Merge branch 'main' into bump-minor-version-to-25

go-vela · Sep 20, 2024 · eac5ac2 · eac5ac2
2 parents 9ec7481 + 8673e41
commit eac5ac2
Show file tree

Hide file tree

Showing 9 changed files with 423 additions and 41 deletions.
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -11,27 +11,24 @@ jobs:
   validate:
     runs-on: ubuntu-latest
     steps:
-    - name: clone
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-
-    - name: install go
-      uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
-      with:
-        # use version from go.mod file
-        go-version-file: 'go.mod'
-        cache: true
-        check-latest: true
+      - name: clone
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
-    - name: validate
-      run: |
-        # Check that go mod tidy produces a zero diff; clean up any changes afterwards.
-        go mod tidy && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
-        # Check that go vet ./... produces a zero diff; clean up any changes afterwards.
-        go vet ./... && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
-        # Check that go fmt ./... produces a zero diff; clean up any changes afterwards.
-        go fmt ./... && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
-        # Check that go fix ./... produces a zero diff; clean up any changes afterwards.
-        #
-        # Renable this after https://github.com/golang/go/commit/7fd62ba821b1044e8e4077df052b0a1232672d57
-        # has been released.
-        # go fix ./... && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
+      - name: install go
+        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
+        with:
+          # use version from go.mod file
+          go-version-file: "go.mod"
+          cache: true
+          check-latest: true
+
+      - name: validate
+        run: |
+          # Check that go mod tidy produces a zero diff; clean up any changes afterwards.
+          go mod tidy && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
+          # Check that go vet ./... produces a zero diff; clean up any changes afterwards.
+          go vet ./... && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
+          # Check that go fmt ./... produces a zero diff; clean up any changes afterwards.
+          go fmt ./... && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
+          # Check that go fix ./... produces a zero diff; clean up any changes afterwards.
+          go fix ./... && git diff --exit-code; code=$?; git checkout -- .; (exit $code)
diff --git a/go.mod b/go.mod
@@ -1,15 +1,13 @@
 module github.com/go-vela/sdk-go
 
-go 1.22.0
-
-toolchain go1.22.4
+go 1.23.1
 
 require (
 	github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835
 	github.com/coreos/go-semver v0.3.1
 	github.com/gin-gonic/gin v1.10.0
-	github.com/go-vela/server v0.24.1
-	github.com/go-vela/types v0.24.0
+	github.com/go-vela/server v0.24.3-0.20240905182859-d0fa4f7d8dad
+	github.com/go-vela/types v0.24.1-0.20240826141537-76a66e72d5dc
 	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/google/go-cmp v0.6.0
 	github.com/google/go-querystring v1.1.0
@@ -53,9 +51,9 @@ require (
 	github.com/urfave/cli/v2 v2.27.2 // indirect
 	github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 // indirect
 	golang.org/x/arch v0.8.0 // indirect
-	golang.org/x/crypto v0.24.0 // indirect
-	golang.org/x/net v0.25.0 // indirect
-	golang.org/x/sys v0.21.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	google.golang.org/protobuf v1.34.1 // indirect
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect

diff --git a/go.sum b/go.sum
@@ -36,10 +36,10 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8=
 github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
-github.com/go-vela/server v0.24.1 h1:iM5REZBh6oHD0nxEH4O6dkUWNhY3MNrWBLNWGUUwcP8=
-github.com/go-vela/server v0.24.1/go.mod h1:jCnJPiyaRLcdy1u5fKIf7BqsbYAbVMjjI7dlyxZovME=
-github.com/go-vela/types v0.24.0 h1:KkkiXxw3uHckh/foyadmLY1YnLw6vhZbz9XwqONCj6o=
-github.com/go-vela/types v0.24.0/go.mod h1:YWj6BIapl9Kbj4yHq/fp8jltXdGiwD/gTy1ez32Rzag=
+github.com/go-vela/server v0.24.3-0.20240905182859-d0fa4f7d8dad h1:JLd0G8P4Bi381bxSR8ws1nFvc7yGz0v1jcXGY3J1ChU=
+github.com/go-vela/server v0.24.3-0.20240905182859-d0fa4f7d8dad/go.mod h1:3KmEXG+6N0jfwxPKBM8oIOM3iAcxwJvqsOs0RZvGYnI=
+github.com/go-vela/types v0.24.1-0.20240826141537-76a66e72d5dc h1:VyT2tBwPVO9fMmn+22TC4rY4dp+d71To/Qo5Vk4cOSo=
+github.com/go-vela/types v0.24.1-0.20240826141537-76a66e72d5dc/go.mod h1:WcSiFm8cWuErRw4aI08NrfM+SZzidnbUs2fmO5klFKo=
 github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
 github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
@@ -123,15 +123,15 @@ github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913/go.mod h1:4aEEwZQut
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
 golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
-golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
-golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
-golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
-golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
+golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
+golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
+golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
-golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
+golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

diff --git a/vela/admin.go b/vela/admin.go
@@ -21,6 +21,7 @@ type (
 		Clean      *AdminCleanService
 		Deployment *AdminDeploymentService
 		Hook       *AdminHookService
+		OIDC       *AdminOIDCService
 		Repo       *AdminRepoService
 		Secret     *AdminSecretService
 		Service    *AdminSvcService
@@ -46,6 +47,9 @@ type (
 	// the server methods of the Vela API.
 	AdminHookService service
 
