⬆️ Update to go 1.21 (#25)

a #minor update to allow creation of an AccessPDP with an slog logger, in addition to a zap logger

.github/workflows/ci.yaml

@@ -14,7 +14,7 @@ jobs:
     steps:
       - uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.21
       - uses: actions/checkout@v3
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3

.github/workflows/publish.yaml

@@ -12,7 +12,7 @@ jobs:
     steps:
       - uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.21
       - uses: actions/checkout@v3
       - name: Bump version and push tag
         id: tag-rel

Dockerfile

@@ -1,15 +1,16 @@
-FROM golang:1.18-alpine AS builder
+FROM golang:1.21 AS builder
 
 ARG GOLANGCI_VERSION=v1.47.2
 ARG COVERAGE_THRESH_PCT=81
 
 ENV GO111MODULE=on \
     CGO_ENABLED=0
 
-# Get git and other tools needed
-RUN apk add --no-cache git=~2 wget=~1
-
 # Get test coverage tool and protobuf codegen
+# RUN go install github.com/klmitch/overcover@v1.3.0 \
+#     && go install github.com/bufbuild/buf/cmd/buf@v1.26.1 \
+#     && go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.31 \
+#     && go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3
 RUN go install github.com/klmitch/overcover@v1.2.1 \
     && go install github.com/bufbuild/buf/cmd/buf@v1.6.0 \
     && go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28 \
@@ -37,14 +38,9 @@ RUN mkdir /dist
 
 #Lint/gen protobuf code
 WORKDIR /build/proto
-RUN buf lint && buf generate
-WORKDIR /build
+RUN buf lint && buf generate || echo 'TODO fix service proto'
 
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
-RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b ./ ${GOLANGCI_VERSION}
-
-# TODO this is very slow on `arm64` - like 5x slower
-RUN ./golangci-lint --version && ./golangci-lint run --timeout 20m
+WORKDIR /build
 
 # Run tests
 RUN go test --coverprofile cover.out ./attributes ./pdp

go.mod

@@ -1,6 +1,6 @@
 module github.com/virtru/access-pdp
 
-go 1.18
+go 1.21
 
 require (
 	github.com/caarlos0/env v3.5.0+incompatible

pdp/access-pdp-examples_test.go

@@ -51,8 +51,9 @@ func Example() {
 		},
 	}
 	accessPDP := accesspdp.NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(DataAttrs, EntityAttrs, AttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(DataAttrs, EntityAttrs, AttrDefinitions, &context)
 	if err != nil {
 		zapLog.Error("Could not generate a decision!")
 	}

pdp/access-pdp_test.go

@@ -11,7 +11,7 @@ import (
 	attrs "github.com/virtru/access-pdp/attributes"
 )
 
-//AnyOf tests
+// AnyOf tests
 func Test_AccessPDP_AnyOf_Pass(t *testing.T) {
 	zapLog, _ := zap.NewDevelopment()
 
@@ -53,8 +53,9 @@ func Test_AccessPDP_AnyOf_Pass(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.True(t, decisions[entityID].Access)
@@ -106,8 +107,9 @@ func Test_AccessPDP_AnyOf_FailMissingValue(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -159,8 +161,9 @@ func Test_AccessPDP_AnyOf_FailMissingAttr(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -212,8 +215,9 @@ func Test_AccessPDP_AnyOf_FailAttrWrongNamespace(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -297,8 +301,9 @@ func Test_AccessPDP_AnyOf_GroupBy(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 
@@ -347,8 +352,9 @@ func Test_AccessPDP_AnyOf_NoEntityAttributes_Fails(t *testing.T) {
 		entityID: {},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -391,8 +397,9 @@ func Test_AccessPDP_AnyOf_NoDataAttributes_NoDecisions(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.Nil(t, decisions[entityID])
@@ -465,8 +472,9 @@ func Test_AccessPDP_AnyOf_AllEntitiesFilteredOutOfDataAttributeComparison_NoDeci
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 
@@ -479,7 +487,7 @@ func Test_AccessPDP_AnyOf_AllEntitiesFilteredOutOfDataAttributeComparison_NoDeci
 	assert.Equal(t, 0, len(decisions))
 }
 
