From 544faa4d6c4680a6bb38dacf68ca330dbae8f925 Mon Sep 17 00:00:00 2001 From: martincapello Date: Mon, 26 Mar 2018 18:08:31 -0300 Subject: [PATCH] New spire-server command to print its bundle to stdout in PEM format (#399) Fixes #393 --- cmd/spire-server/cli/bundle/show.go | 95 +++++++ cmd/spire-server/cli/bundle/show_test.go | 171 ++++++++++++ cmd/spire-server/cli/cli.go | 4 + pkg/server/endpoints/endpoints.go | 5 +- pkg/server/endpoints/node/handler.go | 7 - pkg/server/endpoints/registration/handler.go | 22 +- .../endpoints/registration/handler_test.go | 67 ++++- proto/api/node/README_pb.md | 28 -- proto/api/node/node.pb.go | 147 +++------- proto/api/node/node.proto | 14 - proto/api/registration/README_pb.md | 17 ++ proto/api/registration/registration.pb.go | 139 +++++++--- proto/api/registration/registration.proto | 9 + test/mock/proto/api/node/node.go | 250 ++++++++---------- .../proto/api/registration/registration.go | 33 ++- test/util/io_redirection.go | 76 ++++++ 16 files changed, 733 insertions(+), 351 deletions(-) create mode 100644 cmd/spire-server/cli/bundle/show.go create mode 100644 cmd/spire-server/cli/bundle/show_test.go create mode 100644 test/util/io_redirection.go diff --git a/cmd/spire-server/cli/bundle/show.go b/cmd/spire-server/cli/bundle/show.go new file mode 100644 index 0000000000..5c7a2fa691 --- /dev/null +++ b/cmd/spire-server/cli/bundle/show.go @@ -0,0 +1,95 @@ +package bundle + +import ( + "context" + "crypto/x509" + "encoding/pem" + "flag" + "fmt" + "io" + "os" + + "github.com/mitchellh/cli" + "github.com/spiffe/spire/cmd/spire-server/util" + "github.com/spiffe/spire/proto/api/registration" + "github.com/spiffe/spire/proto/common" +) + +type showCLI struct { + newRegistrationClient func(addr string) (registration.RegistrationClient, error) + writer io.Writer +} + +type showConfig struct { + // Address of SPIRE server + addr string +} + +// NewShowCommand creates a new "show" subcommand for "bundle" command. +func NewShowCommand() cli.Command { + return &showCLI{ + writer: os.Stdout, + newRegistrationClient: func(addr string) (registration.RegistrationClient, error) { + return util.NewRegistrationClient(addr) + }, + } +} + +func (*showCLI) Synopsis() string { + return "Prints CA bundle to standard out" +} + +func (s *showCLI) Help() string { + _, err := s.newConfig([]string{"-h"}) + return err.Error() +} + +func (s *showCLI) Run(args []string) int { + config, err := s.newConfig(args) + if err != nil { + fmt.Println(err.Error()) + return 1 + } + + c, err := s.newRegistrationClient(config.addr) + if err != nil { + fmt.Println(err.Error()) + return 1 + } + + bundle, err := c.FetchBundle(context.TODO(), &common.Empty{}) + if err != nil { + fmt.Println(err.Error()) + return 1 + } + + err = s.printBundleAsPEM(bundle) + if err != nil { + fmt.Println(err.Error()) + return 1 + } + + return 0 +} + +func (*showCLI) newConfig(args []string) (*showConfig, error) { + f := flag.NewFlagSet("bundle show", flag.ContinueOnError) + c := &showConfig{} + f.StringVar(&c.addr, "serverAddr", util.DefaultServerAddr, "Address of the SPIRE server") + return c, f.Parse(args) +} + +func (s *showCLI) printBundleAsPEM(bundle *registration.Bundle) error { + certs, err := x509.ParseCertificates(bundle.CaCerts) + if err != nil { + return fmt.Errorf("FAILED to parse bundle's ASN.1 DER data: %v", err) + } + + for _, cert := range certs { + err := pem.Encode(s.writer, &pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}) + if err != nil { + return err + } + } + return nil +} diff --git a/cmd/spire-server/cli/bundle/show_test.go b/cmd/spire-server/cli/bundle/show_test.go new file mode 100644 index 0000000000..2a2d2f9093 --- /dev/null +++ b/cmd/spire-server/cli/bundle/show_test.go @@ -0,0 +1,171 @@ +package bundle + +import ( + "bytes" + "context" + "encoding/pem" + "errors" + "fmt" + "os" + "testing" + + "github.com/golang/mock/gomock" + "github.com/spiffe/spire/proto/api/registration" + "github.com/spiffe/spire/proto/common" + "github.com/spiffe/spire/test/mock/proto/api/registration" + "github.com/spiffe/spire/test/util" + "github.com/stretchr/testify/suite" +) + +type ShowTestSuite struct { + suite.Suite + mockClient *mock_registration.MockRegistrationClient +} + +func TestShowTestSuite(t *testing.T) { + suite.Run(t, new(ShowTestSuite)) +} + +func (s *ShowTestSuite) SetupTest() { + mockCtrl := gomock.NewController(s.T()) + defer mockCtrl.Finish() + + s.mockClient = mock_registration.NewMockRegistrationClient(mockCtrl) +} + +func (s *ShowTestSuite) TestSynopsisAndHelp() { + cmd := NewShowCommand() + + s.Assert().Equal("Prints CA bundle to standard out", cmd.Synopsis()) + + s.Assert().Equal("flag: help requested", cmd.Help()) +} + +func (s *ShowTestSuite) TestRunWithDefaultArgs() { + cli := &showCLI{ + newRegistrationClient: func(addr string) (registration.RegistrationClient, error) { + return s.mockClient, nil + }, + writer: &bytes.Buffer{}, + } + + ca, _, err := util.LoadCAFixture() + s.Require().Nil(err) + + resp := ®istration.Bundle{CaCerts: ca.Raw} + s.mockClient.EXPECT().FetchBundle(context.TODO(), &common.Empty{}).Return(resp, nil) + + args := []string{} + s.Require().Equal(0, cli.Run(args)) + + bundleASN1 := transcodeBundleFromPEMToASN1DER(cli.writer.(*bytes.Buffer).Bytes()) + + s.Assert().Equal(ca.Raw, bundleASN1) +} + +func (s *ShowTestSuite) TestRunWithDefaultArgsAndFailedNewRegClient() { + expecterError := errors.New("error creating client") + + cli := &showCLI{ + newRegistrationClient: func(addr string) (registration.RegistrationClient, error) { + return nil, expecterError + }, + } + + stdOutRedir := &util.OutputRedirection{} + err := stdOutRedir.Start(os.Stdout) + s.Require().Nil(err) + + args := []string{} + s.Require().Equal(1, cli.Run(args)) + + output, err := stdOutRedir.Finish() + s.Require().Nil(err) + + s.Assert().Equal(output, fmt.Sprintln(expecterError.Error())) +} + +func (s *ShowTestSuite) TestRunWithDefaultArgsAndFailedFetchBundle() { + expecterError := errors.New("error fetching bundle") + + cli := &showCLI{ + newRegistrationClient: func(addr string) (registration.RegistrationClient, error) { + return s.mockClient, nil + }, + } + + s.mockClient.EXPECT().FetchBundle(context.TODO(), &common.Empty{}).Return(nil, expecterError) + + stdOutRedir := &util.OutputRedirection{} + err := stdOutRedir.Start(os.Stdout) + s.Require().Nil(err) + + args := []string{} + s.Require().Equal(1, cli.Run(args)) + + output, err := stdOutRedir.Finish() + s.Require().Nil(err) + + s.Assert().Equal(output, fmt.Sprintln(expecterError.Error())) +} + +func (s *ShowTestSuite) TestRunWithArgs() { + expecterAddr := "localhost:8080" + + cli := &showCLI{ + newRegistrationClient: func(addr string) (registration.RegistrationClient, error) { + s.Assert().Equal(expecterAddr, addr) + return s.mockClient, nil + }, + } + + resp := ®istration.Bundle{} + s.mockClient.EXPECT().FetchBundle(context.TODO(), &common.Empty{}).Return(resp, nil) + + args := []string{"-serverAddr", expecterAddr} + s.Require().Equal(0, cli.Run(args)) +} + +func (s *ShowTestSuite) TestRunWithWrongArgs() { + cli := &showCLI{ + newRegistrationClient: func(addr string) (registration.RegistrationClient, error) { + return s.mockClient, nil + }, + } + + resp := ®istration.Bundle{} + s.mockClient.EXPECT().FetchBundle(context.TODO(), &common.Empty{}).Return(resp, nil) + + stdOutRedir := util.OutputRedirection{} + stdErrRedir := util.OutputRedirection{} + err := stdOutRedir.Start(os.Stdout) + s.Require().Nil(err) + err = stdErrRedir.Start(os.Stderr) + s.Require().Nil(err) + + args := []string{"-someArg", "someValue"} + s.Require().Equal(1, cli.Run(args)) + + output, err := stdOutRedir.Finish() + s.Require().Nil(err) + errOutput, err := stdErrRedir.Finish() + s.Require().Nil(err) + + expectedOutput := "flag provided but not defined: -someArg\n" + + expectedErrOutput := "flag provided but not defined: -someArg\n" + + "Usage of bundle show:\n" + + " -serverAddr string\n" + + " \tAddress of the SPIRE server (default \"localhost:8081\")\n" + + s.Assert().Equal(expectedOutput, output) + s.Assert().Equal(expectedErrOutput, errOutput) +} + +func transcodeBundleFromPEMToASN1DER(pemBundle []byte) []byte { + result := &bytes.Buffer{} + for p, r := pem.Decode(pemBundle); p != nil; p, r = pem.Decode(r) { + result.Write(p.Bytes) + } + return result.Bytes() +} diff --git a/cmd/spire-server/cli/cli.go b/cmd/spire-server/cli/cli.go index a5b37ad91d..0ba370083c 100644 --- a/cmd/spire-server/cli/cli.go +++ b/cmd/spire-server/cli/cli.go @@ -4,6 +4,7 @@ import ( "log" "github.com/mitchellh/cli" + "github.com/spiffe/spire/cmd/spire-server/cli/bundle" "github.com/spiffe/spire/cmd/spire-server/cli/entry" "github.com/spiffe/spire/cmd/spire-server/cli/run" "github.com/spiffe/spire/cmd/spire-server/cli/token" @@ -13,6 +14,9 @@ func Run(args []string) int { c := cli.NewCLI("spire-server", "0.0.1") //TODO expose version configuration c.Args = args c.Commands = map[string]cli.CommandFactory{ + "bundle show": func() (cli.Command, error) { + return bundle.NewShowCommand(), nil + }, "entry