354fcd07a89a2dfe07b67892e62411946db7f07b0" +dependencies = [ + "either", ] [[package]] @@ -1006,7 +1242,7 @@ version = "0.85.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "381224caa8a6fc16f8251cf1fd6d8678cdf5366f33000a923e4c54192e4b25b5" dependencies = [ - "ahash 0.8.3", + "ahash 0.8.6", "async-trait", "backoff", "derivative", @@ -1031,22 +1267,42 @@ name = "lazy_static" version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" +dependencies = [ + "spin 0.5.2", +] [[package]] name = "libc" -version = "0.2.147" +version = "0.2.150" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" [[package]] -name = "linked-hash-map" -version = "0.5.6" +name = "libm" +version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" +checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" [[package]] -name = "linked_hash_set" -version = "0.1.4" +name = "libsqlite3-sys" +version = "0.27.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf4e226dcd58b4be396f7bd3c20da8fdee2911400705297ba7d2d7cc2c30f716" +dependencies = [ + "cc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "linked-hash-map" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" + +[[package]] +name = "linked_hash_set" +version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "47186c6da4d81ca383c7c47c1bfc80f4b95f4720514d860a5407aaf4233f9588" dependencies = [ @@ -1055,9 +1311,9 @@ dependencies = [ [[package]] name = "linux-raw-sys" -version = "0.4.5" +version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" +checksum = "c4cd1a83af159aa67994778be9070f0ae1bd732942279cabb14f86f986a21456" [[package]] name = "lock_api" @@ -1075,6 +1331,22 @@ version = "0.4.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" +[[package]] +name = "matchit" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94" + +[[package]] +name = "md-5" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d89e7ee0cfbedfc4da3340218492196241d89eefb6dab27de5df917a6d2e78cf" +dependencies = [ + "cfg-if", + "digest", +] + [[package]] name = "memchr" version = "2.5.0" @@ -1110,7 +1382,18 @@ checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" dependencies = [ "libc", "wasi", - "windows-sys", + "windows-sys 0.48.0", +] + +[[package]] +name = "nix" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053" +dependencies = [ + "bitflags 2.4.0", + "cfg-if", + "libc", ] [[package]] @@ -1133,6 +1416,44 @@ dependencies = [ "winapi", ] +[[package]] +name = "num-bigint-dig" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" +dependencies = [ + "byteorder", + "lazy_static", + "libm", + "num-integer", + "num-iter", + "num-traits", + "rand", + "smallvec", + "zeroize", +] + +[[package]] +name = "num-integer" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-iter" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + [[package]] name = "num-traits" version = "0.2.16" @@ -1140,6 +1461,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f30b0abd723be7e2ffca1272140fac1a2f084c77ec3e123c192b66af1ee9e6c2" dependencies = [ "autocfg", + "libm", ] [[package]] @@ -1190,16 +1512,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", -] - -[[package]] -name = "openssl-src" -version = "111.27.0+1.1.1v" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06e8f197c82d7511c5b014030c9b1efeda40d7d5f99d23b4ceed3524a5e63f02" -dependencies = [ - "cc", + "syn 2.0.32", ] [[package]] @@ -1210,7 +1523,6 @@ checksum = "866b5f16f90776b9bb8dc1e1802ac6f0513de3a7a7465867bfbc563dc737faac" dependencies = [ "cc", "libc", - "openssl-src", "pkg-config", "vcpkg", ] @@ -1234,17 +1546,6 @@ dependencies = [ "hashbrown 0.12.3", ] -[[package]] -name = "orion" -version = "0.17.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b11468cc6afd61a126fe3f91cc4cc8a0dbe7917d0a4b5e8357ba91cc47444462" -dependencies = [ - "fiat-crypto", - "subtle", - "zeroize", -] - [[package]] name = "overload" version = "0.1.1" @@ -1269,27 +1570,28 @@ checksum = "93f00c865fe7cabf650081affecd3871070f26767e7b2070a3ffae14c654b447" dependencies = [ "cfg-if", "libc", - "redox_syscall", + "redox_syscall 0.3.5", "smallvec", - "windows-targets", + "windows-targets 0.48.3", ] [[package]] -name = "pasetors" -version = "0.6.7" -source = "git+https://github.com/demeter-run/pasetors.git#aac984e3366396f3c23e7cda3585d0e4fe525b68" +name = "password-hash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166" dependencies = [ - "ct-codecs", - "ed25519-compact", - "getrandom", - "orion", - "regex", - "serde_json", + "base64ct", + "rand_core", "subtle", - "time", - "zeroize", ] +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + [[package]] name = "pathdiff" version = "0.2.1" @@ -1305,6 +1607,15 @@ dependencies = [ "base64 0.13.1", ] +[[package]] +name = "pem-rfc7468" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" +dependencies = [ + "base64ct", +] + [[package]] name = "percent-encoding" version = "2.3.0" @@ -1341,7 +1652,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -1372,7 +1683,7 @@ checksum = "4359fd9c9171ec6e8c62926d6faaf553a8dc3f64e1507e76da7911b4f6a04405" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -1387,6 +1698,27 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" +[[package]] +name = "pkcs1" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" +dependencies = [ + "der", + "pkcs8", + "spki", +] + +[[package]] +name = "pkcs8" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +dependencies = [ + "der", + "spki", +] + [[package]] name = "pkg-config" version = "0.3.27" @@ -1408,6 +1740,15 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "prost" +version = "0.11.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b82eaa1d779e9a4bc1c3217db8ffbeabaae1dca241bf70183242128d48681cd" +dependencies = [ + "bytes", +] + [[package]] name = "quote" version = "1.0.33" @@ -1457,34 +1798,28 @@ dependencies = [ ] [[package]] -name = "regex" -version = "1.9.3" +name = "redox_syscall" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81bc1d4caf89fac26a70747fe603c130093b53c773888797a6329091246d651a" +checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa" dependencies = [ - "aho-corasick", - "memchr", - "regex-automata", - "regex-syntax", + "bitflags 1.3.2", ] [[package]] -name = "regex-automata" -version = "0.3.6" +name = "ring" +version = "0.17.