Release/0.1.0 (#130)

* set dbauth=yes for main files

* use status message for field status

* add salt in request

* update make proto target

* change password field to hashed password

* include generated c stubs in gitignore

* tidy up Makefile and add protobuf autogenerated .h and .c to make clean

* add gen-libpqpatch target to Makefile

* edit gen-libpqpatch target to include new files

* remove trailing slash in

* update hashed pw field name

* add dbauth.h abstraction for connecting to Authenticator

* compile protobuf c libraries before postgresql

* implement sending Authenticator request from C

* fix setdbauth=yes in main.c

* add authenticator service and build files

* add go.mod

* remove unnecessary lines in dockerfile

* remove unnecessary comments in dockerfile

* set gopath in dockerfile

* add docker networking between containers

* remove docker rm netowrk

* add dbauth.h abstraction for connecting to Authenticator

* compile protobuf c libraries before postgresql

* implement sending Authenticator request from C

* fix setdbauth=yes in main.c

* add authenticator binary to .gitignore

* add logging to authenticator

* remove dbauth library for now

* move sdk into its own folder

* add grpc_cli to authenticator Dockerfile

* mount whole dbauth folder in authenticator container

* add docker-compose.yml

* remove make-run and run-env make targets in favor of docker compose

* working cpp sdk for libpq

* implement md5 hash on password

* include go.sum

* add dbauth sdk for libpq

* remove authenticator entry from .gitignore

* remove authenticator executable

* added to test grpc client

* change salt and hashed pw to bytes

* update authenticator to expect salt and return hashedpw as bytes

* fix byte strying compare

* change order in Dockerfile for better caching

* remove executable from repo

* gRPC server listen on all interfaces

* client.go: send salt string as bytes

* docker-compose spin up go client

* makefile target for authenticator

* make succeed even if go build fails

* change hashedpassword back into a string

* implement postgres md5 generation in authenticator

* set log level to debug

* fix bug in hash computation

* update cpp protobuf files

* remove cpp testing file

* update dbauth_libpq cpp library

* remove cpp testing program

* libpq dbauth authenticate implementation

* add examples dir

* add local postgres server to docker-compose

* make sdk include ready made dbauth libpq

* remove debug statement from dbauth_libpq lib

* allow no password if usedbauth is set

* move python example to different folder

* change C example to use local db

* add authenticator executable properly to .gitignore

* remove dbauth.h

* remove main example program

* consolidate sdk/internal to sdk/

* rename dbauth_libpq to dbauth_client

* remove authenticator/messages to authenticator/protos

* remvoe test.sh script

* update authenticator protos and service to split user and hash

* favor command to entrypoint

* authenticator validate salt to be 4 bytes

* update SDK protobuf code

* Fix bug using identity instead of user in hash

* update client side for separate user and password calls

* make gen-libpqpatch idempotent

* run go fmt

* improve salt error message

* working prototype for libhook

* working hash computation in Python

* remove cpp dependencies from dockerfile

* cleanup code

* Add aws boto to sdk

* move cpp client into separate folder

* update authenticator and protos to include AWS IAM authentication

* preliminary approzium python module implementation

* .gitignore python stuff

* obtain grpc tools via pip in dockerfile

* IAM-ify GetDBHasher in authenticator

* real IAM verification via STS

* remove old experiments code

* working approzium python module that generates hash

* Add client example

* cut Dockerfile down

* remove examples folder

* move logging setup to __init__.py

* add setup.py

* add readme for sdk

* add first test

* run black on python sdk

* add SSL support

* refactor psycopg2 connection code

* add tiny C extension to change psycopg2 connection to sync

* Revert "add tiny C extension to change psycopg2 connection to sync"

This reverts commit c988530.

