Skip to content

Commit

Permalink
Added new contracts for credentialsfetcher
Browse files Browse the repository at this point in the history
1. Add support to retrieve from s3/ssm
2. Added flags to have the support enabled only in Amazon Linux
  • Loading branch information
saikiranakula-amzn committed Nov 30, 2023
1 parent 0582c1a commit cef7fd3
Show file tree
Hide file tree
Showing 11 changed files with 1,148 additions and 18 deletions.
2 changes: 2 additions & 0 deletions .idea/credentials-fetcher.iml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ foreach(VAR IN LISTS DISTRO)
message(STATUS "${VAR}=`${${VAR}}`")
endforeach()

if((${DISTRO_ID} MATCHES "amzn"))
add_definitions(-DAMAZON_LINUX_DISTRO=1)
endif()

set(CMAKE_VERBOSE_MAKEFILE ON)

set(config)
Expand Down Expand Up @@ -60,7 +64,8 @@ endif()
configure_file(${CMAKE_SOURCE_DIR}/config/config.h.in
${CMAKE_BINARY_DIR}/config.h @ONLY)

if((${DISTRO_ID} MATCHES "Amazon Linux") OR (${DISTRO_ID} MATCHES "ubuntu"))

if((${DISTRO_ID} MATCHES "amzn") OR (${DISTRO_ID} MATCHES "ubuntu"))
file(WRITE scripts/systemd/credentials-fetcher.service
"[Unit]\n"
"Description=credentials-fetcher systemd service unit file.\n\n"
Expand Down Expand Up @@ -159,6 +164,9 @@ install(FILES ${CMAKE_BINARY_DIR}/credentials_fetcher_utf16_private.exe
install(FILES ${CMAKE_BINARY_DIR}/credentials_fetcher_utf16_private.runtimeconfig.json
DESTINATION "/usr/sbin/"
PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ)
install(FILES ${CMAKE_BINARY_DIR}/krb5.conf
DESTINATION "/usr/sbin/"
PERMISSIONS OWNER_EXECUTE OWNER_WRITE OWNER_READ)

enable_testing()

Expand Down
5 changes: 4 additions & 1 deletion api/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,14 @@ FILE(GLOB SRC_FILES src/*.cpp)
get_filename_component(credentialsfetcher_proto "../protos/credentialsfetcher.proto" ABSOLUTE)
get_filename_component(credentialsfetcher_proto_path "${credentialsfetcher_proto}" PATH)
message(${credentialsfetcher_proto})
set(AWSSDK_INSTALL_LIBDIR /usr/lib64)

set(SERVICE_COMPONENTS s3 secretsmanager)
set(credentialsfetcher_proto_sources "${CMAKE_CURRENT_BINARY_DIR}/credentialsfetcher.pb.cc")
set(credentialsfetcher_proto_headers "${CMAKE_CURRENT_BINARY_DIR}/credentialsfetcher.pb.h")
set(credentialsfetcher_grpc_sources "${CMAKE_CURRENT_BINARY_DIR}/credentialsfetcher.grpc.pb.cc")
set(credentialsfetcher_grpc_headers "${CMAKE_CURRENT_BINARY_DIR}/credentialsfetcher.grpc.pb.h")
find_package(AWSSDK REQUIRED COMPONENTS ${SERVICE_COMPONENTS})
add_custom_command(
OUTPUT "${credentialsfetcher_proto_sources}" "${credentialsfetcher_proto_headers}" "${credentialsfetcher_grpc_sources}" "${credentialsfetcher_grpc_headers}"
COMMAND ${_PROTOBUF_PROTOC}
Expand Down Expand Up @@ -73,7 +76,7 @@ else()
glib-2.0
jsoncpp
krb5 kadm5srv_mit kdb5 gssrpc gssapi_krb5 gssrpc k5crypto
com_err krb5support resolv)
com_err krb5support resolv ${AWSSDK_LINK_LIBRARIES})
endif()

enable_testing()
Expand Down
761 changes: 761 additions & 0 deletions api/src/gmsa_service.cpp

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion api/tests/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,4 @@ check_pie_supported()
if (CMAKE_C_LINK_PIE_SUPPORTED)
set_property(TARGET gmsa_test_client
PROPERTY POSITION_INDEPENDENT_CODE TRUE)
endif ()
endif ()
Loading

0 comments on commit cef7fd3

Please sign in to comment.