create": func() (cli.Command, error) { return &entry.CreateCLI{}, nil }, diff --git a/pkg/server/endpoints/endpoints.go b/pkg/server/endpoints/endpoints.go index f814db5b99..7d9b9da37c 100644 --- a/pkg/server/endpoints/endpoints.go +++ b/pkg/server/endpoints/endpoints.go @@ -181,8 +181,9 @@ func (e *endpoints) registerRegistrationAPI(gs *grpc.Server, hs *http.Server) er } r := ®istration.Handler{ - Log: e.c.Log.WithField("subsystem_name", "registration_api"), - Catalog: e.c.Catalog, + Log: e.c.Log.WithField("subsystem_name", "registration_api"), + Catalog: e.c.Catalog, + TrustDomain: e.c.TrustDomain, } // Register the handler with gRPC first diff --git a/pkg/server/endpoints/node/handler.go b/pkg/server/endpoints/node/handler.go index 6c5d6c3008..9070dc4000 100644 --- a/pkg/server/endpoints/node/handler.go +++ b/pkg/server/endpoints/node/handler.go @@ -177,13 +177,6 @@ func (h *Handler) FetchSVID(server node.Node_FetchSVIDServer) (err error) { } } -//TODO -func (h *Handler) FetchCPBundle( - ctx context.Context, request *node.FetchCPBundleRequest) ( - response *node.FetchCPBundleResponse, err error) { - return response, nil -} - //TODO func (h *Handler) FetchFederatedBundle( ctx context.Context, request *node.FetchFederatedBundleRequest) ( diff --git a/pkg/server/endpoints/registration/handler.go b/pkg/server/endpoints/registration/handler.go index 2efe6ffe6a..40d4c3dd8a 100644 --- a/pkg/server/endpoints/registration/handler.go +++ b/pkg/server/endpoints/registration/handler.go @@ -3,6 +3,7 @@ package registration import ( "errors" "fmt" + "net/url" "time" "github.com/satori/go.uuid" @@ -17,8 +18,9 @@ import ( //Service is used to register SPIFFE IDs, and the attestation logic that should //be performed on a workload before those IDs can be issued. type Handler struct { - Log logrus.FieldLogger - Catalog catalog.Catalog + Log logrus.FieldLogger + Catalog catalog.Catalog + TrustDomain url.URL } //Creates an entry in the Registration table, @@ -211,3 +213,19 @@ func (h *Handler) CreateJoinToken( return request, nil } + +// FetchBundle retrieves the CA bundle. +func (h *Handler) FetchBundle( + ctx context.Context, request *common.Empty) ( + response *registration.Bundle, err error) { + ds := h.Catalog.DataStores()[0] + req := &datastore.Bundle{ + TrustDomain: h.TrustDomain.String(), + } + b, err := ds.FetchBundle(req) + if err != nil { + return nil, fmt.Errorf("get bundle from datastore: %v", err) + } + + return ®istration.Bundle{CaCerts: b.CaCerts}, nil +} diff --git a/pkg/server/endpoints/registration/handler_test.go b/pkg/server/endpoints/registration/handler_test.go index d13ecf1ff2..665204137b 100644 --- a/pkg/server/endpoints/registration/handler_test.go +++ b/pkg/server/endpoints/registration/handler_test.go @@ -2,6 +2,7 @@ package registration import ( "errors" + "net/url" "reflect" "testing" @@ -18,11 +19,11 @@ import ( type handlerTestSuite struct { suite.Suite - t *testing.T - ctrl *gomock.Controller - handler *Handler - mockCatalog *mock_catalog.MockCatalog - mockDataStore *mock_datastore.MockDataStore + t *testing.T + ctrl *gomock.Controller + handler *Handler + mockCatalog *mock_catalog.MockCatalog + mockDataStore *mock_datastore.MockDataStore } func setupRegistrationTest(t *testing.T) *handlerTestSuite { @@ -34,8 +35,9 @@ func setupRegistrationTest(t *testing.T) *handlerTestSuite { suite.mockDataStore = mock_datastore.NewMockDataStore(mockCtrl) suite.handler = &Handler{ - Log: log, - Catalog: suite.mockCatalog, + Log: log, + Catalog: suite.mockCatalog, + TrustDomain: url.URL{Scheme: "spiffe", Host: "example.org"}, } return suite } @@ -477,6 +479,37 @@ func TestCreateJoinTokenWithoutToken(t *testing.T) { } } +func TestFetchBundle(t *testing.T) { + request := &common.Empty{} + goodResponse := ®istration.Bundle{CaCerts: []byte{1, 2, 3}} + var testCases = []struct { + request *common.Empty + expectedResponse *registration.Bundle + expectedError error + setExpectations func(*handlerTestSuite) + }{ + {request, goodResponse, nil, createFetchBundleExpectations}, + {request, nil, errors.New("get bundle from datastore: bundle not found"), createFetchBundleErrorExpectations}, + } + + for _, tt := range testCases { + suite := setupRegistrationTest(t) + + tt.setExpectations(suite) + response, err := suite.handler.FetchBundle(nil, tt.request) + + //verification + if !reflect.DeepEqual(response, tt.expectedResponse) { + t.Errorf("Response was incorrect\n Got: %v\n Want: %v\n", response, tt.expectedResponse) + } + + if !reflect.DeepEqual(err, tt.expectedError) { + t.Errorf("Error was not expected\n Got: %v\n Want: %v\n", err, tt.expectedError) + } + suite.ctrl.Finish() + } +} + func noExpectations(*handlerTestSuite) {} func createEntryExpectations(suite *handlerTestSuite) { @@ -623,3 +656,23 @@ func expectDataStore(suite *handlerTestSuite) { suite.mockCatalog.EXPECT().DataStores(). Return([]datastore.DataStore{suite.mockDataStore}) } + +func createFetchBundleExpectations(suite *handlerTestSuite) { + expectDataStore(suite) + + suite.mockDataStore.EXPECT(). + FetchBundle(&datastore.Bundle{ + TrustDomain: "spiffe://example.org", + }). + Return(&datastore.Bundle{CaCerts: []byte{1, 2, 3}}, nil) +} + +func createFetchBundleErrorExpectations(suite *handlerTestSuite) { + expectDataStore(suite) + + suite.mockDataStore.EXPECT(). + FetchBundle(&datastore.Bundle{ + TrustDomain: "spiffe://example.org", + }). + Return(nil, errors.New("bundle not found")) +} diff --git a/proto/api/node/README_pb.md b/proto/api/node/README_pb.md index e7fe38e682..a35c25fc16 100644 --- a/proto/api/node/README_pb.md +++ b/proto/api/node/README_pb.md @@ -18,8 +18,6 @@ - [node.proto](#node.proto) - [FetchBaseSVIDRequest](#spire.api.node.FetchBaseSVIDRequest) - [FetchBaseSVIDResponse](#spire.api.node.FetchBaseSVIDResponse) - - [FetchCPBundleRequest](#spire.api.node.FetchCPBundleRequest) - - [FetchCPBundleResponse](#spire.api.node.FetchCPBundleResponse) - [FetchFederatedBundleRequest](#spire.api.node.FetchFederatedBundleRequest) - [FetchFederatedBundleResponse](#spire.api.node.FetchFederatedBundleResponse) - [FetchFederatedBundleResponse.FederatedBundlesEntry](#spire.api.node.FetchFederatedBundleResponse.FederatedBundlesEntry) @@ -186,31 +184,6 @@ all current Registration Entries which are relevant to the caller SPIFFE ID - - -### FetchCPBundleRequest -Represents an empty message. - - - - - - - - -### FetchCPBundleResponse -Represents a response with a Spire Server certificate bundle. - - -| Field | Type | Label | Description | -| ----- | ---- | ----- | ----------- | -| server_bundle | [bytes](#bytes) | | Spire Server certificate bundle. | - - - - - - ### FetchFederatedBundleRequest @@ -354,7 +327,6 @@ a list of all current Registration Entries which are relevant to the caller SPIF | ----------- | ------------ | ------------- | ------------| | FetchBaseSVID | [FetchBaseSVIDRequest](#spire.api.node.FetchBaseSVIDRequest) | [FetchBaseSVIDResponse](#spire.api.node.FetchBaseSVIDRequest) | Attest the node, get base node SVID. | | FetchSVID | [FetchSVIDRequest](#spire.api.node.FetchSVIDRequest) | [FetchSVIDResponse](#spire.api.node.FetchSVIDRequest) | Get Workload, Node Agent certs and CA trust bundles. Also used for rotation Base Node SVID or the Registered Node SVID used for this call) List can be empty to allow Node Agent cache refresh). | -| FetchCPBundle | [FetchCPBundleRequest](#spire.api.node.FetchCPBundleRequest) | [FetchCPBundleResponse](#spire.api.node.FetchCPBundleRequest) | Called by Node Agent periodically to support Spire Server certificate rotation. Cached in Node Agent memory for WorkLoads as well. | | FetchFederatedBundle | [FetchFederatedBundleRequest](#spire.api.node.FetchFederatedBundleRequest) | [FetchFederatedBundleResponse](#spire.api.node.FetchFederatedBundleRequest) | Called by the Node Agent to fetch the named Federated CA Bundle. Used in the event that authorized workloads reference a Federated Bundle. | diff --git a/proto/api/node/node.pb.go b/proto/api/node/node.pb.go index 8bc5f987c7..8ca9d0f8a2 100644 --- a/proto/api/node/node.pb.go +++ b/proto/api/node/node.pb.go @@ -14,8 +14,6 @@ It has these top-level messages: FetchBaseSVIDResponse FetchSVIDRequest FetchSVIDResponse - FetchCPBundleRequest - FetchCPBundleResponse FetchFederatedBundleRequest FetchFederatedBundleResponse */ @@ -283,33 +281,6 @@ func (m *FetchSVIDResponse) GetSvidUpdate() *SvidUpdate { return nil } -// Represents an empty message. -type FetchCPBundleRequest struct { -} - -func (m *FetchCPBundleRequest) Reset() { *m = FetchCPBundleRequest{} } -func (m *FetchCPBundleRequest) String() string { return proto.CompactTextString(m) } -func (*FetchCPBundleRequest) ProtoMessage() {} -func (*FetchCPBundleRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} } - -// Represents a response with a Spire Server certificate bundle. -type FetchCPBundleResponse struct { - // Spire Server certificate bundle. - ServerBundle []byte `protobuf:"bytes,1,opt,name=server_bundle,json=serverBundle,proto3" json:"server_bundle,omitempty"` -} - -func (m *FetchCPBundleResponse) Reset() { *m = FetchCPBundleResponse{} } -func (m *FetchCPBundleResponse) String() string { return proto.CompactTextString(m) } -func (*FetchCPBundleResponse) ProtoMessage() {} -func (*FetchCPBundleResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7} } - -func (m *FetchCPBundleResponse) GetServerBundle() []byte { - if m != nil { - return m.ServerBundle - } - return nil -} - // Represents a request with an array of SPIFFE Ids. type FetchFederatedBundleRequest struct { // An array of SPIFFE Ids. @@ -319,7 +290,7 @@ type FetchFederatedBundleRequest struct { func (m *FetchFederatedBundleRequest) Reset() { *m = FetchFederatedBundleRequest{} } func (m *FetchFederatedBundleRequest) String() string { return proto.CompactTextString(m) } func (*FetchFederatedBundleRequest) ProtoMessage() {} -func (*FetchFederatedBundleRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{8} } +func (*FetchFederatedBundleRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} } func (m *FetchFederatedBundleRequest) GetSpiffeId() []string { if m != nil { @@ -337,7 +308,7 @@ type FetchFederatedBundleResponse struct { func (m *FetchFederatedBundleResponse) Reset() { *m = FetchFederatedBundleResponse{} } func (m *FetchFederatedBundleResponse) String() string { return proto.CompactTextString(m) } func (*FetchFederatedBundleResponse) ProtoMessage() {} -func (*FetchFederatedBundleResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9} } +func (*FetchFederatedBundleResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7} } func (m *FetchFederatedBundleResponse) GetFederatedBundles() map[string][]byte { if m != nil { @@ -353,8 +324,6 @@ func init() { proto.RegisterType((*FetchBaseSVIDResponse)(nil), "spire.api.node.FetchBaseSVIDResponse") proto.RegisterType((*FetchSVIDRequest)(nil), "spire.api.node.FetchSVIDRequest") proto.RegisterType((*FetchSVIDResponse)(nil), "spire.api.node.FetchSVIDResponse") - proto.RegisterType((*FetchCPBundleRequest)(nil), "spire.api.node.FetchCPBundleRequest") - proto.RegisterType((*FetchCPBundleResponse)(nil), "spire.api.node.FetchCPBundleResponse") proto.RegisterType((*FetchFederatedBundleRequest)(nil), "spire.api.node.FetchFederatedBundleRequest") proto.RegisterType((*FetchFederatedBundleResponse)(nil), "spire.api.node.FetchFederatedBundleResponse") } @@ -376,9 +345,6 @@ type NodeClient interface { // Base Node SVID or the Registered Node SVID used for this call) // List can be empty to allow Node Agent cache refresh). FetchSVID(ctx context.Context, opts ...grpc.CallOption) (Node_FetchSVIDClient, error) - // Called by Node Agent periodically to support Spire Server certificate - // rotation. Cached in Node Agent memory for WorkLoads as well. - FetchCPBundle(ctx context.Context, in *FetchCPBundleRequest, opts ...grpc.CallOption) (*FetchCPBundleResponse, error) // Called by the Node Agent to fetch the named Federated CA Bundle. // Used in the event that authorized workloads reference a Federated Bundle. FetchFederatedBundle(ctx context.Context, in *FetchFederatedBundleRequest, opts ...grpc.CallOption) (*FetchFederatedBundleResponse, error) @@ -432,15 +398,6 @@ func (x *nodeFetchSVIDClient) Recv() (*FetchSVIDResponse, error) { return m, nil } -func (c *nodeClient) FetchCPBundle(ctx context.Context, in *FetchCPBundleRequest, opts ...grpc.CallOption) (*FetchCPBundleResponse, error) { - out := new(FetchCPBundleResponse) - err := grpc.Invoke(ctx, "/spire.api.node.Node/FetchCPBundle", in, out, c.cc, opts...) - if err != nil { - return nil, err - } - return out, nil -} - func (c *nodeClient) FetchFederatedBundle(ctx context.Context, in *FetchFederatedBundleRequest, opts ...grpc.CallOption) (*FetchFederatedBundleResponse, error) { out := new(FetchFederatedBundleResponse) err := grpc.Invoke(ctx, "/spire.api.node.Node/FetchFederatedBundle", in, out, c.cc, opts...) @@ -459,9 +416,6 @@ type NodeServer interface { // Base Node SVID or the Registered Node SVID used for this call) // List can be empty to allow Node Agent cache refresh). FetchSVID(Node_FetchSVIDServer) error - // Called by Node Agent periodically to support Spire Server certificate - // rotation. Cached in Node Agent memory for WorkLoads as well. - FetchCPBundle(context.Context, *FetchCPBundleRequest) (*FetchCPBundleResponse, error) // Called by the Node Agent to fetch the named Federated CA Bundle. // Used in the event that authorized workloads reference a Federated Bundle. FetchFederatedBundle(context.Context, *FetchFederatedBundleRequest) (*FetchFederatedBundleResponse, error) @@ -515,24 +469,6 @@ func (x *nodeFetchSVIDServer) Recv() (*FetchSVIDRequest, error) { return m, nil } -func _Node_FetchCPBundle_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(FetchCPBundleRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(NodeServer).FetchCPBundle(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/spire.api.node.Node/FetchCPBundle", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(NodeServer).FetchCPBundle(ctx, req.(*FetchCPBundleRequest)) - } - return interceptor(ctx, in, info, handler) -} - func _Node_FetchFederatedBundle_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(FetchFederatedBundleRequest) if err := dec(in); err != nil { @@ -559,10 +495,6 @@ var _Node_serviceDesc = grpc.ServiceDesc{ MethodName: "FetchBaseSVID", Handler: _Node_FetchBaseSVID_Handler, }, - { - MethodName: "FetchCPBundle", - Handler: _Node_FetchCPBundle_Handler, - }, { MethodName: "FetchFederatedBundle", Handler: _Node_FetchFederatedBundle_Handler, @@ -582,43 +514,40 @@ var _Node_serviceDesc = grpc.ServiceDesc{ func init() { proto.RegisterFile("node.proto", fileDescriptor0) } var fileDescriptor0 = []byte{ - // 593 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x54, 0x6f, 0x4f, 0x13, 0x4f, - 0x10, 0xfe, 0x5d, 0x5b, 0x08, 0x9d, 0x1e, 0xbf, 0xc0, 0x5a, 0x49, 0x53, 0x4c, 0xac, 0xa7, 0x98, - 0x46, 0xcd, 0x55, 0x6b, 0x4c, 0x0c, 0x9a, 0x18, 0x0b, 0x92, 0xf0, 0x86, 0x90, 0x05, 0x7d, 0x61, - 0x4c, 0x9a, 0xe5, 0x76, 0x0a, 0x1b, 0xe1, 0xee, 0xd8, 0xdd, 0x36, 0xe1, 0x03, 0xf8, 0xca, 0xaf, - 0xe7, 0x07, 0x32, 0xfb, 0x07, 0xb8, 0x9e, 0x07, 0x6a, 0xe2, 0xab, 0xce, 0x4d, 0x9f, 0x99, 0xe7, - 0x99, 0x99, 0xe7, 0x0e, 0x20, 0xcd, 0x38, 0xc6, 0xb9, 0xcc, 0x74, 0x46, 0xfe, 0x57, 0xb9, 0x90, - 0x18, 0xb3, 0x5c, 0xc4, 0x26, 0xdb, 0x7d, 0x71, 0x2c, 0xf4, 0xc9, 0xf4, 0x28, 0x4e, 0xb2, 0xb3, - 0x81, 0xca, 0xc5, 0x64, 0x82, 0x03, 0x8b, 0x18, 0x58, 0xf8, 0x20, 0xc9, 0xce, 0xce, 0xb2, 0xd4, - 0xff, 0xb8, 0x16, 0xd1, 0x2b, 0x68, 0x1c, 0xcc, 0x04, 0x27, 0xeb, 0xd0, 0x54, 0x33, 0xc1, 0xc7, - 0x09, 0x4a, 0xdd, 0x09, 0x7a, 0x41, 0x3f, 0xa4, 0x4b, 0x26, 0xb1, 0x85, 0x52, 0x93, 0x15, 0xa8, - 0x6b, 0x7d, 0xda, 0xa9, 0xf5, 0x82, 0xfe, 0x02, 0x35, 0x61, 0xf4, 0xad, 0x06, 0x60, 0xea, 0x3e, - 0xe6, 0x9c, 0x69, 0x24, 0x6f, 0x60, 0xc1, 0x80, 0x55, 0x27, 0xe8, 0xd5, 0xfb, 0xad, 0xe1, 0x46, - 0x3c, 0x2f, 0x2c, 0xbe, 0x86, 0xda, 0x50, 0x7d, 0x48, 0xb5, 0xbc, 0xa0, 0xae, 0x86, 0xac, 0xc1, - 0xe2, 0xd1, 0x34, 0xe5, 0xa7, 0x68, 0x09, 0x42, 0xea, 0x9f, 0x08, 0x85, 0xb6, 0xc4, 0x63, 0xa1, - 0xb4, 0x64, 0x5a, 0x64, 0xe9, 0x18, 0x53, 0x2d, 0x05, 0xaa, 0x4e, 0xdd, 0x72, 0xdc, 0xf7, 0x1c, - 0x7e, 0x1a, 0x5a, 0x40, 0xba, 0xee, 0x77, 0x64, 0x29, 0x25, 0x50, 0x75, 0xf7, 0x9c, 0x6c, 0x27, - 0xc0, 0xcc, 0xf5, 0x15, 0x2f, 0xec, 0xb8, 0x4d, 0x6a, 0x42, 0xf2, 0x04, 0x16, 0x66, 0xec, 0x74, - 0xea, 0xa4, 0xb4, 0x86, 0xed, 0xaa, 0x41, 0xa8, 0x83, 0x6c, 0xd6, 0x5e, 0x07, 0x91, 0x80, 0xf6, - 0x0e, 0xea, 0xe4, 0x64, 0xc4, 0x14, 0x1e, 0x7c, 0xda, 0xdd, 0xa6, 0x78, 0x3e, 0x45, 0xa5, 0xc9, - 0x3b, 0x58, 0x66, 0x5a, 0xa3, 0xd2, 0xc8, 0xc7, 0x9c, 0x69, 0x66, 0x39, 0x5a, 0xc3, 0xee, 0xbc, - 0xe8, 0xf7, 0x1e, 0xb2, 0xcd, 0x34, 0xa3, 0x21, 0x2b, 0x3c, 0x19, 0x69, 0x89, 0x92, 0x7e, 0x23, - 0x26, 0x8c, 0x0e, 0xe1, 0x6e, 0x89, 0x4a, 0xe5, 0x59, 0xaa, 0xcc, 0xf2, 0x5b, 0xf6, 0x74, 0x53, - 0xbb, 0xe0, 0x12, 0x53, 0xc5, 0x09, 0x28, 0xa8, 0xab, 0x38, 0x7a, 0x0c, 0x2b, 0xb6, 0x6b, 0x51, - 0x3c, 0x81, 0x46, 0xa2, 0xa4, 0xea, 0xd4, 0x7a, 0xf5, 0x7e, 0x48, 0x6d, 0x1c, 0xed, 0xc3, 0x6a, - 0x01, 0xf7, 0x2f, 0x98, 0xd7, 0xfc, 0xea, 0xb6, 0xf6, 0x47, 0xf6, 0xde, 0x9e, 0x3d, 0x7a, 0xeb, - 0xe7, 0xbc, 0xce, 0x7b, 0xb6, 0x87, 0xb0, 0xac, 0x50, 0xce, 0x50, 0x8e, 0xbd, 0x5d, 0x9c, 0x4d, - 0x43, 0x97, 0x74, 0xe0, 0x68, 0x13, 0xd6, 0x6d, 0xf5, 0x0e, 0x72, 0x94, 0x4c, 0x23, 0x9f, 0x6b, - 0x6e, 0x6d, 0x6e, 0x5f, 0x8c, 0xb1, 0xe0, 0xd6, 0xac, 0x4d, 0xba, 0xe4, 0x12, 0xbb, 0x3c, 0xfa, - 0x11, 0xc0, 0xbd, 0xea, 0x62, 0xaf, 0x20, 0x83, 0xd5, 0xc9, 0xe5, 0x5f, 0x5e, 0xc4, 0xa5, 0xe5, - 0x47, 0xe5, 0xa9, 0x6f, 0x6b, 0x14, 0x97, 0xf2, 0xfe, 0x7d, 0x58, 0x99, 0x94, 0xd2, 0xdd, 0x2d, - 0xb3, 0x8b, 0x0a, 0x68, 0x85, 0x73, 0xdb, 0x45, 0xe7, 0x86, 0x05, 0x8f, 0x0e, 0xbf, 0xd7, 0xa1, - 0xb1, 0x97, 0x71, 0x24, 0x5f, 0x60, 0x79, 0xce, 0x41, 0xe4, 0x51, 0xa5, 0xe8, 0x92, 0x97, 0xbb, - 0x1b, 0xbf, 0x41, 0xf9, 0xe5, 0x1c, 0x42, 0xf3, 0xca, 0x21, 0xa4, 0x57, 0x59, 0x53, 0xec, 0xfa, - 0xe0, 0x16, 0x84, 0xeb, 0xd8, 0x0f, 0x9e, 0x07, 0x57, 0x9a, 0x2f, 0xdd, 0x70, 0x83, 0xe6, 0x92, - 0x89, 0x6e, 0xd0, 0xfc, 0x8b, 0xa5, 0xce, 0xbd, 0x07, 0x4b, 0x4b, 0x26, 0x4f, 0xff, 0xec, 0x9a, - 0x8e, 0xeb, 0xd9, 0xdf, 0x9c, 0x7e, 0xb4, 0xf8, 