change: rename kms to secret (#8448)

Co-authored-by: soulbird <zhaothree@gmail.com>

.github/workflows/build.yml

@@ -32,8 +32,8 @@ jobs:
         test_dir:
           - t/plugin/[a-k]*
           - t/plugin/[l-z]*
-          - t/admin t/cli t/config-center-yaml t/control t/core t/debug t/deployment t/discovery t/error_page t/kms t/misc
-          - t/node t/pubsub t/router t/script t/stream-node t/utils t/wasm t/xds-library t/xrpc
+          - t/admin t/cli t/config-center-yaml t/control t/core t/debug t/deployment t/discovery t/error_page t/misc
+          - t/node t/pubsub t/router t/script t/secret t/stream-node t/utils t/wasm t/xds-library t/xrpc
 
     runs-on: ${{ matrix.platform }}
     timeout-minutes: 90

.github/workflows/centos7-ci.yml

@@ -30,8 +30,8 @@ jobs:
         test_dir:
           - t/plugin/[a-k]*
           - t/plugin/[l-z]*
-          - t/admin t/cli t/config-center-yaml t/control t/core t/debug t/deployment t/discovery t/error_page t/kms t/misc
-          - t/node t/pubsub t/router t/script t/stream-node t/utils t/wasm t/xds-library
+          - t/admin t/cli t/config-center-yaml t/control t/core t/debug t/deployment t/discovery t/error_page t/misc
+          - t/node t/pubsub t/router t/script t/secret t/stream-node t/utils t/wasm t/xds-library
 
     steps:
     - name: Check out code

Makefile

@@ -345,8 +345,8 @@ install: runtime
 	$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/pubsub
 	$(ENV_INSTALL) apisix/pubsub/*.lua $(ENV_INST_LUADIR)/apisix/pubsub/
 
-	$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/kms
-	$(ENV_INSTALL) apisix/kms/*.lua $(ENV_INST_LUADIR)/apisix/kms/
+	$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/secret
+	$(ENV_INSTALL) apisix/secret/*.lua $(ENV_INST_LUADIR)/apisix/secret/
 
 	$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/plugins/zipkin
 	$(ENV_INSTALL) apisix/plugins/zipkin/*.lua $(ENV_INST_LUADIR)/apisix/plugins/zipkin/

apisix/admin/init.lua

@@ -57,7 +57,7 @@ local resources = {
     plugin_metadata = require("apisix.admin.plugin_metadata"),
     plugin_configs  = require("apisix.admin.plugin_config"),
     consumer_groups  = require("apisix.admin.consumer_group"),
-    kms             = require("apisix.admin.kms"),
+    secrets             = require("apisix.admin.secrets"),
 }
 
 

apisix/admin/kms.lua → apisix/admin/secrets.lua

@@ -50,12 +50,12 @@ local function check_conf(id, conf, need_id, typ)
     conf.id = id
 
     core.log.info("conf: ", core.json.delay_encode(conf))
-    local ok, kms_service = pcall(require, "apisix.kms." .. typ)
+    local ok, secret_manager = pcall(require, "apisix.secret." .. typ)
     if not ok then
-        return false, {error_msg = "invalid kms service: " .. typ}
+        return false, {error_msg = "invalid secret manager: " .. typ}
     end
 
-    local ok, err = core.schema.check(kms_service.schema, conf)
+    local ok, err = core.schema.check(secret_manager.schema, conf)
     if not ok then
         return nil, {error_msg = "invalid configuration: " .. err}
     end
@@ -78,24 +78,24 @@ end
 function _M.put(id, conf, sub_path)
     local typ, id = split_typ_and_id(id, sub_path)
     if not id then
-        return 400, {error_msg = "no kms id in uri"}
+        return 400, {error_msg = "no secret id in uri"}
     end
 
     local ok, err = check_conf(typ .. "/" .. id, conf, true, typ)
     if not ok then
         return 400, err
     end
 
-    local key = "/kms/" .. typ .. "/" .. id
+    local key = "/secrets/" .. typ .. "/" .. id
 
-    local ok, err = utils.inject_conf_with_prev_conf("kms", key, conf)
+    local ok, err = utils.inject_conf_with_prev_conf("secrets", key, conf)
     if not ok then
         return 503, {error_msg = err}
     end
 
     local res, err = core.etcd.set(key, conf)
     if not res then
-        core.log.error("failed to put kms [", key, "]: ", err)
+        core.log.error("failed to put secret [", key, "]: ", err)
         return 503, {error_msg = err}
     end
 
@@ -106,15 +106,15 @@ end
 function _M.get(id, conf, sub_path)
     local typ, id = split_typ_and_id(id, sub_path)
 
