Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pull identity initialization out of app building #2866

Closed
wants to merge 1 commit into from
Closed

Pull identity initialization out of app building #2866

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
193 changes: 190 additions & 3 deletions Cargo.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,21 @@ dependencies = [
"memchr",
]

[[package]]
name = "android-tzdata"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0"

[[package]]
name = "android_system_properties"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311"
dependencies = [
"libc",
]

[[package]]
name = "anyhow"
version = "1.0.81"
Expand Down Expand Up @@ -183,6 +198,12 @@ dependencies = [
"tower-service",
]

[[package]]
name = "b64-ct"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac1e8deebfdca687fcef6fe024fc92cf8183f203075ce4fda263ae6ea13a8dc3"

[[package]]
name = "backtrace"
version = "0.3.71"
Expand Down Expand Up @@ -230,6 +251,12 @@ dependencies = [
"syn",
]

[[package]]
name = "bit-vec"
version = "0.6.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb"

[[package]]
name = "bitflags"
version = "1.3.2"
Expand Down Expand Up @@ -276,6 +303,12 @@ dependencies = [
"fslock",
]

[[package]]
name = "bumpalo"
version = "3.15.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ff69b9dd49fd426c69a0db9fc04dd934cdb6645ff000864d98f7e2af8830eaa"

[[package]]
name = "bytes"
version = "1.6.0"
Expand Down Expand Up @@ -307,6 +340,20 @@ version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"

[[package]]
name = "chrono"
version = "0.4.37"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8a0d04d43504c61aa6c7531f1871dd0d418d91130162063b789da00fd7057a5e"
dependencies = [
"android-tzdata",
"iana-time-zone",
"js-sys",
"num-traits",
"wasm-bindgen",
"windows-targets 0.52.0",
]
Comment on lines +343 to +355
Copy link
Member

@olix0r olix0r Apr 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to avoid a dependency on Chrono, unless we are actually using some advanced timezone-aware time calculation feature. There's history.


[[package]]
name = "clang-sys"
version = "1.7.0"
Expand All @@ -327,6 +374,12 @@ dependencies = [
"cc",
]

[[package]]
name = "core-foundation-sys"
version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f"

[[package]]
name = "cpp_demangle"
version = "0.4.3"
Expand Down Expand Up @@ -398,7 +451,7 @@ dependencies = [
"asn1-rs",
"displaydoc",
"nom",
"num-bigint",
"num-bigint 0.4.4",
"num-traits",
"rusticata-macros",
]
Expand Down Expand Up @@ -863,6 +916,29 @@ dependencies = [
"tokio-io-timeout",
]

[[package]]
name = "iana-time-zone"
version = "0.1.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e7ffbb5a1b541ea2561f8c41c087286cc091e21e556a4f09a8f6cbf17b69b141"
dependencies = [
"android_system_properties",
"core-foundation-sys",
"iana-time-zone-haiku",
"js-sys",
"wasm-bindgen",
"windows-core",
]

[[package]]
name = "iana-time-zone-haiku"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
dependencies = [
"cc",
]

[[package]]
name = "idna"
version = "0.4.0"
Expand Down Expand Up @@ -965,6 +1041,15 @@ dependencies = [
"libc",
]

[[package]]
name = "js-sys"
version = "0.3.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d"
dependencies = [
"wasm-bindgen",
]

[[package]]
name = "lazy_static"
version = "1.4.0"
Expand Down Expand Up @@ -1033,6 +1118,7 @@ dependencies = [
"linkerd-error",
"linkerd-opencensus",
"linkerd-tonic-stream",
"pkix",
"rangemap",
"regex",
"thiserror",
Expand Down Expand Up @@ -1532,6 +1618,7 @@ dependencies = [
"linkerd-io",
"linkerd-meshtls-boring",
"linkerd-meshtls-rustls",
"linkerd-meshtls-verifier",
"linkerd-proxy-transport",
"linkerd-stack",
"linkerd-tls",
Expand Down Expand Up @@ -2377,6 +2464,17 @@ dependencies = [
"winapi",
]

[[package]]
name = "num-bigint"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304"
dependencies = [
"autocfg",
"num-integer",
"num-traits",
]

[[package]]
name = "num-bigint"
version = "0.4.4"
Expand Down Expand Up @@ -2550,6 +2648,22 @@ version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"

[[package]]
name = "pkix"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6e18f09ac3ee824fac9693352470dcb4b008d211a41f103fa4e80e91e2e6260"
dependencies = [
"b64-ct",
"bit-vec",
"bitflags 1.3.2",
"chrono",
"lazy_static",
"num-bigint 0.2.6",
"num-integer",
"yasna 0.3.2",
]

