refactor secdist: get rid of DefaultSecdistProvider component

clickhouse/functional_tests/basic_chaos/clickhouse_service.cpp

@@ -11,7 +11,6 @@
 #include <userver/server/handlers/http_handler_json_base.hpp>
 #include <userver/storages/clickhouse.hpp>
 #include <userver/storages/secdist/component.hpp>
-#include <userver/storages/secdist/provider_component.hpp>
 #include <userver/utils/boost_uuid4.hpp>
 #include <userver/utils/daemon_run.hpp>
 
@@ -214,7 +213,6 @@ int main(int argc, char* argv[]) {
           .Append<chaos::KeyValue>()
           .Append<chaos::UuidsHandler>()
           .Append<components::Secdist>()
-          .Append<components::DefaultSecdistProvider>()
           .Append<clients::dns::Component>()
           .Append<components::ClickHouse>("clickhouse-database");
 

clickhouse/functional_tests/basic_chaos/static_config.yaml

@@ -17,8 +17,7 @@ components_manager:
             queue_timeout: 10s
             use_secure_connection: false
 
-        secdist: {}
-        default-secdist-provider:
+        secdist:
             config: /etc/clickhouse_basic_chaos/secure_data.json
             missing-ok: true
             environment-secrets-key: SECDIST_CONFIG

clickhouse/functional_tests/metrics/service.cpp

@@ -15,7 +15,6 @@
 #include <userver/storages/clickhouse/query.hpp>
 
 #include <userver/storages/secdist/component.hpp>
-#include <userver/storages/secdist/provider_component.hpp>
 
 #include <userver/utils/daemon_run.hpp>
 #include "userver/clients/http/component.hpp"
@@ -116,8 +115,7 @@ int main(int argc, char* argv[]) {
           .Append<components::TestsuiteSupport>()
           .Append<server::handlers::TestsControl>()
           .Append<clients::dns::Component>()
-          .Append<components::Secdist>()
-          .Append<components::DefaultSecdistProvider>();
+          .Append<components::Secdist>();
 
   return utils::DaemonMain(argc, argv, components_list);
 }

clickhouse/functional_tests/metrics/static_config.yaml

@@ -13,8 +13,7 @@ components_manager:
             use_secure_connection: false
             compression: lz4
 
-        secdist: {}
-        default-secdist-provider:
+        secdist:
             config: /etc/clickhouse_basic_chaos/secure_data.json
             missing-ok: true
             environment-secrets-key: SECDIST_CONFIG

core/functional_tests/cache_update/service.cpp

@@ -10,8 +10,6 @@
 #include <userver/dump/common_containers.hpp>
 #include <userver/server/handlers/http_handler_base.hpp>
 #include <userver/server/handlers/ping.hpp>
-#include <userver/storages/secdist/component.hpp>
-#include <userver/storages/secdist/provider_component.hpp>
 #include <userver/tracing/manager_component.hpp>
 #include <userver/utils/daemon_run.hpp>
 

core/functional_tests/https/service.cpp

@@ -1,6 +1,5 @@
 #include <userver/clients/dns/component.hpp>
 #include <userver/storages/secdist/component.hpp>
-#include <userver/storages/secdist/provider_component.hpp>
 #include <userver/testsuite/testsuite_support.hpp>
 
 #include <userver/alerts/handler.hpp>
@@ -20,7 +19,6 @@
 int main(int argc, char* argv[]) {
   const auto component_list = components::MinimalServerComponentList()
                                   .Append<https::HttpServerHandler>()
-                                  .Append<components::DefaultSecdistProvider>()
                                   .Append<components::Secdist>()
                                   .Append<components::LoggingConfigurator>()
                                   .Append<components::HttpClient>()

core/functional_tests/https/static_config.yaml

@@ -65,9 +65,6 @@ components_manager:
             task_processor: main-task-processor
 
         secdist:
-            provider: default-secdist-provider
-
-        default-secdist-provider:
             config: secdist.json
             missing-ok: false
 

core/functional_tests/https/tests-deadline/conftest.py

@@ -14,7 +14,7 @@ def patch_config(config_yaml, config_vars) -> None:
         tls['cert'] = str(service_source_dir / 'cert.crt')
         tls['private-key'] = str(service_source_dir / 'private_key.key')
 
