feat: add bao provider #92

csatib02 · 2024-03-01T12:15:40Z

Overview

Added support for the openBao provider.
The provider can still use the Vault-sdk, so there has been no changes to the original Vault interface.
The provider not yet utilizes the BAO_ADDR in the client so a workaround has been applied in provider/bao/config.go and in env_store.go/workaroundForBao(), but that can be addressed when the first openBao release is out: Remove openBao workaround when its been released #112
Added both unit and e2e tests for the Bao provider.
Currently there is no nixPkg available for openBao, an issue can be opened in this case.
Ended up removing a not so important test because it started failing since gh actions v4.x.x.
I noticed that the e2e tests for daemon-mode were not quite useful... Made them so.

akijakya

LGTM!

Signed-off-by: Bence Csati <[email protected]>

Signed-off-by: Bence Csati <[email protected]> chore: bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump docker/build-push-action from 5.1.0 to 5.2.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@4a13e50...af5a7ed) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump docker/build-push-action from 5.2.0 to 5.3.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@af5a7ed...2cdde99) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump actions/checkout from 4.1.1 to 4.1.2 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...9bb5618) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18 Bumps golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@84384bd...062f259) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump github.com/stretchr/testify from 1.8.4 to 1.9.0 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump actions/cache from 4.0.0 to 4.0.1 Bumps [actions/cache](https://github.com/actions/cache) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@13aacd8...ab5e6d0) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump cachix/install-nix-action from 25 to 26 Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 25 to 26. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](cachix/install-nix-action@6004951...8887e59) --- updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump DeterminateSystems/magic-nix-cache-action from 3 to 4 Bumps [DeterminateSystems/magic-nix-cache-action](https://github.com/determinatesystems/magic-nix-cache-action) from 3 to 4. - [Release notes](https://github.com/determinatesystems/magic-nix-cache-action/releases) - [Commits](DeterminateSystems/magic-nix-cache-action@eeabdb0...fc6aace) --- updated-dependencies: - dependency-name: DeterminateSystems/magic-nix-cache-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump docker/setup-buildx-action from 3.1.0 to 3.2.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@0d103c3...2b51285) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump docker/login-action from 3.0.0 to 3.1.0 Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@343f7c4...e92390c) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump golang from `010f3b3` to `ede158f` Bumps golang from `010f3b3` to `ede158f`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump github.com/hashicorp/vault/api from 1.12.1 to 1.12.2 Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.12.1 to 1.12.2. - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault@v1.12.1...v1.12.2) --- updated-dependencies: - dependency-name: github.com/hashicorp/vault/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump actions/cache from 4.0.1 to 4.0.2 Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@ab5e6d0...0c45773) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> chore: bump actions/dependency-review-action from 4.1.3 to 4.2.3 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.1.3 to 4.2.3. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@9129d7d...0fa40c3) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: Bence Csati <[email protected]>

Signed-off-by: Bence Csati <[email protected]> fix: add back test Signed-off-by: Bence Csati <[email protected]> fix: test Signed-off-by: Bence Csati <[email protected]> fix: test Signed-off-by: Bence Csati <[email protected]> fix: test Signed-off-by: Bence Csati <[email protected]> fix: test Signed-off-by: Bence Csati <[email protected]> fix: test Signed-off-by: Bence Csati <[email protected]>

Signed-off-by: Bence Csati <[email protected]>

Signed-off-by: Bence Csati <[email protected]> fix(): e2e Signed-off-by: Bence Csati <[email protected]> fix(): e2e Signed-off-by: Bence Csati <[email protected]> fix: e2e Signed-off-by: Bence Csati <[email protected]>

env_store_test.go

examples/standalone-tool.md

pkg/provider/bao/client_logger.go

pkg/provider/bao/daemon_secret_renewer.go

pkg/provider/bao/bao.go

env_store.go

Signed-off-by: Bence Csati <[email protected]>

env_store.go

pkg/internal/utils/client_logger.go

Signed-off-by: Bence Csati <[email protected]>

csatib02 added the kind/feature Categorizes issue or PR as related to a new feature. label Mar 1, 2024