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fed1ceff11a1dddaee50c9dc8e4938bd106e9d89ae372f192311e7da498e3b69" +checksum = "688c63d65483050968b2a8937f7995f443e27041a0f7700aa59b0822aedebb74" dependencies = [ - "aho-corasick", - "memchr", - "regex-syntax", + "cc", + "getrandom", + "libc", + "spin 0.9.8", + "untrusted", + "windows-sys 0.48.0", ] -[[package]] -name = "regex-syntax" -version = "0.7.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5ea92a5b6195c6ef2a0295ea818b312502c6fc94dde986c5553242e18fd4ce2" - [[package]] name = "ron" version = "0.7.1" @@ -1496,6 +1831,26 @@ dependencies = [ "serde", ] +[[package]] +name = "rsa" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc" +dependencies = [ + "const-oid", + "digest", + "num-bigint-dig", + "num-integer", + "num-traits", + "pkcs1", + "pkcs8", + "rand_core", + "signature", + "spki", + "subtle", + "zeroize", +] + [[package]] name = "rust-ini" version = "0.18.0" @@ -1514,17 +1869,53 @@ checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" [[package]] name = "rustix" -version = "0.38.8" +version = "0.38.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19ed4fa021d81c8392ce04db050a3da9a60299050b7ae1cf482d862b54a7218f" +checksum = "bfeae074e687625746172d639330f1de242a178bf3189b51e35a7a21573513ac" dependencies = [ "bitflags 2.4.0", "errno", "libc", "linux-raw-sys", - "windows-sys", + "windows-sys 0.52.0", +] + +[[package]] +name = "rustls" +version = "0.21.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" +dependencies = [ + "ring", + "rustls-webpki", + "sct", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +dependencies = [ + "base64 0.21.2", +] + +[[package]] +name = "rustls-webpki" +version = "0.101.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" +dependencies = [ + "ring", + "untrusted", ] +[[package]] +name = "rustversion" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ffc183a10b4478d04cbbbfc96d0873219d962dd5accaff2ffbd4ceb7df837f4" + [[package]] name = "ryu" version = "1.0.15" @@ -1561,6 +1952,16 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" +[[package]] +name = "sct" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "secrecy" version = "0.8.0" @@ -1598,7 +1999,7 @@ checksum = "aafe972d60b0b9bee71a91b92fee2d4fb3c9d7e8f6b179aa99f27203d99a4816" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -1618,7 +2019,7 @@ version = "1.0.105" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "693151e1ac27563d6dbcec9dee9fbd5da8539b20fa14ad3752b2e6d363ace360" dependencies = [ - "indexmap", + "indexmap 2.0.0", "itoa", "ryu", "serde", @@ -1630,13 +2031,24 @@ version = "0.9.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a49e178e4452f45cb61d0cd8cebc1b0fafd3e41929e996cef79aa3aca91f574" dependencies = [ - "indexmap", + "indexmap 2.0.0", "itoa", "ryu", "serde", "unsafe-libyaml", ] +[[package]] +name = "sha1" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + [[package]] name = "sha2" version = "0.10.7" @@ -1666,6 +2078,16 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "digest", + "rand_core", +] + [[package]] name = "slab" version = "0.4.8" @@ -1698,7 +2120,253 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" dependencies = [ "libc", - "windows-sys", + "windows-sys 0.48.0", +] + +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" +dependencies = [ + "lock_api", +] + +[[package]] +name = "spki" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +dependencies = [ + "base64ct", + "der", +] + +[[package]] +name = "sqlformat" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce81b7bd7c4493975347ef60d8c7e8b742d4694f4c49f93e0a12ea263938176c" +dependencies = [ + "itertools", + "nom", + "unicode_categories", +] + +[[package]] +name = "sqlx" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dba03c279da73694ef99763320dea58b51095dfe87d001b1d4b5fe78ba8763cf" +dependencies = [ + "sqlx-core", + "sqlx-macros", + "sqlx-mysql", + "sqlx-postgres", + "sqlx-sqlite", +] + +[[package]] +name = "sqlx-core" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d84b0a3c3739e220d94b3239fd69fb1f74bc36e16643423bd99de3b43c21bfbd" +dependencies = [ + "ahash 0.8.6", + "atoi", + "byteorder", + "bytes", + "crc", + "crossbeam-queue", + "dotenvy", + "either", + "event-listener", + "futures-channel", + "futures-core", + "futures-intrusive", + "futures-io", + "futures-util", + "hashlink", + "hex", + "indexmap 2.0.0", + "log", + "memchr", + "once_cell", + "paste", + "percent-encoding", + "rustls", + "rustls-pemfile", + "serde", + "serde_json", + "sha2", + "smallvec", + "sqlformat", + "thiserror", + "tokio", + "tokio-stream", + "tracing", + "url", + "webpki-roots", +] + +[[package]] +name = "sqlx-macros" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89961c00dc4d7dffb7aee214964b065072bff69e36ddb9e2c107541f75e4f2a5" +dependencies = [ + "proc-macro2", + "quote", + "sqlx-core", + "sqlx-macros-core", + "syn 1.0.109", +] + +[[package]] +name = "sqlx-macros-core" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d0bd4519486723648186a08785143599760f7cc81c52334a55d6a83ea1e20841" +dependencies = [ + "atomic-write-file", + "dotenvy", + "either", + "heck", + "hex", + "once_cell", + "proc-macro2", + "quote", + "serde", + "serde_json", + "sha2", + "sqlx-core", + "sqlx-mysql", + "sqlx-sqlite", + "syn 1.0.109", + "tempfile", + "tokio", + "url", +] + +[[package]] +name = "sqlx-mysql" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e37195395df71fd068f6e2082247891bc11e3289624bbc776a0cdfa1ca7f1ea4" +dependencies = [ + "atoi", + "base64 0.21.2", + "bitflags 