* fix merge error

* run blackify code

* add additional check in sync-ing connection

* update protos

* update python sdk makefile to output protos in right directory

* add authenticator integration to Python sdk

* add secrets file to store dev credentials

* refactor verify service code

* remove Go client

* run go fmt

* Add authentication challenge verification step

* refactor authenticator.go

* change all dbauth references to approzium

* regression fix

* Define ctypes functions arg and res types

* Make DSN string a required parameter just like Psycopg2

* Disable autocommit mode in sync connections

* Add empty dsn in client.py

* change connect interface to fit psycopg2 more

* Change authenticator and iam_role to module-level attributes

* remove experiment file

* blackify imports

* update client to new interface

* remove dead code

* add Psycopg2 test suite to .gitignore

* don't change logging level when importing package

* Add script that runs PG2 test suite

* fix regression

* move low-level psycopg2 functions to _psycopg2_ctypes.py

* Implemented acknowleged MD5

* setup appropriate module-level logging

* Add ssl support to postgres db docker image

* Revert acknowledged MD5 authentication

* Add SSL db dockerfile

* Add scram.pyx file from Asyncpg

* Have an MD5 and SHA256 DBs in docker-compose

* Add debug statements in client.py

* add SCRAM SHA-256 authentication support

* Refactor reading Postgres messages

* Add Cython to setup.py

* Allow authenticator to hold multiple dev credentials

* implement PG SHA256 on authenticator side

* Implement PG SHA-256 communication on Python SDK

* install SDK in editable mode in Docker image

* replace assert statements with runtime checks

* Add check for openssl

* Implement Authenticator object and implement interface around it

* Upgrade Pip in SDK dockerfile
Upgrading pip is important because it speeds up the installation of
gRPC(-tools) considerably.

* upate protos of PGSHA256 to be more secure

* rename aios_gen_cert.sh

* update proto to include whole authentication msg

* Update authenticator to return cproof and sproof

* add reference wikipedia link

* remove manual hash calculation code from Python sdk

* Add Vault credential manager

* update SDK to use DBPort

* Update package name (#37)

* Convert variables from snake case to camel case (#38)

* Update package name

* Convert snake case variables to camel case

* Seed Vault in its own test, and add fmt and test to Makefile (#36)

* Seed Vault in its own test, and add fmt and test to Makefile

* Revert Makefile changes

* Delete fmt check script

* E2E Docker-compose workflow and CI via Github Actions (#40)

* add db common vars to docker-compose file

* remvoe gRPC cli from authenticator dockerfile

* add ping program to sdk dockerfile

* consolite dockerfiles into a multi-stage dockerfile

* define tests in docker-compose

* prefer secrets file to vault

* more accurate Make target name

* set psycopg2 testsuite to use Authenticator

* Create main.yml

* add SSL certs target to Makefile

* set COMPOSE_DOCKER_CLI_BUILD=1 in Makefile

* remove unnecessary whitespace

* add env vars to Makefile

* change test target in Makefile
* allow passing AWS secrets as env vars

* seed vault as part of docker-compose

* replace services with one tests service

* rename environment variable pg2_testsuite.py

* document python SDK test makefile

* improved Makefile

* remove legacy Makefile target

* Add target for seeding Vault with a specific host

* ensure SSL before docker build

* Update Readme with dev instructions

* move around Dockerfile for better caching

* fix Python version to 3.7

* Stop using async because it becomes SyntaxError in Python>=3.7 (#42)

* Python style fixes and a Go Unittest for xorBytes (#43)

* add .flake8 file

* Style changes to please Flake8

* Run Python lint commands in correct path

* add setup.py to flake8 exclude

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pyproject.toml for Black

* export Authenticator from __init__.py

* add testing for xorBytes func

Co-authored-by: UpGado <[email protected]>

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update test (#48)

* Improvements to CI (#51)

* Remove -diff flag from isort command

--diff causes isort to just run a check without actually fixing the cose

* Make isort run without asking

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* add isort skip protobuf import

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add run-in-docker target in Makefile

* Update main.yml

* require certs for run-in-docker

* Update main.yml

* dont run dc-build on each test

* add pytest.ini

* add Python tests make target

* Update main.yml

* Add simple happy-path tests for connections

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* require seeding hosts before pytest

* Install multiple Python versions

* Update main.yml

* Update main.yml

* Update main.yml

* Update main.yml

* Update main.yml

* Update main.yml

* Update main.yml

* Update main.yml

* Revert "Install multiple Python versions"

This reverts commit 7452ed7.

