confidential-containers · Xynnn007 · Jul 23, 2024 · Jul 23, 2024
@@ -19,7 +19,7 @@ use tokio::fs;
 mod config;
 mod credential;
 
-use crate::{Annotations, Decrypter, Encrypter, Getter, ProviderSettings};
+use crate::{Annotations, Decrypter, Encrypter, ProviderSettings};
 use crate::{Error, Result};
 
 use super::super::annotations::*;
@@ -238,9 +238,8 @@ impl Decrypter for ClientKeyClient {
     }
 }
 
-#[async_trait]
-impl Getter for ClientKeyClient {
-    async fn get_secret(&mut self, name: &str, annotations: &Annotations) -> Result<Vec<u8>> {
+impl ClientKeyClient {
+    pub async fn get_secret(&self, name: &str, annotations: &Annotations) -> Result<Vec<u8>> {
         let secret_settings: AliSecretAnnotations =
             serde_json::from_value(Value::Object(annotations.clone())).map_err(|e| {
                 Error::AliyunKmsError(format!(
@@ -279,9 +278,7 @@ impl Getter for ClientKeyClient {
 
         Ok(secret_data)
     }
-}
 
-impl ClientKeyClient {
     const API_VERSION: &'static str = "dkms-gcs-0.2";
     const SIGNATURE_METHOD: &'static str = "RSA_PKCS1_SHA_256";
     const CONTENT_TYPE: &'static str = "application/x-protobuf";

@@ -98,13 +98,13 @@ impl EcsRamRoleClient {
         Ok(credential)
     }
 
-    pub async fn get_secret(&mut self, name: &str, annotations: &Annotations) -> Result<Vec<u8>> {
+    pub async fn get_secret(&self, name: &str, annotations: &Annotations) -> Result<Vec<u8>> {
         let sts_credential = self
             .get_session_credential()
             .await
             .map_err(|e| Error::AliyunKmsError(format!("Get sts token from IMDS failed: {e}")))?;
 
-        let mut client = StsTokenClient::from_sts_token(
+        let client = StsTokenClient::from_sts_token(
             sts_credential,
             self.endpoint.clone(),
             self.region_id.clone(),

@@ -191,16 +191,12 @@ impl Decrypter for AliyunKmsClient {
 #[async_trait]
 impl Getter for AliyunKmsClient {
     async fn get_secret(&mut self, name: &str, annotations: &Annotations) -> Result<Vec<u8>> {
-        match &mut self {
-            AliyunKmsClient::ClientKey { ref mut inner } => {
-                inner.get_secret(name, annotations).await
-            }
+        match &self {
+            AliyunKmsClient::ClientKey { ref inner } => inner.get_secret(name, annotations).await,
             AliyunKmsClient::EcsRamRole {
-                ref mut ecs_ram_role_client,
+                ref ecs_ram_role_client,
             } => ecs_ram_role_client.get_secret(name, annotations).await,
-            AliyunKmsClient::StsToken { ref mut client } => {
-                client.get_secret(name, annotations).await
-            }
+            AliyunKmsClient::StsToken { ref client } => client.get_secret(name, annotations).await,
         }
     }
 }

@@ -95,11 +95,7 @@ impl StsTokenClient {
         })
     }
 
-    pub async fn get_secret(
-        &mut self,
-        name: &str,
-        secret_settings: &Annotations,
-    ) -> Result<Vec<u8>> {
+    pub async fn get_secret(&self, name: &str, secret_settings: &Annotations) -> Result<Vec<u8>> {
         let secret_settings: AliSecretAnnotations =
             serde_json::from_value(Value::Object(secret_settings.clone())).map_err(|_| {
                 Error::AliyunKmsError("illegal Secret annotations format".to_string())