2.4.0", + "byteorder", + "bytes", + "crc", + "digest", + "dotenvy", + "either", + "futures-channel", + "futures-core", + "futures-io", + "futures-util", + "generic-array", + "hex", + "hkdf", + "hmac", + "itoa", + "log", + "md-5", + "memchr", + "once_cell", + "percent-encoding", + "rand", + "rsa", + "serde", + "sha1", + "sha2", + "smallvec", + "sqlx-core", + "stringprep", + "thiserror", + "tracing", + "whoami", +] + +[[package]] +name = "sqlx-postgres" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6ac0ac3b7ccd10cc96c7ab29791a7dd236bd94021f31eec7ba3d46a74aa1c24" +dependencies = [ + "atoi", + "base64 0.21.2", + "bitflags 2.4.0", + "byteorder", + "crc", + "dotenvy", + "etcetera", + "futures-channel", + "futures-core", + "futures-io", + "futures-util", + "hex", + "hkdf", + "hmac", + "home", + "itoa", + "log", + "md-5", + "memchr", + "once_cell", + "rand", + "serde", + "serde_json", + "sha1", + "sha2", + "smallvec", + "sqlx-core", + "stringprep", + "thiserror", + "tracing", + "whoami", +] + +[[package]] +name = "sqlx-sqlite" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "210976b7d948c7ba9fced8ca835b11cbb2d677c59c79de41ac0d397e14547490" +dependencies = [ + "atoi", + "flume", + "futures-channel", + "futures-core", + "futures-executor", + "futures-intrusive", + "futures-util", + "libsqlite3-sys", + "log", + "percent-encoding", + "serde", + "sqlx-core", + "tracing", + "url", + "urlencoding", +] + +[[package]] +name = "stringprep" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb41d74e231a107a1b4ee36bd1214b11285b77768d2e3824aedafa988fd36ee6" +dependencies = [ + "finl_unicode", + "unicode-bidi", + "unicode-normalization", ] [[package]] @@ -1726,15 +2394,34 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.29" +version = "2.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c324c494eba9d92503e6f1ef2e6df781e78f6a7705a0202d9801b198807d518a" +checksum = "239814284fd6f1a4ffe4ca893952cdd93c224b6a1571c9a9eadd670295c0c9e2" dependencies = [ "proc-macro2", "quote", "unicode-ident", ] +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + +[[package]] +name = "tempfile" +version = "3.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ef1adac450ad7f4b3c28589471ade84f25f731a7a0fe30d71dfa9f60fd808e5" +dependencies = [ + "cfg-if", + "fastrand", + "redox_syscall 0.4.1", + "rustix", + "windows-sys 0.48.0", +] + [[package]] name = "thiserror" version = "1.0.47" @@ -1752,7 +2439,7 @@ checksum = "6bb623b56e39ab7dcd4b1b98bb6c8f8d907ed255b18de254088016b27a8ee19b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -1765,34 +2452,6 @@ dependencies = [ "once_cell", ] -[[package]] -name = "time" -version = "0.3.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0fdd63d58b18d663fbdf70e049f00a22c8e42be082203be7f26589213cd75ea" -dependencies = [ - "deranged", - "itoa", - "serde", - "time-core", - "time-macros", -] - -[[package]] -name = "time-core" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" - -[[package]] -name = "time-macros" -version = "0.2.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb71511c991639bb078fd5bf97757e03914361c48100d52878b8e52b46fb92cd" -dependencies = [ - "time-core", -] - [[package]] name = "tinyvec" version = "1.6.0" @@ -1815,6 +2474,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9" dependencies = [ "backtrace", + "bytes", "libc", "mio", "num_cpus", @@ -1822,7 +2482,7 @@ dependencies = [ "signal-hook-registry", "socket2 0.5.3", "tokio-macros", - "windows-sys", + "windows-sys 0.48.0", ] [[package]] @@ -1843,7 +2503,7 @@ checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -1858,6 +2518,17 @@ dependencies = [ "tokio", ] +[[package]] +name = "tokio-stream" +version = "0.1.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842" +dependencies = [ + "futures-core", + "pin-project-lite", + "tokio", +] + [[package]] name = "tokio-util" version = "0.7.8" @@ -1882,6 +2553,34 @@ dependencies = [ "serde", ] +[[package]] +name = "tonic" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3082666a3a6433f7f511c7192923fa1fe07c69332d3c6a2e6bb040b569199d5a" +dependencies = [ + "async-trait", + "axum", + "base64 0.21.2", + "bytes", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-timeout", + "percent-encoding", + "pin-project", + "prost", + "tokio", + "tokio-stream", + "tower", + "tower-layer", + "tower-service", + "tracing", +] + [[package]] name = "tower" version = "0.4.13" @@ -1890,8 +2589,11 @@ checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" dependencies = [ "futures-core", "futures-util", + "indexmap 1.9.3", "pin-project", "pin-project-lite", + "rand", + "slab", "tokio", "tokio-util", "tower-layer", @@ -1953,7 +2655,7 @@ checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", ] [[package]] @@ -2039,12 +2741,30 @@ dependencies = [ "tinyvec", ] +[[package]] +name = "unicode-segmentation" +version = "1.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1dd624098567895118886609431a7c3b8f516e41d30e0643f03d94592a147e36" + +[[package]] +name = "unicode_categories" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "39ec24b3121d976906ece63c9daad25b85969647682eee313cb5779fdd69e14e" + [[package]] name = "unsafe-libyaml" version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f28467d3e1d3c6586d8f25fa243f544f5800fec42d97032474e17222c2b75cfa" +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + [[package]] name = "url" version = "2.4.0" @@ -2056,6 +2776,12 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "urlencoding" +version = "2.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da" + [[package]] name = "utf8parse" version = "0.2.1" @@ -2116,7 +2842,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", "wasm-bindgen-shared", ] @@ -2138,7 +2864,7 @@ checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.29", + "syn 2.0.32", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2149,6 +2875,18 @@ version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1" +[[package]] +name = "webpki-roots" +version = "0.25.