Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop OpenAPI from Fulcio #262

Merged
merged 5 commits into from
Dec 7, 2021
Merged

Drop OpenAPI from Fulcio #262

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
5b36f68
Drop OpenAPI for the client/server.
mattmoor Dec 2, 2021
aa723db
Add back host/port flags
mattmoor Dec 6, 2021
7db3154
Drop go-swagger vendor
mattmoor Dec 6, 2021
9c69502
Move flags to rootCmd to match others
mattmoor Dec 6, 2021
ca5e2e4
Check ErrServerClosed and fix status code for media types
mattmoor Dec 7, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 0 additions & 2 deletions .gitattributes
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +0,0 @@
/pkg/generated/** linguist-generated
/pkg/generated/restapi/configure_fulcio_server.go -linguist-generated
3 changes: 0 additions & 3 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,6 @@ jobs:
with:
go-version: ${{ env.GOVERSION }}

- name: Validate OpenAPI with Swagger
run: make validate-openapi

- name: Build
run: make -C $GITHUB_WORKSPACE all
- name: Test
Expand Down
23 changes: 1 addition & 22 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,8 @@ all: fulcio
# Ensure Make is run with bash shell as some syntax below is bash-specific
SHELL:=/usr/bin/env bash

GENSRC = pkg/generated/models/%.go pkg/generated/restapi/%.go
OPENAPIDEPS = openapi.yaml
SRCS = $(shell find cmd -iname "*.go") $(shell find pkg -iname "*.go"|grep -v pkg/generated) pkg/generated/restapi/configure_fulcio_server.go $(GENSRC)
SRCS = $(shell find cmd -iname "*.go") $(shell find pkg -iname "*.go")
TOOLS_DIR := hack/tools
TOOLS_BIN_DIR := $(abspath $(TOOLS_DIR)/bin)
BIN_DIR := $(abspath $(ROOT_DIR)/bin)
Expand All @@ -44,16 +43,6 @@ endif

SERVER_PKG=github.com/sigstore/fulcio/cmd/app
SERVER_LDFLAGS="-X $(SERVER_PKG).gitVersion=$(GIT_VERSION) -X $(SERVER_PKG).gitCommit=$(GIT_HASH) -X $(SERVER_PKG).gitTreeState=$(GIT_TREESTATE) -X $(SERVER_PKG).buildDate=$(BUILD_DATE)"

# Binaries
SWAGGER := $(TOOLS_BIN_DIR)/swagger

$(GENSRC): $(SWAGGER) $(OPENAPIDEPS)
$(SWAGGER) generate server -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --exclude-main -A fulcio_server --exclude-spec --flag-strategy=pflag --principal github.com/coreos/go-oidc/v3/oidc.IDToken --additional-initialism=SCT
$(SWAGGER) generate client -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --principal github.com/coreos/go-oidc/v3/oidc.IDToken

# this exists to override pattern match rule above since this file is in the generated directory but should not be treated as generated code
pkg/generated/restapi/configure_fulcio_server.go: $(OPENAPIDEPS)


lint:
Expand Down Expand Up @@ -82,10 +71,6 @@ debug:
docker-compose -f docker-compose.yml -f docker-compose.debug.yml up fulcio-server-debug


.PHONY: validate-openapi
validate-openapi: $(SWAGGER)
$(SWAGGER) validate openapi.yaml

## --------------------------------------
## Modules
## --------------------------------------
Expand All @@ -104,9 +89,3 @@ dist:
mkdir -p dist
docker run -it -v $(PWD):/go/src/sigstore/fulcio -w /go/src/sigstore/fulcio golang:1.16.6 /bin/bash -c "GOOS=linux GOARCH=amd64 go build -trimpath -o dist/fulcio-server-linux-amd64"

## --------------------------------------
## Tooling Binaries
## --------------------------------------

$(SWAGGER): $(TOOLS_DIR)/go.mod
cd $(TOOLS_DIR); go build -trimpath -tags=tools -o $(TOOLS_BIN_DIR)/swagger github.com/go-swagger/go-swagger/cmd/swagger
2 changes: 2 additions & 0 deletions cmd/app/root.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@ func init() {
rootCmd.PersistentFlags().String("ct-log-url", "http://localhost:6962/test", "host and path (with log prefix at the end) to the ct log")
rootCmd.PersistentFlags().String("config-path", "/etc/fulcio-config/config.json", "path to fulcio config json")
rootCmd.PersistentFlags().String("pkcs11-config-path", "config/crypto11.conf", "path to fulcio pkcs11 config file")
rootCmd.PersistentFlags().String("host", "0.0.0.0", "The host on which to serve requests")
rootCmd.PersistentFlags().String("port", "8080", "The port on which to serve requests")

if err := viper.BindPFlags(rootCmd.PersistentFlags()); err != nil {
log.Logger.Fatal(err)
Expand Down
56 changes: 26 additions & 30 deletions cmd/app/serve.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ import (
"fmt"
"net/http"

