Merge pull request #85 from opencloud-eu/basepkg-rename

Rebrand top-level pkg

pkg/Makefile

@@ -1,5 +1,5 @@
 SHELL := bash
-NAME := ocis-pkg
+NAME := pkg
 
 include ../.make/recursion.mk
 

pkg/config/config.go

@@ -48,10 +48,10 @@ import (
 
 type Mode int
 
-// Runtime configures the oCIS runtime when running in supervised mode.
+// Runtime configures the OpenCloud runtime when running in supervised mode.
 type Runtime struct {
-	Port       string   `yaml:"port" env:"OC_RUNTIME_PORT" desc:"The TCP port at which oCIS will be available" introductionVersion:"pre5.0"`
-	Host       string   `yaml:"host" env:"OC_RUNTIME_HOST" desc:"The host at which oCIS will be available" introductionVersion:"pre5.0"`
+	Port       string   `yaml:"port" env:"OC_RUNTIME_PORT" desc:"The TCP port at which OpenCloud will be available" introductionVersion:"pre5.0"`
+	Host       string   `yaml:"host" env:"OC_RUNTIME_HOST" desc:"The host at which OpenCloud will be available" introductionVersion:"pre5.0"`
 	Services   []string `yaml:"services" env:"OC_RUN_EXTENSIONS;OC_RUN_SERVICES" desc:"A comma-separated list of service names. Will start only the listed services." introductionVersion:"pre5.0"`
 	Disabled   []string `yaml:"disabled_services" env:"OC_EXCLUDE_RUN_SERVICES" desc:"A comma-separated list of service names. Will start all default services except of the ones listed. Has no effect when OC_RUN_SERVICES is set." introductionVersion:"pre5.0"`
 	Additional []string `yaml:"add_services" env:"OC_ADD_RUN_SERVICES" desc:"A comma-separated list of service names. Will add the listed services to the default configuration. Has no effect when OC_RUN_SERVICES is set. Note that one can add services not started by the default list and exclude services from the default list by using both envvars at the same time." introductionVersion:"pre5.0"`
@@ -77,7 +77,7 @@ type Config struct {
 	TokenManager      *shared.TokenManager `yaml:"token_manager"`
 	MachineAuthAPIKey string               `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"`
 	TransferSecret    string               `yaml:"transfer_secret" env:"OC_TRANSFER_SECRET" desc:"Transfer secret for signing file up- and download requests." introductionVersion:"pre5.0"`
-	SystemUserID      string               `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"`
+	SystemUserID      string               `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the OpenCloud storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"`
 	SystemUserAPIKey  string               `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY" desc:"API key for the storage-system system user." introductionVersion:"pre5.0"`
 	AdminUserID       string               `yaml:"admin_user_id" env:"OC_ADMIN_USER_ID" desc:"ID of a user, that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"`
 	Runtime           Runtime              `yaml:"runtime"`

pkg/config/helpers_test.go

@@ -19,7 +19,7 @@ a: "${FOO_VAR|no-foo}"
 b: "${BAR_VAR|no-bar}"
 c: "${CODE_VAR|code}"
 `
-	filePath := "etc/ocis/foo.yaml"
+	filePath := "etc/opencloud/foo.yaml"
 	fs := fstest.MapFS{
 		filePath: {Data: []byte(yaml)},
 	}
@@ -37,7 +37,7 @@ c: "${CODE_VAR|code}"
 
 func TestBindSourcesToStructs_UnknownFile(t *testing.T) {
 	// setup test env
-	filePath := "etc/ocis/foo.yaml"
+	filePath := "etc/opencloud/foo.yaml"
 	fs := fstest.MapFS{}
 	// perform test
 	c := TestConfig{}
@@ -173,7 +173,7 @@ clientlog:
     service_account_id: c05389b2-d94c-4d01-a9b5-a2f97952cc14
     service_account_secret: GW5.x1vDM&+NPRi++eV@.P7Tms4vj!=s
 `
-	filePath := "etc/ocis/foo.yaml"
+	filePath := "etc/opencloud/foo.yaml"
 	fs := fstest.MapFS{
 		filePath: {Data: []byte(yaml)},
 	}

pkg/config/parser/parse.go

@@ -38,7 +38,7 @@ func ParseConfig(cfg *config.Config, skipValidate bool) error {
 }
 
