Merge pull request #58 from spiffe/feature/sdk-update

YOLO!

update sdk usage

app/demo/cmd/main.go

@@ -5,41 +5,34 @@
 package main
 
 import (
-	"context"
 	"fmt"
 
 	spike "github.com/spiffe/spike-sdk-go/api"
-	"github.com/spiffe/spike-sdk-go/spiffe"
 )
 
 func main() {
-	// Create a context.
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
+	api := spike.New() // Use the default Workload API Socket
+	defer api.Close()  // Close the connection when done
 
-	// Initialize the SPIFFE endpoint socket.
-	defaultEndpointSocket := spiffe.EndpointSocket()
+	path := "/tenants/demo/db/creds"
+	version := 0
 
-	// Initialize the SPIFFE source.
-	source, spiffeid, err := spiffe.Source(ctx, defaultEndpointSocket)
+	// Create a Secret
+	err := api.PutSecret(path, map[string]string{
+		"username": "SPIKE",
+		"password": "SPIKE_Rocks",
+	})
 	if err != nil {
-		fmt.Println(err.Error())
+		fmt.Println("Error writing secret:", err.Error())
 		return
 	}
 
-	// Close the SPIFFE source when done.
-	defer spiffe.CloseSource(source)
-
-	fmt.Println("SPIFFE ID:", spiffeid)
-
-	//
-	// Retrieve a secret using SPIKE SDK.
-	//
-
-	path := "/tenants/demo/db/creds"
-	version := 0
+	// TODO: maybe GetSecret should not have a `version` parameter
+	// and an override should be used instead for versioned secret gets.
+	// as in api.GetSecretVersioned(path, version)
 
-	secret, err := spike.GetSecret(source, path, version)
+	// Read the Secret
+	secret, err := api.GetSecret(path, version)
 	if err != nil {
 		fmt.Println("Error reading secret:", err.Error())
 		return

app/keeper/cmd/main.go

@@ -8,14 +8,15 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/spiffe/spike-sdk-go/spiffe"
+
 	"github.com/spiffe/spike/app/keeper/internal/env"
 	"github.com/spiffe/spike/app/keeper/internal/route/handle"
 	"github.com/spiffe/spike/app/keeper/internal/trust"
 	"github.com/spiffe/spike/internal/auth"
 	"github.com/spiffe/spike/internal/config"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 const appName = "SPIKE Keeper"
@@ -26,7 +27,7 @@ func main() {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 
-	source, spiffeid, err := spiffe.AppSpiffeSource(ctx)
+	source, spiffeid, err := spiffe.Source(ctx, spiffe.EndpointSocket())
 	if err != nil {
 		log.FatalLn(err.Error())
 	}

app/nexus/cmd/main.go

@@ -10,6 +10,8 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/spiffe/spike-sdk-go/spiffe"
+
 	"github.com/spiffe/spike/app/nexus/internal/env"
 	"github.com/spiffe/spike/app/nexus/internal/poll"
 	"github.com/spiffe/spike/app/nexus/internal/route/handle"
@@ -19,7 +21,6 @@ import (
 	"github.com/spiffe/spike/internal/config"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 const appName = "SPIKE Nexus"
@@ -30,7 +31,7 @@ func main() {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 
-	source, spiffeid, err := spiffe.AppSpiffeSource(ctx)
+	source, spiffeid, err := spiffe.Source(ctx, spiffe.EndpointSocket())
 	if err != nil {
 		log.Fatal(err.Error())
 	}

app/nexus/internal/route/acl/policy/create.go

@@ -5,17 +5,17 @@
 package policy
 
 import (
-	"github.com/spiffe/spike-sdk-go/api/errors"
 	"net/http"
 	"time"
 
 	"github.com/spiffe/spike-sdk-go/api/entity/data"
 	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
+	"github.com/spiffe/spike-sdk-go/api/errors"
+	"github.com/spiffe/spike-sdk-go/spiffe"
 
 	state "github.com/spiffe/spike/app/nexus/internal/state/base"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 // RoutePutPolicy handles HTTP PUT requests for creating new policies.

