Update deps to use generics (#2346)

Author: sethvargo

go.mod

@@ -16,7 +16,7 @@ require (
 	github.com/golang-migrate/migrate/v4 v4.15.1
 	github.com/golangci/golangci-lint v1.45.2
 	github.com/gonum/matrix v0.0.0-20181209220409-c518dec07be9
-	github.com/google/exposure-notifications-server v1.9.0
+	github.com/google/exposure-notifications-server v1.9.1-0.20220502192432-162cbaadfd29
 	github.com/google/go-cmp v0.5.7
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/handlers v1.5.1
@@ -115,6 +115,7 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/denis-tingaikin/go-header v0.4.3 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
+	github.com/docker/docker v20.10.14+incompatible // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
 	github.com/esimonov/ifshort v1.0.4 // indirect
@@ -140,6 +141,7 @@ require (
 	github.com/gobwas/pool v0.2.1 // indirect
 	github.com/gobwas/ws v1.1.0 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
+	github.com/gofrs/uuid v4.2.0+incompatible // indirect
 	github.com/golang-jwt/jwt/v4 v4.4.1 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
@@ -289,6 +291,7 @@ require (
 	github.com/yeya24/promlinter v0.1.1-0.20210918184747-d757024714a1 // indirect
 	gitlab.com/bosi/decorder v0.2.1 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/goleak v1.1.12 // indirect
 	go.uber.org/multierr v1.8.0 // indirect
 	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
 	golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e // indirect

go.sum

@@ -487,8 +487,9 @@ github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TT
 github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v20.10.9+incompatible h1:JlsVnETOjM2RLQa0Cc1XCIspUdXW3Zenq9P54uXBm6k=
 github.com/docker/docker v20.10.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v20.10.14+incompatible h1:+T9/PRYWNDo5SZl5qS1r9Mo/0Q8AwxKKPtu9S1yxM0w=
+github.com/docker/docker v20.10.14+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
@@ -665,8 +666,9 @@ github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5x
 github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw=
 github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU=
 github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
-github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
 github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/gofrs/uuid v4.2.0+incompatible h1:yyYWMnhkhrKwwr8gAOcOCYxOOscHgDS9yZgBrnJfGa0=
+github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU=
 github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
@@ -765,8 +767,8 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/certificate-transparency-go v1.0.21/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg=
 github.com/google/certificate-transparency-go v1.1.1/go.mod h1:FDKqPvSXawb2ecErVRrD+nfy23RCzyl7eqVCEmlT1Zs=
-github.com/google/exposure-notifications-server v1.9.0 h1:/fhehXwmFP4mOU8XR8kdZ+eO3G18bO4l2nhgVresH7E=
-github.com/google/exposure-notifications-server v1.9.0/go.mod h1:Ws5vVVc7e+CqrSWEj3yd8DFeYm/QVcLXu4Fn1xobnvo=
+github.com/google/exposure-notifications-server v1.9.1-0.20220502192432-162cbaadfd29 h1:zppZkpyL21AvnWUFTJIrKWNXwhKIZar+xXo7n5DPNS4=
+github.com/google/exposure-notifications-server v1.9.1-0.20220502192432-162cbaadfd29/go.mod h1:Ws5vVVc7e+CqrSWEj3yd8DFeYm/QVcLXu4Fn1xobnvo=
 github.com/google/flatbuffers v2.0.0+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -1734,8 +1736,9 @@ go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI=
 go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
 go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=

pkg/controller/certapi/certapi.go

@@ -38,8 +38,8 @@ type Controller struct {
 	db          *database.Database
 	cacher      vcache.Cacher
 	h           *render.Renderer
-	pubKeyCache *keyutils.PublicKeyCache // Cache of public keys for verification token verification.
-	signerCache *cache.Cache             // Cache signers on a per-realm basis.
+	pubKeyCache *keyutils.PublicKeyCache  // Cache of public keys for verification token verification.
+	signerCache *cache.Cache[*SignerInfo] // Cache signers on a per-realm basis.
 	kms         keys.KeyManager
 }
 
@@ -50,7 +50,7 @@ func New(ctx context.Context, config *config.APIServerConfig, db *database.Datab
 	}
 
 	// This has to be in-memory because the signer has state and connection pools.
-	signerCache, err := cache.New(config.CertificateSigning.SignerCacheDuration)
+	signerCache, err := cache.New[*SignerInfo](config.CertificateSigning.SignerCacheDuration)
 	if err != nil {
 		return nil, fmt.Errorf("cannot create signer cache, likely invalid duration: %w", err)
 	}

pkg/controller/certapi/signers.go

@@ -40,9 +40,9 @@ func (c *Controller) getSignerForAuthApp(ctx context.Context, authApp *database.
 
