Skip to content

Commit

Permalink
Small fixes (#596)
Browse files Browse the repository at this point in the history
* updated fanout tests to include api version path changes

* bumped ancla, argus and fixed client creation

* deprecated webhook/aws package

* prep for release
  • Loading branch information
kristinapathak authored Apr 29, 2022
1 parent 74173f6 commit 9e59e44
Show file tree
Hide file tree
Showing 9 changed files with 44 additions and 492 deletions.
7 changes: 6 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.

## [Unreleased]

## [v2.0.5]
- Deprecated webhook/aws package, which also won't work with go 1.18+. [#596](https://github.com/xmidt-org/webpa-common/pull/596)
- Bumped argus to v0.9.0. [#596](https://github.com/xmidt-org/webpa-common/pull/596)

## [v2.0.4]
- Enforce cipher suites for TLS versions less than 1.3 that are not vulnerable to SWEET32

Expand Down Expand Up @@ -226,7 +230,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
- The first official release. We will be better about documenting changes
moving forward.

[Unreleased]: https://github.com/xmidt-org/webpa-common/compare/v2.0.4...HEAD
[Unreleased]: https://github.com/xmidt-org/webpa-common/compare/v2.0.5...HEAD
[v2.0.5]: https://github.com/xmidt-org/webpa-common/compare/v2.0.4...v2.0.5
[v2.0.4]: https://github.com/xmidt-org/webpa-common/compare/v2.0.3...v2.0.4
[v2.0.3]: https://github.com/xmidt-org/webpa-common/compare/v2.0.2...v2.0.3
[v2.0.2]: https://github.com/xmidt-org/webpa-common/compare/v2.0.1...v2.0.2
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.13

require (
github.com/SermoDigital/jose v0.9.2-0.20161205224733-f6df55f235c2
github.com/aws/aws-sdk-go v1.31.6
github.com/aws/aws-sdk-go v1.43.35
github.com/billhathaway/consistentHash v0.0.0-20140718022140-addea16d2229
github.com/c9s/goprocinfo v0.0.0-20151025191153-19cb9f127a9c
github.com/davecgh/go-spew v1.1.1
Expand All @@ -26,7 +26,7 @@ require (
github.com/spf13/viper v1.9.0
github.com/stretchr/testify v1.7.0
github.com/ugorji/go/codec v1.1.7
github.com/xmidt-org/argus v0.6.0
github.com/xmidt-org/argus v0.9.0
github.com/xmidt-org/bascule v0.10.2
github.com/xmidt-org/candlelight v0.0.5
github.com/xmidt-org/themis v0.4.7
Expand Down
22 changes: 15 additions & 7 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,9 @@ github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQ
github.com/aws/aws-sdk-go v1.8.12/go.mod h1:ZRmQr0FajVIyZ4ZzBYKG5P3ZqPz9IHG41ZoMu1ADI3k=
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.31.6 h1:nKjQbpXhdImctBh1e0iLg9iQW/X297LPPuY/9f92R2k=
github.com/aws/aws-sdk-go v1.31.6/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
github.com/aws/aws-sdk-go v1.43.35 h1:Ko1HiU7c7C8cZ5nvwp4GoLl08nmdQtZVZHxhrD8icwk=
github.com/aws/aws-sdk-go v1.43.35/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
github.com/benbjohnson/clock v1.0.3 h1:vkLuvpK4fmtSCuo60+yC63p7y0BmQ8gm5ZXGuBCJyXg=
github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
Expand Down Expand Up @@ -441,8 +442,11 @@ github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab h1:HqW
github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da/go.mod h1:ks+b9deReOc7jgqp+e7LuFiCBH6Rm5hL32cLcEAArb4=
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
github.com/joyent/triton-go v0.0.0-20180628001255-830d2b111e62/go.mod h1:U+RSyWxWd04xTqnuOQxnai7XGS2PrPY2cfGoDKtMHjA=
github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
Expand Down Expand Up @@ -741,8 +745,8 @@ github.com/xmidt-org/argus v0.3.9/go.mod h1:mDFS44R704gl9Fif3gkfAyvnZa53SvMepmXj
github.com/xmidt-org/argus v0.3.10-0.20201105190057-402fede05764/go.mod h1:lnMCVB/i0gOlUOOd2WbzDDgzTEqP5TipzQ8xKIw+N/I=
github.com/xmidt-org/argus v0.3.10-0.20201217204602-66f69b12c498/go.mod h1:lnMCVB/i0gOlUOOd2WbzDDgzTEqP5TipzQ8xKIw+N/I=
github.com/xmidt-org/argus v0.3.12/go.mod h1:T0oHbqQ1SAjE616Q9f1p+7nsmuvmHNoC0zAIUpUiFuE=
github.com/xmidt-org/argus v0.6.0 h1:cjAeyILtyGSvUv02e4wEpUdYtgd1EYoFtwfjC5JroQ8=
github.com/xmidt-org/argus v0.6.0/go.mod h1:IRVJlpd8JsoWXhys8o6tFU+dZi9Q6YWTX1Wn3AkyEkI=
github.com/xmidt-org/argus v0.9.0 h1:vP2Bh5J3YpqQjyP23E6BnW9Qn2S69ZBfOq/OORaLPd8=
github.com/xmidt-org/argus v0.9.0/go.mod h1:qa9zafyQDJDcL6lxD2hniA+D0oM27GTa5uXxO/UDRMA=
github.com/xmidt-org/arrange v0.1.9/go.mod h1:PRA8iEZ11L93NsEkDP56x1mZyfDcWxzDULgHj56TaEk=
github.com/xmidt-org/arrange v0.3.0 h1:YNO+1lufCx3EeN17xuSRMC1sci9y9rzZVZ+TkWwq9QE=
github.com/xmidt-org/arrange v0.3.0/go.mod h1:pCHeb93OFA0QnEJ//Mmly7QqUt7y/w3xllK0VQ3Bigo=
Expand Down Expand Up @@ -950,8 +954,9 @@ golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420 h1:a8jGStKg0XqKDlKqjLrXn0ioF5MH36pT7Z0BRTqLhbk=
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk=
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/oauth2 v0.0.0-20170807180024-9a379c6b3e95/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
Expand Down Expand Up @@ -1056,9 +1061,11 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf h1:2ucpDCmfkl8Bd/FsLtiD653Wf96cW37s+iGx93zsu4k=
golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
Expand All @@ -1067,8 +1074,9 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down
2 changes: 1 addition & 1 deletion service/consul/datacenterWatch.go
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ func newDatacenterWatcher(logger log.Logger, environment Environment, options Op
m := &chrysom.Measures{
Polls: environment.Provider().NewCounterVec(chrysom.PollCounter),
}
basic, err := chrysom.NewBasicClient(options.Chrysom.BasicClientConfig, getLogger, logging.WithLogger)
basic, err := chrysom.NewBasicClient(options.Chrysom.BasicClientConfig, getLogger)
if err != nil {
return nil, fmt.Errorf("failed to create chrysom basic client: %v", err)
}
Expand Down
11 changes: 11 additions & 0 deletions webhook/aws/doc.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
/*
Package aws provides functionality for webhook management using AWS. This
package will not work with go 1.18+ due to its dependency on SHA1. For further
information, please see https://github.com/golang/go/issues/41682.
Deprecated: xmetrics is no longer planned to be used by future WebPA/XMiDT
services.
This package is frozen and no new functionality will be added.
*/
package aws
4 changes: 3 additions & 1 deletion webhook/aws/signature_validation.go
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,8 @@ func NewSNSValidator() SNSValidator {
return NewValidator(nil)
}

