Skip to content

Commit

Permalink
[runx+envsec] Use same cache location as auth pkg (#154)
Browse files Browse the repository at this point in the history
## Summary

Use consistent cache locations everywhere.

Fix envsec aws credentials cache bug where cache key did not take into
account changing organizations.

## How was it tested?
  • Loading branch information
mikeland73 authored Sep 20, 2023
1 parent d60aedd commit c93acb3
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 56 deletions.
20 changes: 16 additions & 4 deletions internal/awsfed/awsfed.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package awsfed

import (
"context"
"crypto/sha256"
"encoding/json"
"fmt"

Expand All @@ -12,7 +13,7 @@ import (
"go.jetpack.io/pkg/sandbox/auth/session"
)

const cacheKey = "awsfed"
const cacheKeyPrefix = "awsfed"

type AWSFed struct {
AccountID string
Expand All @@ -39,8 +40,8 @@ func (a *AWSFed) AWSCreds(
ctx context.Context,
tok *session.Token,
) (*types.Credentials, error) {
cache := filecache.New("envsec")
if cachedCreds, err := cache.Get(cacheKey); err == nil {
cache := filecache.New("jetpack.io/envsec")
if cachedCreds, err := cache.Get(cacheKey(tok)); err == nil {
var creds types.Credentials
if err := json.Unmarshal(cachedCreds, &creds); err == nil {
return &creds, nil
Expand Down Expand Up @@ -86,7 +87,7 @@ func (a *AWSFed) AWSCreds(
if creds, err := json.Marshal(output.Credentials); err != nil {
return nil, err
} else if err := cache.SetT(
cacheKey,
cacheKey(tok),
creds,
*output.Credentials.Expiration,
); err != nil {
Expand All @@ -95,3 +96,14 @@ func (a *AWSFed) AWSCreds(

return output.Credentials, nil
}

func cacheKey(t *session.Token) string {
id := ""
if claims := t.IDClaims(); claims != nil && claims.OrgID != "" {
id = claims.OrgID
} else {
id = fmt.Sprintf("%x", sha256.Sum256([]byte(t.IDToken)))
}

return fmt.Sprintf("%s-%s", cacheKeyPrefix, id)
}
17 changes: 9 additions & 8 deletions internal/filecache/filecache.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,17 @@ import (
"time"

"github.com/pkg/errors"
"go.jetpack.io/envsec/internal/xdg"
)

var NotFound = errors.New("not found")
var Expired = errors.New("expired")

const prefix = "filecache-"

type cache struct {
appName string
domain string
}

func New(appName string) *cache {
return &cache{appName: appName}
func New(domain string) *cache {
return &cache{domain: domain}
}

type data struct {
Expand Down Expand Up @@ -68,7 +65,11 @@ func (c *cache) Get(key string) ([]byte, error) {
}

func (c *cache) filename(key string) string {
dir := xdg.CacheSubpath(c.appName)
cacheDir, err := os.UserCacheDir()
if err != nil {
cacheDir = "~/.cache"
}
dir := filepath.Join(cacheDir, c.domain)
_ = os.MkdirAll(dir, 0755)
return xdg.CacheSubpath(filepath.Join(c.appName, prefix+key))
return filepath.Join(dir, key)
}
44 changes: 0 additions & 44 deletions internal/xdg/xdg.go

This file was deleted.

0 comments on commit c93acb3

Please sign in to comment.