csatib02 requested review from sagikazarmark, ramizpolic and akijakya March 1, 2024 12:15

csatib02 self-assigned this Mar 1, 2024

csatib02 requested a review from a team as a code owner March 1, 2024 12:15

github-actions bot added the size/XL Denotes a PR that changes 1000+ lines label Mar 1, 2024

csatib02 removed the request for review from a team March 1, 2024 12:16

akijakya approved these changes Mar 14, 2024

View reviewed changes

csatib02 force-pushed the feat/add-bao-provider branch from a6a3f29 to 0e4a80f Compare March 25, 2024 15:35

csatib02 added 4 commits March 25, 2024 16:55

feat: add bao provider

30cdf05

Signed-off-by: Bence Csati <[email protected]>

feat: add bao provider to docs

bb3fd6b

Signed-off-by: Bence Csati <[email protected]>

chore

3a5b915

Signed-off-by: Bence Csati <[email protected]>

akijakya force-pushed the feat/add-bao-provider branch from 2235ba8 to 3a5b915 Compare March 25, 2024 15:58

csatib02 added 5 commits March 25, 2024 17:20

fix: add temp openbao docker image

57df1ec

Signed-off-by: Bence Csati <[email protected]>

fix: remove toolchain

20971ae

Signed-off-by: Bence Csati <[email protected]>

fix: add bao container to the ci

c58730c

Signed-off-by: Bence Csati <[email protected]>

fix: container image in ci

720d473

Signed-off-by: Bence Csati <[email protected]>

csatib02 force-pushed the feat/add-bao-provider branch from 2cf5c5e to 4570495 Compare March 25, 2024 18:45

feat: add bao service to ci

0cefffe

Signed-off-by: Bence Csati <[email protected]>

csatib02 linked an issue Mar 25, 2024 that may be closed by this pull request

Add openBao test to the CI once released #95

Closed

csatib02 requested a review from akijakya March 25, 2024 19:11

fix(e2e): daemon-mode e2e tests, and examples fixed

bb0be10

Signed-off-by: Bence Csati <[email protected]> fix(): e2e Signed-off-by: Bence Csati <[email protected]> fix(): e2e Signed-off-by: Bence Csati <[email protected]> fix: e2e Signed-off-by: Bence Csati <[email protected]>

csatib02 force-pushed the feat/add-bao-provider branch from e28df7c to bb0be10 Compare March 26, 2024 13:37

ramizpolic requested changes Apr 5, 2024

View reviewed changes

This was referenced Apr 5, 2024

Extend Daemon Secret Renewer Interface for Centralized Process Control #117

Open

refactor: move injectors under pkg/injector bank-vaults/internal#198

Merged

Allow passing contexts to providers #118

Closed

fix: remarks

e4e21f6

Signed-off-by: Bence Csati <[email protected]>

ramizpolic requested changes Apr 5, 2024

View reviewed changes

env_store.go Outdated Show resolved Hide resolved

pkg/internal/utils/client_logger.go Outdated Show resolved Hide resolved

fix: remarks

a7464bd

Signed-off-by: Bence Csati <[email protected]>

ramizpolic approved these changes Apr 5, 2024

View reviewed changes

csatib02 merged commit 746bc73 into main Apr 8, 2024
20 checks passed

csatib02 deleted the feat/add-bao-provider branch April 8, 2024 07:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: add bao provider #92

feat: add bao provider #92

csatib02 commented Mar 1, 2024 •

edited

Loading

akijakya left a comment

feat: add bao provider #92

feat: add bao provider #92

Conversation

csatib02 commented Mar 1, 2024 • edited Loading

Overview

akijakya left a comment

Choose a reason for hiding this comment

csatib02 commented Mar 1, 2024 •

edited

Loading