Implement MongoDB-based storage for Pack Run approval, artifact, log, and state management
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Added MongoPackRunApprovalStore for managing approval states with MongoDB. - Introduced MongoPackRunArtifactUploader for uploading and storing artifacts. - Created MongoPackRunLogStore to handle logging of pack run events. - Developed MongoPackRunStateStore for persisting and retrieving pack run states. - Implemented unit tests for MongoDB stores to ensure correct functionality. - Added MongoTaskRunnerTestContext for setting up MongoDB test environment. - Enhanced PackRunStateFactory to correctly initialize state with gate reasons.
This commit is contained in:
master
@@ -53,9 +53,7 @@ internal sealed class AwsKmsFacade : IAwsKmsFacade
|
||||
config.ServiceURL = options.Endpoint;
|
||||
}
|
||||
|
||||
config.UseFIPSEndpoint = options.UseFipsEndpoint
|
||||
? UseFIPSEndpointState.Enabled
|
||||
: UseFIPSEndpointState.Disabled;
|
||||
config.UseFIPSEndpoint = options.UseFipsEndpoint;
|
||||
|
||||
_client = new AmazonKeyManagementServiceClient(config);
|
||||
_ownsClient = true;
|
||||
@@ -94,17 +92,18 @@ internal sealed class AwsKmsFacade : IAwsKmsFacade
|
||||
}
|
||||
|
||||
using var messageStream = new MemoryStream(digest.ToArray(), writable: false);
|
||||
using var signatureStream = new MemoryStream(signature.ToArray(), writable: false);
|
||||
var request = new VerifyRequest
|
||||
{
|
||||
KeyId = keyResource,
|
||||
SigningAlgorithm = SigningAlgorithmSpec.ECDSA_SHA_256,
|
||||
MessageType = MessageType.DIGEST,
|
||||
Message = messageStream,
|
||||
Signature = signature.ToArray(),
|
||||
Signature = signatureStream,
|
||||
};
|
||||
|
||||
var response = await _client.VerifyAsync(request, cancellationToken).ConfigureAwait(false);
|
||||
return response.SignatureValid;
|
||||
return response.SignatureValid ?? false;
|
||||
}
|
||||
|
||||
public async Task<AwsKeyMetadata> GetMetadataAsync(string keyId, CancellationToken cancellationToken)
|
||||
@@ -143,16 +142,18 @@ internal sealed class AwsKmsFacade : IAwsKmsFacade
|
||||
}
|
||||
|
||||
private static AwsKeyStatus MapStatus(KeyState? state)
|
||||
=> state switch
|
||||
{
|
||||
var name = state?.ToString();
|
||||
return name switch
|
||||
{
|
||||
KeyState.Enabled => AwsKeyStatus.Enabled,
|
||||
KeyState.Disabled => AwsKeyStatus.Disabled,
|
||||
KeyState.PendingDeletion => AwsKeyStatus.PendingDeletion,
|
||||
KeyState.PendingImport => AwsKeyStatus.PendingImport,
|
||||
KeyState.PendingUpdate => AwsKeyStatus.PendingUpdate,
|
||||
KeyState.Unavailable => AwsKeyStatus.Unavailable,
|
||||
"Enabled" => AwsKeyStatus.Enabled,
|
||||
"Disabled" => AwsKeyStatus.Disabled,
|
||||
"PendingDeletion" => AwsKeyStatus.PendingDeletion,
|
||||
"PendingImport" => AwsKeyStatus.PendingImport,
|
||||
"Unavailable" => AwsKeyStatus.Unavailable,
|
||||
_ => AwsKeyStatus.Unspecified,
|
||||
};
|
||||
}
|
||||
|
||||
private static string ResolveCurve(GetPublicKeyResponse response)
|
||||
{
|
||||
@@ -163,14 +164,18 @@ internal sealed class AwsKmsFacade : IAwsKmsFacade
|
||||
|
||||
if (response.KeySpec is not null)
|
||||
{
|
||||
return response.KeySpec.Value switch
|
||||
var keySpecName = response.KeySpec.ToString();
|
||||
if (!string.IsNullOrWhiteSpace(keySpecName))
|
||||
{
|
||||
KeySpec.ECC_NIST_P256 => "P-256",
|
||||
KeySpec.ECC_SECG_P256K1 => "secp256k1",
|
||||
KeySpec.ECC_NIST_P384 => "P-384",
|
||||
KeySpec.ECC_NIST_P521 => "P-521",
|
||||
_ => response.KeySpec.Value.ToString(),
|
||||
};
|
||||
return keySpecName switch
|
||||
{
|
||||
"ECC_NIST_P256" => "P-256",
|
||||
"ECC_SECG_P256K1" => "secp256k1",
|
||||
"ECC_NIST_P384" => "P-384",
|
||||
"ECC_NIST_P521" => "P-521",
|
||||
_ => keySpecName,
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
return "P-256";
|
||||
|
||||
@@ -51,7 +51,7 @@ internal sealed class GcpKmsFacade : IGcpKmsFacade
|
||||
var builder = new KeyManagementServiceClientBuilder
|
||||
{
|
||||
Endpoint = string.IsNullOrWhiteSpace(options.Endpoint)
|
||||
? KeyManagementServiceClient.DefaultEndpoint.Host
|
||||
? KeyManagementServiceClient.DefaultEndpoint
|
||||
: options.Endpoint,
|
||||
};
|
||||
|
||||
@@ -149,9 +149,9 @@ internal sealed class GcpKmsFacade : IGcpKmsFacade
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
if (_ownsClient)
|
||||
if (_ownsClient && _client is IDisposable disposable)
|
||||
{
|
||||
_client.Dispose();
|
||||
disposable.Dispose();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
<PackageReference Include="AWSSDK.KeyManagementService" Version="4.0.6" />
|
||||
<PackageReference Include="Google.Cloud.Kms.V1" Version="3.19.0" />
|
||||
<PackageReference Include="Pkcs11Interop" Version="4.1.0" />
|
||||
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.14.0" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="../StellaOps.Cryptography/StellaOps.Cryptography.csproj" />
|
||||
|
||||
Reference in New Issue
Block a user