trusty

module

v1.0.1 Latest Latest Go to latest Published: Sep 10, 2021 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ekspand/trusty

Links

Open Source Insights

README ¶

trusty

Trusty is a Certification Authority.

Requirements

GoLang 1.16+
SoftHSM 2.6+
protoc

	echo "curl -L https://github.com/google/protobuf/releases/download/v3.6.1/protoc-3.6.1-linux-x86_64.zip -o /tmp/protoc.zip"
	echo "unzip /tmp/protoc.zip -d /usr/local/protoc"
	echo "export PATH=$PATH:/usr/local/protoc/bin"

To run or test locally, you need GitHub OAuth secret and a random seed. Add this to your ~/.profile Note that these secrets can be random if you don't use a specific feature with GCP or Github.

export TRUSTY_GITHUB_CLIENT_SECRET=0d...a8
export TRUSTY_GITHUB_CLIENT_ID=09...71
export TRUSTY_GOOGLE_CLIENT_SECRET=01...b2
export TRUSTY_GOOGLE_CLIENT_ID=4a...89
export TRUSTY_JWT_SEED=g...A
export TRUSTY_MAILGUN_PRIVATE_KEY=c0..aa
export TRUSTY_STRIPE_API_KEY=12..av
export TRUSTY_STRIPE_WEBHOOK_SECRET=c1..aw
# export CR_PAT=ghp_M...v

Build

make all initializes all dependencies, builds and tests.
make proto generates gRPC protobuf.
make build build the executable
make gen_test_certs generate test certificates
make test run the tests
make testshort runs the tests skipping the end-to-end tests and the code coverage reporting
make covtest runs the tests with end-to-end and the code coverage reporting
make coverage view the code coverage results from the last make test run.
make generate runs go generate to update any code gen'd files (query_console.go in our case)
make fmt runs go fmt on the project.
make lint runs the go linter on the project.

run make all once, then run make build or make test as needed.

First run:

make all

Subsequent builds:

make build

Tests:

make test

Optionally run golang race detector with test targets by setting RACE flag:

make test RACE=true

Review coverage report:

make coverage

Generate protobuf

make proto

Local testing

When runnning unit tests, the Unix sockets are used. If the test fails, there can be localhost:{port} files left on the disk. To clean up use:

find -name "localhost:*" -delete

Integration test

make docker docker-citest

Debug

Add the launch configuration to .vscode/launch.json:

{
    "version": "0.2.0",
    "configurations": [
        {
            "name": "Server",
            "type": "go",
            "request": "launch",
            "mode": "debug",
            "remotePath": "",
            "port": 2345,
            "host": "127.0.0.1",
            "program": "${workspaceRoot}/cmd/trusty",
            "env": {},
            "args": [
                "--std",
                "--cfg",
                "${workspaceRoot}/etc/dev/trusty-config.yaml"
            ],
            "showLog": true
        }
    ]
}

Swagger

make start-swagger

Open http://localhost:8080

Before runing the above command, make sure trusty is running locally using bin/trusty command.

Directories ¶

Path	Synopsis
acme
acmedb Package acmedb provides storage functionality for ACME data model	Package acmedb provides storage functionality for ACME data model
model Package model provides internal data model for ACME	Package model provides internal data model for ACME
api
v1
v1/pb
v1/pb/gw Package pb is a reverse proxy.	Package pb is a reverse proxy.
v2acme Package v2acme provides public API exposed to ACME clients	Package v2acme provides public API exposed to ACME clients
authority Package authority contains the Certification Authority.	Package authority contains the Certification Authority.
backend
service
service/acme
service/auth
service/ca
service/cis
service/martini
service/status
service/swagger
service/workflow
trustymain
cli Package cli provides common code for building a command line control for the service	Package cli provides common code for building a command line control for the service
acme
auth
ca
certutil
cis
csr
hsm
martini
status
testsuite
client Package client implements the official Go trusty client for v1.	Package client implements the official Go trusty client for v1.
embed
embed/proxy Package proxy provides gRPC proxy between client and server gRPC interfaces without needing to go through a gRPC connection.	Package proxy provides gRPC proxy between client and server gRPC interfaces without needing to go through a gRPC connection.
httpclient
cmd
kubeca
kubecertinit
macme
martini
trusty
trusty-tool
trustyctl
internal
appcontainer
config
db
db/cadb
db/cadb/model
db/cadb/pgsql
db/orgsdb
db/orgsdb/model
db/orgsdb/pgsql
events
tasks
tasks/certsmonitor
tasks/fcc
tasks/stats
version
kubeca
certinit
controller
pkg
awskmscrypto
certpublisher
credentials Package credentials implements gRPC credential interface with etcd specific logic.	Package credentials implements gRPC credential interface with etcd specific logic.
csr
dnsclient
email
fcc
gcpkmscrypto
gserver
inmemcrypto
jwt
oauth2client
payment
poller Package poller supports periodic polling to load a value.	Package poller supports periodic polling to load a value.
print
roles
storage
tlsutil Package tlsutil provides utility functions for handling TLS.	Package tlsutil provides utility functions for handling TLS.
transport
tests
mockpb
testutils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL