Trusty is a Certification Authority.
- GoLang 1.21+
- docker compose
To run or test locally, you need GitHub OAuth secret and a random seed. Add this to your ~/.profile Note that these secrets can be random if you don't use a specific feature with GCP or Github.
export AWS_ACCESS_KEY_ID=notusedbyemulator
export AWS_SECRET_ACCESS_KEY=notusedbyemulator
export AWS_DEFAULT_REGION=us-west-2
export TRUSTY_JWT_SEED=g...A
make all
initializes all dependencies, builds and tests.make proto
generates gRPC protobuf.make build
build the executablemake gen_test_certs
generate test certificatesmake test
run the testsmake testshort
runs the tests skipping the end-to-end tests and the code coverage reportingmake covtest
runs the tests with end-to-end and the code coverage reportingmake coverage
view the code coverage results from the last make test run.make generate
runs go generate to update any code gen'd files (query_console.go in our case)make fmt
runs go fmt on the project.make lint
runs the go linter on the project.
run make all
once, then run make build
or make test
as needed.
First run:
make all
Subsequent builds:
make build
Tests:
make test
Optionally run golang race detector with test targets by setting RACE flag:
make test RACE=true
Review coverage report:
make coverage
make proto
When runnning unit tests, the Unix sockets are used.
If the test fails, there can be localhost:{port}
files left on the disk.
To clean up use:
find -name "localhost:*" -delete
make docker docker-citest
Add the launch configuration to .vscode/launch.json:
{
"version": "0.2.0",
"configurations": [
{
"name": "Server",
"type": "go",
"request": "launch",
"mode": "debug",
"remotePath": "",
"port": 2345,
"host": "127.0.0.1",
"program": "${workspaceRoot}/cmd/trusty",
"env": {},
"args": [
"--log-std",
"--cfg",
"${workspaceRoot}/etc/dev/trusty-config.yaml"
],
"showLog": false
}
]
}
To enable gRPC logs:
export GRPC_GO_LOG_VERBOSITY_LEVEL=99
export GRPC_GO_LOG_SEVERITY_LEVEL=info
and run commands
make start-swagger
Before runing the above command, make sure trusty is running locally using bin/trusty
command.
cat ~/.config/trusty/config.yaml
---
clients:
local_cis:
host: http://localhost:7880
tls:
trusted_ca: /tmp/trusty/certs/trusty_root_ca.pem
request:
retry_limit: 3
timeout: 6s
local_ca:
host: https://localhost:7892
tls:
cert: /tmp/trusty/certs/trusty_client.pem
key: /tmp/trusty/certs/trusty_client.key
trusted_ca: /tmp/trusty/certs/trusty_root_ca.pem
request:
retry_limit: 3
timeout: 6s