app/nexus/internal/route/acl/policy/delete.go

@@ -10,11 +10,11 @@ import (
 	"github.com/spiffe/spike-sdk-go/api/entity/data"
 	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
 	"github.com/spiffe/spike-sdk-go/api/errors"
+	"github.com/spiffe/spike-sdk-go/spiffe"
 
 	state "github.com/spiffe/spike/app/nexus/internal/state/base"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 // RouteDeletePolicy handles HTTP DELETE requests to remove existing policies.

app/nexus/internal/route/acl/policy/list.go

@@ -10,11 +10,11 @@ import (
 	"github.com/spiffe/spike-sdk-go/api/entity/data"
 	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
 	"github.com/spiffe/spike-sdk-go/api/errors"
+	"github.com/spiffe/spike-sdk-go/spiffe"
 
 	state "github.com/spiffe/spike/app/nexus/internal/state/base"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 // RouteListPolicies handles HTTP requests to retrieve all existing policies.

app/nexus/internal/route/acl/policy/read.go

@@ -11,11 +11,11 @@ import (
 	"github.com/spiffe/spike-sdk-go/api/entity/data"
 	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
 	apiErr "github.com/spiffe/spike-sdk-go/api/errors"
+	"github.com/spiffe/spike-sdk-go/spiffe"
 
 	state "github.com/spiffe/spike/app/nexus/internal/state/base"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 // RouteGetPolicy handles HTTP requests to retrieve a specific policy by its ID.

app/nexus/internal/route/auth/initialization/route.go

@@ -10,11 +10,11 @@ import (
 	"github.com/spiffe/spike-sdk-go/api/entity/data"
 	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
 	"github.com/spiffe/spike-sdk-go/api/errors"
+	"github.com/spiffe/spike-sdk-go/spiffe"
 
 	state "github.com/spiffe/spike/app/nexus/internal/state/base"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 // RouteInitCheck handles HTTP requests to check the initialization state of

app/nexus/internal/route/store/secret/delete.go

@@ -10,11 +10,11 @@ import (
 	"github.com/spiffe/spike-sdk-go/api/entity/data"
 	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
 	"github.com/spiffe/spike-sdk-go/api/errors"
+	"github.com/spiffe/spike-sdk-go/spiffe"
 
 	state "github.com/spiffe/spike/app/nexus/internal/state/base"
 	"github.com/spiffe/spike/internal/log"
 	"github.com/spiffe/spike/internal/net"
-	"github.com/spiffe/spike/pkg/spiffe"
 )
 
 // RouteDeleteSecret handles HTTP DELETE requests for secret deletion

app/nexus/internal/route/store/secret/errors.go

@@ -0,0 +1,48 @@
+//    \\ SPIKE: Secure your secrets with SPIFFE.
+//  \\\\\ Copyright 2024-present SPIKE contributors.
+// \\\\\\\ SPDX-License-Identifier: Apache-2.0
+
+package secret
+
+import (
+	"errors"
+	"net/http"
+
+	"github.com/spiffe/spike-sdk-go/api/entity/data"
+	"github.com/spiffe/spike-sdk-go/api/entity/v1/reqres"
+
+	"github.com/spiffe/spike/internal/log"
+	"github.com/spiffe/spike/internal/net"
+	"github.com/spiffe/spike/pkg/store"
+)
+
+func handleGetSecretError(err error, w http.ResponseWriter) error {
+	// TODO: maybe reuse this in getSecret too -- currently only getsecretmeta uses it.
+
+	fName := "handleGetSecretError"
+
+	if errors.Is(err, store.ErrSecretNotFound) {
+		log.Log().Info(fName, "msg", "Secret not found")
+
+		res := reqres.SecretReadResponse{Err: data.ErrNotFound}
+		responseBody := net.MarshalBody(res, w)
+		if responseBody == nil {
+			return errors.New("failed to marshal response body")
+		}
+
+		net.Respond(http.StatusNotFound, responseBody, w)
+		return nil
+	}
+
+	log.Log().Info(fName, "msg",
+		"Failed to retrieve secret", "err", err)
+	responseBody := net.MarshalBody(reqres.SecretReadResponse{
+		Err: "Internal server error"}, w,
+	)
+	if responseBody == nil {
+		return errors.New("failed to marshal response body")
+	}
+
+	net.Respond(http.StatusInternalServerError, responseBody, w)
+	return err
+}