* Update main.yml

* Update main.yml

* add asnyc_ to test matrix

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* run isort on sdk

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update main.yml

Co-authored-by: UpGado <[email protected]>

* Implement Connection Pool support for Psycopg2 interface (#46)

* Stop using async because it becomes SyntaxError in Python>=3.7

* add .flake8 file

* Style changes to please Flake8

* Run Python lint commands in correct path

* add setup.py to flake8 exclude

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pyproject.toml for Black

* export Authenticator from __init__.py

* Move Psycopg2 into its own submodule

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pool.py

* move examples to separate folder

* add testing for xorBytes func

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove logging from examples

* remove unused import

* add clarifying comment

* add __init__.py and move functionality to separate file

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove unused import

* add tests for PG2 pool

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

Co-authored-by: UpGado <[email protected]>

* Security hardening (#47)

* Security hardening

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update tests

* Use role ARN

* Support Go calls and aim tests at real AWS

* Change verifyIdentity to getIdentity

* Fix overzealous find and replace

* Update all protobufs and related code

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update code to match protos

* Correct python code type errs

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update protobufs per discussion

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update Go tests

* Update Makefile

* Properly pull env var into Makefile

* Try again with TEST_IAM_ROLE

* Add env var to workflow yaml

* Pass TEST_IAM_ROLE into Python tests too

* Confirm Vault secret was fully written

* increase err output

* Search for role arns in the db

* Revert mount change because need to enable build kit

Co-authored-by: tyrannosaurus-becks <[email protected]>

* Add mutex to protect int from races (#54)

* Security hardening from fuzzing (#58)

* Add fuzzing test for authenticator request receiving methods

* Add test for xorBytes

* Fix import order

* Propagate WriteString err

* Add docs (#59)

* add gatsby docs

* update docs

* add makefile for running site

* first draft quickstart and overview

* rename quickstart file

* update quickstart

* add architecture diagram

* reference arch in overview

* Update README with docs and credits (#60)

* Add pytest-parallel (#62)

* Add support for Asyncpg (#52)

* Stop using async because it becomes SyntaxError in Python>=3.7

* add .flake8 file

* Style changes to please Flake8

* Run Python lint commands in correct path

* add setup.py to flake8 exclude

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pyproject.toml for Black

* export Authenticator from __init__.py

* Move Psycopg2 into its own submodule

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pool.py

* move examples to separate folder

* add testing for xorBytes func

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove logging from examples

* remove unused import

* add clarifying comment

* add __init__.py and move functionality to separate file

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove unused import

* add tests for PG2 pool

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Implement _postgres/ submodule for common Postgres code

* fix bug when multiple messages being parsed

* update path of variables

* Asyncpg support

* Add asyncpg example

* style fixes

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove unused import

* add tests for asyncpg support

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pytest-asyncio to Dockerfile

* add asyncpg to Dockerfile"

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Less intrusive asyncpg connection method

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* move connect method behind interface

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add asyncpg pool functionality

* fix missing import

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Implement AuthClient.attribution_info (#63)

* Stop using async because it becomes SyntaxError in Python>=3.7

* add .flake8 file

* Style changes to please Flake8

* Run Python lint commands in correct path

* add setup.py to flake8 exclude

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add pyproject.toml for Black

* export Authenticator from __init__.py

* add testing for xorBytes func

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* switch around interface

* update client to match

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update code to reference AuthClient

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* fix default authenticator for psycopg2

* use default authenticator client in one of tests

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* add default auth client to asyncpg test

