MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Migrate AppConfig to SDK v2 to detect and use web identify token

This commit is contained in:
realturner 2021-07-16 15:42:37 +08:00 committed by Jon Chambers
parent a824b5575d
commit 62022c7de1
3 changed files with 64 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
service/pom.xml
View File

@ -255,6 +255,10 @@
<artifactId>jackson-jaxrs-json-provider</artifactId> <artifactId>jackson-jaxrs-json-provider</artifactId>
</dependency> </dependency>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>sts</artifactId>
</dependency>
<dependency> <dependency>
<groupId>software.amazon.awssdk</groupId> <groupId>software.amazon.awssdk</groupId>
<artifactId>s3</artifactId> <artifactId>s3</artifactId>
@ -267,6 +271,10 @@
<groupId>software.amazon.awssdk</groupId> <groupId>software.amazon.awssdk</groupId>
<artifactId>dynamodb</artifactId> <artifactId>dynamodb</artifactId>
</dependency> </dependency>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>appconfig</artifactId>
</dependency>
<dependency> <dependency>
<groupId>com.amazonaws</groupId> <groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-core</artifactId> <artifactId>aws-java-sdk-core</artifactId>
@ -275,10 +283,6 @@
<groupId>com.amazonaws</groupId> <groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-s3</artifactId> <artifactId>aws-java-sdk-s3</artifactId>
</dependency> </dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-appconfig</artifactId>
</dependency>
<dependency> <dependency>
<groupId>redis.clients</groupId> <groupId>redis.clients</groupId>

73
service/src/main/java/org/whispersystems/textsecuregcm/storage/DynamicConfigurationManager.java
View File

@ -1,31 +1,29 @@
package org.whispersystems.textsecuregcm.storage; package org.whispersystems.textsecuregcm.storage;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.InstanceProfileCredentialsProvider;
import com.amazonaws.services.appconfig.AmazonAppConfig;
import com.amazonaws.services.appconfig.AmazonAppConfigClient;
import com.amazonaws.services.appconfig.model.GetConfigurationRequest;
import com.amazonaws.services.appconfig.model.GetConfigurationResult;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.dataformat.yaml.YAMLFactory; import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import com.google.common.annotations.VisibleForTesting; import com.google.common.annotations.VisibleForTesting;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.util.Optional;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import javax.validation.ConstraintViolation;
import javax.validation.Validation;
import javax.validation.Validator;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration; import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration;
import org.whispersystems.textsecuregcm.util.Util; import org.whispersystems.textsecuregcm.util.Util;
import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
import javax.validation.ConstraintViolation; import software.amazon.awssdk.services.appconfig.AppConfigClient;
import javax.validation.Validation; import software.amazon.awssdk.services.appconfig.model.GetConfigurationRequest;
import javax.validation.Validator; import software.amazon.awssdk.services.appconfig.model.GetConfigurationResponse;
import java.nio.charset.StandardCharsets;
import java.util.Optional;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
public class DynamicConfigurationManager { public class DynamicConfigurationManager {
@ -33,11 +31,11 @@ public class DynamicConfigurationManager {
private final String environment; private final String environment;
private final String configurationName; private final String configurationName;
private final String clientId; private final String clientId;
private final AmazonAppConfig appConfigClient; private final AppConfigClient appConfigClient;
private final AtomicReference<DynamicConfiguration> configuration = new AtomicReference<>(); private final AtomicReference<DynamicConfiguration> configuration = new AtomicReference<>();
private GetConfigurationResult lastConfigResult; private GetConfigurationResponse lastConfigResult;
private boolean initialized = false; private boolean initialized = false;
@ -50,15 +48,20 @@ public class DynamicConfigurationManager {
private static final Logger logger = LoggerFactory.getLogger(DynamicConfigurationManager.class); private static final Logger logger = LoggerFactory.getLogger(DynamicConfigurationManager.class);
public DynamicConfigurationManager(String application, String environment, String configurationName) { public DynamicConfigurationManager(String application, String environment, String configurationName) {
this(AmazonAppConfigClient.builder() this(AppConfigClient.builder()
.withClientConfiguration(new ClientConfiguration().withClientExecutionTimeout(10000).withRequestTimeout(10000)) .overrideConfiguration(ClientOverrideConfiguration.builder()
.withCredentials(InstanceProfileCredentialsProvider.getInstance()) .apiCallTimeout(Duration.ofMillis(10000))
.build(), .apiCallAttemptTimeout(Duration.ofMillis(10000)).build())
application, environment, configurationName, UUID.randomUUID().toString()); /* To specify specific credential provider:
https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials.html
*/
.build(),
application, environment, configurationName, UUID.randomUUID().toString());
} }
@VisibleForTesting @VisibleForTesting
public DynamicConfigurationManager(AmazonAppConfig appConfigClient, String application, String environment, String configurationName, String clientId) { public DynamicConfigurationManager(AppConfigClient appConfigClient, String application, String environment,
String configurationName, String clientId) {
this.appConfigClient = appConfigClient; this.appConfigClient = appConfigClient;
this.application = application; this.application = application;
this.environment = environment; this.environment = environment;
@ -99,21 +102,24 @@ public class DynamicConfigurationManager {
} }
private Optional<DynamicConfiguration> retrieveDynamicConfiguration() throws JsonProcessingException { private Optional<DynamicConfiguration> retrieveDynamicConfiguration() throws JsonProcessingException {
final String previousVersion = lastConfigResult != null ? lastConfigResult.getConfigurationVersion() : null; final String previousVersion = lastConfigResult != null ? lastConfigResult.configurationVersion() : null;
lastConfigResult = appConfigClient.getConfiguration(new GetConfigurationRequest().withApplication(application) lastConfigResult = appConfigClient.getConfiguration(GetConfigurationRequest.builder()
.withEnvironment(environment) .application(application)
.withConfiguration(configurationName) .environment(environment)
.withClientId(clientId) .configuration(configurationName)
.withClientConfigurationVersion(previousVersion)); .clientId(clientId)
.clientConfigurationVersion(previousVersion)
.build());
final Optional<DynamicConfiguration> maybeDynamicConfiguration; final Optional<DynamicConfiguration> maybeDynamicConfiguration;
if (!StringUtils.equals(lastConfigResult.getConfigurationVersion(), previousVersion)) { if (!StringUtils.equals(lastConfigResult.configurationVersion(), previousVersion)) {
logger.info("Received new config version: {}", lastConfigResult.getConfigurationVersion()); logger.info("Received new config version: {}", lastConfigResult.configurationVersion());
maybeDynamicConfiguration = maybeDynamicConfiguration =
parseConfiguration(StandardCharsets.UTF_8.decode(lastConfigResult.getContent().asReadOnlyBuffer()).toString()); parseConfiguration(
StandardCharsets.UTF_8.decode(lastConfigResult.content().asByteBuffer().asReadOnlyBuffer()).toString());
} else { } else {
// No change since last version // No change since last version
maybeDynamicConfiguration = Optional.empty(); maybeDynamicConfiguration = Optional.empty();
@ -123,7 +129,8 @@ public class DynamicConfigurationManager {
} }
@VisibleForTesting @VisibleForTesting
public static Optional<DynamicConfiguration> parseConfiguration(final String configurationYaml) throws JsonProcessingException { public static Optional<DynamicConfiguration> parseConfiguration(final String configurationYaml)
throws JsonProcessingException {
final DynamicConfiguration configuration = OBJECT_MAPPER.readValue(configurationYaml, DynamicConfiguration.class); final DynamicConfiguration configuration = OBJECT_MAPPER.readValue(configurationYaml, DynamicConfiguration.class);
final Set<ConstraintViolation<DynamicConfiguration>> violations = VALIDATOR.validate(configuration); final Set<ConstraintViolation<DynamicConfiguration>> violations = VALIDATOR.validate(configuration);