"github.com/go-openapi/loads"
"github.com/prometheus/client_golang/prometheus/promhttp"
"github.com/sigstore/fulcio/pkg/api"
certauth "github.com/sigstore/fulcio/pkg/ca"
Expand All @@ -29,8 +28,6 @@ import (
googlecav1beta1 "github.com/sigstore/fulcio/pkg/ca/googleca/v1beta1"
"github.com/sigstore/fulcio/pkg/ca/x509ca"
"github.com/sigstore/fulcio/pkg/config"
"github.com/sigstore/fulcio/pkg/generated/restapi"
"github.com/sigstore/fulcio/pkg/generated/restapi/operations"
"github.com/sigstore/fulcio/pkg/log"
"github.com/spf13/cobra"
"github.com/spf13/viper"
Expand Down Expand Up @@ -66,14 +63,6 @@ var serveCmd = &cobra.Command{
// from https://github.com/golang/glog/commit/fca8c8854093a154ff1eb580aae10276ad6b1b5f
_ = flag.CommandLine.Parse([]string{})

doc, _ := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
server := restapi.NewServer(operations.NewFulcioServerAPI(doc))
defer func() {
if err := server.Shutdown(); err != nil {
log.Logger.Error(err)
}
}()

cfg, err := config.Load(viper.GetString("config-path"))
if err != nil {
log.Logger.Fatalf("error loading config: %v", err)
Expand Down Expand Up @@ -110,31 +99,38 @@ var serveCmd = &cobra.Command{
log.Logger.Fatal(err)
}

server.EnabledListeners = []string{"http"}

server.ConfigureAPI()

h := server.GetHandler()
server.SetHandler(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
decorateHandler := func(h http.Handler) http.Handler {
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()

// For each request, infuse context with our snapshot of the FulcioConfig.
// TODO(mattmoor): Consider periodically (every minute?) refreshing the ConfigMap
// from disk, so that we don't need to cycle pods to pick up config updates.
// Alternately we could take advantage of Knative's configmap watcher.
ctx = config.With(ctx, cfg)
ctx = api.WithCA(ctx, baseca)
ctx = api.WithCTLogURL(ctx, viper.GetString("ct-log-url"))
// For each request, infuse context with our snapshot of the FulcioConfig.
// TODO(mattmoor): Consider periodically (every minute?) refreshing the ConfigMap
// from disk, so that we don't need to cycle pods to pick up config updates.
// Alternately we could take advantage of Knative's configmap watcher.
ctx = config.With(ctx, cfg)
ctx = api.WithCA(ctx, baseca)
ctx = api.WithCTLogURL(ctx, viper.GetString("ct-log-url"))

h.ServeHTTP(rw, r.WithContext(ctx))
}))
h.ServeHTTP(rw, r.WithContext(ctx))
})
}

http.Handle("/metrics", promhttp.Handler())
prom := http.Server{
Addr: ":2112",
Handler: promhttp.Handler(),
}
go func() {
_ = http.ListenAndServe(":2112", nil)
_ = prom.ListenAndServe()
}()

if err := server.Serve(); err != nil {
host, port := viper.GetString("host"), viper.GetString("port")
log.Logger.Infof("%s:%s", host, port)
api := http.Server{
Addr: host + ":" + port,
Handler: decorateHandler(api.NewHandler()),
}

if err := api.ListenAndServe(); err != nil {
mattmoor marked this conversation as resolved.
Show resolved Hide resolved
log.Logger.Fatal(err)
}
},
Expand Down
17 changes: 3 additions & 14 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,37 +6,26 @@ require (
cloud.google.com/go/security v1.1.0
github.com/PaesslerAG/jsonpath v0.1.1
github.com/ThalesIgnite/crypto11 v1.2.5
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
github.com/coreos/go-oidc/v3 v3.1.0
github.com/go-chi/chi v4.1.2+incompatible
github.com/go-openapi/errors v0.20.1
github.com/go-openapi/loads v0.21.0
github.com/go-openapi/runtime v0.21.0
github.com/go-openapi/spec v0.20.4
github.com/go-openapi/strfmt v0.21.1
github.com/go-openapi/swag v0.19.15
github.com/go-openapi/validate v0.20.3
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/go-cmp v0.5.6
github.com/google/uuid v1.3.0
github.com/hashicorp/golang-lru v0.5.4
github.com/mailru/easyjson v0.7.7 // indirect
github.com/mitchellh/mapstructure v1.4.3
github.com/mitchellh/mapstructure v1.4.3 // indirect
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.11.0
github.com/prometheus/common v0.29.0 // indirect
github.com/prometheus/procfs v0.7.0 // indirect
github.com/rs/cors v1.8.0
github.com/sigstore/sigstore v1.0.1
github.com/spf13/cobra v1.2.1
github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.9.0
github.com/stretchr/testify v1.7.0
github.com/tidwall/pretty v1.2.0 // indirect
go.uber.org/multierr v1.7.0 // indirect
go.uber.org/zap v1.19.1
golang.org/x/net v0.0.0-20210614182718-04defd469f4e
golang.org/x/text v0.3.7 // indirect
google.golang.org/genproto v0.0.0-20211027162914-98a5263abeca
google.golang.org/protobuf v1.27.1
gopkg.in/square/go-jose.v2 v2.6.0
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
)