0xb9, 0x61, 0x40, 0xfb, 0xff, 0x1d, 0x2d, 0xda, - 0x2f, 0xf0, 0xcb, 0x9f, 0x01, 0x00, 0x00, 0xff, 0xff, 0x38, 0x41, 0xaa, 0xed, 0xd2, 0x05, 0x00, - 0x00, + // 548 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x54, 0x6d, 0x6b, 0x13, 0x41, + 0x10, 0xf6, 0xf2, 0x46, 0x33, 0x49, 0x25, 0x5d, 0xa3, 0x84, 0x54, 0x30, 0x1e, 0x56, 0x82, 0xca, + 0x45, 0x23, 0x82, 0xd4, 0x0f, 0x62, 0x5a, 0x0b, 0xfd, 0x52, 0xca, 0xb6, 0xfa, 0x41, 0x84, 0xb0, + 0xb9, 0x9d, 0xb4, 0x8b, 0xc9, 0xdd, 0x75, 0x77, 0x2f, 0xd0, 0x1f, 0xe0, 0xcf, 0xf1, 0xdf, 0xf8, + 0x83, 0x64, 0x77, 0x2f, 0xf5, 0x72, 0x1c, 0x55, 0xc1, 0x4f, 0x99, 0x9d, 0x3c, 0x33, 0xcf, 0x33, + 0x33, 0x4f, 0x02, 0x10, 0xc5, 0x1c, 0x83, 0x44, 0xc6, 0x3a, 0x26, 0x77, 0x55, 0x22, 0x24, 0x06, + 0x2c, 0x11, 0x81, 0xc9, 0xf6, 0x5f, 0x5d, 0x08, 0x7d, 0x99, 0xce, 0x82, 0x30, 0x5e, 0x8e, 0x54, + 0x22, 0xe6, 0x73, 0x1c, 0x59, 0xc4, 0xc8, 0xc2, 0x47, 0x61, 0xbc, 0x5c, 0xc6, 0x51, 0xf6, 0xe1, + 0x5a, 0xf8, 0x6f, 0xa0, 0x76, 0xb6, 0x12, 0x9c, 0xec, 0x42, 0x53, 0xad, 0x04, 0x9f, 0x86, 0x28, + 0x75, 0xcf, 0x1b, 0x78, 0xc3, 0x36, 0xdd, 0x32, 0x89, 0x03, 0x94, 0x9a, 0x74, 0xa0, 0xaa, 0xf5, + 0xa2, 0x57, 0x19, 0x78, 0xc3, 0x3a, 0x35, 0xa1, 0xff, 0xbd, 0x02, 0x60, 0xea, 0x3e, 0x25, 0x9c, + 0x69, 0x24, 0xef, 0xa0, 0x6e, 0xc0, 0xaa, 0xe7, 0x0d, 0xaa, 0xc3, 0xd6, 0x78, 0x2f, 0xd8, 0x14, + 0x16, 0xfc, 0x86, 0xda, 0x50, 0x7d, 0x8c, 0xb4, 0xbc, 0xa6, 0xae, 0x86, 0x3c, 0x80, 0xc6, 0x2c, + 0x8d, 0xf8, 0x02, 0x2d, 0x41, 0x9b, 0x66, 0x2f, 0x42, 0xa1, 0x2b, 0xf1, 0x42, 0x28, 0x2d, 0x99, + 0x16, 0x71, 0x34, 0xc5, 0x48, 0x4b, 0x81, 0xaa, 0x57, 0xb5, 0x1c, 0x8f, 0x32, 0x8e, 0x6c, 0x1a, + 0x9a, 0x43, 0xba, 0xee, 0xf7, 0x64, 0x21, 0x25, 0x50, 0xf5, 0x4f, 0x9c, 0x6c, 0x27, 0xc0, 0xcc, + 0xf5, 0x0d, 0xaf, 0xed, 0xb8, 0x4d, 0x6a, 0x42, 0xf2, 0x0c, 0xea, 0x2b, 0xb6, 0x48, 0x9d, 0x94, + 0xd6, 0xb8, 0x5b, 0x36, 0x08, 0x75, 0x90, 0xfd, 0xca, 0x5b, 0xcf, 0x17, 0xd0, 0x3d, 0x42, 0x1d, + 0x5e, 0x4e, 0x98, 0xc2, 0xb3, 0xcf, 0xc7, 0x87, 0x14, 0xaf, 0x52, 0x54, 0x9a, 0xbc, 0x87, 0x6d, + 0xa6, 0x35, 0x2a, 0x8d, 0x7c, 0xca, 0x99, 0x66, 0x96, 0xa3, 0x35, 0xee, 0x6f, 0x8a, 0xfe, 0x90, + 0x41, 0x0e, 0x99, 0x66, 0xb4, 0xcd, 0x72, 0x2f, 0x23, 0x2d, 0x54, 0x32, 0xdb, 0x88, 0x09, 0xfd, + 0x73, 0xb8, 0x5f, 0xa0, 0x52, 0x49, 0x1c, 0x29, 0xb3, 0xfc, 0x96, 0x3d, 0x5d, 0x6a, 0x17, 0x5c, + 0x60, 0x2a, 0x39, 0x01, 0x05, 0x75, 0x13, 0xfb, 0x4f, 0xa1, 0x63, 0xbb, 0xe6, 0xc5, 0x13, 0xa8, + 0x85, 0x4a, 0xaa, 0x5e, 0x65, 0x50, 0x1d, 0xb6, 0xa9, 0x8d, 0xfd, 0x53, 0xd8, 0xc9, 0xe1, 0xfe, + 0x07, 0xf3, 0x3e, 0xec, 0xda, 0x8e, 0x47, 0xc8, 0x51, 0x32, 0x8d, 0x7c, 0x62, 0xcf, 0xbe, 0x16, + 0x61, 0x0c, 0x69, 0x2d, 0x3c, 0x15, 0xdc, 0xda, 0xaa, 0x49, 0xb7, 0x5c, 0xe2, 0x98, 0xfb, 0x3f, + 0x3d, 0x78, 0x58, 0x5e, 0x9c, 0x29, 0x8b, 0x61, 0x67, 0xbe, 0xfe, 0x6a, 0xea, 0xfc, 0xb4, 0x36, + 0xe7, 0xa4, 0xa8, 0xef, 0xb6, 0x46, 0x41, 0x21, 0x9f, 0x39, 0xb7, 0x33, 0x2f, 0xa4, 0xfb, 0x07, + 0xe6, 0x3a, 0x25, 0xd0, 0x12, 0x8f, 0x75, 0xf3, 0x1e, 0x6b, 0xe7, 0xdc, 0x34, 0xfe, 0x51, 0x81, + 0xda, 0x49, 0xcc, 0x91, 0x7c, 0x85, 0xed, 0x8d, 0x5b, 0x93, 0x27, 0xa5, 0xa2, 0x0b, 0xae, 0xeb, + 0xef, 0xfd, 0x01, 0x95, 0x2d, 0xe7, 0x1c, 0x9a, 0x37, 0xb7, 0x24, 0x83, 0xd2, 0x9a, 0x7c, 0xd7, + 0xc7, 0xb7, 0x20, 0x5c, 0xc7, 0xa1, 0xf7, 0xd2, 0x23, 0x57, 0xd9, 0x4f, 0xa1, 0xb0, 0x06, 0xf2, + 0xfc, 0xef, 0xf6, 0xed, 0xb8, 0x5e, 0xfc, 0xcb, 0x71, 0x26, 0x8d, 0x2f, 0x35, 0x03, 0x3a, 0xbd, + 0x33, 0x6b, 0xd8, 0x7f, 0xb3, 0xd7, 0xbf, 0x02, 0x00, 0x00, 0xff, 0xff, 0x9c, 0x3d, 0x75, 0xc5, + 0x1e, 0x05, 0x00, 0x00, } diff --git a/proto/api/node/node.proto b/proto/api/node/node.proto index a5e007be91..f2376daf82 100644 --- a/proto/api/node/node.proto +++ b/proto/api/node/node.proto @@ -65,16 +65,6 @@ message FetchSVIDResponse { SvidUpdate svid_update = 1; } -// Represents an empty message. -message FetchCPBundleRequest { -} - -// Represents a response with a Spire Server certificate bundle. -message FetchCPBundleResponse { - // Spire Server certificate bundle. - bytes server_bundle = 1; -} - // Represents a request with an array of SPIFFE Ids. message FetchFederatedBundleRequest { // An array of SPIFFE Ids. @@ -96,10 +86,6 @@ service Node { // List can be empty to allow Node Agent cache refresh). rpc FetchSVID(stream FetchSVIDRequest) returns (stream FetchSVIDResponse); - // Called by Node Agent periodically to support Spire Server certificate - // rotation. Cached in Node Agent memory for WorkLoads as well. - rpc FetchCPBundle(FetchCPBundleRequest) returns (FetchCPBundleResponse); - // Called by the Node Agent to fetch the named Federated CA Bundle. // Used in the event that authorized workloads reference a Federated Bundle. rpc FetchFederatedBundle(FetchFederatedBundleRequest) returns (FetchFederatedBundleResponse); diff --git a/proto/api/registration/README_pb.md b/proto/api/registration/README_pb.md index 42dead5010..f5ce8b0e44 100644 --- a/proto/api/registration/README_pb.md +++ b/proto/api/registration/README_pb.md @@ -69,6 +69,7 @@ - [registration.proto](#registration.proto) + - [Bundle](#spire.api.registration.Bundle) - [CreateFederatedBundleRequest](#spire.api.registration.CreateFederatedBundleRequest) - [FederatedBundle](#spire.api.registration.FederatedBundle) - [FederatedSpiffeID](#spire.api.registration.FederatedSpiffeID) @@ -1095,6 +1096,21 @@ Represents a type with a list of NodeResolution. + + +### Bundle +CA Bundle of the server + + +| Field | Type | Label | Description | +| ----- | ---- | ----- | ----------- | +| ca_certs | [bytes](#bytes) | | ASN.1 DER data of the bundle. | + + + + + + ### CreateFederatedBundleRequest @@ -1260,6 +1276,7 @@ A type with the id with want to update plus values to modify. | UpdateFederatedBundle | [FederatedBundle](#spire.api.registration.FederatedBundle) | [spire.common.Empty](#spire.api.registration.FederatedBundle) | Updates a particular Federated Bundle. Useful for rotation. | | DeleteFederatedBundle | [FederatedSpiffeID](#spire.api.registration.FederatedSpiffeID) | [spire.common.Empty](#spire.api.registration.FederatedSpiffeID) | Delete a particular Federated Bundle. Used to destroy inter-domain trust. | | CreateJoinToken | [JoinToken](#spire.api.registration.JoinToken) | [JoinToken](#spire.api.registration.JoinToken) | Create a new join token | +| FetchBundle | [spire.common.Empty](#spire.common.Empty) | [Bundle](#spire.common.Empty) | Retrieves the CA bundle. | diff --git a/proto/api/registration/registration.pb.go b/proto/api/registration/registration.pb.go index 91081ac40e..bc33aad373 100644 --- a/proto/api/registration/registration.pb.go +++ b/proto/api/registration/registration.pb.go @@ -17,6 +17,7 @@ It has these top-level messages: ListFederatedBundlesReply FederatedSpiffeID JoinToken + Bundle */ package registration @@ -332,6 +333,24 @@ func (m *JoinToken) GetTtl() int32 { return 0 } +// CA Bundle of the server +type Bundle struct { + // ASN.1 DER data of the bundle. + CaCerts []byte `protobuf:"bytes,1,opt,name=ca_certs,json=caCerts,proto3" json:"ca_certs,omitempty"` +} + +func (m *Bundle) Reset() { *m = Bundle{} } +func (m *Bundle) String() string { return proto.CompactTextString(m) } +func (*Bundle) ProtoMessage() {} +func (*Bundle) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9} } + +func (m *Bundle) GetCaCerts() []byte { + if m != nil { + return m.CaCerts + } + return nil +} + func init() { proto.RegisterType((*RegistrationEntryID)(nil), "spire.api.registration.RegistrationEntryID") proto.RegisterType((*ParentID)(nil), "spire.api.registration.ParentID") @@ -342,6 +361,7 @@ func init() { proto.RegisterType((*ListFederatedBundlesReply)(nil), "spire.api.registration.ListFederatedBundlesReply") proto.RegisterType((*FederatedSpiffeID)(nil), "spire.api.registration.FederatedSpiffeID") proto.RegisterType((*JoinToken)(nil), "spire.api.registration.JoinToken") + proto.RegisterType((*Bundle)(nil), "spire.api.registration.Bundle") } // Reference imports to suppress errors if they are not otherwise used. @@ -381,6 +401,8 @@ type RegistrationClient interface { DeleteFederatedBundle(ctx context.Context, in *FederatedSpiffeID, opts ...grpc.CallOption) (*spire_common.Empty, error) // Create a new join token CreateJoinToken(ctx context.Context, in *JoinToken, opts ...grpc.CallOption) (*JoinToken, error) + // Retrieves the CA bundle. + FetchBundle(ctx context.Context, in *spire_common.Empty, opts ...grpc.CallOption) (*Bundle, error) } type registrationClient struct { @@ -508,6 +530,15 @@ func (c *registrationClient) CreateJoinToken(ctx context.Context, in *JoinToken, return out, nil } +func (c *registrationClient) FetchBundle(ctx context.Context, in *spire_common.Empty, opts ...grpc.CallOption) (*Bundle, error) { + out := new(Bundle) + err := grpc.Invoke(ctx, "/spire.api.registration.Registration/FetchBundle", in, out, c.cc, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // Server API for Registration service type RegistrationServer interface { @@ -537,6 +568,8 @@ type RegistrationServer interface { DeleteFederatedBundle(context.Context, *FederatedSpiffeID) (*spire_common.Empty, error) // Create a new join token CreateJoinToken(context.Context, *JoinToken) (*JoinToken, error) + // Retrieves the CA bundle. + FetchBundle(context.Context, *spire_common.Empty) (*Bundle, error) } func RegisterRegistrationServer(s *grpc.Server, srv RegistrationServer) { @@ -777,6 +810,24 @@ func _Registration_CreateJoinToken_Handler(srv interface{}, ctx context.Context, return interceptor(ctx, in, info, handler) } +func _Registration_FetchBundle_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(spire_common.Empty) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(RegistrationServer).FetchBundle(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.registration.Registration/FetchBundle", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(RegistrationServer).FetchBundle(ctx, req.