 // EnsureDefaults ensures that all pointers in the
-// oCIS config (not the services configs) are initialized
+// OpenCloud config (not the services configs) are initialized
 func EnsureDefaults(cfg *config.Config) {
 	if cfg.Tracing == nil {
 		cfg.Tracing = &shared.Tracing{}
@@ -63,7 +63,7 @@ func EnsureDefaults(cfg *config.Config) {
 	}
 }
 
-// EnsureCommons copies applicable parts of the oCIS config into the commons part
+// EnsureCommons copies applicable parts of the OpenCloud config into the commons part
 func EnsureCommons(cfg *config.Config) {
 	// ensure the commons part is initialized
 	if cfg.Commons == nil {

pkg/crypto/crypto_test.go

@@ -24,12 +24,12 @@ var _ = Describe("Crypto", func() {
 		if err != nil {
 			Fail(err.Error())
 		}
-		config.Proxy.HTTP.TLSKey = filepath.Join(userConfigDir, "ocis", "server.key")
-		config.Proxy.HTTP.TLSCert = filepath.Join(userConfigDir, "ocis", "server.cert")
+		config.Proxy.HTTP.TLSKey = filepath.Join(userConfigDir, "opencloud", "server.key")
+		config.Proxy.HTTP.TLSCert = filepath.Join(userConfigDir, "opencloud", "server.cert")
 	})
 
 	AfterEach(func() {
-		if err := os.RemoveAll(filepath.Join(userConfigDir, "ocis")); err != nil {
+		if err := os.RemoveAll(filepath.Join(userConfigDir, "opencloud")); err != nil {
 			Fail(err.Error())
 		}
 	})
@@ -38,17 +38,17 @@ var _ = Describe("Crypto", func() {
 	// for the key / certificate pair in case none is configured. Regardless of how the values ended in the configuration,
 	// the side effects of GenCert is what we want to test.
 	Describe("Creating key / certificate pair", func() {
-		Context("For ocis-proxy in the location of the user config directory", func() {
-			It(fmt.Sprintf("Creates the cert / key tuple in: %s", filepath.Join(userConfigDir, "ocis")), func() {
+		Context("For the proxy service in the location of the user config directory", func() {
+			It(fmt.Sprintf("Creates the cert / key tuple in: %s", filepath.Join(userConfigDir, "opencloud")), func() {
 				if err := crypto.GenCert(config.Proxy.HTTP.TLSCert, config.Proxy.HTTP.TLSKey, log.NopLogger()); err != nil {
 					Fail(err.Error())
 				}
 
-				if _, err := os.Stat(filepath.Join(userConfigDir, "ocis", "server.key")); err != nil {
+				if _, err := os.Stat(filepath.Join(userConfigDir, "opencloud", "server.key")); err != nil {
 					Fail("key not found at the expected location")
 				}
 
-				if _, err := os.Stat(filepath.Join(userConfigDir, "ocis", "server.cert")); err != nil {
+				if _, err := os.Stat(filepath.Join(userConfigDir, "opencloud", "server.cert")); err != nil {
 					Fail("certificate not found at the expected location")
 				}
 			})
@@ -62,10 +62,10 @@ var _ = Describe("Crypto", func() {
 			keyTwo string
 		)
 		BeforeEach(func() {
-			crtOne = filepath.Join(userConfigDir, "ocis/one.cert")
-			keyOne = filepath.Join(userConfigDir, "ocis/one.key")
-			crtTwo = filepath.Join(userConfigDir, "ocis/two.cert")
-			keyTwo = filepath.Join(userConfigDir, "ocis/two.key")
+			crtOne = filepath.Join(userConfigDir, "opencloud/one.cert")
+			keyOne = filepath.Join(userConfigDir, "opencloud/one.key")
+			crtTwo = filepath.Join(userConfigDir, "opencloud/two.cert")
+			keyTwo = filepath.Join(userConfigDir, "opencloud/two.key")
 			if err := crypto.GenCert(crtOne, keyOne, log.NopLogger()); err != nil {
 				Fail(err.Error())
 			}

