Use self signed certificate when running the proxy locally

This allows us to not obtain a certificate and encrypt it with KMS when running the proxy locally during development. Also updated FOSS build dagger version. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=191746309
2025-06-27 06:44:51 +02:00 · 2018-04-05 08:37:27 -07:00 · 2018-04-05 08:37:27 -07:00 · 18a145eef1
commit 18a145eef1
parent ea891001d9
10 changed files with 157 additions and 117 deletions
--- a/java/google/registry/proxy/ProxyModule.java
+++ b/java/google/registry/proxy/ProxyModule.java
@ -232,7 +232,8 @@ public class ProxyModule {

  @Singleton
  @Provides
-  static PemBytes providePemBytes(
+  @Named("pemBytes")
+  static byte[] providePemBytes(
      CloudKMS cloudKms, @Named("encryptedPemBytes") byte[] encryptedPemBytes, ProxyConfig config) {
    String cryptoKeyUrl =
        String.format(
@ -240,15 +241,14 @@ public class ProxyModule {
            config.projectId, config.kms.location, config.kms.keyRing, config.kms.cryptoKey);
    try {
      DecryptRequest decryptRequest = new DecryptRequest().encodeCiphertext(encryptedPemBytes);
-      return PemBytes.create(
-          cloudKms
-              .projects()
-              .locations()
-              .keyRings()
-              .cryptoKeys()
-              .decrypt(cryptoKeyUrl, decryptRequest)
-              .execute()
-              .decodePlaintext());
+      return cloudKms
+          .projects()
+          .locations()
+          .keyRings()
+          .cryptoKeys()
+          .decrypt(cryptoKeyUrl, decryptRequest)
+          .execute()
+          .decodePlaintext();
    } catch (IOException e) {
      logger.severefmt(e, "PEM file decryption failed using CryptoKey: %s", cryptoKeyUrl);
      throw new RuntimeException(e);
@ -283,31 +283,6 @@ public class ProxyModule {
    return getProxyConfig(env);
  }

-  /**
-   * A wrapper class for decrypted bytes of the PEM file.
-   *
-   * <p>Note that this should not be an @AutoValue class because we need a clone of the bytes to be
-   * returned, otherwise the wrapper class becomes mutable.
-   */
-  // TODO: remove this class once FOSS build can use @BindsInstance to bind a byte[]
-  // (https://github.com/bazelbuild/bazel/issues/4138)
-  static class PemBytes {
-
-    private final byte[] bytes;
-
-    static PemBytes create(byte[] bytes) {
-      return new PemBytes(bytes);
-    }
-
-    private PemBytes(byte[] bytes) {
-      this.bytes = bytes;
-    }
-
-    byte[] getBytes() {
-      return bytes.clone();
-    }
-  }
-
  /** Root level component that exposes the port-to-protocol map. */
  @Singleton
  @Component(