(*spire_common.Empty)) + } + return interceptor(ctx, in, info, handler) +} + var _Registration_serviceDesc = grpc.ServiceDesc{ ServiceName: "spire.api.registration.Registration", HandlerType: (*RegistrationServer)(nil), @@ -833,6 +884,10 @@ var _Registration_serviceDesc = grpc.ServiceDesc{ MethodName: "CreateJoinToken", Handler: _Registration_CreateJoinToken_Handler, }, + { + MethodName: "FetchBundle", + Handler: _Registration_FetchBundle_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "registration.proto", @@ -841,45 +896,47 @@ var _Registration_serviceDesc = grpc.ServiceDesc{ func init() { proto.RegisterFile("registration.proto", fileDescriptor0) } var fileDescriptor0 = []byte{ - // 626 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x55, 0xc1, 0x6e, 0xd3, 0x4c, - 0x10, 0xfe, 0x9d, 0xaa, 0xfd, 0x9b, 0x71, 0x48, 0xdb, 0x4d, 0x53, 0x05, 0x53, 0x89, 0xd4, 0x08, - 0x91, 0x06, 0xc9, 0x56, 0x5b, 0xb8, 0x70, 0x23, 0xb4, 0x95, 0x0a, 0x1c, 0x22, 0x97, 0x80, 0x04, - 0x52, 0x2b, 0x27, 0x9e, 0xa4, 0x4b, 0x1c, 0xaf, 0xb1, 0x37, 0x87, 0x08, 0x71, 0xe1, 0x15, 0x78, - 0x34, 0x5e, 0x81, 0x03, 0x8f, 0x81, 0xb2, 0x9b, 0x35, 0xa9, 0x6b, 0x37, 0xe9, 0x81, 0x53, 0x36, - 0x3b, 0x33, 0xdf, 0x37, 0xdf, 0xcc, 0xec, 0x18, 0x48, 0x84, 0x03, 0x1a, 0xf3, 0xc8, 0xe5, 0x94, - 0x05, 0x56, 0x18, 0x31, 0xce, 0xc8, 0x4e, 0x1c, 0xd2, 0x08, 0x2d, 0x37, 0xa4, 0xd6, 0xbc, 0xd5, - 0xd8, 0x1d, 0x30, 0x36, 0xf0, 0xd1, 0x76, 0x43, 0x6a, 0xbb, 0x41, 0xc0, 0xb8, 0xb8, 0x8e, 0x65, - 0x94, 0x71, 0x30, 0xa0, 0xfc, 0x6a, 0xdc, 0xb5, 0x7a, 0x6c, 0x64, 0xc7, 0x21, 0xed, 0xf7, 0xd1, - 0x16, 0x38, 0xb6, 0x30, 0xdb, 0x3d, 0x36, 0x1a, 0xb1, 0x60, 0xf6, 0x23, 0x43, 0xcc, 0xc7, 0x50, - 0x71, 0xe6, 0x08, 0x4e, 0x02, 0x1e, 0x4d, 0xce, 0x8e, 0x49, 0x19, 0x0a, 0xd4, 0xab, 0x69, 0x75, - 0xad, 0x51, 0x74, 0x0a, 0xd4, 0x33, 0x0d, 0x58, 0x6f, 0xbb, 0x11, 0x06, 0x3c, 0xdb, 0x76, 0x2e, - 0xc8, 0x32, 0x6c, 0x9f, 0x80, 0x74, 0x42, 0xcf, 0xe5, 0x28, 0x80, 0x1d, 0xfc, 0x32, 0xc6, 0x98, - 0xa7, 0xbd, 0xc8, 0x73, 0x58, 0xc5, 0xa9, 0xbd, 0x56, 0xa8, 0x6b, 0x0d, 0xfd, 0xf0, 0xa1, 0x25, - 0xd5, 0xcf, 0x12, 0xbd, 0x91, 0x9f, 0x23, 0xbd, 0xcd, 0x21, 0x6c, 0x9c, 0xa2, 0x87, 0x91, 0xcb, - 0xd1, 0x6b, 0x8d, 0x03, 0xcf, 0x47, 0xf2, 0x00, 0x8a, 0x52, 0xf8, 0x65, 0x42, 0xb0, 0x2e, 0x2f, - 0xce, 0x3c, 0xb2, 0x0f, 0x9b, 0x7d, 0xe5, 0x7f, 0xd9, 0x15, 0x01, 0x82, 0xb1, 0xe4, 0x6c, 0xf4, - 0x53, 0x38, 0x9b, 0xb0, 0xc2, 0xb9, 0x5f, 0x5b, 0xa9, 0x6b, 0x8d, 0x55, 0x67, 0x7a, 0x34, 0x23, - 0xd8, 0x7d, 0x15, 0xa1, 0xcb, 0x31, 0x45, 0xa9, 0x34, 0x39, 0x19, 0xe0, 0x9a, 0x90, 0xf3, 0xc4, - 0xca, 0x6e, 0xa6, 0x95, 0x46, 0x4a, 0x67, 0x61, 0x5e, 0xc0, 0xfd, 0xb7, 0x34, 0xe6, 0x29, 0xbf, - 0xd8, 0xc1, 0xd0, 0x9f, 0x90, 0x97, 0xf0, 0xbf, 0xa4, 0x89, 0x6b, 0x5a, 0x7d, 0xe5, 0x2e, 0x3c, - 0x2a, 0xce, 0x7c, 0x04, 0x5b, 0x89, 0x2d, 0xb7, 0x85, 0x47, 0x50, 0x7c, 0xcd, 0x68, 0xf0, 0x8e, - 0x0d, 0x31, 0x20, 0xdb, 0xb0, 0xca, 0xa7, 0x87, 0x99, 0x5d, 0xfe, 0x51, 0xd5, 0x2a, 0x24, 0xd5, - 0x3a, 0xfc, 0x5d, 0x84, 0xd2, 0x7c, 0xdf, 0x48, 0x00, 0xba, 0x2c, 0x9f, 0xe8, 0x20, 0x59, 0xd4, - 0x62, 0xe3, 0x69, 0x9e, 0x98, 0x8c, 0x69, 0x35, 0xb7, 0xbe, 0xff, 0xfc, 0xf5, 0xa3, 0xa0, 0x9b, - 0x6b, 0xb6, 0x18, 0x8c, 0x17, 0x5a, 0x93, 0x0c, 0x41, 0x3f, 0x46, 0x1f, 0x15, 0xdf, 0x5d, 0xe0, - 0x8c, 0x45, 0xc9, 0x99, 0x65, 0xc1, 0xb7, 0xde, 0x9c, 0xf1, 0x11, 0x06, 0x70, 0x8a, 0xbc, 0x77, - 0xf5, 0x2f, 0xb8, 0x2a, 0x82, 0xeb, 0x1e, 0xd1, 0x25, 0x97, 0xfd, 0x95, 0x7a, 0xdf, 0xc8, 0x7b, - 0x28, 0x25, 0x84, 0x14, 0x63, 0x52, 0xb9, 0x8e, 0x72, 0x32, 0x0a, 0xf9, 0xc4, 0xd8, 0xbb, 0x1d, - 0x9a, 0x62, 0xac, 0x84, 0x10, 0x25, 0xe4, 0x33, 0xe8, 0x73, 0xcf, 0x95, 0x34, 0xf3, 0x94, 0xdc, - 0x7c, 0xd3, 0x4b, 0x17, 0xcd, 0x50, 0x5c, 0x1d, 0x28, 0x4f, 0x87, 0xbb, 0x35, 0x49, 0x16, 0x4b, - 0x3d, 0x8f, 0x4e, 0x79, 0x2c, 0x21, 0x89, 0xbc, 0x51, 0xb0, 0xe7, 0xe8, 0x63, 0x8f, 0xb3, 0x88, - 0xec, 0x5c, 0x0f, 0x52, 0xf7, 0xcb, 0x80, 0x25, 0x39, 0x26, 0xaf, 0x23, 0x37, 0x47, 0xe5, 0xb1, - 0x0c, 0x6c, 0x17, 0xaa, 0x99, 0xbb, 0x84, 0x3c, 0xcb, 0x43, 0xbf, 0x6d, 0xf5, 0x18, 0x59, 0xdd, - 0x27, 0x17, 0xb0, 0x9d, 0xb5, 0x3b, 0xb2, 0x47, 0xe5, 0x20, 0x8f, 0x37, 0x7f, 0xfd, 0x74, 0xa0, - 0x2a, 0xa7, 0x20, 0xad, 0x61, 0xd9, 0x35, 0x94, 0x9d, 0xf6, 0x07, 0xa8, 0xca, 0x77, 0x9b, 0x86, - 0xdd, 0x5f, 0x08, 0x9b, 0x74, 0x20, 0x07, 0x78, 0x43, 0x16, 0xf1, 0xef, 0x32, 0xdb, 0xcb, 0x83, - 0x4c, 0x5c, 0x8c, 0xc5, 0x2e, 0xad, 0xf2, 0xc7, 0xd2, 0xbc, 0xa5, 0xfd, 0x5f, 0x5b, 0xeb, 0xae, - 0x89, 0x8f, 0xeb, 0xd1, 0x9f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x6c, 0x0c, 0xd4, 0xb9, 0xdb, 0x07, - 0x00, 0x00, + // 663 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x55, 0xcf, 0x4e, 0xdb, 0x4e, + 0x10, 0xfe, 0x39, 0x08, 0x08, 0xe3, 0xfc, 0x02, 0x2c, 0x7f, 0x14, 0x5c, 0xd4, 0x06, 0xa3, 0xaa, + 0x40, 0x25, 0x5b, 0x40, 0x7b, 0xe9, 0xad, 0xe1, 0x8f, 0x44, 0xdb, 0x03, 0x32, 0xa5, 0x95, 0x5a, + 0x09, 0xe4, 0xd8, 0x93, 0xb0, 0xc5, 0xf1, 0xba, 0xf6, 0xe6, 0x10, 0x55, 0xbd, 0xf4, 0x15, 0xfa, + 0x1a, 0x7d, 0x9b, 0xbe, 0x42, 0x1f, 0xa4, 0xca, 0xae, 0xd7, 0x04, 0x63, 0x93, 0x70, 0xe8, 0x29, + 0xde, 0x9d, 0x99, 0xef, 0x9b, 0x6f, 0x66, 0x67, 0x02, 0x24, 0xc6, 0x2e, 0x4d, 0x78, 0xec, 0x72, + 0xca, 0x42, 0x2b, 0x8a, 0x19, 0x67, 0x64, 0x35, 0x89, 0x68, 0x8c, 0x96, 0x1b, 0x51, 0x6b, 0xd4, + 0x6a, 0xac, 0x77, 0x19, 0xeb, 0x06, 0x68, 0xbb, 0x11, 0xb5, 0xdd, 0x30, 0x64, 0x5c, 0x5c, 0x27, + 0x32, 0xca, 0xd8, 0xed, 0x52, 0x7e, 0xd5, 0x6f, 0x5b, 0x1e, 0xeb, 0xd9, 0x49, 0x44, 0x3b, 0x1d, + 0xb4, 0x05, 0x8e, 0x2d, 0xcc, 0xb6, 0xc7, 0x7a, 0x3d, 0x16, 0xa6, 0x3f, 0x32, 0xc4, 0x7c, 0x0a, + 0x4b, 0xce, 0x08, 0xc1, 0x51, 0xc8, 0xe3, 0xc1, 0xc9, 0x21, 0xa9, 0x43, 0x85, 0xfa, 0x0d, 0xad, + 0xa9, 0x6d, 0xcd, 0x39, 0x15, 0xea, 0x9b, 0x06, 0x54, 0x4f, 0xdd, 0x18, 0x43, 0x5e, 0x6c, 0x3b, + 0x13, 0x64, 0x05, 0xb6, 0xcf, 0x40, 0xce, 0x23, 0xdf, 0xe5, 0x28, 0x80, 0x1d, 0xfc, 0xda, 0xc7, + 0x84, 0xe7, 0xbd, 0xc8, 0x4b, 0x98, 0xc6, 0xa1, 0xbd, 0x51, 0x69, 0x6a, 0x5b, 0xfa, 0xde, 0x13, + 0x4b, 0xaa, 0x4f, 0x13, 0xbd, 0x93, 0x9f, 0x23, 0xbd, 0xcd, 0x6b, 0x98, 0x3f, 0x46, 0x1f, 0x63, + 0x97, 0xa3, 0xdf, 0xea, 0x87, 0x7e, 0x80, 0xe4, 0x11, 0xcc, 0x49, 0xe1, 0x97, 0x19, 0x41, 0x55, + 0x5e, 0x9c, 0xf8, 0x64, 0x1b, 0x16, 0x3a, 0xca, 0xff, 0xb2, 0x2d, 0x02, 0x04, 0x63, 0xcd, 0x99, + 0xef, 0xe4, 0x70, 0x16, 0x60, 0x8a, 0xf3, 0xa0, 0x31, 0xd5, 0xd4, 0xb6, 0xa6, 0x9d, 0xe1, 0xa7, + 0x19, 0xc3, 0xfa, 0x41, 0x8c, 0x2e, 0xc7, 0x1c, 0xa5, 0xd2, 0xe4, 0x14, 0x80, 0x6b, 0x42, 0xce, + 0x33, 0xab, 0xb8, 0x99, 0x56, 0x1e, 0x29, 0x9f, 0x85, 0x79, 0x01, 0x6b, 0xef, 0x68, 0xc2, 0x73, + 0x7e, 0x89, 0x83, 0x51, 0x30, 0x20, 0xaf, 0x61, 0x56, 0xd2, 0x24, 0x0d, 0xad, 0x39, 0xf5, 0x10, + 0x1e, 0x15, 0x67, 0x6e, 0xc2, 0x62, 0x66, 0x2b, 0x6d, 0xe1, 0x3e, 0xcc, 0xbd, 0x61, 0x34, 0x7c, + 0xcf, 0xae, 0x31, 0x24, 0xcb, 0x30, 0xcd, 0x87, 0x1f, 0xa9, 0x5d, 0x1e, 0x54, 0xb5, 0x2a, 0x37, + 0xd5, 0xda, 0x84, 0x99, 0xb4, 0x92, 0x6b, 0x50, 0xf5, 0xdc, 0x4b, 0x0f, 0x63, 0x9e, 0x88, 0xa0, + 0x9a, 0x33, 0xeb, 0xb9, 0x07, 0xc3, 0xe3, 0xde, 0x2f, 0x80, 0xda, 0x68, 0x73, 0x49, 0x08, 0xba, + 0xac, 0xb1, 0x68, 0x33, 0x19, 0xf7, 0x0e, 0x8c, 0xe7, 0x65, 0x8a, 0x0b, 0x9e, 0xb4, 0xb9, 0xf8, + 0xe3, 0xf7, 0x9f, 0x9f, 0x15, 0xdd, 0x9c, 0xb1, 0xc5, 0xeb, 0x79, 0xa5, 0xed, 0x90, 0x6b, 0xd0, + 0x0f, 0x31, 0x40, 0xc5, 0xf7, 0x10, 0x38, 0x63, 0x5c, 0x72, 0x66, 0x5d, 0xf0, 0x55, 0x77, 0x52, + 0x3e, 0xc2, 0x00, 0x8e, 0x91, 0x7b, 0x57, 0xff, 0x82, 0x6b, 0x49, 0x70, 0xfd, 0x4f, 0x74, 0xc9, + 0x65, 0x7f, 0xa3, 0xfe, 0x77, 0xf2, 0x01, 0x6a, 0x19, 0x21, 0xc5, 0x84, 0x2c, 0xdd, 0x46, 0x39, + 0xea, 0x45, 0x7c, 0x60, 0x6c, 0xdc, 0x0f, 0x4d, 0x31, 0x51, 0x42, 0x88, 0x12, 0xf2, 0x05, 0xf4, + 0x91, 0x99, 0x26, 0x3b, 0x65, 0x4a, 0xee, 0x0e, 0xfe, 0xc4, 0x45, 0x33, 0x14, 0xd7, 0x39, 0xd4, + 0x87, 0x13, 0xd0, 0x1a, 0x64, 0xdb, 0xa7, 0x59, 0x46, 0xa7, 0x3c, 0x26, 0x90, 0x44, 0xde, 0x2a, + 0xd8, 0x33, 0x0c, 0xd0, 0xe3, 0x2c, 0x26, 0xab, 0xb7, 0x83, 0xd4, 0xfd, 0x24, 0x60, 0x59, 0x8e, + 0xd9, 0x08, 0x95, 0xe6, 0xa8, 0x3c, 0x26, 0x81, 0x6d, 0xc3, 0x4a, 0xe1, 0xc2, 0x21, 0x2f, 0xca, + 0xd0, 0xef, 0xdb, 0x4f, 0x46, 0x51, 0xf7, 0xc9, 0x05, 0x2c, 0x17, 0x2d, 0x98, 0xe2, 0xa7, 0xb2, + 0x5b, 0xc6, 0x5b, 0xbe, 0xa3, 0xce, 0x61, 0x45, 0xbe, 0x82, 0xbc, 0x86, 0x49, 0x77, 0x55, 0x71, + 0xda, 0x1f, 0x61, 0x45, 0xce, 0x6d, 0x1e, 0x76, 0x7b, 0x2c, 0x6c, 0xd6, 0x81, 0x12, 0xe0, 0x79, + 0x59, 0xc4, 0x9b, 0x8d, 0xb7, 0x51, 0x06, 0x99, 0xb9, 0x18, 0xe3, 0x5d, 0x48, 