Core db stubs and create flow

cmd/devinit/core_db_api.go

@@ -0,0 +1,30 @@
+package devinit
+
+import (
+	"net"
+	"path"
+)
+
+func (c *Config) makeCoreDBApi() error {
+
+	var err error
+
+	c.coreDBApiTlsKey, err = getOrCreatePrivateKey(path.Join(CoreDBApiDir, "tls.key"))
+	if err != nil {
+		return err
+	}
+
+	c.coreDBApiTlsCert, err = getOrCreateServerCert(
+		path.Join(CoreDBApiDir, "tls.crt"),
+		c.coreDBApiTlsKey,
+		c.rootCa,
+		c.rootCaKey,
+		[]string{"localhost", "core.dev"},
+		[]net.IP{net.IPv6loopback, net.ParseIP("127.0.0.1")},
+	)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

cmd/devinit/main.go

@@ -6,7 +6,14 @@ import (
 	"crypto/x509"
 	"encoding/json"
 	"fmt"
-	"github.com/dustinkirkland/golang-petname"
+	"math/rand"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"time"
+
+	petname "github.com/dustinkirkland/golang-petname"
 	"github.com/manifoldco/promptui"
 	"github.com/nrc-no/core/pkg/api/types"
 	"github.com/nrc-no/core/pkg/server/options"
@@ -18,12 +25,6 @@ import (
 	"go.uber.org/zap"
 	"golang.org/x/sync/errgroup"
 	"gopkg.in/yaml.v3"
-	"math/rand"
-	"os"
-	"os/exec"
-	"path"
-	"path/filepath"
-	"time"
 )
 
 var (
@@ -36,6 +37,7 @@ var (
 	CoreAppFrontendDir   string
 	CoreAdminFrontendDir string
 	CoreFormsApiDir      string
+	CoreDBApiDir         string
 	CoreAuthnzApiDir     string
 	CoreAuthnzBouncerDir string
 	LoginDir             string
@@ -130,6 +132,8 @@ type Config struct {
 	coreApiHashKey            string
 	coreFormsApiTlsCert       *x509.Certificate
 	coreFormsApiTlsKey        *rsa.PrivateKey
+	coreDBApiTlsCert          *x509.Certificate
+	coreDBApiTlsKey           *rsa.PrivateKey
 	coreAppFrontendClientId   string
 	coreAppFrontendTlsCert    *x509.Certificate
 	coreAppFrontendTlsKey     *rsa.PrivateKey
@@ -258,6 +262,7 @@ func createConfig() (*Config, error) {
 		config.makeLogin,
 		config.makeHydra,
 		config.makeCoreFormsApi,
+		config.makeCoreDBApi,
 		config.makeCoreAuthnzApi,
 		config.makeAppFrontend,
 		config.makeAdminFrontend,
@@ -460,6 +465,7 @@ func init() {
 	CoreAppFrontendDir = path.Join(CoreDir, "app_frontend")
 	CoreAdminFrontendDir = path.Join(CoreDir, "admin_frontend")
 	CoreFormsApiDir = path.Join(CoreDir, "forms_api")
+	CoreDBApiDir = path.Join(CoreDir, "core_db_api")
 	CoreAuthnzApiDir = path.Join(CoreDir, "authnz_api")
 	CoreAuthnzBouncerDir = path.Join(CoreDir, "authnz_bouncer")
 }

cmd/migrate.go

@@ -2,6 +2,7 @@ package cmd
 
 import (
 	"github.com/nrc-no/core/pkg/logging"
+	coreDBModel "github.com/nrc-no/core/pkg/server/core-db/models"
 	loginstore "github.com/nrc-no/core/pkg/server/login/store"
 	"github.com/nrc-no/core/pkg/store"
 	"github.com/spf13/cobra"
@@ -36,6 +37,10 @@ var migrateCmd = &cobra.Command{
 			l.Error("failed to migrate login store", zap.Error(err))
 			return err
 		}
+		if err := coreDBModel.Migrate(db); err != nil {
+			l.Error("failed to migrate core DB store", zap.Error(err))
+			return err
+		}
 		l.Info("successfully applied migrations")
 		return nil
 	},

