コード例 #1
0
func initializeETCDDB(logger lager.Logger, etcdClient *etcd.Client) *etcddb.ETCDDB {
	key, keys, err := encryptionFlags.Parse()
	if err != nil {
		logger.Fatal("cannot-setup-encryption", err)
	}
	keyManager, err := encryption.NewKeyManager(key, keys)
	if err != nil {
		logger.Fatal("cannot-setup-encryption", err)
	}
	cryptor := encryption.NewCryptor(keyManager, rand.Reader)

	return etcddb.NewETCD(format.ENCRYPTED_PROTO, 1000, 1000, 1*time.Minute, cryptor, etcddb.NewStoreClient(etcdClient), clock.NewClock())
}
コード例 #2
0
ファイル: main.go プロジェクト: cloudfoundry/bbs
func initializeEtcdDB(
	logger lager.Logger,
	cryptor encryption.Cryptor,
	storeClient etcddb.StoreClient,
	serviceClient bbs.ServiceClient,
	desiredLRPCreationMaxTime time.Duration,
) *etcddb.ETCDDB {
	return etcddb.NewETCD(
		format.ENCRYPTED_PROTO,
		*convergenceWorkers,
		*updateWorkers,
		desiredLRPCreationMaxTime,
		cryptor,
		storeClient,
		clock.NewClock(),
	)
}
コード例 #3
0
ファイル: encryption_db_test.go プロジェクト: cfibmers/bbs
			encoder = format.NewEncoder(cryptor)

			encoded1, err := encoder.Encode(format.BASE64_ENCRYPTED, value1)
			Expect(err).NotTo(HaveOccurred())

			encoded2, err := encoder.Encode(format.LEGACY_UNENCODED, value2)
			Expect(err).NotTo(HaveOccurred())

			_, err = storeClient.Set(fmt.Sprintf("%s/my/key-1", etcd.V1SchemaRoot), encoded1, etcd.NO_TTL)
			Expect(err).NotTo(HaveOccurred())
			_, err = storeClient.Set(fmt.Sprintf("%s/my/nested/key-2", etcd.V1SchemaRoot), encoded2, etcd.NO_TTL)
			Expect(err).NotTo(HaveOccurred())

			cryptor = makeCryptor("new", "old")

			etcdDB = etcd.NewETCD(format.ENCRYPTED_PROTO, 100, 100, DesiredLRPCreationTimeout, cryptor, storeClient, clock)
			err = etcdDB.PerformEncryption(logger)
			Expect(err).NotTo(HaveOccurred())

			cryptor = makeCryptor("new")
			encoder = format.NewEncoder(cryptor)

			res, err := storeClient.Get(fmt.Sprintf("%s/my/key-1", etcd.V1SchemaRoot), false, false)
			Expect(err).NotTo(HaveOccurred())
			decrypted1, err := encoder.Decode([]byte(res.Node.Value))
			Expect(err).NotTo(HaveOccurred())
			Expect(decrypted1).To(Equal(value1))

			res, err = storeClient.Get(fmt.Sprintf("%s/my/nested/key-2", etcd.V1SchemaRoot), false, false)
			Expect(err).NotTo(HaveOccurred())
			decrypted2, err := encoder.Decode([]byte(res.Node.Value))
コード例 #4
0
		db         *etcddb.ETCDDB

		logger *lagertest.TestLogger
	)

	BeforeEach(func() {
		logger = lagertest.NewTestLogger("test")

		encryptionKey, err := encryption.NewKey("label", "passphrase")
		Expect(err).NotTo(HaveOccurred())
		keyManager, err := encryption.NewKeyManager(encryptionKey, nil)
		Expect(err).NotTo(HaveOccurred())
		cryptor = encryption.NewCryptor(keyManager, rand.Reader)
		serializer = format.NewSerializer(cryptor)
		migration = migrations.NewTimeoutMilliseconds()
		db = etcddb.NewETCD(format.ENCRYPTED_PROTO, 1, 1, 1*time.Minute, cryptor, storeClient, fakeClock)
	})

	It("appends itself to the migration list", func() {
		Expect(migrations.Migrations).To(ContainElement(migration))
	})

	Describe("Version", func() {
		It("returns the timestamp from which it was created", func() {
			Expect(migration.Version()).To(BeEquivalentTo(1451635200))
		})
	})

	Describe("Down", func() {
		It("returns a not implemented error", func() {
			Expect(migration.Down(logger)).To(HaveOccurred())