pkg/crypto/gencert_test.go

@@ -51,7 +51,7 @@ func TestPersistKey(t *testing.T) {
 	p256 := elliptic.P256()
 	var (
 		tmpDir     = t.TempDir()
-		keyPath    = filepath.Join(tmpDir, "ocis", "testKey")
+		keyPath    = filepath.Join(tmpDir, "opencloud", "testKey")
 		rsaPk, _   = rsa.GenerateKey(rand.Reader, 2048)
 		ecdsaPk, _ = ecdsa.GenerateKey(p256, rand.Reader)
 	)
@@ -97,7 +97,7 @@ func TestPersistCertificate(t *testing.T) {
 	p256 := elliptic.P256()
 	var (
 		tmpDir     = t.TempDir()
-		certPath   = filepath.Join(tmpDir, "ocis", "testCert")
+		certPath   = filepath.Join(tmpDir, "opencloud", "testCert")
 		rsaPk, _   = rsa.GenerateKey(rand.Reader, 2048)
 		ecdsaPk, _ = ecdsa.GenerateKey(p256, rand.Reader)
 	)

pkg/flags/overrides.go

@@ -2,7 +2,7 @@ package flags
 
 // OverrideDefaultString checks whether the default value of v is the zero value, if so, ensure the flag has a correct
 // value by providing one. A value different than zero would mean that it was read from a config file either from an
-// service or from a higher source (i.e: ocis command).
+// service or from a higher source (i.e: opencloud command).
 func OverrideDefaultString(v, def string) string {
 	if v != "" {
 		return v
@@ -13,7 +13,7 @@ func OverrideDefaultString(v, def string) string {
 
 // OverrideDefaultBool checks whether the default value of v is the zero value, if so, ensure the flag has a correct
 // value by providing one. A value different than zero would mean that it was read from a config file either from an
-// service or from a higher source (i.e: ocis command).
+// service or from a higher source (i.e: opencloud command).
 func OverrideDefaultBool(v, def bool) bool {
 	if v {
 		return v
@@ -24,7 +24,7 @@ func OverrideDefaultBool(v, def bool) bool {
 
 // OverrideDefaultInt checks whether the default value of v is the zero value, if so, ensure the flag has a correct
 // value by providing one. A value different than zero would mean that it was read from a config file either from an
-// service or from a higher source (i.e: ocis command).
+// service or from a higher source (i.e: opencloud command).
 func OverrideDefaultInt(v, def int) int {
 	if v != 0 {
 		return v
@@ -35,7 +35,7 @@ func OverrideDefaultInt(v, def int) int {
 
 // OverrideDefaultInt64 checks whether the default value of v is the zero value, if so, ensure the flag has a correct
 // value by providing one. A value different than zero would mean that it was read from a config file either from an
-// service or from a higher source (i.e: ocis command).
+// service or from a higher source (i.e: opencloud command).
 func OverrideDefaultInt64(v, def int64) int64 {
 	if v != 0 {
 		return v
@@ -46,7 +46,7 @@ func OverrideDefaultInt64(v, def int64) int64 {
 
