Successful pairing w/ D summit!

Dockerfile

@@ -10,8 +10,8 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
     --mount=type=bind,target=/src <<"EOT" /bin/sh
     for target in vessel summit
     do
-      cargo build --release -p "$target"
-      cp "/tmp/target/release/$target" /
+      cargo build -p "$target"
+      cp "/tmp/target/debug/$target" /
     done
 EOT
 

crates/service-core/Cargo.toml

@@ -8,3 +8,4 @@ bitflags.workspace = true
 http.workspace = true
 serde.workspace = true
 strum.workspace = true
+thiserror.workspace = true

crates/service-core/src/role.rs

@@ -1,16 +1,19 @@
 //! Defines the role a service plays in the infrastructure
 use serde::{Deserialize, Serialize};
+use thiserror::Error;
 
 /// Service role
 #[derive(Debug, Clone, Copy, PartialEq, Eq, strum::Display, strum::EnumString, Serialize, Deserialize)]
+#[serde(into = "u8", try_from = "u8")]
 #[strum(serialize_all = "kebab-case")]
+#[repr(u8)]
 pub enum Role {
-    /// Hub
-    Hub,
-    /// Repository Manager
-    RepositoryManager,
     /// Builder
-    Builder,
+    Builder = 1,
+    /// Repository Manager
+    RepositoryManager = 2,
+    /// Hub
+    Hub = 3,
 }
 
 impl Role {
@@ -23,3 +26,27 @@ impl Role {
         }
     }
 }
+
+impl From<Role> for u8 {
+    fn from(role: Role) -> Self {
+        role as u8
+    }
+}
+
+impl TryFrom<u8> for Role {
+    type Error = UnknownRole;
+
+    fn try_from(value: u8) -> Result<Self, Self::Error> {
+        match value {
+            1 => Ok(Role::Builder),
+            2 => Ok(Role::RepositoryManager),
+            3 => Ok(Role::Hub),
+            x => Err(UnknownRole(x)),
+        }
+    }
+}
+
+/// Unknown [`Role`] from [`u8`]
+#[derive(Debug, Error)]
+#[error("Unkown role: {0}")]
+pub struct UnknownRole(u8);

crates/service/src/crypto.rs

@@ -67,7 +67,7 @@ pub struct PublicKey(ed25519_dalek::VerifyingKey);
 impl PublicKey {
     /// Encode the public key to a string
     pub fn encode(&self) -> EncodedPublicKey {
-        EncodedPublicKey(base64::prelude::BASE64_STANDARD_NO_PAD.encode(self.0.as_bytes()))
+        EncodedPublicKey(base64::prelude::BASE64_URL_SAFE_NO_PAD.encode(self.0.as_bytes()))
     }
 
     /// Verify a signature on a message with this keypair's public key
@@ -114,7 +114,7 @@ impl EncodedPublicKey {
 
     /// Decode the string as a [`PublicKey`]
     pub fn decode(key: &str) -> Result<PublicKey, Error> {
-        let bytes = base64::prelude::BASE64_STANDARD_NO_PAD
+        let bytes = base64::prelude::BASE64_URL_SAFE_NO_PAD
             .decode(key)?
             .try_into()
             .unwrap_or_default();
@@ -132,7 +132,7 @@ pub struct EncodedSignature(String);
 impl EncodedSignature {
     /// Decode the string as a [`Signature`]
     pub fn decode(signature: &str) -> Result<Signature, Error> {
-        let bytes = base64::prelude::BASE64_STANDARD_NO_PAD
+        let bytes = base64::prelude::BASE64_URL_SAFE_NO_PAD
             .decode(signature)?
             .try_into()
             .unwrap_or([0; 64]);

crates/service/src/token.rs

@@ -174,7 +174,6 @@ pub struct Payload {
     /// Subject - Subject of the JWT (the user)
     pub sub: String,
     /// Token purpose
-    #[serde(rename = "pur")]
     pub purpose: Purpose,
     /// Account id of the holder
     #[serde(rename = "uid")]

justfile

@@ -1,18 +1,18 @@
-compose-file := "./test/docker-compose.yaml"
-uid := `id -u`
-gid := `id -g`
+export MY_UID := `id -u`
+export MY_GID := `id -g`
+export COMPOSE_FILE := "./test/docker-compose.yaml"
 
 [private]
 help:
 	@just --list
 
 [private]
 docker-build target:
-	@docker build . -t serpentos/{{target}} --target {{target}}
+	@docker build . -t serpentos/{{target}} --target {{target}} --no-cache
 
 # Build docker containers
 build: (docker-build "summit") (docker-build "vessel")
 
 # Bring up docker containers
 up: build
-	@COMPOSE_FILE={{compose-file}} MY_UID={{uid}} MY_GID={{gid}} docker-compose up	
+	docker compose up

test/docker-compose.yaml

@@ -1,15 +1,15 @@
 services:
-  summit:
-    image: serpentos/summit
-    ports:
-      - "5000:5000"
-    volumes:
-      - ./summit:/state
-    user: ${MY_UID}:${MY_GID}
-    depends_on:
-      vessel:
-        condition: service_started
-        restart: true
+  # summit:
+  #   image: serpentos/summit
+  #   ports:
+  #     - "5000:5000"
+  #   volumes:
+  #     - ./summit:/state
+  #   user: ${MY_UID}:${MY_GID}
+  #   depends_on:
+  #     vessel:
+  #       condition: service_started
+  #       restart: true
   vessel:
     image: serpentos/vessel
     ports:

test/summit/config.toml

@@ -10,9 +10,10 @@ format = "compact"
 username = "admin"
 name = "Admin"
 email = "[email protected]"
-public_key = "9eBMCOKXlF16+yCNqHhBdg7S3CY9gOu8qqH/zPX1yp0"
+public_key = "9eBMCOKXlF16-yCNqHhBdg7S3CY9gOu8qqH_zPX1yp0"
 
 [[downstream]]
 host_address = "http://vessel:5001"
-public_key = "uxV+S0soSdALp8G+IVbjJMmATzTCfA+8abkNbJ7PKt8"
-role = "RepositoryManager"
+public_key = "uxV-S0soSdALp8G-IVbjJMmATzTCfA-8abkNbJ7PKt8"
+# D serializes these as integers :/
+role = 2

test/vessel/config.toml

@@ -1,7 +1,7 @@
 description = "Vessel (test)"
 host_address = "http://vessel:5001"
 
-upstream = "gjbJc9Tyuj6nttjQBWV0E813d3ZnH2hZ9EtBEl6Tdn4"
+upstream = "5EsZZSY4BoECd1jTsTne5fXlBuVSWaFFsBSyMfpvkp0"
 
 [tracing]
 level_filter = "info,vessel=debug,service=debug"
@@ -12,4 +12,4 @@ format = "compact"
 username = "admin"
 name = "Admin"
 email = "[email protected]"
-public_key = "9eBMCOKXlF16+yCNqHhBdg7S3CY9gOu8qqH/zPX1yp0"
+public_key = "9eBMCOKXlF16-yCNqHhBdg7S3CY9gOu8qqH_zPX1yp0"