* add use default auth client in asyncpg

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

Co-authored-by: UpGado <[email protected]>

* add tests for parse_msg and construct_msg

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

Co-authored-by: UpGado <[email protected]>

* Add automatic ARN determination (#64)

* Support iam from local environment

* Strip unused import

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Minimize STS calls

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

Co-authored-by: tyrannosaurus-becks <[email protected]>

* Add environmental configuration and docs (#69)

* Code nit picks (#72)

* Move Go code around

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Indicate that the ctx variables are unused

* Add increment counter method

Co-authored-by: tyrannosaurus-becks <[email protected]>

* Implement Sphinx integration as a route within Gatsby server (#70)

* Switch over to using Poetry

* Add Sphinx to project structure

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* rename SDK to Languages

* rename sphinx title

* Gatsby serve static even in develop mode

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add docs/static/api/ to .gitignore

* add test.html static file

* Add sphinx to npm build

* try to make netlify run Python 3.7

* add runtime.txt

* Turn many submodules into private members

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* add module to conf.py

* add sphinx-apidoc

* change theme to default

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* install dependencies in netlify

* point netlify to use poetry

* add pytest-parallel to pyproject.toml

* netlify install libpq-dev

* move pytest-parallel to dev deps

* sudo apt installg

* ignore error in netlify env

* Update Makefile

* Update Makefile

* Update pyproject.toml

* Update Makefile

* Update Makefile

* Update Makefile

* put psycopg2 back in pyproject.toml

* add pytets-asyncio to pyprojecttoml

* test

* Update Makefile

* try run sphinx in poetry

* remove psycopg2 on netlify env

* ignore many errors

* try removing lock file

* use sed to remove psycopg2 from deps

* sed in place

* give up on psycopg2-binary on netlify

* Add mock importg

* remove psycopg2 when building docs

* Update .gitignore

* Update Makefile

* Delete test.html

* Delete tox.ini

* Update docs/src/pages/languages/python.mdx

Co-authored-by: Becca Petrin <[email protected]>

* add route paths to language

* add routes to pages

* update compatibility page

* fix working links

Co-authored-by: UpGado <[email protected]>
Co-authored-by: Becca Petrin <[email protected]>

* Include AWS platforms in docs (#76)

* Include AWS platforms in docs

* Add quotation marks

* Add note that passwords arent in client memory

* Update Vault docs

* Add support for using a Vault token sink file (#78)

* Add Docstrings to Python SDK (#77)

* fix lock and pyproject.toml

* change docs into one page

* remove psycopg2 from import mock

* Use psycopg2-binary instead in netlify

* restructure package doc page

* Add docstrings

* Add psycopg2 pool example

* fix long lines

* add examples to asyncpg docstrings

* Add API Doc to TOC

* fix long line

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

Co-authored-by: UpGado <[email protected]>

* Update docs (#79)

* update examples

* Fix typo

* delete unused code

* update overview

* update overview

* add documentation for setting default auth client

* rename api to api reference

* add example to Python SDK page

* remove examples from sidebar

* make examples subheader

* remove examples from sidebar

* Add JSON attribution_info to authenticator (#84)

* Show automatically determiend ARN in attribution_info

* Add attribution_info_json to authenticator object

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add attribution_info_json docstring

* Update docstring

Co-authored-by: UpGado <[email protected]>

* Create CODE_OF_CONDUCT.md (#86)

* Create CODE_OF_CONDUCT.md

* Move code to .github folder

* Update issue templates (#87)

* Update issue templates

* Strip smartphone references

* Strip note about browser

* Improve server-side logging (#85)

* Improve server-side logging

* Make redaction less brittle

* Add how to securely disclose vulnerabilities and get support (#89)

* Add avenue for responsible disclosure and support

* Add secure disclosure and support instrucations

* Update README.md

Co-authored-by: Dio Gado <[email protected]>

Co-authored-by: Dio Gado <[email protected]>

* Add readthedocs integration (#90)