 // OverrideDefaultUint64 checks whether the default value of v is the zero value, if so, ensure the flag has a correct
 // value by providing one. A value different than zero would mean that it was read from a config file either from an
-// service or from a higher source (i.e: ocis command).
+// service or from a higher source (i.e: opencloud command).
 func OverrideDefaultUint64(v, def uint64) uint64 {
 	if v != 0 {
 		return v

pkg/log/log.go

@@ -24,7 +24,7 @@ func init() {
 	setMicroLogger()
 }
 
-// for logging reasons we don't want the same logging level on both oCIS and micro. As a framework builder we do not
+// for logging reasons we don't want the same logging level on both OpenCloud and micro. As a framework builder we do not
 // want to expose to the end user the internal framework logs unless explicitly specified.
 func setMicroLogger() {
 	if os.Getenv("MICRO_LOG_LEVEL") == "" {

pkg/middleware/account.go

@@ -63,7 +63,7 @@ func ExtractAccountUUID(opts ...account.Option) func(http.Handler) http.Handler
 			// store user in context for request
 			ctx := revactx.ContextSetUser(r.Context(), u)
 
-			// Important: user.Id.OpaqueId is the AccountUUID. Set this way in the account uuid middleware in ocis-proxy.
+			// Important: user.Id.OpaqueId is the AccountUUID. Set this way in the account uuid middleware in OpenCloud proxy.
 			// https://github.com/opencloud-eu/opencloud-proxy/blob/ea254d6036592cf9469d757d1295e0c4309d1e63/pkg/middleware/account_uuid.go#L109
 			// TODO: implement token manager in cs3org/reva that uses generic metadata instead of access token from header.
 			ctx = metadata.Set(ctx, AccountID, u.Id.OpaqueId)

pkg/natsjsregistry/watcher.go

@@ -56,7 +56,7 @@ func (w *Watcher) Next() (*registry.Result, error) {
 			return nil, errors.New("invalid service key")
 		}
 		svc.Name = parts[0]
-		// ocis registers nodes with a - separator
+		// OpenCloud registers nodes with a - separator
 		svc.Nodes = []*registry.Node{{Id: parts[0] + "-" + parts[1]}}
 		svc.Version = parts[2]
 	} else {

pkg/oidc/claims.go

@@ -6,16 +6,16 @@ import (
 )
 
 const (
-	Iss               = "iss"
-	Sub               = "sub"
-	Email             = "email"
-	Name              = "name"
-	PreferredUsername = "preferred_username"
-	UIDNumber         = "uidnumber"
-	GIDNumber         = "gidnumber"
-	Groups            = "groups"
-	OwncloudUUID      = "ownclouduuid"
-	OcisRoutingPolicy = "ocis.routing.policy"
+	Iss                    = "iss"
+	Sub                    = "sub"
+	Email                  = "email"
+	Name                   = "name"
+	PreferredUsername      = "preferred_username"
+	UIDNumber              = "uidnumber"
+	GIDNumber              = "gidnumber"
+	Groups                 = "groups"
+	OwncloudUUID           = "ownclouduuid"
+	OpenCloudRoutingPolicy = "opencloud.routing.policy"
 )
 
 // SplitWithEscaping splits s into segments using separator which can be escaped using the escape string

pkg/roles/manager.go

@@ -13,7 +13,7 @@ import (
 )
 
 const (
-	cacheDatabase  = "ocis-pkg"
+	cacheDatabase  = "opencloud-pkg"
 	cacheTableName = "roles"
 	cacheTTL       = time.Hour
 )

pkg/service/grpc/service.go

@@ -18,7 +18,7 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/keepalive"
 
-	ociscrypto "github.com/opencloud-eu/opencloud/pkg/crypto"
+	occrypto "github.com/opencloud-eu/opencloud/pkg/crypto"
 	"github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/pkg/registry"
 )
@@ -49,7 +49,7 @@ func NewServiceWithClient(client client.Client, opts ...Option) (Service, error)
 		} else {
 			// Generate a self-signed server certificate on the fly. This requires the clients
 			// to connect with InsecureSkipVerify.
-			cert, err = ociscrypto.GenTempCertForAddr(sopts.Address)
+			cert, err = occrypto.GenTempCertForAddr(sopts.Address)
 			if err != nil {
 				return Service{}, fmt.Errorf("grpc service error creating temporary self-signed certificate: %w", err)
 			}

