From a0aec357f72ec4d72037f65d40e087bcbee0566a Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 8 Apr 2025 12:35:33 +0000 Subject: [PATCH 1/9] rename top level package to tesseract # Conflicts: # cmd/aws/main.go # cmd/gcp/main.go # Conflicts: # doc.go # Conflicts: # cmd/aws/main.go # cmd/gcp/main.go # Conflicts: # cmd/gcp/main.go --- cmd/aws/main.go | 6 +++--- cmd/gcp/main.go | 6 +++--- ctlog.go | 2 +- ctlog_test.go | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cmd/aws/main.go b/cmd/aws/main.go index 482b1e46..df4c2bef 100644 --- a/cmd/aws/main.go +++ b/cmd/aws/main.go @@ -28,7 +28,7 @@ import ( "time" "github.com/go-sql-driver/mysql" - sctfe "github.com/transparency-dev/static-ct" + tesseract "github.com/transparency-dev/static-ct" "github.com/transparency-dev/static-ct/storage" awsSCTFE "github.com/transparency-dev/static-ct/storage/aws" "github.com/transparency-dev/static-ct/storage/bbolt" @@ -81,7 +81,7 @@ func main() { klog.Exitf("Can't create AWS Secrets Manager signer: %v", err) } - chainValidationConfig := sctfe.ChainValidationConfig{ + chainValidationConfig := tesseract.ChainValidationConfig{ RootsPEMFile: *rootsPemFile, RejectExpired: *rejectExpired, RejectUnexpired: *rejectUnexpired, @@ -91,7 +91,7 @@ func main() { NotAfterLimit: notAfterLimit.t, } - logHandler, err := sctfe.NewLogHandler(ctx, *origin, signer, chainValidationConfig, newAWSStorage, *httpDeadline, *maskInternalErrors) + logHandler, err := tesseract.NewLogHandler(ctx, *origin, signer, chainValidationConfig, newAWSStorage, *httpDeadline, *maskInternalErrors) if err != nil { klog.Exitf("Can't initialize CT HTTP Server: %v", err) } diff --git a/cmd/gcp/main.go b/cmd/gcp/main.go index 2478338d..b7f36ebd 100644 --- a/cmd/gcp/main.go +++ b/cmd/gcp/main.go @@ -28,7 +28,7 @@ import ( "syscall" "time" - sctfe "github.com/transparency-dev/static-ct" + tesseract "github.com/transparency-dev/static-ct" "github.com/transparency-dev/static-ct/storage" gcpSCTFE "github.com/transparency-dev/static-ct/storage/gcp" tessera "github.com/transparency-dev/trillian-tessera" @@ -78,7 +78,7 @@ func main() { klog.Exitf("Can't create secret manager signer: %v", err) } - chainValidationConfig := sctfe.ChainValidationConfig{ + chainValidationConfig := tesseract.ChainValidationConfig{ RootsPEMFile: *rootsPemFile, RejectExpired: *rejectExpired, RejectUnexpired: *rejectUnexpired, @@ -88,7 +88,7 @@ func main() { NotAfterLimit: notAfterLimit.t, } - logHandler, err := sctfe.NewLogHandler(ctx, *origin, signer, chainValidationConfig, newGCPStorage, *httpDeadline, *maskInternalErrors) + logHandler, err := tesseract.NewLogHandler(ctx, *origin, signer, chainValidationConfig, newGCPStorage, *httpDeadline, *maskInternalErrors) if err != nil { klog.Exitf("Can't initialize CT HTTP Server: %v", err) } diff --git a/ctlog.go b/ctlog.go index 6afbcc15..ac9c00ec 100644 --- a/ctlog.go +++ b/ctlog.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package sctfe +package tesseract import ( "context" diff --git a/ctlog_test.go b/ctlog_test.go index a64106aa..e2f6d781 100644 --- a/ctlog_test.go +++ b/ctlog_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package sctfe +package tesseract import ( "strings" From 752a7c8e39aac838a3d77c854eaefe4f56e2fa7e Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 8 Apr 2025 12:43:49 +0000 Subject: [PATCH 2/9] rename sctfe to tesseract in docker --- cmd/aws/Dockerfile | 6 +++--- cmd/aws/ci/Dockerfile | 8 ++++---- cmd/gcp/Dockerfile | 6 +++--- cmd/gcp/ci/Dockerfile | 8 ++++---- cmd/gcp/staging/Dockerfile | 8 ++++---- .../live/gcp/static-ct-staging/logs/arche2025h1/README.md | 2 +- deployment/live/gcp/static-ct/logs/ci/README.md | 2 +- 7 files changed, 20 insertions(+), 20 deletions(-) diff --git a/cmd/aws/Dockerfile b/cmd/aws/Dockerfile index 068d2006..b05af3b8 100644 --- a/cmd/aws/Dockerfile +++ b/cmd/aws/Dockerfile @@ -15,11 +15,11 @@ RUN go mod download COPY . . # Build the application -RUN go build -o bin/sctfe-aws ./cmd/aws +RUN go build -o bin/tesseract-aws ./cmd/aws # Build release image FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c -COPY --from=builder /build/bin/sctfe-aws /bin/sctfe-aws +COPY --from=builder /build/bin/tesseract-aws /bin/tesseract-aws -ENTRYPOINT ["/bin/sctfe-aws"] +ENTRYPOINT ["/bin/tesseract-aws"] diff --git a/cmd/aws/ci/Dockerfile b/cmd/aws/ci/Dockerfile index 9e9fab00..76030de0 100644 --- a/cmd/aws/ci/Dockerfile +++ b/cmd/aws/ci/Dockerfile @@ -1,4 +1,4 @@ -FROM sctfe-aws:latest AS base +FROM tesseract-aws:latest AS base # Build release image FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c @@ -6,7 +6,7 @@ FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff45 # Copy the hammer test root CA