* explicitly specify master_doc

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* add .readthedocs.yml

* update readthedocs.yml

* Add extra_dependencies to .readthedocs.yml

* fix path

* Use optional deps in poetry config

* Add docs badge to README.md

* fix hyperlink

* add build status badge

* Fix status badge

* updated Dockerfile to install all libs

* update poetry.lock

Co-authored-by: UpGado <[email protected]>

* Improved protobufs by adding `PasswordRequest` (#93)

* Update protobufs on Authenticator side

* Update Makefile for new directory structure

* Update gRPC code in Python SDK

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove oneof in protobut because it complicates Go code

* Update Go tests for new protobufs

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Pass logger to getPassword

Co-authored-by: UpGado <[email protected]>

* Disable test parallelism (#91)

* Fix isort change in Github actions workflow (#97)

* Update main.yml

* Update main.yml

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Fix lint tools versions in CI

Co-authored-by: UpGado <[email protected]>

* Skip flaky test (#98)

* Add MySQL connector support (#94)

* Update protobufs on Authenticator side

* Update Makefile for new directory structure

* Update gRPC code in Python SDK

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove oneof in protobut because it complicates Go code

* Update Go tests for new protobufs

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add MySQL connector support to Python SDK

* Add MySQL SHA1 hash support to Authenticator

* Add MYSQL methods to Authenticator

* Add import _mysql

* Add MySQL connector to pyproject.toml

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update poetry.lock

* Update Makefile and docker-compose files to add MySQL

* Update Python SDK protobuf

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* add docstring to MySQL

* Add MySQL connector example

* fix long line

* Add doc section for approzium.mysql.connector

* fix indentation

* patch MySQLConnection instead of its property

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add _parse_kwargs func

* Add MySQL connector pooling

* Add MySQL pool example

* Add MySQL pool example

* remove unused imports

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add MySQL pooling to docs

* Add tests for authenticator.GetMYSQLSHA1Hash

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Specify sha1 in mysql server host name

* correct service name in docker-compose.test.yml

* Fix hostname in Makefile

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Remove log statement in favor of reqlogger

* Add fuzz test for MySQLSHA1

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* fix pass logger instead of context

* Fix passing authenticator in MySQL connector

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Fix MySQL _parse_kwargs

* Add MySQL connector pool test

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Rename HOST to ADDR to be more precise in Makefile

* update compatibility page

* Add note to MySQL connector docstring

* change API doc page title

* update MySQL connector example

* Update API reference page title

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

Co-authored-by: UpGado <[email protected]>
Co-authored-by: Becca Petrin <[email protected]>
Co-authored-by: tyrannosaurus-becks <[email protected]>

* Add server-side metrics with Prometheus support (#95)

* Add server-side metrics with Prometheus support

* Add health endpoint and document HA (#96)

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Improve column label

* Add authType type

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add link to configuration docs

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update gRPC port from 6000 to 6001

* Add metric tracker for new request

* Update new test

Co-authored-by: tyrannosaurus-becks <[email protected]>

* Improve Python SDK Docs (#100)

* Update protobufs on Authenticator side

* Update Makefile for new directory structure

* Update gRPC code in Python SDK

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* remove oneof in protobut because it complicates Go code

* Update Go tests for new protobufs

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add MySQL connector support to Python SDK

* Add MySQL SHA1 hash support to Authenticator

* Add MYSQL methods to Authenticator

* Add import _mysql

* Add MySQL connector to pyproject.toml

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update poetry.lock

* Update Makefile and docker-compose files to add MySQL

* Update Python SDK protobuf

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* add docstring to MySQL

* Add MySQL connector example

* fix long line

* Add doc section for approzium.mysql.connector

* fix indentation

* patch MySQLConnection instead of its property

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add _parse_kwargs func

* Add MySQL connector pooling

* Add MySQL pool example

* Add MySQL pool example

* remove unused imports

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add MySQL pooling to docs

* Add tests for authenticator.GetMYSQLSHA1Hash

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Specify sha1 in mysql server host name