-        components['default-secdist-provider']['config'] = str(
+        components['secdist']['config'] = str(
             service_source_dir / 'secdist.json',
         )
 

core/functional_tests/metrics/service.cpp

@@ -8,7 +8,6 @@
 #include <userver/dump/common_containers.hpp>
 #include <userver/server/handlers/ping.hpp>
 #include <userver/storages/secdist/component.hpp>
-#include <userver/storages/secdist/provider_component.hpp>
 #include <userver/tracing/manager_component.hpp>
 #include <userver/utils/daemon_run.hpp>
 
@@ -62,7 +61,6 @@ int main(int argc, const char* const argv[]) {
           .AppendComponentList(components::CommonComponentList())
           .AppendComponentList(components::CommonServerComponentList())
           .Append<components::Secdist>()
-          .Append<components::DefaultSecdistProvider>()
           .Append<functional_tests::CachedTranslations>()
           .Append<functional_tests::LruCachedTranslations>()
           .Append<server::handlers::Ping>();

core/functional_tests/metrics/static_config.yaml

@@ -83,7 +83,6 @@ components_manager:
             limited-logging-interval: 1s
 
         secdist: {}
-        default-secdist-provider: {}
 
         server:
             listener:

core/functional_tests/uctl/service.cpp

@@ -8,7 +8,6 @@
 #include <userver/dump/common_containers.hpp>
 #include <userver/server/handlers/ping.hpp>
 #include <userver/storages/secdist/component.hpp>
-#include <userver/storages/secdist/provider_component.hpp>
 #include <userver/tracing/manager_component.hpp>
 #include <userver/utils/daemon_run.hpp>
 
@@ -18,7 +17,6 @@ int main(int argc, const char* const argv[]) {
           .AppendComponentList(components::CommonComponentList())
           .AppendComponentList(components::CommonServerComponentList())
           .Append<components::Secdist>()
-          .Append<components::DefaultSecdistProvider>()
           .Append<server::handlers::Ping>();
   return utils::DaemonMain(argc, argv, component_list);
 }

core/functional_tests/uctl/static_config.yaml

@@ -83,7 +83,6 @@ components_manager:
             limited-logging-interval: 1s
 
         secdist: {}
-        default-secdist-provider: {}
 
         server:
             listener:

core/include/userver/storages/secdist/component.hpp

@@ -5,8 +5,7 @@
 
 #include <string>
 
-#include <userver/components/component_base.hpp>
-#include <userver/storages/secdist/secdist.hpp>
+#include <userver/storages/secdist/component_base.hpp>
 
 USERVER_NAMESPACE_BEGIN
 
@@ -15,21 +14,17 @@ namespace components {
 
 /// @ingroup userver_components
 ///
-/// @brief Component that stores security related data (keys, passwords, ...).
+/// @brief Default implementation of components::SecdistComponentBase.
 ///
 /// The component must be configured in service config.
 ///
-/// Secdist requires a provider storages::secdist::SecdistProvider
-/// You can implement your own or use components::DefaultSecdistProvider
-///
 /// ## Static configuration example:
 ///
 /// @snippet samples/redis_service/static_config.yaml Sample secdist static config
 ///
 /// ## Static options:
 /// Name | Description | Default value
 /// ---- | ----------- | -------------
-/// provider | optional secdist provider component name | 'default-secdist-provider'
 /// config | path to the config file with data | ''
 /// format | config format, either `json` or `yaml` | 'json'
 /// missing-ok | do not terminate components load if no file found by the config option | false
@@ -39,24 +34,15 @@ namespace components {
 
 // clang-format on
 
-class Secdist final : public ComponentBase {
+class Secdist final : public SecdistComponentBase {
  public:
   /// @ingroup userver_component_names
   /// @brief The default name of components::Secdist
   static constexpr std::string_view kName = "secdist";
 
   Secdist(const ComponentConfig&, const ComponentContext&);
 