 // GetSignerForRealm gets the certificate signer info for the given realm.
 func GetSignerForRealm(ctx context.Context, realmID uint,
-	cfg config.CertificateSigningConfig, cache *cache.Cache, db *database.Database, kms keys.KeyManager) (*SignerInfo, error) {
-	signerCache, err := cache.WriteThruLookup(fmt.Sprintf("%d", realmID),
-		func() (interface{}, error) {
+	cfg config.CertificateSigningConfig, cache *cache.Cache[*SignerInfo], db *database.Database, kms keys.KeyManager) (*SignerInfo, error) {
+	signer, err := cache.WriteThruLookup(fmt.Sprintf("%d", realmID),
+		func() (*SignerInfo, error) {
 			realm, err := db.FindRealm(realmID)
 			if err != nil {
 				return nil, fmt.Errorf("unable to load realm settings: %w", err)
@@ -85,9 +85,5 @@ func GetSignerForRealm(ctx context.Context, realmID uint,
 	if err != nil {
 		return nil, fmt.Errorf("unable to get signer for realmID: %d: %w", realmID, err)
 	}
-	signer, ok := signerCache.(*SignerInfo)
-	if !ok {
-		return nil, fmt.Errorf("certificate signer in wrong format for realmID: %d: %w", realmID, err)
-	}
 	return signer, nil
 }

pkg/controller/issueapi/controller.go

@@ -27,32 +27,36 @@ import (
 	"github.com/google/exposure-notifications-verification-server/pkg/config"
 	"github.com/google/exposure-notifications-verification-server/pkg/database"
 	"github.com/google/exposure-notifications-verification-server/pkg/render"
+	"github.com/google/exposure-notifications-verification-server/pkg/sms"
 
 	"github.com/google/exposure-notifications-server/pkg/cache"
 	"github.com/sethvargo/go-limiter"
 	"go.opencensus.io/tag"
 )
 
 type Controller struct {
-	config     config.IssueAPIConfig
-	db         *database.Database
-	localCache *cache.Cache
-	limiter    limiter.Store
-	smsSigner  keys.KeyManager
-	h          *render.Renderer
+	config           config.IssueAPIConfig
+	db               *database.Database
+	smsSignerCache   *cache.Cache[*cachedSMSSigner]
+	smsProviderCache *cache.Cache[sms.Provider]
+	limiter          limiter.Store
+	smsSigner        keys.KeyManager
+	h                *render.Renderer
 }
 
 // New creates a new IssueAPI controller.
 func New(cfg config.IssueAPIConfig, db *database.Database, limiter limiter.Store, smsSigner keys.KeyManager, h *render.Renderer) *Controller {
-	localCache, _ := cache.New(30 * time.Second)
+	smsSignerCache, _ := cache.New[*cachedSMSSigner](30 * time.Second)
+	smsProviderCache, _ := cache.New[sms.Provider](30 * time.Second)
 
 	return &Controller{
-		config:     cfg,
-		db:         db,
-		localCache: localCache,
-		limiter:    limiter,
-		smsSigner:  smsSigner,
-		h:          h,
+		config:           cfg,
+		db:               db,
+		smsSignerCache:   smsSignerCache,
+		smsProviderCache: smsProviderCache,
+		limiter:          limiter,
+		smsSigner:        smsSigner,
+		h:                h,
 	}
 }
 

pkg/controller/issueapi/issue.go

@@ -199,22 +199,18 @@ func (c *Controller) smsProviderFor(ctx context.Context, realm *database.Realm,
 	}
 
 	key := fmt.Sprintf("realm:%d:sms_provider:user_report:%v", realm.ID, appendKey)
-	result, err := c.localCache.WriteThruLookup(key, func() (interface{}, error) {
+	result, err := c.smsProviderCache.WriteThruLookup(key, func() (sms.Provider, error) {
 		return realm.SMSProvider(c.db, opts...)
 	})
 	if err != nil {
 		return nil, err
 	}
+	return result, nil
+}
 