* correct service name in docker-compose.test.yml

* Fix hostname in Makefile

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Remove log statement in favor of reqlogger

* Add fuzz test for MySQLSHA1

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* fix pass logger instead of context

* Fix passing authenticator in MySQL connector

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Fix MySQL _parse_kwargs

* Add MySQL connector pool test

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Rename HOST to ADDR to be more precise in Makefile

* update compatibility page

* Add note to MySQL connector docstring

* change API doc page title

* update MySQL connector example

* Update API reference page title

* Add getting started page

* Add link

* try to add link

* add getting-started to TOC

* add getting-started to TOC

* mend

* mend

* mend

* add table

* update table

* update table

* update table

* update table

* update table

* Add Usage section

* Update userguide

* Update userguide

* add other links to TOC

* add slack link

* Specify readthedocs theme

* flatten headers in userguide.rst

* flatten headers in userguide.rst

* Flatten API docs

* Add a word

* Add link to general documentationg

* fix link

* add examples page

* Consolidate examples

* Reference examples files in docs

* Fix multiline docstring

* remove old examples

* fix mysql connector example

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Change port 6000 to 6001 in examples

Co-authored-by: UpGado <[email protected]>

* Split CI workflow into test and lint workflows (#101)

* Split workflow into two workflows

* Add names to workflows

* Separate badges in README.md

* Enable testing with base AWS identity and optionally with assumable AWS role (#105)

* Update README

* Rename examples to avoid namespace conflict

* Automatically determine IAM_TEST_ROLE

* WIP update README.md instructions

* WIP update README.md instructions

* Rename TEST_IAM_ROLE to TEST_ASSUMABLE_ARN

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Add TEST_BASE_ARN to seed commands

* README: add instruction to enable approzium path

* Run Python tests using both base and assumable AWS roles

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* more beautiful Makefile

* Rename variable in test workflow

* one less hop in Makefile

* reqire dc-build before test target

* less redundant

* update outdated term

* remove dead code

* Make TestMetrics an acceptance test

Co-authored-by: Becca Petrin <[email protected]>
Co-authored-by: UpGado <[email protected]>

* Add ability to configure authenticator using config YAML (#106)

* Use cleanenv for config reading

* run go mod tidy

* Add read config from file option

* Add note to self to update docs

* Add table to configuation page

* Remove building Python docs in Netlify

* Complete table

* Finish configuration table

* remove old tag

* Better comment

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Update configuration page

* Switch to viper

* remove comment

* Add reading config from yaml:

* update configuration doc

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* empty approzium_config.yml

* Fix redefining pflags on each invocation

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Rename approzium_config.yml to approzium.config.yml

* add example data in approzium.config.yml

* clarify doc

Co-authored-by: UpGado <[email protected]>

* Fix running approzium.psycopg2 on OSX (#109)

* use find_library to find libpq

* add warning to approzium.psycopg2.connect

* Replace approzium org with cyralinc (#114)

* Create LICENSE (#115)

* Update issue templates (#116)

* Create CONTRIBUTING.md (#117)

* Create CONTRIBUTING.md

* Move to .github folder

* fix examples paths (#122)

* Docasaurus (#110)

