You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficcontrol.apache.org by GitBox <gi...@apache.org> on 2021/04/07 22:56:12 UTC

[GitHub] [trafficcontrol] rawlinp commented on a change in pull request #5721: Refactor riak trafficvault interface

rawlinp commented on a change in pull request #5721:
URL: https://github.com/apache/trafficcontrol/pull/5721#discussion_r609113190



##########
File path: lib/go-tc/deliveryservice_ssl_keys.go
##########
@@ -211,7 +222,9 @@ type DNSSECKeys map[string]DNSSECKeySet
 
 // DNSSECKeysV11 is the DNSSEC keys object stored in Riak. The map key strings are both DeliveryServiceNames and CDNNames.

Review comment:
       Done

##########
File path: lib/go-tc/deliveryservice_ssl_keys.go
##########
@@ -201,7 +203,16 @@ func checkNilOrEmpty(s *string) bool {
 	return s == nil || *s == ""
 }
 
-type RiakPingResp struct {
+// URISignerKeyset is the container for the CDN URI signing keys.
+type URISignerKeyset struct {
+	RenewalKid *string               `json:"renewal_kid"`
+	Keys       []jwk.EssentialHeader `json:"keys"`
+}

Review comment:
       As I'm unfamiliar with URI signing, I'm not sure I could do the descriptions justice. I moved this here in order to avoid a circular dependency.

##########
File path: docs/source/development/traffic_ops.rst
##########
@@ -161,7 +161,7 @@ Traffic Ops Project Tree Overview
 		- config/ - Defines configuration structures and methods for reading them in from files
 		- dbhelpers/ - Assorted utilities that provide functionality for common database tasks, e.g. "Get a user by email"
 		- plugin/ - The Traffic Ops plugin system, with examples
-		- riaksvc/ - In addition to handling routes that deal with storing secrets in or retrieving secrets from Traffic Vault, this package provides a library of functions for interacting with Traffic Vault for other handlers to use.
+		- trafficvault/ - This package provides the Traffic Vault interface and associated backend implementations for other handlers to interact with Traffic Vault.

Review comment:
       Yeah, I was on the fence with that because `trafficvault` doesn't contain any route handling code and is purely just the integrations w/ the Traffic Vault datastore (currently just Riak), so it would be nice to keep it that way. I was also considering deprecating that "get bucket keys" route altogether because it is basically just a passthrough to Riak, and that isn't really necessary IMO and doesn't really make sense for other backends. I will propose that to the list.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org