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1778a42e8b3b90bff8d0f5032bf22250792889a5cdc752aa0020c84abe3aaf10" + +[[package]] +name = "whoami" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22fc3756b8a9133049b26c7f61ab35416c130e8c09b660f5b3958b446f52cc50" + [[package]] name = "winapi" version = "0.3.9" @@ -2177,7 +2915,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f" dependencies = [ - "windows-targets", + "windows-targets 0.48.3", ] [[package]] @@ -2186,7 +2924,16 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets", + "windows-targets 0.48.3", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.0", ] [[package]] @@ -2195,13 +2942,28 @@ version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "27f51fb4c64f8b770a823c043c7fad036323e1c48f55287b7bbb7987b2fcdf3b" dependencies = [ - "windows_aarch64_gnullvm", - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_gnullvm", - "windows_x86_64_msvc", + "windows_aarch64_gnullvm 0.48.3", + "windows_aarch64_msvc 0.48.3", + "windows_i686_gnu 0.48.3", + "windows_i686_msvc 0.48.3", + "windows_x86_64_gnu 0.48.3", + "windows_x86_64_gnullvm 0.48.3", + "windows_x86_64_msvc 0.48.3", +] + +[[package]] +name = "windows-targets" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +dependencies = [ + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", ] [[package]] @@ -2210,42 +2972,84 @@ version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fde1bb55ae4ce76a597a8566d82c57432bc69c039449d61572a7a353da28f68c" +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" + [[package]] name = "windows_aarch64_msvc" version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1513e8d48365a78adad7322fd6b5e4c4e99d92a69db8df2d435b25b1f1f286d4" +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" + [[package]] name = "windows_i686_gnu" version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "60587c0265d2b842298f5858e1a5d79d146f9ee0c37be5782e92a6eb5e1d7a83" +[[package]] +name = "windows_i686_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" + [[package]] name = "windows_i686_msvc" version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "224fe0e0ffff5d2ea6a29f82026c8f43870038a0ffc247aa95a52b47df381ac4" +[[package]] +name = "windows_i686_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" + [[package]] name = "windows_x86_64_gnu" version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "62fc52a0f50a088de499712cbc012df7ebd94e2d6eb948435449d76a6287e7ad" +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" + [[package]] name = "windows_x86_64_gnullvm" version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2093925509d91ea3d69bcd20238f4c2ecdb1a29d3c281d026a09705d0dd35f3d" +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" + [[package]] name = "windows_x86_64_msvc" version = "0.48.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b6ade45bc8bf02ae2aa34a9d54ba660a1a58204da34ba793c00d83ca3730b5f1" +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" + [[package]] name = "yaml-rust" version = "0.4.5" @@ -2255,6 +3059,26 @@ dependencies = [ "linked-hash-map", ] +[[package]] +name = "zerocopy" +version = "0.7.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "306dca4455518f1f31635ec308b6b3e4eb1b11758cefafc782827d0aa7acb5c7" +dependencies = [ + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be912bf68235a88fbefd1b73415cb218405958d1655b2ece9035a19920bdf6ba" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.32", +] + [[package]] name = "zeroize" version = "1.6.0" diff --git a/Cargo.toml b/Cargo.toml index 21b68c4..fce1ead 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "demeter-operator" +name = "dmtrd" version = "0.1.0" edition = "2021" @@ -21,15 +21,8 @@ tracing-subscriber = "0.3.17" anymap = "0.12.1" hex = { version = "0.4.3", features = ["serde"] } config = "0.13.3" - -# pasetors = { version = "0.6.7", features = ["v2"], path = "../pasetors" } -pasetors = { git = "https://github.com/demeter-run/pasetors.git", features = [ - "v2", -] } - -# util for cross compilation -openssl = { version = '0.10', optional = true } clap = { version = "4.3.22", features = ["derive"] } - -[features] -vendored-openssl = ["openssl/vendored"] +base64 = "0.21.2" +tonic = "0.9.2" +argon2 = "0.5.2" +sqlx = { version = "0.7.3", features = ["runtime-tokio-rustls", "sqlite"] } diff --git a/authtoken1.yaml b/authtoken1.yaml deleted file mode 100644 index 5e1241f..0000000 --- a/authtoken1.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: demeter.run/v1alpha -kind: AuthToken -metadata: - name: token1 -spec: - schema: paseto_v2 - issuer: txpipe1 - expiration_days: 90 - viewed: false - revoked: false diff --git a/config.toml b/config.toml deleted file mode 100644 index fbd0b9e..0000000 --- a/config.toml +++ /dev/null @@ -1,2 +0,0 @@ -[auth] -secret_key = "d9b79174a47f9cefd66baa3da4bfb2f06bf88a764c7294632010ad9a8e95a1cac32290d7fe13058668832c5398d961cbfe11ea7d9d9ec0ef5973bcac7efc0386" diff --git a/src/authtokens/mod.rs b/src/authtokens/mod.rs deleted file mode 100644 index 5cdbbd3..0000000 --- a/src/authtokens/mod.rs +++ /dev/null @@ -1,91 +0,0 @@ -use std::{sync::Arc, time::Duration}; - -use kube::{CustomResource, ResourceExt}; -use pasetors::{claims::Claims, keys::AsymmetricSecretKey}; -use schemars::JsonSchema; -use serde::{Deserialize, Serialize}; - -use crate::rektor::{ContextData, DerivedResourceState}; - -#[derive(Deserialize, Debug)] -pub struct AuthConfig { - #[serde(with = "hex")] - pub secret_key: Vec, -} - -#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema, Default)] -pub struct AuthTokenStatus { - emitted: bool, - secret: Option, -} - -#[derive(CustomResource, Deserialize, Serialize, Clone, Debug, JsonSchema)] -#[kube( - group = "demeter.run", - version = "v1alpha", - kind = "AuthToken", - status = "AuthTokenStatus", - namespaced -)] -pub struct AuthTokenSpec { - issuer: String, - expiration_days: Option, - viewed: bool, - revoked: bool, -} - -fn build_new_paseto(token: &AuthToken, ctx: &ContextData) -> String { - let cfg = ctx - .extensions - .get::() - .expect("missing