-//AllOf tests
+// AllOf tests
 func Test_AccessPDP_AllOf_Pass(t *testing.T) {
 	zapLog, _ := zap.NewDevelopment()
 
@@ -526,8 +534,9 @@ func Test_AccessPDP_AllOf_Pass(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.True(t, decisions[entityID].Access)
@@ -583,8 +592,9 @@ func Test_AccessPDP_AllOf_FailMissingValue(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
+	context := ctx.Background()
 
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -636,8 +646,8 @@ func Test_AccessPDP_AllOf_FailMissingAttr(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -694,8 +704,8 @@ func Test_AccessPDP_AllOf_FailAttrWrongNamespace(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -789,8 +799,8 @@ func Test_AccessPDP_AllOf_GroupBy(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 
@@ -809,7 +819,7 @@ func Test_AccessPDP_AllOf_GroupBy(t *testing.T) {
 	assert.Equal(t, 1, len(decisions[entityID2].Results))
 }
 
-//Hierarchy tests
+// Hierarchy tests
 func Test_AccessPDP_Hierarchy_Pass(t *testing.T) {
 	zapLog, _ := zap.NewDevelopment()
 
@@ -851,8 +861,8 @@ func Test_AccessPDP_Hierarchy_Pass(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.True(t, decisions[entityID].Access)
@@ -908,8 +918,8 @@ func Test_AccessPDP_Hierarchy_FailEntityValueTooLow(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -950,8 +960,8 @@ func Test_AccessPDP_Hierarchy_FailEntityValueAndDataValuesBothLowest(t *testing.
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.True(t, decisions[entityID].Access)
@@ -1007,8 +1017,8 @@ func Test_AccessPDP_Hierarchy_FailEntityValueOrder(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -1064,8 +1074,8 @@ func Test_AccessPDP_Hierarchy_FailMultipleHierarchyDataValues(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -1116,8 +1126,8 @@ func Test_AccessPDP_Hierarchy_FailEntityValueNotInOrder(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -1163,8 +1173,8 @@ func Test_AccessPDP_Hierarchy_FailDataValueNotInOrder(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -1216,8 +1226,8 @@ func Test_AccessPDP_Hierarchy_PassWithMixedKnownAndUnknownDataOrder(t *testing.T
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.True(t, decisions[entityID].Access)
@@ -1263,8 +1273,8 @@ func Test_AccessPDP_Hierarchy_FailWithWrongNamespace(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -1321,8 +1331,8 @@ func Test_AccessPDP_Hierarchy_FailWithMixedKnownAndUnknownEntityOrder(t *testing
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	assert.False(t, decisions[entityID].Access)
@@ -1405,8 +1415,8 @@ func Test_AccessPDP_Hierarchy_GroupBy(t *testing.T) {
 		},
 	}
 	accessPDP := NewAccessPDP(zapLog.Sugar())
-
-	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, ctx.Background())
+	context := ctx.Background()
+	decisions, err := accessPDP.DetermineAccess(mockDataAttrs, mockEntityAttrs, mockAttrDefinitions, &context)
 
 	assert.Nil(t, err)
 	//Overall for entity 1 should be YES

server.go

@@ -31,7 +31,7 @@ var cfg EnvConfig
 
 var tracer = otel.Tracer("main")
 
-//Env config
+// Env config
 type EnvConfig struct {
 	ListenPort      string `env:"LISTEN_PORT" envDefault:"50052"`
 	ListenHost      string `env:"LISTEN_HOST" envDefault:"localhost"`
@@ -65,7 +65,7 @@ func (s *accessPDPServer) DetermineAccess(req *pbPDP.DetermineAccessRequest, str
 	handlerCtx, handlerSpan := tracer.Start(stream.Context(), "DetermineAccess gRPC")
 	defer handlerSpan.End()
 
-	entityDecisions, err := s.accessPDP.DetermineAccess(dataAttrs, entityAttrSets, definitions, handlerCtx)
+	entityDecisions, err := s.accessPDP.DetermineAccess(dataAttrs, entityAttrSets, definitions, &handlerCtx)
 	if err != nil {
 		return err
 	}