+	// AdminOIDCService handles key rotation for OpenID Connect.
+	AdminOIDCService service
+
 	// AdminRepoService handles retrieving admin repos from
 	// the server methods of the Vela API.
 	AdminRepoService service
@@ -302,3 +306,16 @@ func (svc *AdminWorkerService) RegisterToken(hostname string) (*library.Token, *
 
 	return t, resp, err
 }
+
+// RotateOIDCKeys sends a request to rotate the private keys used for creating ID tokens.
+func (svc *AdminOIDCService) RotateOIDCKeys() (*string, *Response, error) {
+	// set the API endpoint path we send the request to
+	url := "/api/v1/admin/rotate_oidc_keys"
+
+	v := new(string)
+
+	// send request using client
+	resp, err := svc.client.Call("POST", url, nil, v)
+
+	return v, resp, err
+}
diff --git a/vela/admin_test.go b/vela/admin_test.go
@@ -552,3 +552,47 @@ func TestAdmin_Settings_Restore_200(t *testing.T) {
 		t.Errorf("Settings.Restore returned %v, want %v", got, want)
 	}
 }
+
+func TestAdmin_OIDC_RotateKeys_200(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	want := "keys rotated successfully"
+
+	// run test
+	got, resp, err := c.Admin.OIDC.RotateOIDCKeys()
+	if err != nil {
+		t.Errorf("RotateOIDCKeys returned err: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("RotateOIDCKeys returned %v, want %v", resp.StatusCode, http.StatusOK)
+	}
+
+	if diff := cmp.Diff(&want, got); diff != "" {
+		t.Errorf("RotateOIDCKeys() mismatch (-want +got):\n%s", diff)
+	}
+}
+
+func TestAdmin_OIDC_RotateKeys_Unauthorized(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	c.Authentication.SetTokenAuth("invalid")
+
+	// run test
+	_, resp, err := c.Admin.OIDC.RotateOIDCKeys()
+	if err == nil {
+		t.Error("RotateOIDCKeys should have returned err")
+	}
+
+	if resp.StatusCode != http.StatusUnauthorized {
+		t.Errorf("RotateOIDCKeys returned %v, want %v", resp.StatusCode, http.StatusUnauthorized)
+	}
+}
diff --git a/vela/client.go b/vela/client.go
@@ -54,6 +54,7 @@ type (
 		Secret         *SecretService
 		Step           *StepService
 		Svc            *SvcService
+		User           *UserService
 		Worker         *WorkerService
 		Queue          *QueueService
 	}
@@ -131,6 +132,7 @@ func NewClient(baseURL, id string, httpClient *http.Client) (*Client, error) {
 		&AdminCleanService{client: c},
 		&AdminDeploymentService{client: c},
 		&AdminHookService{client: c},
+		&AdminOIDCService{client: c},
 		&AdminRepoService{client: c},
 		&AdminSecretService{client: c},
 		&AdminSvcService{client: c},
@@ -151,6 +153,7 @@ func NewClient(baseURL, id string, httpClient *http.Client) (*Client, error) {
 	c.Secret = &SecretService{client: c}
 	c.Step = &StepService{client: c}
 	c.Svc = &SvcService{client: c}
+	c.User = &UserService{client: c}
 	c.Worker = &WorkerService{client: c}
 	c.Queue = &QueueService{client: c}
 

diff --git a/vela/client_test.go b/vela/client_test.go
@@ -39,6 +39,7 @@ func TestVela_NewClient(t *testing.T) {
 		&AdminCleanService{client: want},
 		&AdminDeploymentService{client: want},
 		&AdminHookService{client: want},
+		&AdminOIDCService{client: want},
 		&AdminRepoService{client: want},
 		&AdminSecretService{client: want},
 		&AdminSvcService{client: want},
@@ -59,6 +60,7 @@ func TestVela_NewClient(t *testing.T) {
 	want.Secret = &SecretService{client: want}
 	want.Step = &StepService{client: want}
 	want.Svc = &SvcService{client: want}
+	want.User = &UserService{client: want}
 	want.Worker = &WorkerService{client: want}
 	want.Queue = &QueueService{client: want}
 

diff --git a/vela/user.go b/vela/user.go
@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: Apache-2.0
+
+package vela
+
+import (
+	"fmt"
+
+	api "github.com/go-vela/server/api/types"
+)
+
+// UserService handles retrieving users from
+// the server methods of the Vela API.
+type UserService service
+
+// Get returns the provided user by name.
+func (svc *UserService) Get(name string) (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := fmt.Sprintf("/api/v1/users/%s", name)
+
+	// api user type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("GET", u, nil, v)
+
+	return v, resp, err
+}
+
+// GetCurrent returns the current user.
+func (svc *UserService) GetCurrent() (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := "/api/v1/user"
+
+	// api user type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("GET", u, nil, v)
+
+	return v, resp, err
+}
+
+// Update modifies a user with the provided details.
+func (svc *UserService) Update(name string, user *api.User) (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := fmt.Sprintf("/api/v1/users/%s", name)
+
+	// api User type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("PUT", u, user, v)
+
+	return v, resp, err
+}
+
+// Update modifies the current user with the provided details.
+func (svc *UserService) UpdateCurrent(user *api.User) (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := "/api/v1/user"
+
+	// api User type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("PUT", u, user, v)
+
+	return v, resp, err
+}