search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
16.93k stars 1.7k forks source link

refactor keystore config #43154

Closed nklaassen closed 1 week ago

nklaassen commented 1 week ago

We recently duplicated most fields of (lib/auth/keystore).Config types to (lib/service/servicecfg).KeystoreConfig to break some dependencies on cloud SDKs in our client binaries.

This PR deletes (lib/auth/keystore).Config to unify on (lib/service/servicecfg).KeystoreConfig. It adds a new keystore.Options struct to hold runtime options for the keystore, in contrast to KeystoreConfig which holds mostly static options coming from the config file.

No functional changes are made here.

Depends on https://github.com/gravitational/teleport/pull/43153 and https://github.com/gravitational/teleport.e/pull/4425

I made these changes while prepping the keystore to support configurable signature algorithms for the implementation of RFD 136.

nklaassen commented 1 week ago

LGTM, although you may want a domain expert to take a look.

I wrote all this originally and Tim's the only other person who has touched it

public-teleport-github-review-bot[bot] commented 1 week ago

@nklaassen See the table below for backport results.

Branch Result
branch/v16 Create PR