// Validator validates an Amazon SNS message signature
// Validator validates an Amazon SNS message signature. NOTE: This will not work
// with go 1.18+, which no longer allows SHA1.
func (v *Validator) Validate(msg *SNSMessage) (ok bool, err error) {
var decodedSignature []byte
if decodedSignature, err = base64Decode(msg); err != nil {
Expand All @@ -140,6 +141,7 @@ func (v *Validator) Validate(msg *SNSMessage) (ok bool, err error) {
return
}

// NOTE: This will not work with go 1.18+, which no longer allows SHA1.
if err = cert.CheckSignature(x509.SHA1WithRSA, []byte(formatedSignature), decodedSignature); err != nil {
// signature verification failed
return
Expand Down
34 changes: 2 additions & 32 deletions webhook/aws/signature_validation_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,15 @@ import (
"encoding/base64"
"encoding/pem"
"fmt"
"github.com/stretchr/testify/assert"
"io/ioutil"
"math/big"
"net/http"
"net/http/httptest"
"net/url"
"testing"
"time"

"github.com/stretchr/testify/assert"
)

func testSNSMessage(scURL string) (*SNSMessage, *SNSMessage) {
Expand Down Expand Up @@ -272,34 +273,3 @@ func Test_formatSignature(t *testing.T) {
assert.NotNil(fs1)
assert.NotNil(fs2)
}

func Test_Validate(t *testing.T) {
assert := assert.New(t)

pemkey, server, snsMsg, err := testCreateEnv()
if server != nil {
defer server.Close()
}
assert.Nil(err)

client, err := testClient(server.URL, pemkey)
assert.Nil(err)

v := NewValidator(client)

okGood, errGood := v.Validate(snsMsg["noti-good"])
okBad, errBad := v.Validate(snsMsg["noti-bad"])

assert.True(okGood)
assert.Nil(errGood)
assert.False(okBad)
assert.NotNil(errBad)

okGood, errGood = v.Validate(snsMsg["conf-good"])
okBad, errBad = v.Validate(snsMsg["conf-bad"])

assert.True(okGood)
assert.Nil(errGood)
assert.False(okBad)
assert.NotNil(errBad)
}
Loading

0 comments on commit 9e59e44

Please sign in to comment.