Sync monorepo state at 7891e3fe58609e06a564a602c914c9264da2e598

uc-build-user · jwangxx · commit 9bfcbd18de07 · 2024-09-26T09:40:03.000-07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## 1.6.1 - 26-09-2024
+
+- add policy secrets SDK methods
+- minor changes to prepare for upgrade to go 1.23.1
+
 ## 1.6.0 - 12-09-2024
 
 - add ObjectStore CRUD methods
diff --git a/authz/client.go b/authz/client.go
@@ -674,23 +674,23 @@ func (c *Client) ListEdgeTypesPaginated(ctx context.Context, opts ...Option) (*L
 	ctx = request.NewRequestID(ctx)
 
 	options := c.options
-	var resp ListEdgeTypesResponse
+	for _, opt := range opts {
+		opt.apply(&options)
+	}
 
 	pager, err := pagination.ApplyOptions(options.paginationOptions...)
 	if err != nil {
 		return nil, ucerr.Wrap(err)
 	}
 
-	for _, opt := range opts {
-		opt.apply(&options)
-	}
-
 	query := pager.Query()
 
 	if !options.organizationID.IsNil() {
 		query.Add("organization_id", options.organizationID.String())
 	}
 
+	var resp ListEdgeTypesResponse
+
 	if err := c.client.Get(ctx, fmt.Sprintf("/authz/edgetypes?%s", query.Encode()), &resp); err != nil {
 		return nil, ucerr.Wrap(err)
 	}
diff --git a/idp/paths/paths.go b/idp/paths/paths.go
@@ -178,6 +178,13 @@ var (
 
 	BaseDataMappingPath = "/userstore/datamapping"
 
+	BaseSecretPath = fmt.Sprintf("%s/secret", BasePolicyPath)
+	ListSecrets    = BaseSecretPath
+	CreateSecret   = BaseSecretPath
+	DeleteSecret   = func(id uuid.UUID) string {
+		return fmt.Sprintf("%s/%s", BaseSecretPath, id)
+	}
+
 	CreateDataSourcePath = fmt.Sprintf("%s/datasource", BaseDataMappingPath)
 	singleDataSourcePath = func(id uuid.UUID) string {
 		return fmt.Sprintf("%s/%s", CreateDataSourcePath, id)
diff --git a/idp/policy/models.go b/idp/policy/models.go
@@ -302,3 +302,13 @@ const (
 	ActionDelete  Action = "Delete"
 	ActionExecute Action = "Execute" // TODO: should this be a unique action?
 )
+
+// Secret describes a secret that can be used in access policy templates and transformers
+type Secret struct {
+	ID      uuid.UUID `json:"id" validate:"notnil"`
+	Name    string    `json:"name" validate:"length:1,128" required:"true"`
+	Value   string    `json:"value" validate:"skip" required:"true"`
+	Created int64     `json:"created" validate:"skip"`
+}
+
+//go:generate genvalidate Secret
diff --git a/idp/tokenizer/policy_requests.go b/idp/tokenizer/policy_requests.go
@@ -127,3 +127,8 @@ type TestAccessPolicyResponse struct {
 	Allowed bool                   `json:"allowed"`
 	Debug   map[string]interface{} `json:"debug,omitempty"`
 }
+
+// CreateSecretRequest is the request to create a secret
+type CreateSecretRequest struct {
+	Secret policy.Secret `json:"secret"`
+}
diff --git a/idp/tokenizer_client.go b/idp/tokenizer_client.go
@@ -622,3 +622,58 @@ func (c *TokenizerClient) DeleteTransformer(ctx context.Context, id uuid.UUID) e
 
 	return nil
 }
+
+// ListSecretsResponse is the paginated response from listing secrets
+type ListSecretsResponse struct {
+	Data []policy.Secret `json:"data"`
+	pagination.ResponseFields
+}
+
+// ListSecrets lists secrets that can be referenced in access policy templates and transformers
+func (c *TokenizerClient) ListSecrets(ctx context.Context, opts ...Option) (*ListSecretsResponse, error) {
+	options := c.options
+	for _, opt := range opts {
+		opt.apply(&options)
+	}
+
+	var res ListSecretsResponse
+
+	pager, err := pagination.ApplyOptions(options.paginationOptions...)
+	if err != nil {
+		return nil, ucerr.Wrap(err)
+	}
+
+	url := url.URL{
+		Path:     paths.ListSecrets,
+		RawQuery: pager.Query().Encode(),
+	}
+	if err := c.client.Get(ctx, url.String(), &res); err != nil {
+		return nil, ucerr.Wrap(err)
+	}
+
+	return &res, nil
+}
+
+// CreateSecret creates a secret
+func (c *TokenizerClient) CreateSecret(ctx context.Context, secret policy.Secret) (*policy.Secret, error) {
+
+	req := tokenizer.CreateSecretRequest{
+		Secret: secret,
+	}
+
+	var resp policy.Secret
+	if err := c.client.Post(ctx, paths.CreateSecret, req, &resp); err != nil {
+		return nil, ucerr.Wrap(err)
+	}
+
+	return &resp, nil
+}
+
+// DeleteSecret deletes a secret
+func (c *TokenizerClient) DeleteSecret(ctx context.Context, id uuid.UUID) error {
+	if err := c.client.Delete(ctx, paths.DeleteSecret(id), nil); err != nil {
+		return ucerr.Wrap(err)
+	}
+
+	return nil
+}
diff --git a/infra/logtransports/config.go b/infra/logtransports/config.go
@@ -30,26 +30,39 @@ func (c Config) extraValidate() error {
 type TransportConfigs []TransportConfig
 