auth config in context"); - - let secret_key = - AsymmetricSecretKey::from(&cfg.secret_key).expect("invalid asymmetric secret key"); - - let mut c = Claims::empty(); - - if let Some(days) = token.spec.expiration_days { - let duration = Duration::from_secs(3600 * 24 * days as u64); - c.expires_in(&duration).unwrap() - }; - - c.issuer(&token.spec.issuer).unwrap(); - - let ns = token.namespace().unwrap(); - c.subject(&ns).unwrap(); - - let msg = c.to_string().unwrap(); - - pasetors::version2::PublicToken::sign(&secret_key, msg.as_bytes(), None).unwrap() -} - -fn is_expired(token: &AuthToken) -> bool { - // TODO - false -} - -pub fn derive_state(spec: &AuthToken, ctx: &ContextData) -> DerivedResourceState { - let mut status = spec.status.clone().unwrap_or_default(); - - if !status.emitted { - status = AuthTokenStatus { - secret: Some(build_new_paseto(&spec, &ctx)), - emitted: true, - } - } - - if spec.spec.viewed { - status = AuthTokenStatus { - secret: None, - emitted: true, - } - } - - let finalizer = match is_expired(&spec) { - true => None, - false => Some("demeter.run/wait-for-expired".into()), - }; - - DerivedResourceState { finalizer, status } -} diff --git a/src/bin/dmtrd.rs b/src/bin/dmtrd.rs new file mode 100644 index 0000000..57738bb --- /dev/null +++ b/src/bin/dmtrd.rs @@ -0,0 +1,57 @@ +use std::{io::stdout, sync::Arc}; + +use clap::Parser; +use serde::Deserialize; + +#[derive(Parser)] +#[clap(name = "Demeter Operator", version = "")] +struct App {} + +#[derive(Deserialize, Debug)] +struct ConfigRoot {} + +impl ConfigRoot { + pub fn new(explicit_file: &Option) -> Result { + let mut s = config::Config::builder(); + + // but we can override it by having a file in the working dir + s = s.add_source(config::File::with_name("config.toml").required(false)); + + // if an explicit file was passed, then we load it as mandatory + if let Some(explicit) = explicit_file.as_ref().and_then(|x| x.to_str()) { + s = s.add_source(config::File::with_name(explicit).required(true)); + } + + // finally, we use env vars to make some last-step overrides + s = s.add_source(config::Environment::with_prefix("DMTR").separator("_")); + + s.build()?.try_deserialize() + } +} + +#[tokio::main] +async fn main() { + let app = App::parse(); + + tracing_subscriber::fmt::init(); + + // let mut opt = ConnectOptions::new("protocol://username:password@host/database"); + // opt.max_connections(100) + // .min_connections(5) + // .connect_timeout(Duration::from_secs(8)) + // .acquire_timeout(Duration::from_secs(8)) + // .idle_timeout(Duration::from_secs(8)) + // .max_lifetime(Duration::from_secs(8)) + // .sqlx_logging(true) + // .sqlx_logging_level(log::LevelFilter::Info) + // .set_schema_search_path("my_schema"); // Setting default PostgreSQL schema + + // let db = Database::connect(opt).await?; + + // dmtrd::drivers::rpc::serve(Config { + // listen_address: "[::]:50051".into(), + // auth: auth_v3::Config {}, + // }) + // .await + // .unwrap(); +} diff --git a/src/bin/dmtrop.rs b/src/bin/dmtrop.rs deleted file mode 100644 index 376f6c8..0000000 --- a/src/bin/dmtrop.rs +++ /dev/null @@ -1,93 +0,0 @@ -use std::{io::stdout, sync::Arc}; - -use clap::Parser; -use kube::CustomResourceExt; -use serde::Deserialize; - -#[derive(Parser)] -#[clap(name = "Demeter Operator", version = "")] -struct App { - #[clap(subcommand)] - subcmd: SubCommand, -} - -#[derive(Parser)] -enum SubCommand { - #[clap(about = "Runs the daemon")] - Daemon(Daemon), - #[clap(about = "Manages the CRDs")] - Crds(Crds), -} - -#[derive(Parser)] -struct Daemon { - // Add any arguments or options for the "daemon" subcommand here -} - -#[derive(Parser)] -struct Crds { - // Add any arguments or options for the "crds" subcommand here -} - -#[derive(Deserialize, Debug)] -struct ConfigRoot { - auth: demeter_operator::authtokens::AuthConfig, -} - -impl ConfigRoot { - pub fn new(explicit_file: &Option) -> Result { - let mut s = config::Config::builder(); - - // but we can override it by having a file in the working dir - s = s.add_source(config::File::with_name("config.toml").required(false)); - - // if an explicit file was passed, then we load it as mandatory - if let Some(explicit) = explicit_file.as_ref().and_then(|x| x.to_str()) { - s = s.add_source(config::File::with_name(explicit).required(true)); - } - - // finally, we use env vars to make some last-step overrides - s = s.add_source(config::Environment::with_prefix("DEMETER").separator("_")); - - s.build()?.try_deserialize() - } -} - -#[tokio::main] -async fn main() { - let app = App::parse(); - - match app.subcmd { - SubCommand::Daemon(_) => { - tracing_subscriber::fmt::init(); - - //let kp = pasetors::keys::AsymmetricKeyPair::::generate().unwrap(); - //dbg!(hex::encode(kp.secret.as_bytes())); - //dbg!(hex::encode(kp.public.as_bytes())); - - let config = ConfigRoot::new(&None).expect("couldn't load config"); - - let kubernetes_client = kube::Client::try_default() - .await - .expect("Expected a valid KUBECONFIG environment variable."); - - let mut extensions = anymap::Map::new(); - extensions.insert(config.auth); - - let context = Arc::new(demeter_operator::rektor::ContextData::new( - kubernetes_client.clone(), - extensions, - )); - - demeter_operator::rektor::run( - context.clone(), - demeter_operator::authtokens::derive_state, - ) - .await; - } - SubCommand::Crds(_) => { - let stdout = stdout(); - serde_yaml::to_writer(stdout, &demeter_operator::authtokens::AuthToken::crd()).unwrap(); - } - } -} diff --git a/src/domain/auth.rs b/src/domain/auth.rs new file mode 100644 index 0000000..a1d5b2a --- /dev/null +++ b/src/domain/auth.rs @@ -0,0 +1,16 @@ +use anyhow::{anyhow, Context, Result}; +use argon2::Argon2; + +use super::HashDigest; + +pub fn digest(pwd: &[u8], salt: &[u8]) -> Result { + let argon2 = Argon2::default(); + + let mut digest = [0u8; 32]; + argon2 + .hash_password_into(pwd, salt, &mut digest) + .map_err(|err| anyhow!(err.to_string())) + .context("error computing hash digest")?; + + Ok(digest) +} diff --git a/src/domain/events.rs b/src/domain/events.rs new file mode 100644 index 0000000..c5e3f00 --- /dev/null +++ b/src/domain/events.rs @@ -0,0 +1,40 @@ +use super::{HashDigest, HashSalt}; + +macro_rules! into_event { + ($name:ident) => { + impl Into for $name { + fn into(self) -> Event { + Event::$name(self) + } + } + }; +} + +#[derive(Debug)] +pub struct NamespaceMintedV1 { + pub name: String, + pub root_public_key: String, +} + +into_event!(NamespaceMintedV1); + +#[derive(Debug)] +pub struct ApiKeyRegisteredV1 { + pub namespace: String, + pub digest: HashDigest, + pub salt: HashSalt, +} + +into_event!(ApiKeyRegisteredV1); + +#[derive(Debug)] +pub struct ResourceCreatedV1 {} + +into_event!(ResourceCreatedV1); + +#[derive(Debug)] +pub enum Event { + NamespaceMintedV1(NamespaceMintedV1), + ApiKeyRegisteredV1(ApiKeyRegisteredV1), + ResourceCreatedV1(ResourceCreatedV1), +} diff --git a/src/domain/mod.rs b/src/domain/mod.rs new file mode 100644 index 0000000..72c5e05 --- /dev/null +++ b/src/domain/mod.rs @@ -0,0 +1,218 @@ +use anyhow::{bail, Result}; + +use crate::driven::event_dispatch::EventDispatch; +use crate::driven::fabric_state::FabricState; + +mod auth; +mod events; + +pub use events::*; + +pub struct Domain { + pub event_dispatch: EventDispatch, + pub fabric_state: FabricState, +} + +pub type SignatureValue = String; +pub type AuthTimestamp = u64; +pub type SecretValue = Vec; +pub type HashDigest = [u8; 32]; +pub type HashSalt = Vec; +pub type NamespaceName = String; + +pub enum Credential { + OwnerSignatureV1(SignatureValue, AuthTimestamp), + ApiKeyV1(SecretValue), +} + +pub struct RegisterApiKeyCmd { + pub auth: Credential, + pub namespace: NamespaceName, + pub secret: SecretValue, +} + +pub struct CreateResourceCmd { + pub auth: Credential, + pub namespace: NamespaceName, + pub resource_type: String, + pub resource_spec: String, +} + +pub struct ListResourcesQuery { + pub auth: Credential, + pub resource_name: String, + pub namespace_name: String, +} + +impl Domain { + async fn assert_available_namespace(&self, ns: &NamespaceName) -> Result<()> { + let exists = self.fabric_state.namespace_exists(&ns).await?; + + if exists { + bail!("namespace isn't available") + } + + Ok(()) + } + + pub async fn on_namespace_minted(&self, evt: NamespaceMintedV1) -> Result<()> { + // TODO: how do we handle business invariants? eg, if the namespace isn't + // available, then something in inconsistent at a global scale. + self.assert_available_namespace(&evt.name).await?; + + self.fabric_state.insert_namespace(&evt.name).await?; + + Ok(()) + } + + async fn assert_existing_namespace(&self, ns: &NamespaceName) -> Result<()> { + let exists = self.fabric_state.namespace_exists(&ns).await?; + + if !exists { + bail!("invalid namespace") + } + + Ok(()) + } + + async fn assert_valid_api_key(&self, ns: &NamespaceName, secret: SecretValue) -> Result<()> { + let keys = self + .fabric_state + .get_all_api_keys_for_namespace(&ns) + .await?; + + for key in keys { + let redigest = auth::digest(&secret, &key.salt)?; + let digest = key.digest.as_slice(); + + if digest == redigest { + return Ok(()); + } + } + + bail!("invalid api key") + } + + pub async fn assert_valid_credentials( + &self, + ns: &NamespaceName, + credential: Credential, + ) -> Result<()> { + match credential { + Credential::ApiKeyV1(secret) => self.assert_valid_api_key(ns, secret).await, + Credential::OwnerSignatureV1(_, _) => { + // TODO + Ok(()) + } + } + } + + pub async fn register_apikey(&mut self, cmd: RegisterApiKeyCmd) -> Result<()> { + self.assert_existing_namespace(&cmd.namespace).await?; + + self.assert_valid_credentials(&cmd.namespace, cmd.auth) + .await?; + + let salt = b"somesaltforyou"; + let digest = auth::digest(&cmd.secret, salt)?; + + self.event_dispatch + .submit_event(ApiKeyRegisteredV1 { + namespace: cmd.namespace, + digest, + salt: salt.to_vec(), + }) + .await?; + + Ok(()) + } + + pub async fn on_apikey_registered(&mut self, evt: ApiKeyRegisteredV1) -> Result<()> { + self.fabric_state + .insert_api_key(&evt.namespace, &evt.digest, &evt.salt) + .await?; + + Ok(()) + } + + pub async fn create_resource(&mut self, cmd: CreateResourceCmd) -> Result<()> { + self.assert_existing_namespace(&cmd.namespace).await?; + + self.assert_valid_credentials(&cmd.namespace, cmd.auth) + .await?; + + // TODO: assert permissions + + // assert_resource_type_is_valid(cmd); + // assert_resource_manifest_is_valid(cmd); + // assert_resource_doesnt_exist(cmd); + + // dispatch_resource_created_event(cmd); + self.event_dispatch + .submit_event(ResourceCreatedV1 {}) + .await?; + + Ok(()) + } + + pub fn list_resources(query: ListResourcesQuery) { + // assert_namespace_is_valid(query); + // assert_namespace_read_access(query); + // fetch_resources_by_namespace(query); + } +} + +#[cfg(test)] +mod tests { + use super::*; + + #[tokio::test] + async fn happy_path() { + let fabric_state = FabricState::ephemeral().await.unwrap(); + let event_dispatch = EventDispatch::ephemeral(); + + let mut domain = Domain { + fabric_state, + event_dispatch, + }; + + domain + .on_namespace_minted(NamespaceMintedV1 { + name: "ns1".into(), + root_public_key: "123".into(), + }) + .await + .unwrap(); + + domain + .register_apikey(RegisterApiKeyCmd { + auth: Credential::OwnerSignatureV1("123".into(), 1234), + namespace: "ns1".into(), + secret: b"mybadpassword".to_vec(), + }) + .await + .unwrap(); + + while let Some(evt) = domain.event_dispatch.entries.pop_front() { + match evt { + Event::ApiKeyRegisteredV1(evt) => domain.on_apikey_registered(evt).await.unwrap(), + Event::NamespaceMintedV1(_) => todo!(), + Event::ResourceCreatedV1(_) => todo!(), + } + } + + domain + .create_resource(CreateResourceCmd { + auth: Credential::ApiKeyV1(b"mybadpassword".to_vec()), + namespace: "ns1".into(), + resource_type: "workers.demeter.run/v1Allpha1".into(), + resource_spec: "{}".into(), + }) + .await + .unwrap(); + + let Domain { event_dispatch, .. } = domain; + + dbg!