-	if result == nil {
-		return nil, nil
-	}
-	typ, ok := result.(sms.Provider)
-	if !ok {
-		return nil, fmt.Errorf("invalid type %T", result)
-	}
-
-	return typ, nil
+type cachedSMSSigner struct {
+	signer crypto.Signer
+	keyID  string
 }
 
 // smsSignerFor returns the sms signer for the given realm. It pulls the value
@@ -225,13 +221,8 @@ func (c *Controller) smsSignerFor(ctx context.Context, realm *database.Realm) (c
 		return nil, "", nil
 	}
 
-	type cachedSMSSigner struct {
-		signer crypto.Signer
-		keyID  string
-	}
-
 	key := fmt.Sprintf("realm:%d:sms_signer", realm.ID)
-	result, err := c.localCache.WriteThruLookup(key, func() (interface{}, error) {
+	result, err := c.smsSignerCache.WriteThruLookup(key, func() (*cachedSMSSigner, error) {
 		signingKey, err := realm.CurrentSMSSigningKey(c.db)
 		if err != nil {
 			return nil, fmt.Errorf("failed to get current sms signing key: %w", err)
@@ -250,16 +241,10 @@ func (c *Controller) smsSignerFor(ctx context.Context, realm *database.Realm) (c
 	if err != nil {
 		return nil, "", err
 	}
-
 	if result == nil {
 		return nil, "", nil
 	}
-	typ, ok := result.(*cachedSMSSigner)
-	if !ok {
-		return nil, "", fmt.Errorf("invalid type %T", result)
-	}
-
-	return typ.signer, typ.keyID, nil
+	return result.signer, result.keyID, nil
 }
 
 // errorAll sets the ErrorReturn on all results to the provided value.

pkg/controller/middleware/chaff.go

@@ -44,7 +44,7 @@ func ChaffHeaderDetector() chaff.Detector {
 //
 // cache.New only returns an error if the duration is negative, so we ignore the
 // error here.
-var localChaffCache, _ = cache.New(48 * time.Hour)
+var localChaffCache, _ = cache.New[*struct{}](48 * time.Hour)
 
 // ProcessChaff injects the chaff processing middleware. If chaff requests send
 // a value of "daily" (case-insensitive), they will be counted toward the
@@ -76,7 +76,7 @@ func recordChaffEvent(ctx context.Context, t time.Time, realm *database.Realm, d
 	}
 
 	key := fmt.Sprintf("%s:%d", t.Format("2006-01-02"), realm.ID)
-	if _, err := localChaffCache.WriteThruLookup(key, func() (interface{}, error) {
+	if _, err := localChaffCache.WriteThruLookup(key, func() (*struct{}, error) {
 		if err := realm.RecordChaffEvent(db, t); err != nil {
 			return nil, err
 		}

pkg/controller/statspuller/statspull.go

@@ -22,6 +22,7 @@ import (
 	"github.com/google/exposure-notifications-server/pkg/keys"
 	"github.com/google/exposure-notifications-verification-server/internal/clients"
 	"github.com/google/exposure-notifications-verification-server/pkg/config"
+	"github.com/google/exposure-notifications-verification-server/pkg/controller/certapi"
 	"github.com/google/exposure-notifications-verification-server/pkg/database"
 	"github.com/google/exposure-notifications-verification-server/pkg/render"
 )
@@ -33,13 +34,13 @@ type Controller struct {
 	db                     *database.Database
 	h                      *render.Renderer
 	kms                    keys.KeyManager
-	signerCache            *cache.Cache
+	signerCache            *cache.Cache[*certapi.SignerInfo]
 }
 
 // New creates a new stats-pull controller.
 func New(cfg *config.StatsPullerConfig, db *database.Database, client *clients.KeyServerClient, kms keys.KeyManager, h *render.Renderer) (*Controller, error) {
 	// This has to be in-memory because the signer has state and connection pools.
-	signerCache, err := cache.New(cfg.CertificateSigning.SignerCacheDuration)
+	signerCache, err := cache.New[*certapi.SignerInfo](cfg.CertificateSigning.SignerCacheDuration)
 	if err != nil {
 		return nil, fmt.Errorf("cannot create signer cache, likely invalid duration: %w", err)
 	}

pkg/controller/userreport/controller.go

@@ -29,7 +29,6 @@ import (
 	"github.com/google/exposure-notifications-verification-server/pkg/database"
 	"github.com/google/exposure-notifications-verification-server/pkg/render"
 