cmd/serve_all.go

@@ -3,6 +3,7 @@ package cmd
 import (
 	authnzapiserver "github.com/nrc-no/core/pkg/server/authnzapi"
 	"github.com/nrc-no/core/pkg/server/authnzbouncer"
+	coreDBServer "github.com/nrc-no/core/pkg/server/core-db"
 	formsapiserver "github.com/nrc-no/core/pkg/server/formsapi"
 	"github.com/nrc-no/core/pkg/server/login"
 	"github.com/spf13/cobra"
@@ -16,6 +17,13 @@ var serveAllCmd = &cobra.Command{
 		if err := initStoreFactory(); err != nil {
 			return err
 		}
+		if err := serveCoreDBApi(ctx,
+			coreDBServer.Options{
+				ServerOptions: coreOptions.Serve.CoreDBApi,
+				StoreFactory:  factory,
+			}); err != nil {
+			return err
+		}
 		if err := serveFormsApi(ctx,
 			formsapiserver.Options{
 				ServerOptions: coreOptions.Serve.FormsApi,

cmd/serve_core_db_api.go

@@ -0,0 +1,40 @@
+package cmd
+
+import (
+	"context"
+
+	coreDBServer "github.com/nrc-no/core/pkg/server/core-db"
+	"github.com/spf13/cobra"
+)
+
+var serveCoreDBCmd = &cobra.Command{
+	Use:   "core-db-api",
+	Short: "starts the core-db-api server",
+	RunE: func(cmd *cobra.Command, args []string) error {
+		if err := initStoreFactory(); err != nil {
+			return err
+		}
+		if err := serveCoreDBApi(ctx,
+			coreDBServer.Options{
+				ServerOptions: coreOptions.Serve.CoreDBApi,
+				StoreFactory:  factory,
+			}); err != nil {
+			return err
+		}
+		<-doneSignal
+		return nil
+	},
+}
+
+func init() {
+	serveCmd.AddCommand(serveCoreDBCmd)
+}
+
+func serveCoreDBApi(ctx context.Context, options coreDBServer.Options) error {
+	server, err := coreDBServer.NewServer(options)
+	if err != nil {
+		return err
+	}
+	server.Start(ctx)
+	return nil
+}

configs/config.yaml

@@ -61,6 +61,36 @@ serve:
       enabled: true
       exposed_headers:
         - Location
+  core_db_api:
+    host: "0.0.0.0"
+    port: "9010"
+    tls:
+      enabled: true
+      cert:
+        path: creds/core/core_db_api/tls.crt
+      key:
+        path: creds/core/core_db_api/tls.key
+    cors:
+      allowed_origins:
+        - https://localhost:3000
+        - http://localhost:3000
+        - https://localhost:19006
+        - http://localhost:19006
+      allow_credentials: true
+      allowed_headers:
+        - Authorization
+        - Content-Type
+        - Accept
+      allowed_methods:
+        - "GET"
+        - "POST"
+        - "PUT"
+        - "OPTIONS"
+        - "DELETE"
+      debug: true
+      enabled: true
+      exposed_headers:
+        - Location
   login:
     host: "127.0.0.1"
     port: "9002"

deployments/envoy-local.yaml

@@ -225,6 +225,22 @@ static_resources:
         name: envoy.transport_sockets.tls
         typed_config:
           "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+    - name: core-db-api
+      type: STRICT_DNS
+      lb_policy: ROUND_ROBIN
+      load_assignment:
+        cluster_name: core-db-api
+        endpoints:
+          - lb_endpoints:
+              - endpoint:
+                  address:
+                    socket_address:
+                      address: localhost
+                      port_value: 9010
+      transport_socket:
+        name: envoy.transport_sockets.tls
+        typed_config:
+          "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
     - name: core-admin-api
       type: STRICT_DNS
       lb_policy: ROUND_ROBIN

deployments/envoy.yaml

@@ -225,6 +225,22 @@ static_resources:
         name: envoy.transport_sockets.tls
         typed_config:
           "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+    - name: core-db-api
+      type: STRICT_DNS
+      lb_policy: ROUND_ROBIN
+      load_assignment:
+        cluster_name: core-db-api
+        endpoints:
+          - lb_endpoints:
+              - endpoint:
+                  address:
+                    socket_address:
+                      address: localhost
+                      port_value: 9010
+      transport_socket:
+        name: envoy.transport_sockets.tls
+        typed_config:
+          "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
     - name: core-admin-api
       type: STRICT_DNS
       lb_policy: ROUND_ROBIN