Skip to content

Commit

Permalink
Make SecretManagerkeyring the only allowed keyring (#2636)
Browse files Browse the repository at this point in the history 
Remove the support for custom keyrings. There is no pressing use case,
and can be error-prone.
  • Loading branch information
@weiminyu
weiminyu authored Jan 13, 2025
1 parent 693467a commit f8407c7
Show file tree
Hide file tree
Showing 19 changed files with 153 additions and 1,073 deletions.
2 changes: 2 additions & 0 deletions core/src/main/java/google/registry/beam/common/RegistryPipelineComponent.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import google.registry.config.CredentialModule;
import google.registry.config.RegistryConfig.Config;
import google.registry.config.RegistryConfig.ConfigModule;
import google.registry.keyring.KeyringModule;
import google.registry.persistence.PersistenceModule;
import google.registry.persistence.PersistenceModule.BeamJpaTm;
import google.registry.persistence.PersistenceModule.BeamReadOnlyReplicaJpaTm;
Expand All @@ -36,6 +37,7 @@
modules = {
ConfigModule.class,
CredentialModule.class,
KeyringModule.class,
PersistenceModule.class,
SecretManagerModule.class,
UtilsModule.class
Expand Down
1 change: 1 addition & 0 deletions core/src/main/java/google/registry/config/RegistryConfigSettings.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,7 @@ public static class Misc {
}

/** Configuration for keyrings (used to store secrets outside of source). */
// TODO(b/388835696): remove section after updating config files.
public static class Keyring {
public String activeKeyring;
}
Expand Down
19 changes: 5 additions & 14 deletions core/src/main/java/google/registry/keyring/KeyringModule.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,31 +14,22 @@

package google.registry.keyring;

import static com.google.common.base.Preconditions.checkState;

import dagger.Binds;
import dagger.Module;
import dagger.Provides;
import google.registry.config.RegistryConfig.Config;
import google.registry.keyring.api.Keyring;
import java.util.Map;
import google.registry.keyring.secretmanager.SecretManagerKeyring;
import java.util.Optional;
import javax.inject.Singleton;

/** Dagger module for {@link Keyring} */
@Module
public final class KeyringModule {
public abstract class KeyringModule {

@Provides
@Binds
@Singleton
public static Keyring provideKeyring(
Map<String, Keyring> keyrings, @Config("activeKeyring") String activeKeyring) {
checkState(
keyrings.containsKey(activeKeyring),
"Invalid Keyring %s is configured; valid choices are %s",
activeKeyring,
keyrings.keySet());
return keyrings.get(activeKeyring);
}
public abstract Keyring provideKeyring(SecretManagerKeyring keyring);

@Provides
@Config("cloudSqlInstanceConnectionName")
Expand Down
205 changes: 0 additions & 205 deletions core/src/main/java/google/registry/keyring/api/ComparatorKeyring.java
View file

This file was deleted.

Loading

0 comments on commit f8407c7

Please sign in to comment.