0x0b, 0x74, 0x31, + 0x8b, 0x69, 0x9e, 0x85, 0xf5, 0x7d, 0x5c, 0x06, 0x23, 0x83, 0x5a, 0xf5, 0x4f, 0xb5, 0xd1, 0xeb, + 0xd3, 0xff, 0x4e, 0xb5, 0xf6, 0x8c, 0xf8, 0x17, 0xdf, 0xff, 0x1b, 0x00, 0x00, 0xff, 0xff, 0x00, + 0xe9, 0x25, 0x8f, 0x44, 0x08, 0x00, 0x00, } diff --git a/proto/api/registration/registration.proto b/proto/api/registration/registration.proto index c2188bb59b..fdf2f15380 100644 --- a/proto/api/registration/registration.proto +++ b/proto/api/registration/registration.proto @@ -75,6 +75,12 @@ message JoinToken { int32 ttl = 2; } +// CA Bundle of the server +message Bundle { + // ASN.1 DER data of the bundle. + bytes ca_certs = 1; +} + service Registration { // Creates an entry in the Registration table, used to assign SPIFFE IDs to nodes and workloads. rpc CreateEntry(spire.common.RegistrationEntry) returns (RegistrationEntryID) { @@ -118,4 +124,7 @@ service Registration { // Create a new join token rpc CreateJoinToken(JoinToken) returns (JoinToken); + + // Retrieves the CA bundle. + rpc FetchBundle(spire.common.Empty) returns (Bundle); } diff --git a/test/mock/proto/api/node/node.go b/test/mock/proto/api/node/node.go index ca8145dc9a..4b1a8209d0 100644 --- a/test/mock/proto/api/node/node.go +++ b/test/mock/proto/api/node/node.go @@ -1,12 +1,13 @@ // Code generated by MockGen. DO NOT EDIT. // Source: github.com/spiffe/spire/proto/api/node (interfaces: NodeClient,Node_FetchSVIDClient,NodeServer,Node_FetchSVIDServer) +// Package mock_node is a generated GoMock package. package mock_node import ( + context "context" gomock "github.com/golang/mock/gomock" node "github.com/spiffe/spire/proto/api/node" - context "golang.org/x/net/context" grpc "google.golang.org/grpc" metadata "google.golang.org/grpc/metadata" reflect "reflect" @@ -31,80 +32,62 @@ func NewMockNodeClient(ctrl *gomock.Controller) *MockNodeClient { } // EXPECT returns an object that allows the caller to indicate expected use -func (_m *MockNodeClient) EXPECT() *MockNodeClientMockRecorder { - return _m.recorder +func (m *MockNodeClient) EXPECT() *MockNodeClientMockRecorder { + return m.recorder } // FetchBaseSVID mocks base method -func (_m *MockNodeClient) FetchBaseSVID(_param0 context.Context, _param1 *node.FetchBaseSVIDRequest, _param2 ...grpc.CallOption) (*node.FetchBaseSVIDResponse, error) { - _s := []interface{}{_param0, _param1} - for _, _x := range _param2 { - _s = append(_s, _x) +func (m *MockNodeClient) FetchBaseSVID(arg0 context.Context, arg1 *node.FetchBaseSVIDRequest, arg2 ...grpc.CallOption) (*node.FetchBaseSVIDResponse, error) { + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) } - ret := _m.ctrl.Call(_m, "FetchBaseSVID", _s...) + ret := m.ctrl.Call(m, "FetchBaseSVID", varargs...) ret0, _ := ret[0].(*node.FetchBaseSVIDResponse) ret1, _ := ret[1].(error) return ret0, ret1 } // FetchBaseSVID indicates an expected call of FetchBaseSVID -func (_mr *MockNodeClientMockRecorder) FetchBaseSVID(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - _s := append([]interface{}{arg0, arg1}, arg2...) - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchBaseSVID", reflect.TypeOf((*MockNodeClient)(nil).FetchBaseSVID), _s...) -} - -// FetchCPBundle mocks base method -func (_m *MockNodeClient) FetchCPBundle(_param0 context.Context, _param1 *node.FetchCPBundleRequest, _param2 ...grpc.CallOption) (*node.FetchCPBundleResponse, error) { - _s := []interface{}{_param0, _param1} - for _, _x := range _param2 { - _s = append(_s, _x) - } - ret := _m.ctrl.Call(_m, "FetchCPBundle", _s...) - ret0, _ := ret[0].(*node.FetchCPBundleResponse) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// FetchCPBundle indicates an expected call of FetchCPBundle -func (_mr *MockNodeClientMockRecorder) FetchCPBundle(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - _s := append([]interface{}{arg0, arg1}, arg2...) - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchCPBundle", reflect.TypeOf((*MockNodeClient)(nil).FetchCPBundle), _s...) +func (mr *MockNodeClientMockRecorder) FetchBaseSVID(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchBaseSVID", reflect.TypeOf((*MockNodeClient)(nil).FetchBaseSVID), varargs...) } // FetchFederatedBundle mocks base method -func (_m *MockNodeClient) FetchFederatedBundle(_param0 context.Context, _param1 *node.FetchFederatedBundleRequest, _param2 ...grpc.CallOption) (*node.FetchFederatedBundleResponse, error) { - _s := []interface{}{_param0, _param1} - for _, _x := range _param2 { - _s = append(_s, _x) +func (m *MockNodeClient) FetchFederatedBundle(arg0 context.Context, arg1 *node.FetchFederatedBundleRequest, arg2 ...grpc.CallOption) (*node.FetchFederatedBundleResponse, error) { + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) } - ret := _m.ctrl.Call(_m, "FetchFederatedBundle", _s...) + ret := m.ctrl.Call(m, "FetchFederatedBundle", varargs...) ret0, _ := ret[0].(*node.FetchFederatedBundleResponse) ret1, _ := ret[1].(error) return ret0, ret1 } // FetchFederatedBundle indicates an expected call of FetchFederatedBundle -func (_mr *MockNodeClientMockRecorder) FetchFederatedBundle(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - _s := append([]interface{}{arg0, arg1}, arg2...) - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchFederatedBundle", reflect.TypeOf((*MockNodeClient)(nil).FetchFederatedBundle), _s...) +func (mr *MockNodeClientMockRecorder) FetchFederatedBundle(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchFederatedBundle", reflect.TypeOf((*MockNodeClient)(nil).FetchFederatedBundle), varargs...) } // FetchSVID mocks base method -func (_m *MockNodeClient) FetchSVID(_param0 context.Context, _param1 ...grpc.CallOption) (node.Node_FetchSVIDClient, error) { - _s := []interface{}{_param0} - for _, _x := range _param1 { - _s = append(_s, _x) +func (m *MockNodeClient) FetchSVID(arg0 context.Context, arg1 ...grpc.CallOption) (node.Node_FetchSVIDClient, error) { + varargs := []interface{}{arg0} + for _, a := range arg1 { + varargs = append(varargs, a) } - ret := _m.ctrl.Call(_m, "FetchSVID", _s...) + ret := m.ctrl.Call(m, "FetchSVID", varargs...) ret0, _ := ret[0].(node.Node_FetchSVIDClient) ret1, _ := ret[1].(error) return ret0, ret1 } // FetchSVID indicates an expected call of FetchSVID -func (_mr *MockNodeClientMockRecorder) FetchSVID(arg0 interface{}, arg1 ...interface{}) *gomock.Call { - _s := append([]interface{}{arg0}, arg1...) - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchSVID", reflect.TypeOf((*MockNodeClient)(nil).FetchSVID), _s...) +func (mr *MockNodeClientMockRecorder) FetchSVID(arg0 interface{}, arg1 ...interface{}) *gomock.Call { + varargs := append([]interface{}{arg0}, arg1...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchSVID", reflect.TypeOf((*MockNodeClient)(nil).FetchSVID), varargs...) } // MockNode_FetchSVIDClient is a mock of Node_FetchSVIDClient interface @@ -126,106 +109,106 @@ func NewMockNode_FetchSVIDClient(ctrl *gomock.Controller) *MockNode_FetchSVIDCli } // EXPECT returns an object that allows the caller to indicate expected use -func (_m *MockNode_FetchSVIDClient) EXPECT() *MockNode_FetchSVIDClientMockRecorder { - return _m.recorder +func (m *MockNode_FetchSVIDClient) EXPECT() *MockNode_FetchSVIDClientMockRecorder { + return m.recorder } // CloseSend mocks base method -func (_m *MockNode_FetchSVIDClient) CloseSend() error { - ret := _m.ctrl.Call(_m, "CloseSend") +func (m *MockNode_FetchSVIDClient) CloseSend() error { + ret := m.ctrl.Call(m, "CloseSend") ret0, _ := ret[0].(error) return ret0 } // CloseSend indicates an expected call of CloseSend -func (_mr *MockNode_FetchSVIDClientMockRecorder) CloseSend() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "CloseSend", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).CloseSend)) +func (mr *MockNode_FetchSVIDClientMockRecorder) CloseSend() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CloseSend", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).CloseSend)) } // Context mocks base method -func (_m *MockNode_FetchSVIDClient) Context() context.Context { - ret := _m.ctrl.Call(_m, "Context") +func (m *MockNode_FetchSVIDClient) Context() context.Context { + ret := m.ctrl.Call(m, "Context") ret0, _ := ret[0].(context.Context) return ret0 } // Context indicates an expected call of Context -func (_mr *MockNode_FetchSVIDClientMockRecorder) Context() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Context", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Context)) +func (mr *MockNode_FetchSVIDClientMockRecorder) Context() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Context", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Context)) } // Header mocks base method -func (_m *MockNode_FetchSVIDClient) Header() (metadata.MD, error) { - ret := _m.ctrl.Call(_m, "Header") +func (m *MockNode_FetchSVIDClient) Header() (metadata.MD, error) { + ret := m.ctrl.Call(m, "Header") ret0, _ := ret[0].(metadata.MD) ret1, _ := ret[1].