certificate into the container COPY ./internal/hammer/testdata/test_root_ca_cert.pem /bin/ -# Copy the sctfe-aws binary -COPY --from=base /bin/sctfe-aws /bin/ +# Copy the tesseract-aws binary +COPY --from=base /bin/tesseract-aws /bin/ -ENTRYPOINT ["/bin/sctfe-aws"] +ENTRYPOINT ["/bin/tesseract-aws"] diff --git a/cmd/gcp/Dockerfile b/cmd/gcp/Dockerfile index 23d78d32..703c66ce 100644 --- a/cmd/gcp/Dockerfile +++ b/cmd/gcp/Dockerfile @@ -15,11 +15,11 @@ RUN go mod download COPY . . # Build the application -RUN go build -o bin/sctfe-gcp ./cmd/gcp +RUN go build -o bin/tesseract-gcp ./cmd/gcp # Build release image FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c -COPY --from=builder /build/bin/sctfe-gcp /bin/sctfe-gcp +COPY --from=builder /build/bin/tesseract-gcp /bin/tesseract-gcp -ENTRYPOINT ["/bin/sctfe-gcp"] +ENTRYPOINT ["/bin/tesseract-gcp"] diff --git a/cmd/gcp/ci/Dockerfile b/cmd/gcp/ci/Dockerfile index 0da764c3..57114f17 100644 --- a/cmd/gcp/ci/Dockerfile +++ b/cmd/gcp/ci/Dockerfile @@ -1,4 +1,4 @@ -FROM sctfe-gcp:latest AS base +FROM tesseract-gcp:latest AS base # Build release image FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c @@ -6,7 +6,7 @@ FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff45 # Copy the hammer test root CA certificate into the container COPY ./internal/hammer/testdata/test_root_ca_cert.pem /bin/ -# Copy the sctfe-gcp binary -COPY --from=base /bin/sctfe-gcp /bin/ +# Copy the tesseract-gcp binary +COPY --from=base /bin/tesseract-gcp /bin/ -ENTRYPOINT ["/bin/sctfe-gcp"] +ENTRYPOINT ["/bin/tesseract-gcp"] diff --git a/cmd/gcp/staging/Dockerfile b/cmd/gcp/staging/Dockerfile index 4368fd81..f5a9e4ea 100644 --- a/cmd/gcp/staging/Dockerfile +++ b/cmd/gcp/staging/Dockerfile @@ -1,4 +1,4 @@ -FROM sctfe-gcp:latest AS base +FROM tesseract-gcp:latest AS base # Build release image FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c @@ -7,7 +7,7 @@ FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff45 # TODO(phbnf): use a better name without test, right now this is what works with main.tf COPY ./deployment/live/gcp/static-ct-staging/logs/arche2025h1/roots.pem /bin/test_root_ca_cert.pem -# Copy the sctfe-gcp binary -COPY --from=base /bin/sctfe-gcp /bin/ +# Copy the tesseract-gcp binary +COPY --from=base /bin/tesseract-gcp /bin/ -ENTRYPOINT ["/bin/sctfe-gcp"] +ENTRYPOINT ["/bin/tesseract-gcp"] diff --git a/deployment/live/gcp/static-ct-staging/logs/arche2025h1/README.md b/deployment/live/gcp/static-ct-staging/logs/arche2025h1/README.md index d9ce0c23..f6f916c7 100644 --- a/deployment/live/gcp/static-ct-staging/logs/arche2025h1/README.md +++ b/deployment/live/gcp/static-ct-staging/logs/arche2025h1/README.md @@ -51,7 +51,7 @@ Build and push the Docker image to Artifact Registry repository: ```sh gcloud auth configure-docker ${GOOGLE_REGION}-docker.pkg.dev -docker build -f ./cmd/gcp/Dockerfile -t sctfe-gcp:latest . +docker build -f ./cmd/gcp/Dockerfile -t tesseract-gcp:latest . docker build -f ./cmd/gcp/staging/Dockerfile -t conformance-gcp:latest . docker tag conformance-gcp:latest ${GOOGLE_REGION}-docker.pkg.dev/${GOOGLE_PROJECT}/docker-staging/conformance-gcp:latest docker push ${GOOGLE_REGION}-docker.pkg.dev/${GOOGLE_PROJECT}/docker-staging/conformance-gcp diff --git a/deployment/live/gcp/static-ct/logs/ci/README.md b/deployment/live/gcp/static-ct/logs/ci/README.md index 3e6aa96d..13f34e09 100644 --- a/deployment/live/gcp/static-ct/logs/ci/README.md +++ b/deployment/live/gcp/static-ct/logs/ci/README.md @@ -40,7 +40,7 @@ Build and push the Docker image to Artifact Registry repository: ```sh gcloud auth configure-docker ${GOOGLE_REGION}-docker.pkg.dev -docker build -f ./cmd/gcp/Dockerfile -t sctfe-gcp:latest . +docker build -f ./cmd/gcp/Dockerfile -t tesseract-gcp:latest . docker build -f ./cmd/gcp/ci/Dockerfile -t conformance-gcp:latest . docker tag conformance-gcp:latest ${GOOGLE_REGION}-docker.pkg.dev/${GOOGLE_PROJECT}/docker-ci/conformance-gcp:latest docker push ${GOOGLE_REGION}-docker.pkg.dev/${GOOGLE_PROJECT}/docker-ci/conformance-gcp From 6ab8e7f137d973c62941b219ffcdd7f435da581c Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 8 Apr 2025 13:41:51 +0000 Subject: [PATCH 3/9] edit comments --- README.md | 4 ++-- ctlog.go | 2 +- modules/README.md | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 94304814..5e29daa8 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# SCTFE +# TesseraCT [![Go Report Card](https://goreportcard.com/badge/github.com/transparency-dev/static-ct)](https://goreportcard.com/report/github.com/transparency-dev/static-ct) [![Slack Status](https://img.shields.io/badge/Slack-Chat-blue.svg)](https://transparency-dev.slack.com/) @@ -11,7 +11,7 @@ to store data. It is based on It is under active development. ## Deployment -Each Tessera storage backend needs its own SCTFE binary. +Each Tessera storage backend needs its own TesseraCT binary. At the moment, these storage backends are supported: diff --git a/ctlog.go b/ctlog.go index ac9c00ec..fe0f7e64 100644 --- a/ctlog.go +++ b/ctlog.go @@ -40,7 +40,7 @@ type ChainValidationConfig struct { // checked against the current time during the validation of submissions. // This will cause expired certificates to be rejected. RejectExpired bool - // RejectUnexpired controls if the SCTFE rejects certificates that are + // RejectUnexpired controls if TesseraCT rejects certificates that are // either currently valid or not yet valid. // TODO(phboneff): evaluate whether we need to keep this one. RejectUnexpired bool diff --git a/modules/README.md b/modules/README.md index 1fecdb35..c73e698c 100644 --- a/modules/README.md +++ b/modules/README.md @@ -2,4 +2,4 @@ This directory contains modules that Tessera Personality can link to get extra functionalities. -TODO: move out of the SCTFE directory once we've sorted out repo structure for personalities \ No newline at end of file +TODO: move out of this directory once we've sorted out repo structure for personalities \ No newline at end of file From ebee7eefc02aa43b4a0b39384c938ff6428314c4 Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 15 Apr 2025 15:53:56 +0000 Subject: [PATCH 4/9] s/scti/tcti --- ctlog.go | 20 +++++++++---------- internal/{scti => tcti}/chain_validation.go | 2 +- .../{scti => tcti}/chain_validation_test.go | 2 +- internal/{scti => tcti}/ctlog.go | 2 +- internal/{scti => tcti}/ctlog_test.go | 2 +- internal/{scti => tcti}/handlers.go | 2 +- internal/{scti => tcti}/handlers_test.go | 2 +- internal/{scti => tcti}/otel.go | 4 ++-- internal/{scti => tcti}/requestlog.go | 2 +- internal/{scti => tcti}/signatures.go | 2 +- internal/{scti => tcti}/signatures_test.go | 2 +- internal/{scti => tcti}/timesource.go | 2 +- .../{scti => tcti}/timesource_export_test.go | 2 +- storage/storage.go | 2 +- 14 files changed, 24 insertions(+), 24 deletions(-) rename internal/{scti => tcti}/chain_validation.go (99%) rename internal/{scti => tcti}/chain_validation_test.go (99%) rename internal/{scti => tcti}/ctlog.go (99%) rename internal/{scti => tcti}/ctlog_test.go (99%) rename internal/{scti => tcti}/handlers.go (99%) rename internal/{scti => tcti}/handlers_test.go (99%) rename internal/{scti => tcti}/otel.go (93%) rename internal/{scti => tcti}/requestlog.go (99%) rename internal/{scti => tcti}/signatures.go (99%) rename internal/{scti => tcti}/signatures_test.go (99%) rename internal/{scti => tcti}/timesource.go (98%) rename internal/{scti => tcti}/timesource_export_test.go (98%) diff --git a/ctlog.go b/ctlog.go index fe0f7e64..96326a73 100644 --- a/ctlog.go +++ b/ctlog.go @@ -25,7 +25,7 @@ import ( "strings" "time" - "github.com/transparency-dev/static-ct/internal/scti" + "github.com/transparency-dev/static-ct/internal/tcti" "github.com/transparency-dev/static-ct/internal/x509util" "github.com/transparency-dev/static-ct/storage" ) @@ -62,7 +62,7 @@ type ChainValidationConfig struct { NotAfterLimit *time.Time } -// systemTimeSource implments scti.TimeSource. +// systemTimeSource implements tcti.TimeSource. type systemTimeSource struct{} // Now returns the true current local time. @@ -74,7 +74,7 @@ var sysTimeSource = systemTimeSource{} // newChainValidator checks that a chain validation config is valid, // parses it, and loads resources to validate chains. -func newChainValidator(cfg ChainValidationConfig) (scti.ChainValidator, error) { +func newChainValidator(cfg ChainValidationConfig) (tcti.ChainValidator, error) { // Load the trusted roots. if cfg.RootsPEMFile == "" { return nil, errors.New("empty rootsPemFile") @@ -98,7 +98,7 @@ func newChainValidator(cfg ChainValidationConfig) (scti.ChainValidator, error) { // Filter which extended key usages are allowed. if cfg.ExtKeyUsages != "" { lExtKeyUsages := strings.Split(cfg.ExtKeyUsages, ",") - extKeyUsages, err = scti.ParseExtKeyUsages(lExtKeyUsages) + extKeyUsages, err = tcti.ParseExtKeyUsages(lExtKeyUsages) if err != nil { return nil, fmt.Errorf("failed to parse ExtKeyUsages: %v", err) } @@ -108,13 +108,13 @@ func newChainValidator(cfg ChainValidationConfig) (scti.ChainValidator, error) { // Filter which extensions are rejected. if cfg.RejectExtensions != "" { lRejectExtensions := strings.Split(cfg.RejectExtensions, ",") - rejectExtIds, err = scti.ParseOIDs(lRejectExtensions) + rejectExtIds, err = tcti.ParseOIDs(lRejectExtensions) if err != nil { return nil, fmt.Errorf("failed to parse RejectExtensions: %v", err) } } - cv := scti.NewChainValidator(roots, cfg.RejectExpired, cfg.RejectUnexpired, cfg.NotAfterStart, cfg.NotAfterLimit, extKeyUsages, rejectExtIds) + cv := tcti.NewChainValidator(roots, cfg.RejectExpired, cfg.RejectUnexpired, cfg.NotAfterStart, cfg.NotAfterLimit, extKeyUsages, rejectExtIds) return &cv, nil } @@ -126,19 +126,19 @@ func NewLogHandler(ctx context.Context, origin string, signer crypto.Signer, cfg if err != nil { return nil, fmt.Errorf("newCertValidationOpts(): %v", err) } - log, err := scti.NewLog(ctx, origin, signer, cv, cs, sysTimeSource) + log, err := tcti.NewLog(ctx, origin, signer, cv, cs, sysTimeSource) if err != nil { return nil, fmt.Errorf("newLog(): %v", err) } - opts := &scti.HandlerOptions{ + opts := &tcti.HandlerOptions{ Deadline: httpDeadline, - RequestLog: &scti.DefaultRequestLog{}, + RequestLog: &tcti.DefaultRequestLog{}, MaskInternalErrors: maskInternalErrors, TimeSource: sysTimeSource, } - handlers := scti.NewPathHandlers(ctx, opts, log) + handlers := tcti.NewPathHandlers(ctx, opts, log) mux := http.NewServeMux() // Register handlers for all the configured logs. for path, handler := range handlers { diff --git a/internal/scti/chain_validation.go b/internal/tcti/chain_validation.go similarity index 99% rename from internal/scti/chain_validation.go rename to internal/tcti/chain_validation.go index 234a132c..6c8c4bbe 100644 --- a/internal/scti/chain_validation.go +++ b/internal/tcti/chain_validation.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "bytes" diff --git a/internal/scti/chain_validation_test.go b/internal/tcti/chain_validation_test.go similarity index 99% rename from internal/scti/chain_validation_test.go rename to internal/tcti/chain_validation_test.go index b9446316..73c02873 100644 --- a/internal/scti/chain_validation_test.go +++ b/internal/tcti/chain_validation_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "crypto/x509" diff --git a/internal/scti/ctlog.go b/internal/tcti/ctlog.go similarity index 99% rename from internal/scti/ctlog.go rename to internal/tcti/ctlog.go index 1a90cb2f..63eb2678 100644 --- a/internal/scti/ctlog.go +++ b/internal/tcti/ctlog.go @@ -1,4 +1,4 @@ -package scti +package tcti import ( "context" diff --git a/internal/scti/ctlog_test.go b/internal/tcti/ctlog_test.go similarity index 99% rename from internal/scti/ctlog_test.go rename to internal/tcti/ctlog_test.go index d2fcfb0f..6045785c 100644 --- a/internal/scti/ctlog_test.go +++ b/internal/tcti/ctlog_test.go @@ -1,4 +1,4 @@ -package scti +package tcti import ( "context" diff --git a/internal/scti/handlers.go b/internal/tcti/handlers.go similarity index 99% rename from internal/scti/handlers.go rename to internal/tcti/handlers.go index dd8b07d5..f56e2a5a 100644 --- a/internal/scti/handlers.go +++ b/internal/tcti/handlers.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "context" diff --git a/internal/scti/handlers_test.go b/internal/tcti/handlers_test.go similarity index 99% rename from internal/scti/handlers_test.go rename to internal/tcti/handlers_test.go index c56b689d..30d3e2bd 100644 --- a/internal/scti/handlers_test.go +++ b/internal/tcti/handlers_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "bufio" diff --git a/internal/scti/otel.go b/internal/tcti/otel.go similarity index 93% rename from internal/scti/otel.go rename to internal/tcti/otel.go index 3a604bb6..53738bae 100644 --- a/internal/scti/otel.go +++ b/internal/tcti/otel.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "go.opentelemetry.io/otel" @@ -20,7 +20,7 @@ import ( "k8s.io/klog/v2" ) -const name = "github.com/transparency-dev/static-ct/internal/scti" +const name = "github.com/transparency-dev/static-ct/internal/tcti" var ( meter = otel.Meter(name) diff --git a/internal/scti/requestlog.go b/internal/tcti/requestlog.go similarity index 99% rename from internal/scti/requestlog.go rename to internal/tcti/requestlog.go index 291e5f9e..85f3cde1 100644 --- a/internal/scti/requestlog.go +++ b/internal/tcti/requestlog.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "context" diff --git a/internal/scti/signatures.go b/internal/tcti/signatures.go similarity index 99% rename from internal/scti/signatures.go rename to internal/tcti/signatures.go index e362b629..04c0d1ed 100644 --- a/internal/scti/signatures.go +++ b/internal/tcti/signatures.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "crypto" diff --git a/internal/scti/signatures_test.go b/internal/tcti/signatures_test.go similarity index 99% rename from internal/scti/signatures_test.go rename to internal/tcti/signatures_test.go index 04e2e16d..95a3501f 100644 --- a/internal/scti/signatures_test.go +++ b/internal/tcti/signatures_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import ( "bytes" diff --git a/internal/scti/timesource.go b/internal/tcti/timesource.go similarity index 98% rename from internal/scti/timesource.go rename to internal/tcti/timesource.go index e0ca9399..bd8d2701 100644 --- a/internal/scti/timesource.go +++ b/internal/tcti/timesource.