Skip to content

Commit

Permalink
allow app-id as context for secret decryption (#957)
Browse files Browse the repository at this point in the history
  • Loading branch information
matslina authored Nov 3, 2023
1 parent f03e6bf commit e7efc05
Show file tree
Hide file tree
Showing 38 changed files with 124 additions and 82 deletions.
2 changes: 1 addition & 1 deletion cmd/community/loadapp.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func LoadApp(cmd *cobra.Command, args []string) error {
})

applet := runtime.Applet{}
err = applet.LoadWithInitializers(script, src, nil, initializers...)
err = applet.LoadWithInitializers("", script, src, nil, initializers...)
if err != nil {
return fmt.Errorf("failed to load applet: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/community/validateicons.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ func ValidateIcons(cmd *cobra.Command, args []string) error {
})

applet := runtime.Applet{}
err = applet.LoadWithInitializers(args[0], src, nil, initializers...)
err = applet.LoadWithInitializers("", args[0], src, nil, initializers...)
if err != nil {
return fmt.Errorf("failed to load applet: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/profile.go
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ func ProfileApp(script string, config map[string]string) (*pprof_profile.Profile
})

applet := runtime.Applet{}
err = applet.LoadWithInitializers(script, src, nil, initializers...)
err = applet.LoadWithInitializers("", script, src, nil, initializers...)
if err != nil {
return nil, fmt.Errorf("failed to load applet: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/render.go
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ func render(cmd *cobra.Command, args []string) error {
runtime.InitCache(cache)

applet := runtime.Applet{}
err = applet.LoadWithInitializers(script, src, nil, initializers...)
err = applet.LoadWithInitializers("", script, src, nil, initializers...)
if err != nil {
return fmt.Errorf("failed to load applet: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion docs/gen_widget_imgs.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ def main():
`, snippet)

app := runtime.Applet{}
err = app.Load(name, []byte(src), nil)
err = app.Load(fmt.Sprintf("id-%s", name), name, []byte(src), nil)
if err != nil {
panic(err)
}
Expand Down
2 changes: 1 addition & 1 deletion encode/encode_bench_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ def main(config):

func BenchmarkRunAndRender(b *testing.B) {
app := &runtime.Applet{}
err := app.Load("benchmark.star", []byte(BenchmarkDotStar), nil)
err := app.Load("benchid", "benchmark.star", []byte(BenchmarkDotStar), nil)
if err != nil {
b.Error(err)
}
Expand Down
12 changes: 6 additions & 6 deletions encode/encode_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ def main():

func TestFile(t *testing.T) {
app := runtime.Applet{}
err := app.Load("test.star", []byte(TestDotStar), nil)
err := app.Load("testid", "test.star", []byte(TestDotStar), nil)
assert.NoError(t, err)

roots, err := app.Run(map[string]string{})
Expand All @@ -158,7 +158,7 @@ func TestFile(t *testing.T) {

func TestHash(t *testing.T) {
app := runtime.Applet{}
err := app.Load("test.star", []byte(TestDotStar), nil)
err := app.Load("testid", "test.star", []byte(TestDotStar), nil)
require.NoError(t, err)

roots, err := app.Run(map[string]string{})
Expand All @@ -179,7 +179,7 @@ func TestHash(t *testing.T) {
// change the app slightly
modifiedSource := strings.Replace(TestDotStar, "foo bar", "bar foo", 1)
app2 := runtime.Applet{}
err = app2.Load("test.star", []byte(modifiedSource), nil)
err = app2.Load("testid2", "test.star", []byte(modifiedSource), nil)
require.NoError(t, err)

roots2, err := app2.Run(map[string]string{})
Expand Down Expand Up @@ -238,7 +238,7 @@ def main():
return render.Root(show_full_animation=True, child=render.Box())
`
app := runtime.Applet{}
require.NoError(t, app.Load("test.star", []byte(requestFull), nil))
require.NoError(t, app.Load("testid", "test.star", []byte(requestFull), nil))
roots, err := app.Run(map[string]string{})
assert.NoError(t, err)
assert.True(t, ScreensFromRoots(roots).ShowFullAnimation)
Expand All @@ -249,7 +249,7 @@ def main():
return render.Root(child=render.Box())
`
app = runtime.Applet{}
require.NoError(t, app.Load("test.star", []byte(dontRequestFull), nil))
require.NoError(t, app.Load("testid", "test.star", []byte(dontRequestFull), nil))
roots, err = app.Run(map[string]string{})
assert.NoError(t, err)
assert.False(t, ScreensFromRoots(roots).ShowFullAnimation)
Expand All @@ -276,7 +276,7 @@ def main():
`)

app := runtime.Applet{}
err := app.Load("test.star", src, nil)
err := app.Load("testid", "test.star", src, nil)
assert.NoError(t, err)

roots, err := app.Run(map[string]string{})
Expand Down
14 changes: 8 additions & 6 deletions runtime/applet.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,8 @@ func init() {

type Applet struct {
Filename string
Id string
ThreadID string
AppID string
Globals starlark.StringDict
SecretDecryptionKey *SecretDecryptionKey

