Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move AwsKeyManager into it's own module #322

Closed
mistermoe opened this issue Jun 25, 2024 · 5 comments
Closed

Move AwsKeyManager into it's own module #322

mistermoe opened this issue Jun 25, 2024 · 5 comments
Assignees
@ALRubinger

Comments

@mistermoe
Copy link
Member

Currently, AwsKeyManager lives in web5-crypto module which happens to be the foundation of all other web5 modules.

AwsKeyManager relies on aws-java-sdk-kms as a dependency which results in web5-crypto's dependency tree to look like this:

[INFO]
[INFO] --- dependency:3.6.1:tree (default-cli) @ web5-crypto ---
[INFO] xyz.block:web5-crypto:jar:0.0.0-main-SNAPSHOT
[INFO] +- xyz.block:web5-common:jar:0.0.0-main-SNAPSHOT:compile
[INFO] +- xyz.block:web5-testing:jar:0.0.0-main-SNAPSHOT:test
[INFO] +- com.nimbusds:nimbus-jose-jwt:jar:9.37.2:compile
[INFO] |  \- com.github.stephenc.jcip:jcip-annotations:jar:1.0-1:compile
[INFO] +- com.amazonaws:aws-java-sdk-kms:jar:1.12.668:compile
[INFO] |  +- com.amazonaws:aws-java-sdk-core:jar:1.12.668:compile
[INFO] |  |  +- commons-logging:commons-logging:jar:1.1.3:compile
[INFO] |  |  +- commons-codec:commons-codec:jar:1.15:compile
[INFO] |  |  +- org.apache.httpcomponents:httpclient:jar:4.5.13:compile
[INFO] |  |  |  \- org.apache.httpcomponents:httpcore:jar:4.4.13:compile
[INFO] |  |  +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.12.6:compile
[INFO] |  |  \- joda-time:joda-time:jar:2.8.1:compile
[INFO] |  \- com.amazonaws:jmespath-java:jar:1.12.668:compile
[INFO] +- com.fasterxml.jackson.module:jackson-module-kotlin:jar:2.17.0:compile
[INFO] |  +- com.fasterxml.jackson.core:jackson-databind:jar:2.17.0:compile
[INFO] |  |  \- com.fasterxml.jackson.core:jackson-core:jar:2.17.0:compile
[INFO] |  +- com.fasterxml.jackson.core:jackson-annotations:jar:2.17.0:compile
[INFO] |  \- org.jetbrains.kotlin:kotlin-reflect:jar:1.9.22:compile
[INFO] +- com.google.crypto.tink:tink:jar:1.10.0:compile
[INFO] |  +- com.google.code.findbugs:jsr305:jar:3.0.2:compile
[INFO] |  +- com.google.code.gson:gson:jar:2.10.1:compile
[INFO] |  +- com.google.errorprone:error_prone_annotations:jar:2.18.0:compile
[INFO] |  \- com.google.protobuf:protobuf-java:jar:3.19.6:compile
[INFO] +- org.bouncycastle:bcprov-jdk15to18:jar:1.78:compile
[INFO] +- org.bouncycastle:bcpkix-jdk15to18:jar:1.78:compile
[INFO] |  \- org.bouncycastle:bcutil-jdk15to18:jar:1.78:compile
[INFO] +- org.assertj:assertj-core:jar:3.25.2:test
[INFO] |  \- net.bytebuddy:byte-buddy:jar:1.14.11:compile
[INFO] +- org.jetbrains.kotlin:kotlin-stdlib:jar:1.9.22:compile
[INFO] |  \- org.jetbrains:annotations:jar:13.0:compile
[INFO] +- org.jetbrains.kotlin:kotlin-test:jar:1.9.22:test
[INFO] +- org.jetbrains.kotlin:kotlin-test-junit5:jar:1.9.22:test
[INFO] +- org.junit.jupiter:junit-jupiter-api:jar:5.10.1:test
[INFO] |  +- org.opentest4j:opentest4j:jar:1.3.0:test
[INFO] |  +- org.junit.platform:junit-platform-commons:jar:1.10.1:test
[INFO] |  \- org.apiguardian:apiguardian-api:jar:1.1.2:test
[INFO] \- org.junit.jupiter:junit-jupiter-engine:jar:5.10.1:test
[INFO]    \- org.junit.platform:junit-platform-engine:jar:1.10.1:test

we should move AwsKeyManager to its own module to reduce the dependency tree depth here. Further, the web5 "rollup" shouldn't include the aws-key-manager module. it can be pulled in if/as needed.