* init docasaurus

* transfer existing content from docz to docasaurus

* add .DS_Store to .gitignore

* add architecture diagram

* add logo, change colors

* add @docusaurus/plugin-ideal-image

* add makefile

* remove docasaurus docs

* update link to python client library api

* add roadmap to sidebar

* add security model to docs

* nit pick

* Add external link symbol for Python API doc

* fix broken links on overview page

* remove features

* Add examples page

* udpate overview

* update home page

* add info modal

* update css

* update docasaurus config

* move documentaiton navlink

* swizzle footer and navbar

* swizzle codeblock

* fix info modal styling

* fix info modal interaction

* style code, links

* adjust code margin

* update button color

* update code styling

* add blurb for architecture diagram

* init docasaurus

* transfer existing content from docz to docasaurus

* add .DS_Store to .gitignore

* add architecture diagram

* add logo, change colors

* add @docusaurus/plugin-ideal-image

* add makefile

* remove docasaurus docs

* update link to python client library api

* add roadmap to sidebar

* add security model to docs

* nit pick

* Add external link symbol for Python API doc

* fix broken links on overview page

* Add examples page

* remove features

* udpate overview

* update home page

* add info modal

* update css

* update docasaurus config

* move documentaiton navlink

* swizzle footer and navbar

* swizzle codeblock

* fix info modal styling

* fix info modal interaction

* style code, links

* adjust code margin

* update button color

* add blurb for architecture diagram

* update code styling

* updated configuration docs

Co-authored-by: Dio Gado <[email protected]>

* Add support for TLS and dev mode (#111)

* Add support for TLS and dev mode

* Update health check

* Always err when TLS is enabled but no cert/key

* Fix err output

* Changes from feedback

* Fix linting issues

* Automatic lint

Signed-off-by: GitHub Actions Bot <[email protected]>

* Fix conftest.py

* Fix incorrect parameter

* Continue to fix the trail of typos <sob>

* Add disable_tls param to AuthClient

* Move TLS example

* Remove diff markup

* Add TLS example

Co-authored-by: tyrannosaurus-becks <[email protected]>

* Add ability to cut binaries (#124)

* split authenticator into two images (#128)

Co-authored-by: root <[email protected]>
Co-authored-by: Timothy Nguyen <[email protected]>
Co-authored-by: Dio Gado <[email protected]>
Co-authored-by: Timothy Nguyen <[email protected]>
Co-authored-by: Dio Gado <[email protected]>
Co-authored-by: UpGado <[email protected]>
Co-authored-by: tyrannosaurus-becks <[email protected]>

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [email protected]. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq

.github/CONTRIBUTING.md

@@ -0,0 +1,15 @@
+# Contributing
+
+We appreciate community pull requests and have placed this guide here to help you write a complete pull request
+in as few iterations as possible.
+
+A PR that's ready for review has the following components:
+
+- The code that's being changed.
+- Acceptance tests that cover the code's sunny path for all changed fields.
+- Updated docs.
+- A link to any issues the PR closes, though it isn't required that a PR be related to an open issue.
+
+Thank you!
+
+:+1::tada:

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,31 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Version [e.g. 22]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/workflows/lint.yml

@@ -0,0 +1,34 @@
+name: lint
+on:
+  push:
+    branches: [ '*' ]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: gofmt
+        run: gofmt -s -w .
+
+      - name: Setup Python
+        uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+
+      - name: Install Python lint libraries
+        run: |
+          pip install isort==5.0.2 black==19.10b0 flake8==3.8.3
+
+      - run: cd sdk/python && isort .
+      - run: cd sdk/python && black .
+      - run: cd sdk/python && flake8
+
+      # commit changes
+      - uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          commit_message: Automatic lint
+          commit_options: '--no-verify --signoff'
+          repository: .
+          commit_user_name: GitHub Actions Bot

.github/workflows/test.yml

@@ -0,0 +1,30 @@
+name: test
+on:
+  push:
+    branches: [ '*' ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Run docker-compose build
+        run: make dc-build
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-east-1
+
+      - name: Run Go tests
+        run: make run-in-docker CMD="make run-gotests"
+        env:
+          TEST_ASSUMABLE_ARN: ${{ secrets.TEST_ASSUMABLE_ARN }}
+
+      - name: Run Python tests
+        run: make run-in-docker CMD="make run-pythontests"
+        env:
+          TEST_ASSUMABLE_ARN: ${{ secrets.TEST_ASSUMABLE_ARN }}