parallaxsecond / parsec-client-go Goto Github PK

there are a number of places where wire interface objects could be nil in conversion routines, but these are not always tested before dereferencing- could lead to panics

Since april, parsec service and related CI test docker file have moved on, which means that go client ci test scripts cannot compile parsec service and likely won't work anyway.

Ensure we have coverage of success for all supported operations, and ensure that unsupported operations on each provider return appropriate failure codes.

Basic client follows the parsec wire api operations closely. We need an implementation that wraps this in a much more natural go wrapper. the go crypto library (https://golang.org/pkg/crypto/) may provide a good start, but further research is probably needed.

This API could be part of this library, or could be its own library altogether.

tests for wire interface header serialisation, as well as individual parsec calls in operations_client.go

Remove this stage or set up appropriate access token

including unit & e2e tests

currently interfaces/operations/operations_client.go Client.operation() assumes that the whole of a request is successfully written to the output writer in one go, whereas the write api allows for only part of the buffer to be written in any one transaction.

On the read side, for the response, it also assumes that the whole of the response is received in one go. It also does not copy with resynchronisation to find a new header magic number if it finds itself in a confused state

including unit and ci testing

especially the conversions to/from protobuf interface types, e.g. algorithm package, as well as keyinfo, keytype

Definitely need fuzz to test resilience to rogue responses from parsec daemon - allows clients to protect themselves.
Fuzz testing from public api will assist in robustness of api

The README.md does not include instructions for installing protoc tools, and the makefile assumes the dev environment is under GOPATH/src in fully qualified folder, which is not necessarily true as we use go modules.

Fix protoc file generation and readme.

I think it's fine to remove those Dockerfile and directly run ghcr.io/parallaxsecond/parsec-service-test-all in your test script.

Originally posted by @hug-dev in #32 (comment)

In the Rust BasicClient, during the constructor we automatically choose the default provider and authenticator. See here.

They are choosen from the first entry of the ListProviders and ListAuthenticators commands. That way, once client have successfully generated on instance of the basic client, they can already start making secure crypto operations without any set-up needed 👌

It would be nice to have something similar in the Go client! I believe all the pieces are there, it would just need some logic.

actions are currently reporting a large number of static analisys errors (mostly relating to non-documentation of public api elements.

Refactor code to reduce number to zero (nolint directives as last resort)

Add shellcheck test to bash scripts in ci and makefile and ensure those are clean

Note that the first four fields:

• magic number
• header size
• major version number
• minor version number

will always have the same width and position on every Parsec request/response header, no matter the wire protocol version. It would then make sense to either separate them in their own structure or not include them in the wireHeader structure, which will be the one that is versioned. In the Rust interface, we put the rest in its own wire_header_1_0 module to make it easy to write the logic selecting the correct wire header format. Though we did not implement that logic yet, at least we have the building blocks 😋 you have some more info here

Originally posted by @hug-dev in #28 (comment)

Also consider this comment: #28 (comment)

rust client has a timout on the unix socket connection (of configurable length) which allows the client application to recover (i.e. detect failure and compensate if possible) if the parsec daemon is not responding. Go client needs same functionality - default of 1s likely sensible.

there are still a couple of unimplemented methods (operations_client.go, hash.go)- fix these and ensure we have unit tests for the methods and related methods

currently fixed to /run/parsec/parsec.sock, should be modifiable, possibly config file support?

based on current parsec ci test
add periodic build to ensure breakage does not go unnoticed again

mostly on the operations data (for encrypt decrypt ops), but also consider direct auth

Would it be possible to publish the Go client somewhere so that its documentation is visible? Something like that?

Hi @jn9e9!

I would like to propose you to have the Write role for both parsec-client-go and parsec-mock. With that role you will be able to help us maintain those repositories by being able to approve and merge pull-requests. Find here a more complete description of what the Write role permits.

More than fair since all of this code is yours 😄
Thanks for your work!!

In order to reduce chance of picking incorrect opcode in the operations_client.go, define it in an OpCode method attached to each request type.
Would it be possible to deduce the opcode from the type of request? As in have a method on each type of request to return the corresponding opcode? That would remove one parameter to operation

Originally posted by @hug-dev in #28 (comment)

File was copied from parsec e2e tests and contains a number of shellcheck errors - fix

ci testing follows same format as rust client in that it allows an end to end suite for all providers and individual test suites for each provider in turn.

Currently ci testing only supports the all providers variant - expand to do other providers individually.

Docker files and scripts are in place, but e2etest/scripts/ci.sh does not support yet, and we probably need to use build tags to control which tests to include.

The docker build now pulls from a common e2e image that is used for parsec. We could parameterise the go client local image to specify the required features to reduce the number of docker files in the e2e go client tests

Bring the repo up-to-date with new logos, CI, updated README.md.
Bring it to a working state so that it is tested with Parsec so that some operations are working.

Code coverage reporting is set up to use codecov.io, but is currently commented out in .github/workflows/build.yaml as there isn't an API key configured as a secret on the main parallaxsecond/parsec-client-go github repo.

To fix this, we will need to create an account on codecov.io for the project, and make it available to the actions a secret - once this is done, uncomment the relevant lines in .github/workflows/build.yaml

see parallaxsecond/parsec#375

Also I am thinking that for a Getting started guide, we could include examples of Go and Rust clients there, that people can browse and execute.

Originally posted by @hug-dev in #34 (comment)

including unit and ci testing