(event_dispatch.entries); + } +} diff --git a/src/driven/event_dispatch/mod.rs b/src/driven/event_dispatch/mod.rs new file mode 100644 index 0000000..61251c5 --- /dev/null +++ b/src/driven/event_dispatch/mod.rs @@ -0,0 +1,22 @@ +use anyhow::Result; +use std::collections::VecDeque; + +use crate::domain::Event; + +pub struct EventDispatch { + pub entries: VecDeque, +} + +impl EventDispatch { + pub fn ephemeral() -> Self { + Self { + entries: Default::default(), + } + } + + pub async fn submit_event(&mut self, event: impl Into) -> Result<()> { + self.entries.push_back(event.into()); + + Ok(()) + } +} diff --git a/src/driven/fabric_state/example.sqlite b/src/driven/fabric_state/example.sqlite new file mode 100644 index 0000000000000000000000000000000000000000..c18142b0e1eba3c6a36b357cf7e695d5ac5ce7b1 GIT binary patch literal 24576 zcmeI&J#W)M7zc1WuQVtP5<`X#TnD6DkkT|oh;{&{T%!mlX&nbq1}x(o#cGn4oC7Tz z6$@fuKuo9-Gb5_R00I`i01^^Rd;~Vc1e_h`rI9)#qW{U3@1FC^b3Z$SeW|W#j?2jH zt#;FLNlrQ;g+kJ0LL^BFi8UtHUI~jzq}LEzd8mF=H6+cpUnWz(q-au=CZD9zla z6IB!lKmY;|fB*y_009U<00RG?z{90zJUulf@0DEZR)bmF&L-RC!6vq>Q`MlvQ1cok zL6FQOh$v2-6w3xJP@Sym#geM8ldE+7tl!tNnv8E-HX{bTZggXHXM=H<mY$xL@B6tAx(Bt$p%Dz?!63YV zpX2Zt5=t%-OBbeP$!XQu4!_$Fub8IQaku=oIXH`%9n_n+8g9|kF~itnBbca!{7^Ga&v~IW4;;z+b zu)68>7fZBisHIiX+lgGED{4(M$Z|~=#D>}5CAdQ!+h&}Te5ImMwcJ0h+iTxp_9pK% z{aZTH$99fne2RK?jp&aUtCyNoV&30 z;@ifI)%<$n@$C2ar=#Z{?0@*VfAh@mcbf;NRwF-_o__xFjJ, + pub salt: Vec, +} + +impl FabricState { + pub async fn open(path: &Path) -> Result { + let url = format!("sqlite:{}?mode=rwc", path.display()); + let db = sqlx::sqlite::SqlitePoolOptions::new().connect(&url).await?; + + Ok(Self { db }) + } + + pub async fn ephemeral() -> Result { + let db = sqlx::sqlite::SqlitePoolOptions::new() + .connect("sqlite::memory:") + .await?; + + let out = Self { db }; + out.migrate().await?; + + Ok(out) + } + + pub async fn migrate(&self) -> Result<()> { + sqlx::migrate!("src/driven/fabric_state/migrations") + .run(&self.db) + .await?; + + Ok(()) + } + + pub async fn insert_namespace(&self, name: &str) -> Result<()> { + sqlx::query!( + r#" +INSERT INTO namespaces (name) +VALUES ($1) +"#, + name, + ) + .execute(&self.db) + .await?; + + Ok(()) + } + + pub async fn namespace_exists(&self, name: &str) -> Result { + let record = sqlx::query!( + r#" +SELECT * +FROM namespaces +WHERE name = $1 +"#, + name, + ) + .fetch_optional(&self.db) + .await?; + + Ok(record.is_some()) + } + + pub async fn insert_api_key(&self, ns: &str, digest: &[u8], salt: &[u8]) -> Result<()> { + sqlx::query!( + r#" +INSERT INTO apikeys (namespace, digest, salt) +VALUES ($1, $2, $3) +"#, + ns, + digest, + salt + ) + .execute(&self.db) + .await?; + + Ok(()) + } + + pub async fn get_all_api_keys_for_namespace(&self, ns: &str) -> Result> { + let rows = sqlx::query_as::<_, ApiKey>( + r#" +SELECT digest, salt +FROM apikeys +WHERE namespace = $1 +"#, + ) + .bind(ns) + .fetch_all(&self.db) + .await?; + + Ok(rows) + } +} + +#[cfg(test)] +mod tests { + use super::FabricState; + + #[tokio::test] + async fn test_namespace_persistence() { + let db = FabricState::ephemeral().await.unwrap(); + + db.migrate().await.unwrap(); + + assert_eq!(db.namespace_exists("ns1").await.unwrap(), false); + + db.insert_namespace("ns1").await.unwrap(); + + assert_eq!(db.namespace_exists("ns1").await.unwrap(), true); + } + + #[tokio::test] + async fn test_apikeys_persistence() { + let db = FabricState::ephemeral().await.unwrap(); + + db.migrate().await.unwrap(); + + db.insert_namespace("ns1").await.unwrap(); + db.insert_api_key("ns1", b"0123", b"9876").await.unwrap(); + db.insert_api_key("ns1", b"4567", b"5432").await.unwrap(); + + db.insert_namespace("ns2").await.unwrap(); + db.insert_api_key("ns2", b"abcd", b"zyxw").await.unwrap(); + + // TODO: don't fail if results are return in different order + let mut keys = db.get_all_api_keys_for_namespace("ns1").await.unwrap(); + assert_eq!(keys.len(), 2); + let item = keys.remove(0); + assert_eq!(item.digest, b"0123"); + assert_eq!(item.salt, b"9876"); + let item = keys.remove(0); + assert_eq!(item.digest, b"4567"); + assert_eq!(item.salt, b"5432"); + + let mut keys = db.get_all_api_keys_for_namespace("ns2").await.unwrap(); + assert_eq!(keys.len(), 1); + let item = keys.remove(0); + assert_eq!(item.digest, b"abcd"); + assert_eq!(item.salt, b"zyxw"); + } +} diff --git a/src/driven/mod.rs b/src/driven/mod.rs new file mode 100644 index 0000000..2378b7c --- /dev/null +++ b/src/driven/mod.rs @@ -0,0 +1,2 @@ +pub mod event_dispatch; +pub mod fabric_state; diff --git a/src/drivers/rpc/auth.rs b/src/drivers/rpc/auth.rs new file mode 100644 index 0000000..b4324c7 --- /dev/null +++ b/src/drivers/rpc/auth.rs @@ -0,0 +1,48 @@ +use dmtrd::domain::fabric_inbox::AuthCredential; +use serde::{Deserialize, Serialize}; + +#[derive(Clone)] +pub struct Authenticator {} + +fn extract_required_metadata_string( + request: &tonic::Request<()>, + key: &str, +) -> Result { + request + .metadata() + .get(key) + .ok_or_else(|| tonic::Status::unauthenticated("missing required auth value"))? + .to_str() + .map(|x| x.to_owned()) + .map_err(|_| tonic::Status::unauthenticated("malformed auth value")) +} + +impl tonic::service::Interceptor for Authenticator { + fn call( + &mut self, + mut request: tonic::Request<()>, + ) -> Result, tonic::Status> { + let ns = extract_required_metadata_string(&request, "x-dmtr-ns")?; + let token = extract_required_metadata_string(&request, "x-dmtr-token")?; + + let creds = AuthCredential::ApiKeyV1(ns, token); + + request.extensions_mut().insert(creds); + + Ok(request) + } +} + +#[derive(Serialize, Deserialize, Clone)] +pub struct Config {} + +pub fn build_interceptor(config: &Config) -> Authenticator { + Authenticator {} +} + +#[cfg(test)] +mod tests { + + #[tokio::test] + async fn build_token() {} +} diff --git a/src/drivers/rpc/mod.rs b/src/drivers/rpc/mod.rs new file mode 