 // UnmarshalYAML implements yaml.Unmarshaler
-func (t *TransportConfigs) UnmarshalYAML(value *yaml.Node) error {
+func (tcs *TransportConfigs) UnmarshalYAML(value *yaml.Node) error {
 	var c []intermediateConfig
 	if err := value.Decode(&c); err != nil {
 		return ucerr.Wrap(err)
 	}
 
 	// init if we're nil
-	if t == nil {
-		*t = make([]TransportConfig, 0, len(c))
+	if tcs == nil {
+		*tcs = make([]TransportConfig, 0, len(c))
 	}
 
 	// use append here to allow us to merge multiple transports across multiple files
 	// see config_test.go:MergeTest
+	// We also want one of each transport type, so we'll overwrite any existing transports configs with the same type
 	for _, v := range c {
-		*t = append(*t, v.c)
+		if existing := tcs.getIndexForTransportType(v.c.GetType()); existing == -1 {
+			*tcs = append(*tcs, v.c)
+		} else {
+			(*tcs)[existing] = v.c
+		}
 	}
-
 	return nil
 }
 
+func (tcs *TransportConfigs) getIndexForTransportType(tt TransportType) int {
+	for i, v := range *tcs {
+		if v.GetType() == tt {
+			return i
+		}
+	}
+	return -1
+}
+
 // intermediateConfig is a place to unmarshal to before we know the type of transport
 type intermediateConfig struct {
 	c TransportConfig
diff --git a/infra/logtransports/logServerMapFetcher.go b/infra/logtransports/logServerMapFetcher.go
@@ -4,6 +4,7 @@ package logtransports
 import (
 	"encoding/json"
 	"net/http"
+	"runtime"
 	"sync"
 	"time"
 
@@ -122,7 +123,10 @@ func (l *logServerMapFetcher) updateEventMetadata() {
 
 func (l *logServerMapFetcher) Close() {
 	if l.runningBGThread {
-		l.fetchTicker.Stop()
+		// TODO: Remove this after we upgrade to go1.23
+		if runtime.Version() < "go1.23" {
+			l.fetchTicker.Stop()
+		}
 		// Send signal to background thread to perform final flush
 		l.done <- true
 	}
diff --git a/infra/logtransports/transportBackgroundIOWrapper.go b/infra/logtransports/transportBackgroundIOWrapper.go
@@ -5,6 +5,7 @@ package logtransports
 
 import (
 	"context"
+	"runtime"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -241,7 +242,10 @@ func (t *transportBackgroundIOWrapper) Flush() error {
 
 func (t *transportBackgroundIOWrapper) Close() {
 	if t.runningBGThread {
-		t.writeTicker.Stop()
+		// TODO: Remove this after we upgrade to go1.23
+		if runtime.Version() < "go1.23" {
+			t.writeTicker.Stop()
+		}
 		// Send signal to background thread to perform final flush
 		t.done <- true
 		// Wait for the flush to finish
diff --git a/infra/sdkclient/version.go b/infra/sdkclient/version.go
@@ -1,6 +1,6 @@
 package sdkclient
 
-var sdkVersion = "1.6.0"
+var sdkVersion = "1.6.1"
 
 func getSDKVersion() string {
 	return sdkVersion
diff --git a/infra/uclog/events.go b/infra/uclog/events.go
@@ -122,12 +122,14 @@ type LogEvent struct {
 
 // LogEventTypeInfo is contains information about a particular event type
 type LogEventTypeInfo struct {
-	Name     string
-	Code     EventCode
-	Service  service.Service
-	URL      string
-	Ignore   bool // Don't send event to the server (only process locally)
-	Category EventCategory
+	Name           string
+	NormalizedName string
+	Code           EventCode
+	Service        service.Service
+	URL            string
+	Ignore         bool // Don't send event to the server (only process locally)
+	Category       EventCategory
+	Subcategory    string
 }
 
 // EventMetadataMap is contains information about a particular event type
@@ -182,6 +184,11 @@ func getLogEventTypesMap(tenantID uuid.UUID) map[string]LogEventTypeInfo {
 	return m.Map
 }
 
+// GetEventInfo returns the event type information for a given event
+func GetEventInfo(event LogEvent) LogEventTypeInfo {
+	return getEventInfoByName(event.Name, event.Code, event.TenantID)
+}
+
 // getEventInfoByName maps event name to event code
 func getEventInfoByName(eventName string, currentCode EventCode, tenantID uuid.UUID) LogEventTypeInfo {
 	m := getLogEventTypesMap(tenantID)

Original file line number	Diff line number	Diff line change
`@@ -127,3 +127,8 @@ type TestAccessPolicyResponse struct {`
`127`	`127`	Allowed bool `json:"allowed"`
`128`	`128`	Debug map[string]interface{} `json:"debug,omitempty"`
`129`	`129`	`}`
	`130`	`+`
	`131`	`+// CreateSecretRequest is the request to create a secret`
	`132`	`+type CreateSecretRequest struct {`
	`133`	+ Secret policy.Secret `json:"secret"`
	`134`	`+}`