Add library support #126
Add library support #126
Conversation
Fixes #85 This PR makes two changes that allow this code to act as a library and better support testing in other software like Omicron and Sprockets. 1. It moves all the logic for validating a `Document` and writing files out of `main.rs` and into `ValidDocument.rs`. 2. It provides support for programatically generating sprockets configs. Correctness is checked via a test that compares the example config copied over from the sprockets repo with one generated by the new `sprockets::generate_config` API. To make this work, I modified the serial numbers in the example to be match the generation scheme. I made some other small changes to better support a library like allowing a path to be input in certain places. Relatedly, I changed to use `camino` rather than `std::path` like most of our other software.
Cargo.toml
Outdated
| # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html | ||
|
|
||
| [dependencies] | ||
| camino = { version = "1.2.0", features = ["serde1"] } |
There was a problem hiding this comment.
I don't think the configs that we deserialize include any file paths so the serde1 feature probably isn't required. This commit builds fine w/o it and the "sprockets" config you've added can be used to generate keys / certs / cert lists without it as well.
There was a problem hiding this comment.
Fixed in 588a6da
| /// In order to prevent mutation, all fields on a `ValidDocument` are private. | ||
| /// | ||
| /// https://lexi-lambda.github.io/blog/2019/11/05/parse-don-t-validate/ | ||
| #[derive(Debug, PartialEq, Eq)] |
There was a problem hiding this comment.
Are the equality derives here necessary? I got here by following these same derive macros that are added to the ValidDocuments members but I can't find any place where we're comparing any of these types for equality. I can't imagine that adding this is harmful so it's not like I object to deriving these traits, just trying to cut through the noise I guess?
There was a problem hiding this comment.
They are used in the tests to check that the constructed documents match the parsed kdl.
There was a problem hiding this comment.
just came back to correct my comment after getting to that code, thanks for clarifying
There was a problem hiding this comment.
Even though I removed the test, I left the derives because I'm going to put the test in sprockets.
I removed all the sprockets related stuff and will put it in sprockets as we discussed. I think this is ready to go. |
This PR allows certs to be generated for multiple nodes so that we can spin up arbitrary test clusters for trust quorum testing in Omicron. A small change was made to the example `config.kdl` to better enable code based generation as used in the test. Depends upon oxidecomputer/pki-playground#126
This PR allows certs to be generated for multiple nodes so that we can spin up arbitrary test clusters for trust quorum testing in Omicron. A small change was made to the example `config.kdl` to better enable code based generation as used in the test. Depends upon oxidecomputer/pki-playground#126
This PR allows certs to be generated for multiple nodes so that we can spin up arbitrary test clusters for trust quorum testing in Omicron. A small change was made to the example `config.kdl` to better enable code based generation as used in the test. Depends upon oxidecomputer/pki-playground#126
Fixes #85
This PR makes two changes that allow this code to act as a library and better support testing in other software like Omicron and Sprockets.
Documentand writing files out ofmain.rsand intoValidDocument.rs.sprockets::generate_configAPI. To make this work, I modified the serial numbers in the example to be match the generation scheme.I made some other small changes to better support a library like allowing a path to be input in certain places. Relatedly, I changed to use
caminorather thanstd::pathlike most of our other software.