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import "time" diff --git a/internal/scti/timesource_export_test.go b/internal/tcti/timesource_export_test.go similarity index 98% rename from internal/scti/timesource_export_test.go rename to internal/tcti/timesource_export_test.go index efdef6ce..957b3db3 100644 --- a/internal/scti/timesource_export_test.go +++ b/internal/tcti/timesource_export_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package scti +package tcti import "time" diff --git a/storage/storage.go b/storage/storage.go index be4798b9..258e2a91 100644 --- a/storage/storage.go +++ b/storage/storage.go @@ -49,7 +49,7 @@ type IssuerStorage interface { AddIssuersIfNotExist(ctx context.Context, kv []KV) error } -// CTStorage implements scti.Storage. +// CTStorage implements tcti.Storage. type CTStorage struct { storeData func(context.Context, *ctonly.Entry) tessera.IndexFuture storeIssuers func(context.Context, []KV) error From a633aaa5208ea575bc404e2ca912033dc33646f2 Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 15 Apr 2025 16:04:08 +0000 Subject: [PATCH 5/9] rename imports in binaries --- cmd/aws/main.go | 4 ++-- cmd/gcp/main.go | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cmd/aws/main.go b/cmd/aws/main.go index df4c2bef..d4a92340 100644 --- a/cmd/aws/main.go +++ b/cmd/aws/main.go @@ -30,7 +30,7 @@ import ( "github.com/go-sql-driver/mysql" tesseract "github.com/transparency-dev/static-ct" "github.com/transparency-dev/static-ct/storage" - awsSCTFE "github.com/transparency-dev/static-ct/storage/aws" + awsTesseract "github.com/transparency-dev/static-ct/storage/aws" "github.com/transparency-dev/static-ct/storage/bbolt" tessera "github.com/transparency-dev/trillian-tessera" awsTessera "github.com/transparency-dev/trillian-tessera/storage/aws" @@ -154,7 +154,7 @@ func newAWSStorage(ctx context.Context, signer note.Signer) (*storage.CTStorage, return nil, fmt.Errorf("failed to initialize AWS Tessera storage: %v", err) } - issuerStorage, err := awsSCTFE.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") + issuerStorage, err := awsTesseract.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") if err != nil { return nil, fmt.Errorf("failed to initialize AWS issuer storage: %v", err) } diff --git a/cmd/gcp/main.go b/cmd/gcp/main.go index b7f36ebd..440b23b6 100644 --- a/cmd/gcp/main.go +++ b/cmd/gcp/main.go @@ -30,7 +30,7 @@ import ( tesseract "github.com/transparency-dev/static-ct" "github.com/transparency-dev/static-ct/storage" - gcpSCTFE "github.com/transparency-dev/static-ct/storage/gcp" + gcpTesseract "github.com/transparency-dev/static-ct/storage/gcp" tessera "github.com/transparency-dev/trillian-tessera" gcpTessera "github.com/transparency-dev/trillian-tessera/storage/gcp" "golang.org/x/mod/sumdb/note" @@ -168,12 +168,12 @@ func newGCPStorage(ctx context.Context, signer note.Signer) (*storage.CTStorage, return nil, fmt.Errorf("failed to initialize GCP Tessera appender: %v", err) } - issuerStorage, err := gcpSCTFE.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") + issuerStorage, err := gcpTesseract.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") if err != nil { return nil, fmt.Errorf("failed to initialize GCP issuer storage: %v", err) } - beDedupStorage, err := gcpSCTFE.NewDedupeStorage(ctx, *spannerDedupDB) + beDedupStorage, err := gcpTesseract.NewDedupeStorage(ctx, *spannerDedupDB) if err != nil { return nil, fmt.Errorf("failed to initialize GCP Spanner deduplication database: %v", err) } From 7d9b4ad4b6a6f667a06dbd527998c02c079a0519 Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 15 Apr 2025 16:09:25 +0000 Subject: [PATCH 6/9] dedup --- storage/gcp/dedup.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/storage/gcp/dedup.go b/storage/gcp/dedup.go index df8a57c7..36408a73 100644 --- a/storage/gcp/dedup.go +++ b/storage/gcp/dedup.go @@ -50,7 +50,7 @@ func NewDedupeStorage(ctx context.Context, spannerDB string) (*DedupStorage, err }, nil } -// DedupStorage is a GCP Spanner based dedup storage implementation for SCTFE. +// DedupStorage is a GCP Spanner based dedup storage implementation for TesseraCT. type DedupStorage struct { dbPool *spanner.Client } From 1d78934916f8444bb9d0687cfb0a0aadc465d108 Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 15 Apr 2025 16:46:54 +0000 Subject: [PATCH 7/9] s/tcti/ct --- ctlog.go | 20 +++++++++---------- internal/{tcti => ct}/chain_validation.go | 2 +- .../{tcti => ct}/chain_validation_test.go | 2 +- internal/{tcti => ct}/ctlog.go | 2 +- internal/{tcti => ct}/ctlog_test.go | 2 +- internal/{tcti => ct}/handlers.go | 2 +- internal/{tcti => ct}/handlers_test.go | 2 +- internal/{tcti => ct}/otel.go | 4 ++-- internal/{tcti => ct}/requestlog.go | 2 +- internal/{tcti => ct}/signatures.go | 2 +- internal/{tcti => ct}/signatures_test.go | 2 +- internal/{tcti => ct}/timesource.go | 2 +- .../{tcti => ct}/timesource_export_test.go | 2 +- storage/storage.go | 2 +- 14 files changed, 24 insertions(+), 24 deletions(-) rename internal/{tcti => ct}/chain_validation.go (99%) rename internal/{tcti => ct}/chain_validation_test.go (99%) rename internal/{tcti => ct}/ctlog.go (99%) rename internal/{tcti => ct}/ctlog_test.go (99%) rename internal/{tcti => ct}/handlers.go (99%) rename internal/{tcti => ct}/handlers_test.go (99%) rename internal/{tcti => ct}/otel.go (92%) rename internal/{tcti => ct}/requestlog.go (99%) rename internal/{tcti => ct}/signatures.go (99%) rename internal/{tcti => ct}/signatures_test.go (99%) rename internal/{tcti => ct}/timesource.go (98%) rename internal/{tcti => ct}/timesource_export_test.go (98%) diff --git a/ctlog.go b/ctlog.go index 96326a73..5265ea83 100644 --- a/ctlog.go +++ b/ctlog.go @@ -25,7 +25,7 @@ import ( "strings" "time" - "github.com/transparency-dev/static-ct/internal/tcti" + "github.com/transparency-dev/static-ct/internal/ct" "github.com/transparency-dev/static-ct/internal/x509util" "github.com/transparency-dev/static-ct/storage" ) @@ -62,7 +62,7 @@ type ChainValidationConfig struct { NotAfterLimit *time.Time } -// systemTimeSource implements tcti.TimeSource. +// systemTimeSource implements ct.TimeSource. type systemTimeSource struct{} // Now returns the true current local time. @@ -74,7 +74,7 @@ var sysTimeSource = systemTimeSource{} // newChainValidator checks that a chain validation config is valid, // parses it, and loads resources to validate chains. -func newChainValidator(cfg ChainValidationConfig) (tcti.ChainValidator, error) { +func newChainValidator(cfg ChainValidationConfig) (ct.ChainValidator, error) { // Load the trusted roots. if cfg.RootsPEMFile == "" { return nil, errors.New("empty rootsPemFile") @@ -98,7 +98,7 @@ func newChainValidator(cfg ChainValidationConfig) (tcti.ChainValidator, error) { // Filter which extended key usages are allowed. if cfg.ExtKeyUsages != "" { lExtKeyUsages := strings.Split(cfg.ExtKeyUsages, ",") - extKeyUsages, err = tcti.ParseExtKeyUsages(lExtKeyUsages) + extKeyUsages, err = ct.ParseExtKeyUsages(lExtKeyUsages) if err != nil { return nil, fmt.Errorf("failed to parse ExtKeyUsages: %v", err) } @@ -108,13 +108,13 @@ func newChainValidator(cfg ChainValidationConfig) (tcti.ChainValidator, error) { // Filter which extensions are rejected. if cfg.RejectExtensions != "" { lRejectExtensions := strings.Split(cfg.RejectExtensions, ",") - rejectExtIds, err = tcti.ParseOIDs(lRejectExtensions) + rejectExtIds, err = ct.ParseOIDs(lRejectExtensions) if err != nil { return nil, fmt.Errorf("failed to parse RejectExtensions: %v", err) } } - cv := tcti.NewChainValidator(roots, cfg.RejectExpired, cfg.RejectUnexpired, cfg.NotAfterStart, cfg.NotAfterLimit, extKeyUsages, rejectExtIds) + cv := ct.NewChainValidator(roots, cfg.RejectExpired, cfg.RejectUnexpired, cfg.NotAfterStart, cfg.NotAfterLimit, extKeyUsages, rejectExtIds) return &cv, nil } @@ -126,19 +126,19 @@ func NewLogHandler(ctx context.Context, origin string, signer crypto.Signer, cfg if err != nil { return nil, fmt.Errorf("newCertValidationOpts(): %v", err) } - log, err := tcti.NewLog(ctx, origin, signer, cv, cs, sysTimeSource) + log, err := ct.NewLog(ctx, origin, signer, cv, cs, sysTimeSource) if err != nil { return nil, fmt.Errorf("newLog(): %v", err) } - opts := &tcti.HandlerOptions{ + opts := &ct.HandlerOptions{ Deadline: httpDeadline, - RequestLog: &tcti.DefaultRequestLog{}, + RequestLog: &ct.DefaultRequestLog{}, MaskInternalErrors: maskInternalErrors, TimeSource: sysTimeSource, } - handlers := tcti.NewPathHandlers(ctx, opts, log) + handlers := ct.NewPathHandlers(ctx, opts, log) mux := http.NewServeMux() // Register handlers for all the configured logs. for path, handler := range handlers { diff --git a/internal/tcti/chain_validation.go b/internal/ct/chain_validation.go similarity index 99% rename from internal/tcti/chain_validation.go rename to internal/ct/chain_validation.go index 6c8c4bbe..294f685d 100644 --- a/internal/tcti/chain_validation.go +++ b/internal/ct/chain_validation.