pkg/service/http/service.go

@@ -10,7 +10,7 @@ import (
 
 	mhttps "github.com/go-micro/plugins/v4/server/http"
 	mtracer "github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry"
-	ociscrypto "github.com/opencloud-eu/opencloud/pkg/crypto"
+	occrypto "github.com/opencloud-eu/opencloud/pkg/crypto"
 	"go-micro.dev/v4"
 	"go-micro.dev/v4/server"
 )
@@ -42,7 +42,7 @@ func NewService(opts ...Option) (Service, error) {
 			// to connect with InsecureSkipVerify.
 			sopts.Logger.Warn().Str("address", sopts.Address).
 				Msg("No server certificate configured. Generating a temporary self-signed certificate")
-			cert, err = ociscrypto.GenTempCertForAddr(sopts.Address)
+			cert, err = occrypto.GenTempCertForAddr(sopts.Address)
 			if err != nil {
 				return Service{}, fmt.Errorf("error creating temporary self-signed certificate: %w", err)
 			}

pkg/shared/memlimit.go

@@ -6,7 +6,7 @@ import (
 	"github.com/KimMachineGun/automemlimit/memlimit"
 )
 
-// we init the memlimit here to include it for ocis als well as individual service binaries
+// we init the memlimit here to include it for OpenCloud als well as individual service binaries
 func init() {
 	slog.SetLogLoggerLevel(slog.LevelError)
 	_, _ = memlimit.SetGoMemLimitWithOpts(

pkg/shared/shared_types.go

@@ -80,7 +80,7 @@ type Commons struct {
 	Reva              *Reva           `yaml:"reva"`
 	MachineAuthAPIKey string          `mask:"password" yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"`
 	TransferSecret    string          `mask:"password" yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET" desc:"The secret used for signing the requests towards the data gateway for up- and downloads." introductionVersion:"pre5.0"`
-	SystemUserID      string          `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"`
+	SystemUserID      string          `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the OpenCloud storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"`
 	SystemUserAPIKey  string          `mask:"password" yaml:"system_user_api_key" env:"SYSTEM_USER_API_KEY" desc:"API key for all system users." introductionVersion:"pre5.0"`
 	AdminUserID       string          `yaml:"admin_user_id" env:"OC_ADMIN_USER_ID" desc:"ID of a user, that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"`
 

services/proxy/pkg/proxy/policy/selector.go

@@ -132,7 +132,7 @@ func NewClaimsSelector(cfg *config.ClaimsSelectorConf) Selector {
 
 		// first, try to route by selector
 		if claims := oidc.FromContext(r.Context()); claims != nil {
-			if p, ok := claims[oidc.OcisRoutingPolicy].(string); ok && p != "" {
+			if p, ok := claims[oidc.OpenCloudRoutingPolicy].(string); ok && p != "" {
 				// TODO check we know the routing policy?
 				return p, nil
 			}

services/proxy/pkg/proxy/policy/selector_test.go

@@ -79,10 +79,10 @@ func TestClaimsSelector(t *testing.T) {
 
 	var tests = []testCase{
 		{"unauthenticated", context.Background(), nil, "unauthenticated"},
-		{"default", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OcisRoutingPolicy: ""}), nil, "default"},
-		{"claim-value", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OcisRoutingPolicy: "opencloud.routing.policy-value"}), nil, "opencloud.routing.policy-value"},
+		{"default", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OpenCloudRoutingPolicy: ""}), nil, "default"},
+		{"claim-value", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OpenCloudRoutingPolicy: "opencloud.routing.policy-value"}), nil, "opencloud.routing.policy-value"},
 		{"cookie-only", context.Background(), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "cookie"},
-		{"claim-can-override-cookie", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OcisRoutingPolicy: "opencloud.routing.policy-value"}), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "opencloud.routing.policy-value"},
+		{"claim-can-override-cookie", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OpenCloudRoutingPolicy: "opencloud.routing.policy-value"}), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "opencloud.routing.policy-value"},
 	}
 	for _, tc := range tests {
 		r := httptest.NewRequest("GET", "https://example.com", nil)