MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use GetDuration() helper for MINIO_KMS_KEY_CACHE_INTERVAL as time.Duration (#19512)

Browse Source 
Bonus: Use default duration of 10 seconds if invalid input < time.Second is specified
This commit is contained in:
Allan Roger Reid
2024-04-16 08:43:39 -07:00
committed by GitHub
parent 9246990496
commit 7c1f9667d1
5 changed files with 29 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
internal/kms/kes.go
View File

@@ -72,7 +72,7 @@ type Config struct {
// NewWithConfig returns a new KMS using the given
// configuration.
func NewWithConfig(config Config, kmsLogger Logger) (KMS, error) {
func NewWithConfig(config Config, logger Logger) (KMS, error) {
if len(config.Endpoints) == 0 {
return nil, errors.New("kms: no server endpoints")
}
@@ -141,7 +141,7 @@ func NewWithConfig(config Config, kmsLogger Logger) (KMS, error) {
}
}()
go c.refreshKMSMasterKeyCache(kmsLogger)
go c.refreshKMSMasterKeyCache(logger)
return c, nil
}
@@ -150,13 +150,17 @@ func NewWithConfig(config Config, kmsLogger Logger) (KMS, error) {
func (c *kesClient) refreshKMSMasterKeyCache(logger Logger) {
ctx := context.Background()
defaultCacheInterval := 10
cacheInterval, err := env.GetInt("EnvKESKeyCacheInterval", defaultCacheInterval)
defaultCacheDuration := 10 * time.Second
cacheDuration, err := env.GetDuration(EnvKESKeyCacheInterval, defaultCacheDuration)
if err != nil {
cacheInterval = defaultCacheInterval
logger.LogOnceIf(ctx, fmt.Errorf("%s, using default of 10s", err.Error()), "refresh-kms-master-key")
cacheDuration = defaultCacheDuration
}
timer := time.NewTimer(time.Duration(cacheInterval) * time.Second)
if cacheDuration < time.Second {
logger.LogOnceIf(ctx, errors.New("cache duration is less than 1s, using default of 10s"), "refresh-kms-master-key")
cacheDuration = defaultCacheDuration
}
timer := time.NewTimer(cacheDuration)
defer timer.Stop()
for {
@@ -167,7 +171,7 @@ func (c *kesClient) refreshKMSMasterKeyCache(logger Logger) {
c.RefreshKey(ctx, logger)
// Reset for the next interval
timer.Reset(time.Duration(cacheInterval) * time.Second)
timer.Reset(cacheDuration)
}
}
}
@@ -484,7 +488,8 @@ func (c *kesClient) Verify(ctx context.Context) []VerifyResult {
// Logger interface permits access to module specific logging, in this case, for KMS
type Logger interface {
LogOnceIf(ctx context.Context, subsystem string, err error, id string, errKind ...interface{})
LogOnceIf(ctx context.Context, err error, id string, errKind ...interface{})
LogIf(ctx context.Context, err error, errKind ...interface{})
}
// RefreshKey checks the validity of the KMS Master Key
@@ -503,13 +508,13 @@ func (c *kesClient) RefreshKey(ctx context.Context, logger Logger) bool {
// 1. Generate a new key using the KMS.
kmsCtx, err := kmsContext.MarshalText()
if err != nil {
logger.LogOnceIf(ctx, "kms", err, "refresh-kms-master-key")
logger.LogOnceIf(ctx, err, "refresh-kms-master-key")
validKey = false
break
}
_, err = client.GenerateKey(ctx, env.Get(EnvKESKeyName, ""), kmsCtx)
if err != nil {
logger.LogOnceIf(ctx, "kms", err, "refresh-kms-master-key")
logger.LogOnceIf(ctx, err, "refresh-kms-master-key")
validKey = false
break
}