Skip to content

Commit

Permalink
chore: address comments and fix cargo hack
Browse files Browse the repository at this point in the history
  • Loading branch information
@NishantJoshi00
NishantJoshi00 committed Nov 2, 2023
1 parent f8d7ac0 commit 88ca5ee
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 27 deletions.
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Expand Up @@ -6,8 +6,8 @@ edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[features]
release = ["middleware", "key_custodian"]
default = []
release = ["kms", "middleware", "key_custodian"]
kms = ["dep:aws-config", "dep:aws-sdk-kms"]
middleware = []
key_custodian = []
Expand Down
3 changes: 2 additions & 1 deletion Makefile
View file
@@ -1,4 +1,5 @@

docker-build:
docker build -t locker .

docker-run:
docker run -v `pwd`/config/docker-configuration.toml:/local/config/development.toml -p 8080:8080 -d locker
Expand Down
56 changes: 31 additions & 25 deletions src/app.rs
View file
Expand Up @@ -137,31 +137,37 @@ impl AppState {
.change_context(error::ConfigurationError::KmsDecryptError("master_key"))?;
config.secrets.master_key = kms_decrypted_master_key.data;

let tenant_public_key_kms_input: KmsData<Base64Encoded> =
KmsData::new(config.secrets.tenant_public_key.peek().clone());
let kms_decrypted_tenant_public_key: KmsData<Raw> = kms_client
.decrypt(tenant_public_key_kms_input)
.await
.change_context(error::ConfigurationError::KmsDecryptError(
"tenant_public_key",
))?;
config.secrets.tenant_public_key =
String::from_utf8(kms_decrypted_tenant_public_key.data)
.expect("Failed while converting bytes to String")
.into();

let locker_private_key_kms_input: KmsData<Base64Encoded> =
KmsData::new(config.secrets.locker_private_key.peek().clone());
let kms_decrypted_locker_private_key: KmsData<Raw> = kms_client
.decrypt(locker_private_key_kms_input)
.await
.change_context(error::ConfigurationError::KmsDecryptError(
"locker_private_key",
))?;
config.secrets.locker_private_key =
String::from_utf8(kms_decrypted_locker_private_key.data)
.expect("Failed while converting bytes to String")
.into();
#[cfg(feature = "middleware")]
{
let tenant_public_key_kms_input: KmsData<Base64Encoded> =
KmsData::new(config.secrets.tenant_public_key.peek().clone());
let kms_decrypted_tenant_public_key: KmsData<Raw> = kms_client
.decrypt(tenant_public_key_kms_input)
.await
.change_context(error::ConfigurationError::KmsDecryptError(
"tenant_public_key",
))?;
config.secrets.tenant_public_key =
String::from_utf8(kms_decrypted_tenant_public_key.data)
.expect("Failed while converting bytes to String")
.into();
}

#[cfg(feature = "middleware")]
{
let locker_private_key_kms_input: KmsData<Base64Encoded> =
KmsData::new(config.secrets.locker_private_key.peek().clone());
let kms_decrypted_locker_private_key: KmsData<Raw> = kms_client
.decrypt(locker_private_key_kms_input)
.await
.change_context(error::ConfigurationError::KmsDecryptError(
"locker_private_key",
))?;
config.secrets.locker_private_key =
String::from_utf8(kms_decrypted_locker_private_key.data)
.expect("Failed while converting bytes to String")
.into();
}

let db_password_kms_input: KmsData<Base64Encoded> =
KmsData::new(config.database.password.peek().clone());
Expand Down

0 comments on commit 88ca5ee

Please sign in to comment.