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "bytes" diff --git a/internal/tcti/chain_validation_test.go b/internal/ct/chain_validation_test.go similarity index 99% rename from internal/tcti/chain_validation_test.go rename to internal/ct/chain_validation_test.go index 73c02873..7f199527 100644 --- a/internal/tcti/chain_validation_test.go +++ b/internal/ct/chain_validation_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "crypto/x509" diff --git a/internal/tcti/ctlog.go b/internal/ct/ctlog.go similarity index 99% rename from internal/tcti/ctlog.go rename to internal/ct/ctlog.go index 63eb2678..c516a22b 100644 --- a/internal/tcti/ctlog.go +++ b/internal/ct/ctlog.go @@ -1,4 +1,4 @@ -package tcti +package ct import ( "context" diff --git a/internal/tcti/ctlog_test.go b/internal/ct/ctlog_test.go similarity index 99% rename from internal/tcti/ctlog_test.go rename to internal/ct/ctlog_test.go index 6045785c..40d37deb 100644 --- a/internal/tcti/ctlog_test.go +++ b/internal/ct/ctlog_test.go @@ -1,4 +1,4 @@ -package tcti +package ct import ( "context" diff --git a/internal/tcti/handlers.go b/internal/ct/handlers.go similarity index 99% rename from internal/tcti/handlers.go rename to internal/ct/handlers.go index f56e2a5a..34835527 100644 --- a/internal/tcti/handlers.go +++ b/internal/ct/handlers.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "context" diff --git a/internal/tcti/handlers_test.go b/internal/ct/handlers_test.go similarity index 99% rename from internal/tcti/handlers_test.go rename to internal/ct/handlers_test.go index 30d3e2bd..4b979ae0 100644 --- a/internal/tcti/handlers_test.go +++ b/internal/ct/handlers_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "bufio" diff --git a/internal/tcti/otel.go b/internal/ct/otel.go similarity index 92% rename from internal/tcti/otel.go rename to internal/ct/otel.go index 53738bae..5fdef9f4 100644 --- a/internal/tcti/otel.go +++ b/internal/ct/otel.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "go.opentelemetry.io/otel" @@ -20,7 +20,7 @@ import ( "k8s.io/klog/v2" ) -const name = "github.com/transparency-dev/static-ct/internal/tcti" +const name = "github.com/transparency-dev/static-ct/internal/ct" var ( meter = otel.Meter(name) diff --git a/internal/tcti/requestlog.go b/internal/ct/requestlog.go similarity index 99% rename from internal/tcti/requestlog.go rename to internal/ct/requestlog.go index 85f3cde1..73ded59a 100644 --- a/internal/tcti/requestlog.go +++ b/internal/ct/requestlog.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "context" diff --git a/internal/tcti/signatures.go b/internal/ct/signatures.go similarity index 99% rename from internal/tcti/signatures.go rename to internal/ct/signatures.go index 04c0d1ed..ee3b9282 100644 --- a/internal/tcti/signatures.go +++ b/internal/ct/signatures.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "crypto" diff --git a/internal/tcti/signatures_test.go b/internal/ct/signatures_test.go similarity index 99% rename from internal/tcti/signatures_test.go rename to internal/ct/signatures_test.go index 95a3501f..d4cead9a 100644 --- a/internal/tcti/signatures_test.go +++ b/internal/ct/signatures_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import ( "bytes" diff --git a/internal/tcti/timesource.go b/internal/ct/timesource.go similarity index 98% rename from internal/tcti/timesource.go rename to internal/ct/timesource.go index bd8d2701..02234c23 100644 --- a/internal/tcti/timesource.go +++ b/internal/ct/timesource.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import "time" diff --git a/internal/tcti/timesource_export_test.go b/internal/ct/timesource_export_test.go similarity index 98% rename from internal/tcti/timesource_export_test.go rename to internal/ct/timesource_export_test.go index 957b3db3..785d5a51 100644 --- a/internal/tcti/timesource_export_test.go +++ b/internal/ct/timesource_export_test.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tcti +package ct import "time" diff --git a/storage/storage.go b/storage/storage.go index 258e2a91..42a620f4 100644 --- a/storage/storage.go +++ b/storage/storage.go @@ -49,7 +49,7 @@ type IssuerStorage interface { AddIssuersIfNotExist(ctx context.Context, kv []KV) error } -// CTStorage implements tcti.Storage. +// CTStorage implements ct.Storage. type CTStorage struct { storeData func(context.Context, *ctonly.Entry) tessera.IndexFuture storeIssuers func(context.Context, []KV) error From 711fa7683406b5c4c05397e1c8325695c04054a0 Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 15 Apr 2025 16:54:21 +0000 Subject: [PATCH 8/9] remove package renames --- cmd/aws/main.go | 4 ++-- cmd/gcp/main.go | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cmd/aws/main.go b/cmd/aws/main.go index d4a92340..d8fa73af 100644 --- a/cmd/aws/main.go +++ b/cmd/aws/main.go @@ -30,7 +30,7 @@ import ( "github.com/go-sql-driver/mysql" tesseract "github.com/transparency-dev/static-ct" "github.com/transparency-dev/static-ct/storage" - awsTesseract "github.com/transparency-dev/static-ct/storage/aws" + "github.com/transparency-dev/static-ct/storage/aws" "github.com/transparency-dev/static-ct/storage/bbolt" tessera "github.com/transparency-dev/trillian-tessera" awsTessera "github.com/transparency-dev/trillian-tessera/storage/aws" @@ -154,7 +154,7 @@ func newAWSStorage(ctx context.Context, signer note.Signer) (*storage.CTStorage, return nil, fmt.Errorf("failed to initialize AWS Tessera storage: %v", err) } - issuerStorage, err := awsTesseract.