Merge branch 'master' into context-authority

Author: maraino

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -0,0 +1,56 @@
+name: Bug Report
+description: File a bug report
+title: "[Bug]: "
+labels: ["bug", "needs triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to Reproduce
+      description: Tell us how to reproduce this issue.
+      placeholder: These are the steps!
+    validations:
+      required: true
+  - type: textarea
+    id: your-env
+    attributes:
+      label: Your Environment
+      value: |-
+             * OS -
+             * `step-ca` Version -
+    validations:
+      required: true
+  - type: textarea
+    id: expected-behavior
+    attributes:
+      label: Expected Behavior
+      description: What did you expect to happen?
+    validations:
+      required: true
+  - type: textarea
+    id: actual-behavior
+    attributes:
+      label: Actual Behavior
+      description: What happens instead?
+    validations:
+      required: true
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional Context
+      description: Add any other context about the problem here.
+    validations:
+      required: false
+  - type: textarea
+    id: contributing
+    attributes:
+      label: Contributing
+      value: |
+             Vote on this issue by adding a 👍 reaction.
+             To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,12 +1,20 @@
 ---
 name: Documentation Request
 about: Request documentation for a feature
-title: ''
-labels: documentation, needs triage
+title: '[Docs]:'
+labels: docs, needs triage
 assignees: ''
 
 ---
 
+## Hello!
+<!-- Please leave this section as-is, it's designed to help others in the community know how to interact with our GitHub issues. -->
+
+- Vote on this issue by adding a 👍 reaction
+- If you want to document this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
+
+## Affected area/feature
+
 <!---
 Tell us which feature you'd like to see documented. 
  - Where would you like that documentation to live (command line usage output, website, github markdown on the repo)? 

.github/ISSUE_TEMPLATE/documentation-request.md

@@ -1,13 +1,24 @@
 ---
 name: Enhancement
-about: Suggest an enhancement to step certificates
+about: Suggest an enhancement to step-ca
 title: ''
 labels: enhancement, needs triage
 assignees: ''
 
 ---
 
-### What would you like to be added
+## Hello!
+<!-- Please leave this section as-is, 
+it's designed to help others in the community know how to interact with our GitHub issues. -->
 
+- Vote on this issue by adding a 👍 reaction
+- If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
 
-### Why this is needed
+## Issue details
+
+<!-- Enhancement requests are most helpful when they describe the problem you're having 
+as well as articulating the potential solution you'd like to see built. -->
+
+## Why is this needed?
+
+<!-- Let us know why you think this enhancement would be good for the project or community. -->

.github/ISSUE_TEMPLATE/enhancement.md

@@ -33,7 +33,7 @@ jobs:
         uses: golangci/golangci-lint-action@v2
         with:
           # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-          version: 'v1.45.0'
+          version: 'v1.45.2'
 
           # Optional: working directory, useful for monorepos
           # working-directory: somedir

.github/workflows/release.yml

@@ -33,7 +33,7 @@ jobs:
         uses: golangci/golangci-lint-action@v2
         with:
           # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-          version: 'v1.45.0'
+          version: 'v1.45.2'
 
           # Optional: working directory, useful for monorepos
           # working-directory: somedir

.github/workflows/test.yml

@@ -151,7 +151,7 @@ integration: bin/$(BINNAME)
 #########################################
 
 fmt:
-	$Q gofmt -l -w $(SRC)
+	$Q gofmt -l -s -w $(SRC)
 