-    local key = "/kms/"
+    local key = "/secrets/"
     if id then
         key = key .. typ
         key = key .. "/" .. id
     end
 
     local res, err = core.etcd.get(key, not id)
     if not res then
-        core.log.error("failed to get kms [", key, "]: ", err)
+        core.log.error("failed to get secret [", key, "]: ", err)
         return 503, {error_msg = err}
     end
 
@@ -126,14 +126,14 @@ end
 function _M.delete(id, conf, sub_path)
     local typ, id = split_typ_and_id(id, sub_path)
     if not id then
-        return 400, {error_msg = "no kms id in uri"}
+        return 400, {error_msg = "no secret id in uri"}
     end
 
-    local key = "/kms/" .. typ .. "/" .. id
+    local key = "/secrets/" .. typ .. "/" .. id
 
     local res, err = core.etcd.delete(key)
     if not res then
-        core.log.error("failed to delete kms [", key, "]: ", err)
+        core.log.error("failed to delete secret [", key, "]: ", err)
         return 503, {error_msg = err}
     end
 
@@ -144,14 +144,14 @@ end
 function _M.patch(id, conf, sub_path)
     local uri_segs = core.utils.split_uri(sub_path)
     if #uri_segs < 2 then
-        return 400, {error_msg = "no kms id and/or sub path in uri"}
+        return 400, {error_msg = "no secret id and/or sub path in uri"}
     end
     local typ = id
     id = uri_segs[1]
     sub_path = core.table.concat(uri_segs, "/", 2)
 
     if not id then
-        return 400, {error_msg = "missing kms id"}
+        return 400, {error_msg = "missing secret id"}
     end
 
     if not conf then
@@ -164,10 +164,10 @@ function _M.patch(id, conf, sub_path)
         end
     end
 
-    local key = "/kms/" .. typ .. "/" .. id
+    local key = "/secrets/" .. typ .. "/" .. id
     local res_old, err = core.etcd.get(key)
     if not res_old then
-        core.log.error("failed to get kms [", key, "]: ", err)
+        core.log.error("failed to get secret [", key, "]: ", err)
         return 503, {error_msg = err}
     end
 
@@ -201,7 +201,7 @@ function _M.patch(id, conf, sub_path)
 
     local res, err = core.etcd.atomic_set(key, node_value, nil, modified_index)
     if not res then
-        core.log.error("failed to set new kms[", key, "]: ", err)
+        core.log.error("failed to set new secret[", key, "]: ", err)
         return 503, {error_msg = err}
     end
 

apisix/constants.lua

@@ -33,7 +33,7 @@ return {
         ["/protos"] = true,
         ["/plugin_configs"] = true,
         ["/consumer_groups"] = true,
-        ["/kms"] = true,
+        ["/secrets"] = true,
     },
     STREAM_ETCD_DIRECTORY = {
         ["/upstreams"] = true,

apisix/consumer.lua

@@ -15,7 +15,7 @@
 -- limitations under the License.
 --
 local core           = require("apisix.core")
-local kms            = require("apisix.kms")
+local secret         = require("apisix.secret")
 local plugin         = require("apisix.plugin")
 local plugin_checker = require("apisix.plugin").plugin_checker
 local error          = error
@@ -104,7 +104,7 @@ local function create_consume_cache(consumers_conf, key_attr)
     for _, consumer in ipairs(consumers_conf.nodes) do
         core.log.info("consumer node: ", core.json.delay_encode(consumer))
         local new_consumer = core.table.clone(consumer)
-        new_consumer.auth_conf = kms.fetch_secrets(new_consumer.auth_conf)
+        new_consumer.auth_conf = secret.fetch_secrets(new_consumer.auth_conf)
         consumer_names[new_consumer.auth_conf[key_attr]] = new_consumer
     end
 

apisix/init.lua

@@ -37,7 +37,7 @@ local admin_init      = require("apisix.admin.init")
 local get_var         = require("resty.ngxvar").fetch
 local router          = require("apisix.router")
 local apisix_upstream = require("apisix.upstream")
-local apisix_kms      = require("apisix.kms")
+local apisix_secret   = require("apisix.secret")
 local set_upstream    = apisix_upstream.set_by_route
 local apisix_ssl      = require("apisix.ssl")
 local upstream_util   = require("apisix.utils.upstream")
@@ -151,7 +151,7 @@ function _M.http_init_worker()
     plugin_config.init_worker()
     require("apisix.consumer").init_worker()
     consumer_group.init_worker()
-    apisix_kms.init_worker()
+    apisix_secret.init_worker()
 
     apisix_upstream.init_worker()
     require("apisix.plugins.ext-plugin.init").init_worker()