34
service/src/test/java/org/whispersystems/textsecuregcm/storage/DynamicConfigurationManagerTest.java
View File

@ -1,42 +1,40 @@
package org.whispersystems.textsecuregcm.storage; package org.whispersystems.textsecuregcm.storage;
import com.amazonaws.services.appconfig.AmazonAppConfig; import static org.assertj.core.api.Assertions.assertThat;
import com.amazonaws.services.appconfig.model.GetConfigurationRequest; import static org.mockito.Mockito.mock;
import com.amazonaws.services.appconfig.model.GetConfigurationResult; import static org.mockito.Mockito.when;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.mockito.ArgumentCaptor; import org.mockito.ArgumentCaptor;
import software.amazon.awssdk.core.SdkBytes;
import java.nio.ByteBuffer; import software.amazon.awssdk.services.appconfig.AppConfigClient;
import software.amazon.awssdk.services.appconfig.model.GetConfigurationRequest;
import static org.assertj.core.api.Assertions.assertThat; import software.amazon.awssdk.services.appconfig.model.GetConfigurationResponse;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
public class DynamicConfigurationManagerTest { public class DynamicConfigurationManagerTest {
private DynamicConfigurationManager dynamicConfigurationManager; private DynamicConfigurationManager dynamicConfigurationManager;
private AmazonAppConfig appConfig; private AppConfigClient appConfig;
@Before @Before
public void setup() { public void setup() {
this.appConfig = mock(AmazonAppConfig.class); this.appConfig = mock(AppConfigClient.class);
this.dynamicConfigurationManager = new DynamicConfigurationManager(appConfig, "foo", "bar", "baz", "poof"); this.dynamicConfigurationManager = new DynamicConfigurationManager(appConfig, "foo", "bar", "baz", "poof");
} }
@Test @Test
public void testGetConfig() { public void testGetConfig() {
ArgumentCaptor<GetConfigurationRequest> captor = ArgumentCaptor.forClass(GetConfigurationRequest.class); ArgumentCaptor<GetConfigurationRequest> captor = ArgumentCaptor.forClass(GetConfigurationRequest.class);
when(appConfig.getConfiguration(captor.capture())).thenReturn(new GetConfigurationResult().withContent(ByteBuffer.wrap("test: true".getBytes())) when(appConfig.getConfiguration(captor.capture())).thenReturn(
.withConfigurationVersion("1")); GetConfigurationResponse.builder().content(SdkBytes.fromByteArray("test: true".getBytes())).configurationVersion("1").build());
dynamicConfigurationManager.start(); dynamicConfigurationManager.start();
assertThat(captor.getValue().getApplication()).isEqualTo("foo"); assertThat(captor.getValue().application()).isEqualTo("foo");
assertThat(captor.getValue().getEnvironment()).isEqualTo("bar"); assertThat(captor.getValue().environment()).isEqualTo("bar");
assertThat(captor.getValue().getConfiguration()).isEqualTo("baz"); assertThat(captor.getValue().configuration()).isEqualTo("baz");
assertThat(captor.getValue().getClientId()).isEqualTo("poof"); assertThat(captor.getValue().clientId()).isEqualTo("poof");
assertThat(dynamicConfigurationManager.getConfiguration()).isNotNull(); assertThat(dynamicConfigurationManager.getConfiguration()).isNotNull();
} }