(error) return ret0, ret1 } // Header indicates an expected call of Header -func (_mr *MockNode_FetchSVIDClientMockRecorder) Header() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Header", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Header)) +func (mr *MockNode_FetchSVIDClientMockRecorder) Header() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Header", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Header)) } // Recv mocks base method -func (_m *MockNode_FetchSVIDClient) Recv() (*node.FetchSVIDResponse, error) { - ret := _m.ctrl.Call(_m, "Recv") +func (m *MockNode_FetchSVIDClient) Recv() (*node.FetchSVIDResponse, error) { + ret := m.ctrl.Call(m, "Recv") ret0, _ := ret[0].(*node.FetchSVIDResponse) ret1, _ := ret[1].(error) return ret0, ret1 } // Recv indicates an expected call of Recv -func (_mr *MockNode_FetchSVIDClientMockRecorder) Recv() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Recv", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Recv)) +func (mr *MockNode_FetchSVIDClientMockRecorder) Recv() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Recv", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Recv)) } // RecvMsg mocks base method -func (_m *MockNode_FetchSVIDClient) RecvMsg(_param0 interface{}) error { - ret := _m.ctrl.Call(_m, "RecvMsg", _param0) +func (m *MockNode_FetchSVIDClient) RecvMsg(arg0 interface{}) error { + ret := m.ctrl.Call(m, "RecvMsg", arg0) ret0, _ := ret[0].(error) return ret0 } // RecvMsg indicates an expected call of RecvMsg -func (_mr *MockNode_FetchSVIDClientMockRecorder) RecvMsg(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "RecvMsg", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).RecvMsg), arg0) +func (mr *MockNode_FetchSVIDClientMockRecorder) RecvMsg(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RecvMsg", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).RecvMsg), arg0) } // Send mocks base method -func (_m *MockNode_FetchSVIDClient) Send(_param0 *node.FetchSVIDRequest) error { - ret := _m.ctrl.Call(_m, "Send", _param0) +func (m *MockNode_FetchSVIDClient) Send(arg0 *node.FetchSVIDRequest) error { + ret := m.ctrl.Call(m, "Send", arg0) ret0, _ := ret[0].(error) return ret0 } // Send indicates an expected call of Send -func (_mr *MockNode_FetchSVIDClientMockRecorder) Send(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Send", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Send), arg0) +func (mr *MockNode_FetchSVIDClientMockRecorder) Send(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Send", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Send), arg0) } // SendMsg mocks base method -func (_m *MockNode_FetchSVIDClient) SendMsg(_param0 interface{}) error { - ret := _m.ctrl.Call(_m, "SendMsg", _param0) +func (m *MockNode_FetchSVIDClient) SendMsg(arg0 interface{}) error { + ret := m.ctrl.Call(m, "SendMsg", arg0) ret0, _ := ret[0].(error) return ret0 } // SendMsg indicates an expected call of SendMsg -func (_mr *MockNode_FetchSVIDClientMockRecorder) SendMsg(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "SendMsg", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).SendMsg), arg0) +func (mr *MockNode_FetchSVIDClientMockRecorder) SendMsg(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SendMsg", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).SendMsg), arg0) } // Trailer mocks base method -func (_m *MockNode_FetchSVIDClient) Trailer() metadata.MD { - ret := _m.ctrl.Call(_m, "Trailer") +func (m *MockNode_FetchSVIDClient) Trailer() metadata.MD { + ret := m.ctrl.Call(m, "Trailer") ret0, _ := ret[0].(metadata.MD) return ret0 } // Trailer indicates an expected call of Trailer -func (_mr *MockNode_FetchSVIDClientMockRecorder) Trailer() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Trailer", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Trailer)) +func (mr *MockNode_FetchSVIDClientMockRecorder) Trailer() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Trailer", reflect.TypeOf((*MockNode_FetchSVIDClient)(nil).Trailer)) } // MockNodeServer is a mock of NodeServer interface @@ -247,59 +230,46 @@ func NewMockNodeServer(ctrl *gomock.Controller) *MockNodeServer { } // EXPECT returns an object that allows the caller to indicate expected use -func (_m *MockNodeServer) EXPECT() *MockNodeServerMockRecorder { - return _m.recorder +func (m *MockNodeServer) EXPECT() *MockNodeServerMockRecorder { + return m.recorder } // FetchBaseSVID mocks base method -func (_m *MockNodeServer) FetchBaseSVID(_param0 context.Context, _param1 *node.FetchBaseSVIDRequest) (*node.FetchBaseSVIDResponse, error) { - ret := _m.ctrl.Call(_m, "FetchBaseSVID", _param0, _param1) +func (m *MockNodeServer) FetchBaseSVID(arg0 context.Context, arg1 *node.FetchBaseSVIDRequest) (*node.FetchBaseSVIDResponse, error) { + ret := m.ctrl.Call(m, "FetchBaseSVID", arg0, arg1) ret0, _ := ret[0].(*node.FetchBaseSVIDResponse) ret1, _ := ret[1].(error) return ret0, ret1 } // FetchBaseSVID indicates an expected call of FetchBaseSVID -func (_mr *MockNodeServerMockRecorder) FetchBaseSVID(arg0, arg1 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchBaseSVID", reflect.TypeOf((*MockNodeServer)(nil).FetchBaseSVID), arg0, arg1) -} - -// FetchCPBundle mocks base method -func (_m *MockNodeServer) FetchCPBundle(_param0 context.Context, _param1 *node.FetchCPBundleRequest) (*node.FetchCPBundleResponse, error) { - ret := _m.ctrl.Call(_m, "FetchCPBundle", _param0, _param1) - ret0, _ := ret[0].(*node.FetchCPBundleResponse) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// FetchCPBundle indicates an expected call of FetchCPBundle -func (_mr *MockNodeServerMockRecorder) FetchCPBundle(arg0, arg1 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchCPBundle", reflect.TypeOf((*MockNodeServer)(nil).FetchCPBundle), arg0, arg1) +func (mr *MockNodeServerMockRecorder) FetchBaseSVID(arg0, arg1 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchBaseSVID", reflect.TypeOf((*MockNodeServer)(nil).FetchBaseSVID), arg0, arg1) } // FetchFederatedBundle mocks base method -func (_m *MockNodeServer) FetchFederatedBundle(_param0 context.Context, _param1 *node.FetchFederatedBundleRequest) (*node.FetchFederatedBundleResponse, error) { - ret := _m.ctrl.Call(_m, "FetchFederatedBundle", _param0, _param1) +func (m *MockNodeServer) FetchFederatedBundle(arg0 context.Context, arg1 *node.FetchFederatedBundleRequest) (*node.FetchFederatedBundleResponse, error) { + ret := m.ctrl.Call(m, "FetchFederatedBundle", arg0, arg1) ret0, _ := ret[0].(*node.FetchFederatedBundleResponse) ret1, _ := ret[1].(error) return ret0, ret1 } // FetchFederatedBundle indicates an expected call of FetchFederatedBundle -func (_mr *MockNodeServerMockRecorder) FetchFederatedBundle(arg0, arg1 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchFederatedBundle", reflect.TypeOf((*MockNodeServer)(nil).FetchFederatedBundle), arg0, arg1) +func (mr *MockNodeServerMockRecorder) FetchFederatedBundle(arg0, arg1 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchFederatedBundle", reflect.TypeOf((*MockNodeServer)(nil).FetchFederatedBundle), arg0, arg1) } // FetchSVID mocks base method -func (_m *MockNodeServer) FetchSVID(_param0 node.Node_FetchSVIDServer) error { - ret := _m.ctrl.Call(_m, "FetchSVID", _param0) +func (m *MockNodeServer) FetchSVID(arg0 node.Node_FetchSVIDServer) error { + ret := m.ctrl.Call(m, "FetchSVID", arg0) ret0, _ := ret[0].(error) return ret0 } // FetchSVID indicates an expected call of FetchSVID -func (_mr *MockNodeServerMockRecorder) FetchSVID(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "FetchSVID", reflect.TypeOf((*MockNodeServer)(nil).FetchSVID), arg0) +func (mr *MockNodeServerMockRecorder) FetchSVID(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchSVID", reflect.TypeOf((*MockNodeServer)(nil).FetchSVID), arg0) } // MockNode_FetchSVIDServer is a mock of Node_FetchSVIDServer interface @@ -321,101 +291,101 @@ func NewMockNode_FetchSVIDServer(ctrl *gomock.Controller) *MockNode_FetchSVIDSer } // EXPECT returns an object that allows the caller to indicate expected use -func (_m *MockNode_FetchSVIDServer) EXPECT() *MockNode_FetchSVIDServerMockRecorder { - return _m.recorder +func (m *MockNode_FetchSVIDServer) EXPECT() *MockNode_FetchSVIDServerMockRecorder { + return m.recorder } // Context mocks base method -func (_m *MockNode_FetchSVIDServer) Context() context.Context { - ret := _m.ctrl.Call(_m, "Context") +func (m *MockNode_FetchSVIDServer) Context() context.Context { + ret := m.ctrl.Call(m, "Context") ret0, _ := ret[0].(context.Context) return ret0 } // Context indicates an expected call of Context -func (_mr *MockNode_FetchSVIDServerMockRecorder) Context() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Context", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).Context)) +func (mr *MockNode_FetchSVIDServerMockRecorder) Context() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Context", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).Context)) } // Recv mocks base method -func (_m *MockNode_FetchSVIDServer) Recv() (*node.FetchSVIDRequest, error) { - ret := _m.ctrl.Call(_m, "Recv") +func (m *MockNode_FetchSVIDServer) Recv() (*node.FetchSVIDRequest, error) { + ret := m.ctrl.Call(m, "Recv") ret0, _ := ret[0].