-  const storages::secdist::SecdistConfig& Get() const;
-
-  rcu::ReadablePtr<storages::secdist::SecdistConfig> GetSnapshot() const;
-
-  storages::secdist::Secdist& GetStorage();
-
   static yaml_config::Schema GetStaticConfigSchema();
-
- private:
-  storages::secdist::Secdist secdist_;
 };
 
 template <>

core/include/userver/storages/secdist/component_base.hpp

@@ -0,0 +1,51 @@
+#pragma once
+
+/// @file userver/storages/secdist/component_base.hpp
+/// @brief @copybrief components::SecdistComponentBase
+
+#include <string>
+
+#include <userver/components/component_base.hpp>
+#include <userver/storages/secdist/secdist.hpp>
+
+USERVER_NAMESPACE_BEGIN
+
+namespace components {
+// clang-format off
+
+/// @ingroup userver_components
+///
+/// @brief Base component that stores security related data (keys, passwords, ...).
+///
+/// You can use a ready-made components::Secdist or implement your own.
+///
+/// ### Writing your own secrets distributor:
+/// Implement a custom provider class that contains the settings.
+/// @snippet core/include/userver/storages/secdist/default_provider.hpp Sample secdist - default provider
+///
+/// Implement a custom secdist component, configure it's static config schema
+/// and pass the custom provider to the storages::secdist::SecdistConfig::Settings.
+/// @snippet core/include/userver/storages/secdist/component.сpp Sample secdist - default secdist
+///
+// clang-format on
+
+class SecdistComponentBase : public ComponentBase {
+ public:
+  SecdistComponentBase(const ComponentConfig&, const ComponentContext&,
+                       storages::secdist::SecdistConfig::Settings&&);
+
+  const storages::secdist::SecdistConfig& Get() const;
+
+  rcu::ReadablePtr<storages::secdist::SecdistConfig> GetSnapshot() const;
+
+  storages::secdist::Secdist& GetStorage();
+
+  static yaml_config::Schema GetStaticConfigSchema();
+
+ private:
+  storages::secdist::Secdist secdist_;
+};
+
+}  // namespace components
+
+USERVER_NAMESPACE_END

core/include/userver/storages/secdist/default_provider.hpp

@@ -0,0 +1,43 @@
+#pragma once
+
+/// @file userver/storages/secdist/default_provider.hpp
+/// @brief @copybrief storages::secdist::DefaultProvider
+
+#include <string>
+
+#include <userver/storages/secdist/provider_base.hpp>
+#include <userver/storages/secdist/secdist.hpp>
+
+USERVER_NAMESPACE_BEGIN
+
+namespace storages::secdist {
+// clang-format off
+
+/// @brief Default implementation of storages::secdist::SecdistProviderBase.
+///
+/// Provides components::Secdist configurations to the
+/// storages::secdist::SecdistConfig
+
+// clang-format on
+/// [Sample secdist - default provider]
+class DefaultProvider final : public storages::secdist::SecdistProviderBase {
+ public:
+  struct Settings {
+    std::string config_path;
+    SecdistFormat format{SecdistFormat::kJson};
+    bool missing_ok{false};
+    std::optional<std::string> environment_secrets_key;
+    engine::TaskProcessor* blocking_task_processor{nullptr};
+  };
+
+  explicit DefaultProvider(Settings settings);
+
+  formats::json::Value Get() const override;
+
+ private:
+  Settings settings_;
+};
+/// [Sample secdist - default provider]
+}  // namespace storages::secdist
+
+USERVER_NAMESPACE_END

core/include/userver/storages/secdist/provider_base.hpp

@@ -0,0 +1,27 @@
+#pragma once
+
+/// @file userver/storages/secdist/provider_base.hpp
+
+#include <userver/formats/json_fwd.hpp>
+
+USERVER_NAMESPACE_BEGIN
+
+namespace storages::secdist {
+
+class SecdistProviderBase {
+ public:
+  SecdistProviderBase() = default;
+  virtual ~SecdistProviderBase() = default;
+
+  SecdistProviderBase(const SecdistProviderBase&) = delete;
+  SecdistProviderBase& operator=(const SecdistProviderBase&) = delete;
+
+  SecdistProviderBase(SecdistProviderBase&&) = default;
+  SecdistProviderBase& operator=(SecdistProviderBase&&) = default;
+
+  virtual formats::json::Value Get() const = 0;
+};
+
+}  // namespace storages::secdist
+
+USERVER_NAMESPACE_END