[[package]]
name = "powerfmt"
version = "0.2.0"
Expand Down Expand Up @@ -2774,7 +2888,7 @@ dependencies = [
"pem",
"ring",
"time",
"yasna",
"yasna 0.5.2",
]

[[package]]
Expand Down Expand Up @@ -3026,7 +3140,7 @@ version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adc4e5204eb1910f40f9cfa375f6f05b68c3abac4b6fd879c8ff5e7ae8a0a085"
dependencies = [
"num-bigint",
"num-bigint 0.4.4",
"num-traits",
"thiserror",
"time",
Expand Down Expand Up @@ -3627,6 +3741,60 @@ version = "0.11.0+wasi-snapshot-preview1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"

[[package]]
name = "wasm-bindgen"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8"
dependencies = [
"cfg-if",
"wasm-bindgen-macro",
]

[[package]]
name = "wasm-bindgen-backend"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da"
dependencies = [
"bumpalo",
"log",
"once_cell",
"proc-macro2",
"quote",
"syn",
"wasm-bindgen-shared",
]

[[package]]
name = "wasm-bindgen-macro"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
]

[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7"
dependencies = [
"proc-macro2",
"quote",
"syn",
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]

[[package]]
name = "wasm-bindgen-shared"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96"

[[package]]
name = "which"
version = "4.4.2"
Expand Down Expand Up @@ -3667,6 +3835,15 @@ version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"

[[package]]
name = "windows-core"
version = "0.52.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9"
dependencies = [
"windows-targets 0.52.0",
]

[[package]]
name = "windows-sys"
version = "0.48.0"
Expand Down Expand Up @@ -3826,6 +4003,16 @@ dependencies = [
"time",
]

[[package]]
name = "yasna"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0de7bff972b4f2a06c85f6d8454b09df153af7e3a4ec2aac81db1b105b684ddb"
dependencies = [
"bit-vec",
"num-bigint 0.2.6",
]

[[package]]
name = "yasna"
version = "0.5.2"
Expand Down
1 change: 1 addition & 0 deletions linkerd/app/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,4 @@ tokio-stream = { version = "0.1", features = ["time", "sync"] }
tonic = { version = "0.10", default-features = false, features = ["prost"] }
tower = "0.4"
tracing = "0.1"
pkix = "0.2.3"
Copy link
Member

@olix0r olix0r Apr 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to be conservative about pulling in random dependencies of various maintenance statuses... especially for our TLS related dependencies.

Can we use rustls-pemfile, since we already depend on it and have a relationship with the maintainers?

Or is it possible to update the store contract to take roots as EITHER Der or PEM? Can the underlying TLS impls take either?

37 changes: 36 additions & 1 deletion linkerd/app/integration/src/proxy.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
use super::*;
use linkerd_app_core::{
metrics::{prom, Metrics},
svc::Param,
transport::OrigDstAddr,
transport::{listen, orig_dst, Keepalive, ListenAddr},
Result,
};

use std::{collections::HashSet, thread};
use tokio::net::TcpStream;

Expand Down Expand Up @@ -280,6 +282,21 @@ impl Listening {
}
}

async fn build_identity(
config: app::Config,
metrics: Metrics,
registry: &mut prom::Registry,
) -> Result<app::identity::Identity> {
let dns = config.dns.clone().build();

debug!("Building Identity client");
tracing::info_span!("identity").in_scope(|| {
config
.identity
.build(dns.resolver.clone(), metrics.control.clone(), registry)
})
}

async fn run(proxy: Proxy, mut env: TestEnv, random_ports: bool) -> Listening {
use app::env::Strings;

Expand Down Expand Up @@ -452,12 +469,30 @@ async fn run(proxy: Proxy, mut env: TestEnv, random_ports: bool) -> Listening {
.build()
.expect("proxy")
.block_on(async move {
let mut registry = prom::Registry::default();
let (metrics, report) = Metrics::new(config.admin.metrics_retain_idle);

let identity =
build_identity(config.clone(), metrics.clone(), &mut registry)
.await
.expect("identity");
let bind_in = inbound;
let bind_out = outbound;
let bind_adm = listen::BindTcp::default();
let (shutdown_tx, mut shutdown_rx) = tokio::sync::mpsc::unbounded_channel();

let main = config
.build(bind_in, bind_out, bind_adm, shutdown_tx, trace_handle)
.build(
bind_in,
bind_out,
bind_adm,
shutdown_tx,
trace_handle,
identity.initialize().await,
registry,
metrics,
report,
)
.await
.expect("config");

Expand Down
Loading
Loading