Expand All @@ -69,7 +70,7 @@ type Applet struct {

func (a *Applet) thread(initializers ...ThreadInitializer) *starlark.Thread {
t := &starlark.Thread{
Name: a.Id,
Name: a.ThreadID,
Load: a.loadModule,
Print: func(thread *starlark.Thread, msg string) {
fmt.Printf("[%s] %s\n", a.Filename, msg)
Expand All @@ -92,23 +93,24 @@ func (a *Applet) thread(initializers ...ThreadInitializer) *starlark.Thread {
// Loads an applet. The script filename is used as a descriptor only,
// and the actual code should be passed in src. Optionally also pass
// loader to make additional starlark modules available to the script.
func (a *Applet) Load(filename string, src []byte, loader ModuleLoader) (err error) {
return a.LoadWithInitializers(filename, src, loader)
func (a *Applet) Load(appID string, filename string, src []byte, loader ModuleLoader) (err error) {
return a.LoadWithInitializers(appID, filename, src, loader)
}

func (a *Applet) LoadWithInitializers(filename string, src []byte, loader ModuleLoader, initializers ...ThreadInitializer) (err error) {
func (a *Applet) LoadWithInitializers(appID string, filename string, src []byte, loader ModuleLoader, initializers ...ThreadInitializer) (err error) {
defer func() {
if r := recover(); r != nil {
err = fmt.Errorf("panic while executing %s: %v", a.Filename, r)
}
}()

a.AppID = appID
a.Filename = filename
a.loader = loader

a.src = src

a.Id = fmt.Sprintf("%s/%x", filename, md5.Sum(src))
a.ThreadID = fmt.Sprintf("%s/%x", filename, md5.Sum(src))

if a.SecretDecryptionKey != nil {
a.decrypter, err = a.SecretDecryptionKey.decrypterForApp(a)
Expand Down
34 changes: 17 additions & 17 deletions runtime/applet_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,14 @@ import (

func TestLoadEmptySrc(t *testing.T) {
app := &Applet{}
err := app.Load("test.star", []byte{}, nil)
err := app.Load("testid", "test.star", []byte{}, nil)
assert.Error(t, err)
}

func TestLoadMalformed(t *testing.T) {
src := "this is not valid starlark"
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.Error(t, err)
}

Expand All @@ -33,7 +33,7 @@ def main():
return render.Root(child=render.Box())
`
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)

// As is this
Expand All @@ -45,7 +45,7 @@ def main2():
main = main2
`
app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)

// And this (a lambda is a function)
Expand All @@ -57,7 +57,7 @@ def main2():
main = lambda: main2()
`
app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)

// But not this, because a string is not a function
Expand All @@ -69,7 +69,7 @@ def main2():
main = "main2"
`
app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
assert.Error(t, err)

// And not this either, because here main is gone
Expand All @@ -79,7 +79,7 @@ def main2():
return render.Root(child=render.Box())
`
app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
assert.Error(t, err)

}
Expand All @@ -92,7 +92,7 @@ def main():
return [render.Box()]
`
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
screens, err := app.Run(map[string]string{})
assert.Error(t, err)
Expand All @@ -106,7 +106,7 @@ def main():
`

app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
screens, err = app.Run(map[string]string{})
assert.NoError(t, err)
Expand All @@ -119,7 +119,7 @@ def main():
return [render.Root(child=render.Box()), render.Root(child=render.Text("hi"))]
`
app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
screens, err = app.Run(map[string]string{})
assert.NoError(t, err)
Expand All @@ -141,7 +141,7 @@ def main():
return render.Root(child=render.Box())
`
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
roots, err := app.Run(config)
assert.NoError(t, err)
Expand Down Expand Up @@ -170,7 +170,7 @@ def main(config):
return [render.Root(child=render.Box()) for _ in range(int(config["one"]) + int(config["two"]))]
`
app = &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
require.NoError(t, err)
roots, err = app.Run(config)
require.NoError(t, err)
Expand Down Expand Up @@ -208,7 +208,7 @@ def main():
return render.Root(child=render.Box())
`
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
roots, err := app.Run(map[string]string{})
assert.NoError(t, err)
Expand All @@ -230,7 +230,7 @@ def main():
return render.Root(child=render.Box())
`
app = &Applet{}
err = app.Load("test.star", []byte(src), loader)
err = app.Load("testid", "test.star", []byte(src), loader)
assert.NoError(t, err)
roots, err = app.Run(map[string]string{})
assert.NoError(t, err)
Expand All @@ -255,7 +255,7 @@ def main():
}

