Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(BKS & BKSA): Smithy Model for HV-2 #1350

Merged
merged 25 commits into from
Mar 25, 2025
Merged

feat(BKS & BKSA): Smithy Model for HV-2 #1350

merged 25 commits into from
Mar 25, 2025

Conversation

texastony
Copy link
Contributor

@texastony texastony commented Mar 23, 2025
edited
Loading

Issue #, if available:

Smithy Model for HV-2

Description of changes:

Smithy (link to only Smithy Changes):

  • new KeyManageStrat AwsKmsSimple that will, eventually, support everything; we need this for customers to have an "idempotent" code path that works for HV-1 or HV-2; neither of the current strategies "always" work for HV-1 & HV-2
  • Various documentation fix ups

Dafny/Behavior changes (link to only Dafny Changes)

These changes prevent the execution of behaviors that have not been implemented yet;
as #1349 and #1342 land, some of these behaviors will become enabled.

  • on VersionKey, if an HV-2 is encountered, fail
  • on ApplyMutation, if an HV-2 is encountered, fail
  • on BKSA CreateKey, if HV-2 is requested, fail
  • on BKSA Initialize Mutation, if TerminalHV is 2, fail
  • on BKSA Initialize Mutation, if KeyManageStrat is AwsKmsSimple, fail
  • on BKSA Apply Mutation, if KeyManageStrat is AwsKmsSimple, fail

Dafny proof changes (link to only Dafny Changes)

  • refactored KmsUtils.dfy#keyManagerStrat to consolidate Modify expressions
  • ^ let me quickly wire up the new AwsKmsSimple
  • AND reject it for various places

Squash/merge commit message, if applicable:

feat(BKS & BKSA): Smithy Model for HV-2

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

texastony added 16 commits March 24, 2025 17:25
@texastony
feat: Smithy Model for HV-2
443c850
@texastony
chore: revise HV-2 Smithy for PR Feedback
720f939
@texastony
fix: enum names must start with a letter
51affe7
@texastony
fix: typo = -> :
962b5a4
@texastony
chore(BKS): polymorph
42d09c5
@texastony
fix: WIP but some dafny resolve and verify issues
d73d29b
@texastony
fix(BKS): revise KeyMangStrat for HV-2 as well as some docs
8ef7906
@texastony
chore(BKS): polymorph
50fd5bd
@texastony
WIP: BKS has a rsrc exhaustion problem; BKSA has 18+ errors
ad15aa9
@texastony
chore(BKSA-Dafny): kmsSimple wiring
7e97172
@texastony
chore(BKSA-Dafny): super happy with this keyManStrat abstraction
f22ed66
@texastony
chore(BKSA-Dafny): almost done with model stubbing
4a57f9b
@texastony
chore(BKSA-Dafny): almost done with model stubbing
853c9f4
@texastony
chore(BKSA-Dafny): until completion of M1, reject HV-2 on CreateKey &…
282a130 
… Mutation
@texastony
chore(BKS/A-Dafny): until later, src & tests to reject HV-2 on Versio…
cb9347b 
…nKey & Mutation
@texastony
fix(BKSA): Mutations MUST NOT default to HV-1
dc4c03f
@texastony texastony force-pushed the hv-2/smithy-model-fixes branch from 887f4ef to dc4c03f Compare March 25, 2025 00:26
@texastony texastony changed the base branch from hv-2/smithy-model to hv-2/hv-2 March 25, 2025 00:42
@texastony texastony marked this pull request as ready for review March 25, 2025 00:54
@texastony texastony requested a review from a team as a code owner March 25, 2025 00:54
@github-actions GitHub Actions
Copy link

@texastony and @imabhichow, I noticed you are updating the smithy model files.
Does this update need new or updated user documentation?
Are you adding constraints inside list, map or union? Do you know about this issue: smithy-lang/smithy-dafny#491?

@github-actions GitHub Actions
Copy link

@texastony and @texastony, I noticed you are updating the smithy model files.
Does this update need new or updated user documentation?
Are you adding constraints inside list, map or union? Do you know about this issue: smithy-lang/smithy-dafny#491?

2 similar comments
@github-actions GitHub Actions
Copy link

@texastony and @texastony, I noticed you are updating the smithy model files.
Does this update need new or updated user documentation?
Are you adding constraints inside list, map or union? Do you know about this issue: smithy-lang/smithy-dafny#491?

@github-actions GitHub Actions
Copy link

@texastony and @texastony, I noticed you are updating the smithy model files.
Does this update need new or updated user documentation?
Are you adding constraints inside list, map or union? Do you know about this issue: smithy-lang/smithy-dafny#491?

@github-actions GitHub Actions
Copy link

@texastony and @imabhichow, I noticed you are updating the smithy model files.
Does this update need new or updated user documentation?
Are you adding constraints inside list, map or union? Do you know about this issue: smithy-lang/smithy-dafny#491?

@texastony texastony changed the title fix(BKS): revise KeyMangStrat for HV-2 as well as some docs feat(BKS & BKSA): Smithy Model for HV-2 Mar 25, 2025
rishav-karanjit
rishav-karanjit approved these changes Mar 25, 2025
View reviewed changes
AwsCryptographicMaterialProviders/dafny/AwsCryptographyKeyStoreAdmin/Model/KeyStoreAdmin.smithy
@@ -56,8 +57,7 @@ service KeyStoreAdmin {
aws.cryptography.keyStore#KeyStorageException,
aws.cryptography.keyStore#VersionRaceException,
aws.cryptography.keyStore#BranchKeyCiphertextException,
aws.cryptography.keyStore#AlreadyExistsConditionFailed,
aws.cryptography.keyStore#NoLongerExistsConditionFailed,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is AlreadyExistsConditionFailed and NoLongerExistsConditionFailed not in use anywhere?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My code search in hv-2/hv-2 tells me: "No its not used"

@github-actions GitHub Actions
Copy link

@texastony and @rishav-karanjit, I noticed you are updating the smithy model files.
Does this update need new or updated user documentation?
Are you adding constraints inside list, map or union? Do you know about this issue: smithy-lang/smithy-dafny#491?

@rishav-karanjit rishav-karanjit merged commit 23bf9cd into hv-2/hv-2 Mar 25, 2025
137 checks passed
@rishav-karanjit rishav-karanjit deleted the hv-2/smithy-model-fixes branch March 25, 2025 23:06
imabhichow pushed a commit that referenced this pull request Mar 26, 2025
@texastony @imabhichow
feat(BKS & BKSA): Smithy Model for HV-2 (#1350)
de26534
imabhichow pushed a commit that referenced this pull request Apr 8, 2025
@texastony @imabhichow
feat(BKS & BKSA): Smithy Model for HV-2 (#1350)
e0022b3
texastony added a commit that referenced this pull request Apr 9, 2025
@texastony
feat(BKS & BKSA): Smithy Model for HV-2 (#1350)
768cdca
texastony added a commit that referenced this pull request Apr 9, 2025
@texastony
feat(BKS & BKSA): Smithy Model for HV-2 (#1350)
ce3fa8b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imabhichow imabhichow imabhichow left review comments

@rishav-karanjit rishav-karanjit rishav-karanjit approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@texastony @imabhichow @rishav-karanjit