New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kyle/keycache interface #160
Conversation
6d7f33f
to
39d857d
Compare
Current coverage is 57.35% (diff: 59.89%)@@ master #160 diff @@
==========================================
Files 15 18 +3
Lines 2048 2216 +168
Methods 0 0
Messages 0 0
Branches 0 0
==========================================
+ Hits 1097 1271 +174
+ Misses 755 731 -24
- Partials 196 214 +18
|
39d857d
to
b37a19d
Compare
} | ||
|
||
// Refresh purges all expired or fully-used delegations in the | ||
// crypto's key cache. It returns the number of delegations that |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"It returns ..." sounds like describing c.cache.Refresh, I think the 2nd sentence can be removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated the comment.
f8c3ff5
to
70e1ebe
Compare
} | ||
|
||
access := AccessStructure{ | ||
Names: persistUsers, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, I probably missed something, this is a single user array, shall it come from the persist policy?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
70e1ebe
to
84d30a5
Compare
|
||
var ( | ||
persistLabels = []string{"restore"} | ||
persistUsers = []string{"restore"} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so we can remove this now right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed.
84d30a5
to
15a8126
Compare
LGTM |
This is a rather large change. It consists of the following changes: + Direct access to the keycache has been removed from the core package. This forces all interaction with the cache to go through the Cryptor, which is required for persistence. The Cryptor needs to know when the cache has changed, and the only way to do this effectively is to make the Cryptor responsible for managing the keycache. + A new persist package has been added. This provides a Store interface, for which two implementations are provided. The first is a null persister: this is used when no persistence is configured. The second is a file-backed persistence store. + The Cryptor now persists the cache every time it changes. Additionally, a number of missing returns in a function in the core package have been added.
15a8126
to
7c95007
Compare
return c.cache.DelegateStatus(name, labels, admins) | ||
} | ||
|
||
var persistLabels = []string{"restore"} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems awkward to have this as a global in something other than the package it belongs to. Would it not make more sense for it to be exported from redoctober/persist?
I realize it's nitpicky, but it's already hard enough to understand what is persist and what is cryptor. Feel free to ignore unless you're opening another PR.
Implementation of a file-backed persistence store.
This is a rather large change. It consists of the following changes:
Additionally, a number of missing returns in a function in the core package have been added.