Doing so will remove this portion of the dependency tree:

[INFO] +- com.amazonaws:aws-java-sdk-kms:jar:1.12.668:compile
[INFO] |  +- com.amazonaws:aws-java-sdk-core:jar:1.12.668:compile
[INFO] |  |  +- commons-logging:commons-logging:jar:1.1.3:compile
[INFO] |  |  +- commons-codec:commons-codec:jar:1.15:compile
[INFO] |  |  +- org.apache.httpcomponents:httpclient:jar:4.5.13:compile
[INFO] |  |  |  \- org.apache.httpcomponents:httpcore:jar:4.4.13:compile
[INFO] |  |  +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.12.6:compile
[INFO] |  |  \- joda-time:joda-time:jar:2.8.1:compile
[INFO] |  \- com.amazonaws:jmespath-java:jar:1.12.668:compile

the depth here may not seem steep but the transitive deps here show up in almost every java project in one way or another and typically end up being the cause of dependency collisions
@ALRubinger ALRubinger self-assigned this Jun 26, 2024
@ALRubinger
Copy link
Contributor

Will address when deps merged/closed:

@ALRubinger
Copy link
Contributor

@mistermoe Just this AwsKeyManager impl or also the InMemoryKeyManager and other base interfaces like KeyManager, which live in crypto module?

@mistermoe
Copy link
Member Author

@ALRubinger just AwsKeyManager. InMemoryKeyManager is used as the default key manager if one isn't provided during did creation

ALRubinger added a commit that referenced this issue Jun 27, 2024
@ALRubinger
Issue #322: Move AwsKeyManager to its own module
422a85c 
Breaks build due to insufficient test coverage and disabled tests; will need resolution. Raising in draft PR to determine how
ALRubinger added a commit that referenced this issue Jun 27, 2024
@ALRubinger
Issue #322: Add new module to the distribution
8414111
@ALRubinger ALRubinger mentioned this issue Jun 27, 2024
Merged
@ALRubinger
Copy link
Contributor

PR and open questions in #327 @mistermoe

@ALRubinger ALRubinger mentioned this issue Jun 27, 2024
Open
ALRubinger added a commit that referenced this issue Jun 27, 2024
@ALRubinger
Issue #322: Temporarily disable coverage enforcement for 'keymanager-…
83d90bc 
…aws'

* Revert this commit as part of #327
ALRubinger added a commit that referenced this issue Jun 27, 2024
@ALRubinger
Issue #322: Move AwsKeyManager to its own module
de62fa2
ALRubinger added a commit that referenced this issue Jun 27, 2024
@ALRubinger
Issue #322: Temporarily disable coverage enforcement for 'keymanager-…
1eb180c 
…aws'

* Revert this commit as part of #327
ALRubinger added a commit that referenced this issue Jun 28, 2024
@ALRubinger
Issue #322: Remove keymanager-aws from the distribution; devs may add…
ca0a40a 
… separately as an extension
jiyoonie9 pushed a commit that referenced this issue Jun 28, 2024
@ALRubinger
Issue #322: Move AwsKeyManager to its own module
00d50a7
jiyoonie9 pushed a commit that referenced this issue Jun 28, 2024
@ALRubinger
Issue #322: Temporarily disable coverage enforcement for 'keymanager-…
20368c2 
…aws'

* Revert this commit as part of #327
jiyoonie9 pushed a commit that referenced this issue Jun 28, 2024
@ALRubinger
Issue #322: Remove keymanager-aws from the distribution; devs may add…
b14e1bc 
… separately as an extension
@ALRubinger
Copy link
Contributor

Closed via PR #327

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ALRubinger ALRubinger

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ALRubinger @mistermoe