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") + issuerStorage, err := aws.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") if err != nil { return nil, fmt.Errorf("failed to initialize AWS issuer storage: %v", err) } diff --git a/cmd/gcp/main.go b/cmd/gcp/main.go index 440b23b6..e55d624a 100644 --- a/cmd/gcp/main.go +++ b/cmd/gcp/main.go @@ -30,7 +30,7 @@ import ( tesseract "github.com/transparency-dev/static-ct" "github.com/transparency-dev/static-ct/storage" - gcpTesseract "github.com/transparency-dev/static-ct/storage/gcp" + "github.com/transparency-dev/static-ct/storage/gcp" tessera "github.com/transparency-dev/trillian-tessera" gcpTessera "github.com/transparency-dev/trillian-tessera/storage/gcp" "golang.org/x/mod/sumdb/note" @@ -168,12 +168,12 @@ func newGCPStorage(ctx context.Context, signer note.Signer) (*storage.CTStorage, return nil, fmt.Errorf("failed to initialize GCP Tessera appender: %v", err) } - issuerStorage, err := gcpTesseract.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") + issuerStorage, err := gcp.NewIssuerStorage(ctx, *bucket, "fingerprints/", "application/pkix-cert") if err != nil { return nil, fmt.Errorf("failed to initialize GCP issuer storage: %v", err) } - beDedupStorage, err := gcpTesseract.NewDedupeStorage(ctx, *spannerDedupDB) + beDedupStorage, err := gcp.NewDedupeStorage(ctx, *spannerDedupDB) if err != nil { return nil, fmt.Errorf("failed to initialize GCP Spanner deduplication database: %v", err) } From 4ada85fb7d0563c7f2e2632d52d5906727e73bdd Mon Sep 17 00:00:00 2001 From: Philippe Boneff Date: Tue, 15 Apr 2025 17:07:23 +0000 Subject: [PATCH 9/9] more renames --- cmd/aws/main.go | 8 ++++---- cmd/gcp/main.go | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/cmd/aws/main.go b/cmd/aws/main.go index d8fa73af..fc2ad215 100644 --- a/cmd/aws/main.go +++ b/cmd/aws/main.go @@ -33,7 +33,7 @@ import ( "github.com/transparency-dev/static-ct/storage/aws" "github.com/transparency-dev/static-ct/storage/bbolt" tessera "github.com/transparency-dev/trillian-tessera" - awsTessera "github.com/transparency-dev/trillian-tessera/storage/aws" + taws "github.com/transparency-dev/trillian-tessera/storage/aws" "golang.org/x/mod/sumdb/note" "k8s.io/klog/v2" ) @@ -143,7 +143,7 @@ func awaitSignal(doneFn func()) { func newAWSStorage(ctx context.Context, signer note.Signer) (*storage.CTStorage, error) { awsCfg := storageConfigFromFlags() - driver, err := awsTessera.New(ctx, awsCfg) + driver, err := taws.New(ctx, awsCfg) if err != nil { return nil, fmt.Errorf("failed to initialize AWS Tessera storage driver: %v", err) } @@ -192,7 +192,7 @@ func (t *timestampFlag) Set(w string) error { // storageConfigFromFlags returns an aws.Config struct populated with values // provided via flags. -func storageConfigFromFlags() awsTessera.Config { +func storageConfigFromFlags() taws.Config { if *bucket == "" { klog.Exit("--bucket must be set") } @@ -223,7 +223,7 @@ func storageConfigFromFlags() awsTessera.Config { AllowNativePasswords: true, } - return awsTessera.Config{ + return taws.Config{ Bucket: *bucket, DSN: c.FormatDSN(), MaxOpenConns: *dbMaxConns, diff --git a/cmd/gcp/main.go b/cmd/gcp/main.go index e55d624a..cffee95c 100644 --- a/cmd/gcp/main.go +++ b/cmd/gcp/main.go @@ -32,7 +32,7 @@ import ( "github.com/transparency-dev/static-ct/storage" "github.com/transparency-dev/static-ct/storage/gcp" tessera "github.com/transparency-dev/trillian-tessera" - gcpTessera "github.com/transparency-dev/trillian-tessera/storage/gcp" + tgcp "github.com/transparency-dev/trillian-tessera/storage/gcp" "golang.org/x/mod/sumdb/note" "k8s.io/klog/v2" ) @@ -147,12 +147,12 @@ func newGCPStorage(ctx context.Context, signer note.Signer) (*storage.CTStorage, return nil, errors.New("missing spannerDB") } - gcpCfg := gcpTessera.Config{ + gcpCfg := tgcp.Config{ Bucket: *bucket, Spanner: *spannerDB, } - driver, err := gcpTessera.New(ctx, gcpCfg) + driver, err := tgcp.New(ctx, gcpCfg) if err != nil { return nil, fmt.Errorf("failed to initialize GCP Tessera storage driver: %v", err) }