(*node.FetchSVIDRequest) ret1, _ := ret[1].(error) return ret0, ret1 } // Recv indicates an expected call of Recv -func (_mr *MockNode_FetchSVIDServerMockRecorder) Recv() *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Recv", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).Recv)) +func (mr *MockNode_FetchSVIDServerMockRecorder) Recv() *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Recv", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).Recv)) } // RecvMsg mocks base method -func (_m *MockNode_FetchSVIDServer) RecvMsg(_param0 interface{}) error { - ret := _m.ctrl.Call(_m, "RecvMsg", _param0) +func (m *MockNode_FetchSVIDServer) RecvMsg(arg0 interface{}) error { + ret := m.ctrl.Call(m, "RecvMsg", arg0) ret0, _ := ret[0].(error) return ret0 } // RecvMsg indicates an expected call of RecvMsg -func (_mr *MockNode_FetchSVIDServerMockRecorder) RecvMsg(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "RecvMsg", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).RecvMsg), arg0) +func (mr *MockNode_FetchSVIDServerMockRecorder) RecvMsg(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RecvMsg", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).RecvMsg), arg0) } // Send mocks base method -func (_m *MockNode_FetchSVIDServer) Send(_param0 *node.FetchSVIDResponse) error { - ret := _m.ctrl.Call(_m, "Send", _param0) +func (m *MockNode_FetchSVIDServer) Send(arg0 *node.FetchSVIDResponse) error { + ret := m.ctrl.Call(m, "Send", arg0) ret0, _ := ret[0].(error) return ret0 } // Send indicates an expected call of Send -func (_mr *MockNode_FetchSVIDServerMockRecorder) Send(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "Send", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).Send), arg0) +func (mr *MockNode_FetchSVIDServerMockRecorder) Send(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Send", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).Send), arg0) } // SendHeader mocks base method -func (_m *MockNode_FetchSVIDServer) SendHeader(_param0 metadata.MD) error { - ret := _m.ctrl.Call(_m, "SendHeader", _param0) +func (m *MockNode_FetchSVIDServer) SendHeader(arg0 metadata.MD) error { + ret := m.ctrl.Call(m, "SendHeader", arg0) ret0, _ := ret[0].(error) return ret0 } // SendHeader indicates an expected call of SendHeader -func (_mr *MockNode_FetchSVIDServerMockRecorder) SendHeader(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "SendHeader", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SendHeader), arg0) +func (mr *MockNode_FetchSVIDServerMockRecorder) SendHeader(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SendHeader", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SendHeader), arg0) } // SendMsg mocks base method -func (_m *MockNode_FetchSVIDServer) SendMsg(_param0 interface{}) error { - ret := _m.ctrl.Call(_m, "SendMsg", _param0) +func (m *MockNode_FetchSVIDServer) SendMsg(arg0 interface{}) error { + ret := m.ctrl.Call(m, "SendMsg", arg0) ret0, _ := ret[0].(error) return ret0 } // SendMsg indicates an expected call of SendMsg -func (_mr *MockNode_FetchSVIDServerMockRecorder) SendMsg(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "SendMsg", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SendMsg), arg0) +func (mr *MockNode_FetchSVIDServerMockRecorder) SendMsg(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SendMsg", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SendMsg), arg0) } // SetHeader mocks base method -func (_m *MockNode_FetchSVIDServer) SetHeader(_param0 metadata.MD) error { - ret := _m.ctrl.Call(_m, "SetHeader", _param0) +func (m *MockNode_FetchSVIDServer) SetHeader(arg0 metadata.MD) error { + ret := m.ctrl.Call(m, "SetHeader", arg0) ret0, _ := ret[0].(error) return ret0 } // SetHeader indicates an expected call of SetHeader -func (_mr *MockNode_FetchSVIDServerMockRecorder) SetHeader(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "SetHeader", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SetHeader), arg0) +func (mr *MockNode_FetchSVIDServerMockRecorder) SetHeader(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SetHeader", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SetHeader), arg0) } // SetTrailer mocks base method -func (_m *MockNode_FetchSVIDServer) SetTrailer(_param0 metadata.MD) { - _m.ctrl.Call(_m, "SetTrailer", _param0) +func (m *MockNode_FetchSVIDServer) SetTrailer(arg0 metadata.MD) { + m.ctrl.Call(m, "SetTrailer", arg0) } // SetTrailer indicates an expected call of SetTrailer -func (_mr *MockNode_FetchSVIDServerMockRecorder) SetTrailer(arg0 interface{}) *gomock.Call { - return _mr.mock.ctrl.RecordCallWithMethodType(_mr.mock, "SetTrailer", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SetTrailer), arg0) +func (mr *MockNode_FetchSVIDServerMockRecorder) SetTrailer(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SetTrailer", reflect.TypeOf((*MockNode_FetchSVIDServer)(nil).SetTrailer), arg0) } diff --git a/test/mock/proto/api/registration/registration.go b/test/mock/proto/api/registration/registration.go index 5fb313d9f2..e1a0219ff9 100644 --- a/test/mock/proto/api/registration/registration.go +++ b/test/mock/proto/api/registration/registration.go @@ -5,10 +5,10 @@ package mock_registration import ( + context "context" gomock "github.com/golang/mock/gomock" registration "github.com/spiffe/spire/proto/api/registration" common "github.com/spiffe/spire/proto/common" - context "golang.org/x/net/context" grpc "google.golang.org/grpc" reflect "reflect" ) @@ -126,6 +126,24 @@ func (mr *MockRegistrationClientMockRecorder) DeleteFederatedBundle(arg0, arg1 i return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteFederatedBundle", reflect.TypeOf((*MockRegistrationClient)(nil).DeleteFederatedBundle), varargs...) } +// FetchBundle mocks base method +func (m *MockRegistrationClient) FetchBundle(arg0 context.Context, arg1 *common.Empty, arg2 ...grpc.CallOption) (*registration.Bundle, error) { + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "FetchBundle", varargs...) + ret0, _ := ret[0].(*registration.Bundle) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// FetchBundle indicates an expected call of FetchBundle +func (mr *MockRegistrationClientMockRecorder) FetchBundle(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchBundle", reflect.TypeOf((*MockRegistrationClient)(nil).FetchBundle), varargs...) +} + // FetchEntries mocks base method func (m *MockRegistrationClient) FetchEntries(arg0 context.Context, arg1 *common.Empty, arg2 ...grpc.CallOption) (*common.RegistrationEntries, error) { varargs := []interface{}{arg0, arg1} @@ -358,6 +376,19 @@ func (mr *MockRegistrationServerMockRecorder) DeleteFederatedBundle(arg0, arg1 i return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteFederatedBundle", reflect.TypeOf((*MockRegistrationServer)(nil).DeleteFederatedBundle), arg0, arg1) } +// FetchBundle mocks base method +func (m *MockRegistrationServer) FetchBundle(arg0 context.Context, arg1 *common.Empty) (*registration.Bundle, error) { + ret := m.ctrl.Call(m, "FetchBundle", arg0, arg1) + ret0, _ := ret[0].(*registration.Bundle) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// FetchBundle indicates an expected call of FetchBundle +func (mr *MockRegistrationServerMockRecorder) FetchBundle(arg0, arg1 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FetchBundle", reflect.TypeOf((*MockRegistrationServer)(nil).FetchBundle), arg0, arg1) +} + // FetchEntries mocks base method func (m *MockRegistrationServer) FetchEntries(arg0 context.Context, arg1 *common.Empty) (*common.RegistrationEntries, error) { ret := m.ctrl.Call(m, "FetchEntries", arg0, arg1) diff --git a/test/util/io_redirection.go b/test/util/io_redirection.go new file mode 100644 index 0000000000..cd3c730296 --- /dev/null +++ b/test/util/io_redirection.go @@ -0,0 +1,76 @@ +package util + +import ( + "bytes" + "errors" + "io" + "os" +) + +const ( + stdout kind = iota + stderr +) + +type kind int + +type OutputRedirection struct { + kind kind + originalOutput *os.File + pipeR *os.File + pipeW *os.File +} + +func (redirector *OutputRedirection) Start(output *os.File) error { + if output != os.Stdout && output != os.Stderr { + return errors.New("invalid value for output parameter") + } + + redirector.originalOutput = output + r, w, err := os.Pipe() + if err != nil { + return err + } + redirector.pipeR = r + redirector.pipeW = w + + switch output { + case os.Stdout: + os.Stdout = w + redirector.kind = stdout + case os.Stderr: + os.Stderr = w + redirector.kind = stderr + } + + return nil +} + +func (redirector *OutputRedirection) Finish() (string, error) { + var errorReading error + output := make(chan string) + + go func() { + var buf bytes.Buffer + _, err := io.Copy(&buf, redirector.pipeR) + if err != nil { + errorReading = err + output <- "" + return + } + redirector.pipeR.Close() + output <- buf.String() + }() + + redirector.pipeW.Close() + switch redirector.kind { + case stdout: + os.Stdout = redirector.originalOutput + case stderr: + os.Stderr = redirector.originalOutput + } + + result := <-output + + return result, errorReading +}