 lint:
 	$Q golangci-lint run --timeout=30m

Makefile

@@ -49,7 +49,7 @@ func (a *Authority) StoreAdmin(ctx context.Context, adm *linkedca.Admin, prov pr
 		return admin.WrapErrorISE(err, "error creating admin")
 	}
 	if err := a.admins.Store(adm, prov); err != nil {
-		if err := a.reloadAdminResources(ctx); err != nil {
+		if err := a.ReloadAdminResources(ctx); err != nil {
 			return admin.WrapErrorISE(err, "error reloading admin resources on failed admin store")
 		}
 		return admin.WrapErrorISE(err, "error storing admin in authority cache")
@@ -66,7 +66,7 @@ func (a *Authority) UpdateAdmin(ctx context.Context, id string, nu *linkedca.Adm
 		return nil, admin.WrapErrorISE(err, "error updating cached admin %s", id)
 	}
 	if err := a.adminDB.UpdateAdmin(ctx, adm); err != nil {
-		if err := a.reloadAdminResources(ctx); err != nil {
+		if err := a.ReloadAdminResources(ctx); err != nil {
 			return nil, admin.WrapErrorISE(err, "error reloading admin resources on failed admin update")
 		}
 		return nil, admin.WrapErrorISE(err, "error updating admin %s", id)
@@ -88,7 +88,7 @@ func (a *Authority) removeAdmin(ctx context.Context, id string) error {
 		return admin.WrapErrorISE(err, "error removing admin %s from authority cache", id)
 	}
 	if err := a.adminDB.DeleteAdmin(ctx, id); err != nil {
-		if err := a.reloadAdminResources(ctx); err != nil {
+		if err := a.ReloadAdminResources(ctx); err != nil {
 			return admin.WrapErrorISE(err, "error reloading admin resources on failed admin remove")
 		}
 		return admin.WrapErrorISE(err, "error deleting admin %s", id)

authority/admins.go

@@ -84,8 +84,12 @@ type Authority struct {
 	policyEngine *policy.Engine
 
 	adminMutex sync.RWMutex
+
+	// Do Not initialize the authority
+	skipInit bool
 }
 
+// Info contains information about the authority.
 type Info struct {
 	StartTime          time.Time
 	RootX509Certs      []*x509.Certificate
@@ -113,9 +117,11 @@ func New(cfg *config.Config, opts ...Option) (*Authority, error) {
 		}
 	}
 
-	// Initialize authority from options or configuration.
-	if err := a.init(); err != nil {
-		return nil, err
+	if !a.skipInit {
+		// Initialize authority from options or configuration.
+		if err := a.init(); err != nil {
+			return nil, err
+		}
 	}
 
 	return a, nil
@@ -151,9 +157,11 @@ func NewEmbedded(opts ...Option) (*Authority, error) {
 	// Initialize config required fields.
 	a.config.Init()
 
-	// Initialize authority from options or configuration.
-	if err := a.init(); err != nil {
-		return nil, err
+	if !a.skipInit {
+		// Initialize authority from options or configuration.
+		if err := a.init(); err != nil {
+			return nil, err
+		}
 	}
 
 	return a, nil
@@ -182,8 +190,8 @@ func MustFromContext(ctx context.Context) *Authority {
 	}
 }
 
-// reloadAdminResources reloads admins and provisioners from the DB.
-func (a *Authority) reloadAdminResources(ctx context.Context) error {
+// ReloadAdminResources reloads admins and provisioners from the DB.
+func (a *Authority) ReloadAdminResources(ctx context.Context) error {
 	var (
 		provList  provisioner.List
 		adminList []*linkedca.Admin
@@ -582,7 +590,7 @@ func (a *Authority) init() error {
 	}
 
 	// Load Provisioners and Admins
-	if err := a.reloadAdminResources(ctx); err != nil {
+	if err := a.ReloadAdminResources(context.Background()); err != nil {
 		return err
 	}
 
@@ -632,6 +640,12 @@ func (a *Authority) GetAdminDatabase() admin.DB {
 	return a.adminDB
 }
 
+// GetConfig returns the config.
+func (a *Authority) GetConfig() *config.Config {
+	return a.config
+}
+
+// GetInfo returns information about the authority.
 func (a *Authority) GetInfo() Info {
 	ai := Info{
 		StartTime:     a.startTime,

authority/authority.go

@@ -1034,7 +1034,7 @@ func TestAuthority_authorizeSSHSign(t *testing.T) {
 				}
 			} else {
 				if assert.Nil(t, tc.err) {
-					assert.Len(t, 8, got) // number of provisioner.SignOptions returned
+					assert.Len(t, 9, got) // number of provisioner.SignOptions returned
 				}
 			}
 		})