100644 index 0000000..a1658dc --- /dev/null +++ b/src/drivers/rpc/mod.rs @@ -0,0 +1,42 @@ +use serde::{Deserialize, Serialize}; +use std::fmt::Display; +use thiserror::Error; +use tonic::{codegen::InterceptedService, transport::Server}; + +mod auth; +mod ops; + +#[derive(Serialize, Deserialize, Clone)] +pub struct Config { + listen_address: String, + auth: auth_v3::Config, +} + +#[derive(Error, Debug)] +enum Error { + #[error("server error {0}")] + Server(String), +} + +impl Error { + fn server(err: impl Display) -> Self { + Self::Server(err.to_string()) + } +} + +async fn serve(config: Config) -> Result<(), Error> { + let addr = config.listen_address.parse().unwrap(); + + let mut server = Server::builder(); + + let service = InterceptedService::new( + ops::OpsServiceImpl::new(), + auth_v3::build_interceptor(&config.auth), + ); + + let server = server.add_service(service); + + server.serve(addr).await.map_err(Error::server)?; + + Ok(()) +} diff --git a/src/drivers/rpc/ops.rs b/src/drivers/rpc/ops.rs new file mode 100644 index 0000000..e85a068 --- /dev/null +++ b/src/drivers/rpc/ops.rs @@ -0,0 +1,47 @@ +use demeter_core_spec::demeter::core::v1alpha::*; +use tonic::async_trait; + +pub struct OpsServiceImpl; + +impl OpsServiceImpl { + pub fn new() -> Self { + Self {} + } +} + +#[async_trait] +impl ops_service_server::OpsService for OpsServiceImpl { + async fn create_resource( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + } + + async fn list_resources( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + todo!() + } + + async fn read_resource( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + todo!() + } + + async fn patch_resource( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + todo!() + } + + async fn delete_resource( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + todo!() + } +} diff --git a/src/lib.rs b/src/lib.rs index 683b3c2..d3090fd 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,2 +1,2 @@ -pub mod authtokens; -pub mod rektor; +pub mod domain; +pub mod driven; diff --git a/src/rektor.rs b/src/rektor.rs deleted file mode 100644 index 18e928e..0000000 --- a/src/rektor.rs +++ /dev/null @@ -1,142 +0,0 @@ -use anymap::any::Any; -use anymap::AnyMap; -use futures::StreamExt; -use k8s_openapi::NamespaceResourceScope; -use kube::api::Patch; -use kube::api::PatchParams; -use kube::runtime::controller::Action; -use kube::runtime::watcher::Config; -use kube::runtime::Controller; -use kube::Resource; -use kube::ResourceExt; -use kube::{client::Client, Api}; -use serde::de::DeserializeOwned; -use serde::Serialize; -use serde_json::json; -use serde_json::Value; -use std::hash::Hash; -use std::sync::Arc; -use std::time::Duration; -use tracing::info; -use tracing::warn; - -pub struct ContextData { - pub client: Client, - pub extensions: anymap::Map, -} - -impl ContextData { - pub fn new(client: Client, extensions: anymap::Map) -> Self { - ContextData { client, extensions } - } -} - -/// All errors possible to occur during reconciliation -#[derive(Debug, thiserror::Error)] -pub enum Error { - /// Any error originating from the `kube-rs` crate - #[error("Kubernetes reported error: {source}")] - KubeError { - #[from] - source: kube::Error, - }, - /// Error in user input or Echo resource definition, typically missing fields. - #[error("Invalid Echo CRD: {0}")] - UserInputError(String), -} - -pub struct DerivedResourceState -where - S: Send + Sync, -{ - pub status: S, - pub finalizer: Option, -} - -impl DerivedResourceState -where - S: Serialize + Send + Sync, -{ - fn status_patch(&self) -> Patch { - Patch::Merge(json!({ "status": self.status })) - } -} - -pub async fn apply( - owner: &K, - state: DerivedResourceState, - context: Arc, -) -> Result<(), Error> -where - K: Resource + DeserializeOwned, - K::DynamicType: Default, - S: Serialize + Send + Sync, -{ - let client = context.client.clone(); - - let ns: String = owner - .namespace() - .ok_or(Error::UserInputError("missing namespace".into()))?; - - let api = Api::::namespaced(client, &ns); - - let name = owner.name_any(); - - api.patch_status(&name, &PatchParams::default(), &state.status_patch()) - .await - .map_err(|source| Error::KubeError { source })?; - - Ok(()) -} - -pub type DeriveStateFn = fn(res: &K, ctx: &ContextData) -> DerivedResourceState; - -pub async fn run(context: Arc, derive: DeriveStateFn) -where - K: Resource - + DeserializeOwned - + Clone - + std::fmt::Debug - + Send - + Sync - + 'static, - K::DynamicType: Default + Eq + Hash + Clone + std::fmt::Debug + Unpin, - S: Serialize + Send + Sync + 'static, -{ - // Preparation of resources used by the `kube_runtime::Controller` - let api: Api = Api::all(context.client.clone()); - - // The controller comes from the `kube_runtime` crate and manages the reconciliation process. - // It requires the following information: - // - `kube::Api` this controller "owns". In this case, `T = Echo`, as this controller owns the `Echo` resource, - // - `kube::runtime::watcher::Config` can be adjusted for precise filtering of `Echo` resources before the actual reconciliation, e.g. by label, - // - `reconcile` function with reconciliation logic to be called each time a resource of `Echo` kind is created/updated/deleted, - // - `on_error` function to call whenever reconciliation fails. - Controller::new(api.clone(), Config::default()) - .run( - |r, c| async move { - let state = derive(&r, &c); - apply(r.as_ref(), state, c).await?; - - Ok(Action::await_change()) - }, - on_error, - context, - ) - .for_each(|reconciliation_result| async move { - match reconciliation_result { - Ok(echo_resource) => { - info!("Reconciliation successful. Resource: {:?}", echo_resource); - } - Err(reconciliation_err) => { - warn!("Reconciliation error: {:?}", reconciliation_err) - } - } - }) - .await; -} - -fn on_error(spec: Arc, error: &Error, _context: Arc) -> Action { - warn!(%error, "reconciliation error"); - Action::requeue(Duration::from_secs(5)) -}