app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
_, err = app.Run(map[string]string{}, initializer)
assert.NoError(t, err)
Expand All @@ -275,7 +275,7 @@ def main():
`

app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
_, err = app.Run(map[string]string{})
assert.NoError(t, err)
Expand Down Expand Up @@ -323,7 +323,7 @@ def main(config):
`

app := &Applet{}
err = app.Load("test.star", []byte(src), nil)
err = app.Load("testid", "test.star", []byte(src), nil)
_, err = app.Run(map[string]string{"ZIP_BYTES": buf.String()}, initializer)
assert.NoError(t, err)

Expand Down
10 changes: 5 additions & 5 deletions runtime/cache_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ def main():
`
InitCache(NewInMemoryCache())
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
roots, err := app.Run(map[string]string{})
assert.NoError(t, err)
Expand All @@ -54,7 +54,7 @@ def main():
`
InitCache(NewInMemoryCache())
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)

// first time, i == 1
Expand All @@ -72,7 +72,7 @@ def main():
// but run the same code using different filename, and cached
// data ends up in a different namespace
app = &Applet{}
err = app.Load("test2.star", []byte(src), nil)
err = app.Load("testid", "test2.star", []byte(src), nil)
assert.NoError(t, err)

roots, _ = app.Run(map[string]string{})
Expand Down Expand Up @@ -103,7 +103,7 @@ def main():
`
InitCache(nil)
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
screens, err := app.Run(map[string]string{})
assert.NoError(t, err)
Expand All @@ -121,7 +121,7 @@ def main():
`
InitCache(nil)
app := &Applet{}
err := app.Load("test.star", []byte(src), nil)
err := app.Load("testid", "test.star", []byte(src), nil)
assert.NoError(t, err)
screens, err := app.Run(map[string]string{})
assert.Error(t, err)
Expand Down
2 changes: 1 addition & 1 deletion runtime/httpcache_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ func TestInitHTTP(t *testing.T) {
assert.NoError(t, err)

app := &Applet{}
err = app.Load("httpcache.star", b, nil)
err = app.Load("httpid", "httpcache.star", b, nil)
assert.NoError(t, err)

screens, err := app.Run(map[string]string{})
Expand Down
2 changes: 1 addition & 1 deletion runtime/modules/hmac/hmac_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ def main():

func TestHmac(t *testing.T) {
app := &runtime.Applet{}
err := app.Load("hmac_test.star", []byte(hmacSource), nil)
err := app.Load("hmacid", "hmac_test.star", []byte(hmacSource), nil)
assert.NoError(t, err)

screens, err := app.Run(map[string]string{})
Expand Down
2 changes: 1 addition & 1 deletion runtime/modules/humanize/humanize_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ def main():

func TestHumanize(t *testing.T) {
app := &runtime.Applet{}
err := app.Load("human.star", []byte(humanSource), nil)
err := app.Load("humanid", "human.star", []byte(humanSource), nil)
assert.NoError(t, err)

screens, err := app.Run(map[string]string{})
Expand Down
2 changes: 1 addition & 1 deletion runtime/modules/qrcode/qrcode_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def main():

func TestQRCode(t *testing.T) {
app := &runtime.Applet{}
err := app.Load("test.star", []byte(qrCodeSource), nil)
err := app.Load("testid", "test.star", []byte(qrCodeSource), nil)
assert.NoError(t, err)

screens, err := app.Run(map[string]string{})
Expand Down
2 changes: 1 addition & 1 deletion runtime/modules/random/random_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def main():

func TestRandom(t *testing.T) {
app := &runtime.Applet{}
err := app.Load("random_test.star", []byte(randomSrc), nil)
err := app.Load("randomid", "random_test.star", []byte(randomSrc), nil)
require.NoError(t, err)

screens, err := app.Run(map[string]string{})
Expand Down
Loading

0 comments on commit e7efc05

Please sign in to comment.