-	memcache "github.com/google/exposure-notifications-server/pkg/cache"
 	"github.com/google/exposure-notifications-server/pkg/keys"
 
 	"github.com/sethvargo/go-limiter"
@@ -40,7 +39,6 @@ type Controller struct {
 	cacher           cache.Cacher
 	config           *config.RedirectConfig
 	db               *database.Database
-	localCache       *memcache.Cache
 	httpClient       *http.Client
 	limiter          limiter.Store
 	smsSigner        keys.KeyManager
@@ -58,8 +56,6 @@ func New(locales *i18n.LocaleMap, cacher cache.Cacher, cfg *config.RedirectConfi
 
 	issueController := issueapi.New(cfg, db, limiter, smsSigner, h)
 
-	localCache, _ := memcache.New(30 * time.Second)
-
 	httpClient := &http.Client{
 		Timeout:   10 * time.Second,
 		Transport: project.DefaultHTTPTransport(),
@@ -70,7 +66,6 @@ func New(locales *i18n.LocaleMap, cacher cache.Cacher, cfg *config.RedirectConfi
 		cacher:           cacher,
 		config:           cfg,
 		db:               db,
-		localCache:       localCache,
 		httpClient:       httpClient,
 		limiter:          limiter,
 		smsSigner:        smsSigner,

pkg/database/secretresolver.go

@@ -28,24 +28,24 @@ type SecretResolver struct {
 	// TTL-based cache that exists to limit load on the database. It maps a secret
 	// type to the result from the database query.
 	//
-	//   database(cookie_key) -> projects/p/secrets/s/versions/1
+	//   database(cookie_key) -> []string{projects/p/secrets/s/versions/1}
 	//
-	referencesCache *cache.Cache
+	referencesCache *cache.Cache[[]string]
 
 	// valuesCache maps the references to their actual secret values. Since secret
 	// versions are immutable, this is a long-running cache.
 	//
-	//   projects/p/secrets/s/versions/1 -> abcd1234
+	//   projects/p/secrets/s/versions/1 -> []byte(abcd1234)
 	//
-	valuesCache *cache.Cache
+	valuesCache *cache.Cache[[]byte]
 }
 
 // NewSecretResolver makes a new secret resolver using the provided database and
 // secret manager instance.
 func NewSecretResolver() *SecretResolver {
 	// These only return an error if the duration is < 0.
-	referencesCache, _ := cache.New(60 * time.Second)
-	valuesCache, _ := cache.New(120 * time.Minute)
+	referencesCache, _ := cache.New[[]string](60 * time.Second)
+	valuesCache, _ := cache.New[[]byte](120 * time.Minute)
 
 	return &SecretResolver{
 		referencesCache: referencesCache,
@@ -77,7 +77,7 @@ func (r *SecretResolver) Resolve(ctx context.Context, db *Database, sm secrets.S
 // ResolveReferences resolves the database references for the given secret type,
 // handling caching where appropriate.
 func (r *SecretResolver) ResolveReferences(db *Database, typ SecretType) ([]string, error) {
-	iface, err := r.referencesCache.WriteThruLookup(string(typ), func() (interface{}, error) {
+	list, err := r.referencesCache.WriteThruLookup(string(typ), func() ([]string, error) {
 		records, err := db.ListSecretsForType(typ)
 		if err != nil {
 			return nil, fmt.Errorf("failed to list secrets for %s: %w", typ, err)
@@ -92,17 +92,12 @@ func (r *SecretResolver) ResolveReferences(db *Database, typ SecretType) ([]stri
 	if err != nil {
 		return nil, err
 	}
-
-	list, ok := iface.([]string)
-	if !ok {
-		return nil, fmt.Errorf("result for %s is not []string: %T", typ, iface)
-	}
 	return list, nil
 }
 
 // ResolveValue resolves a single secret, taking caching into account.
 func (r *SecretResolver) ResolveValue(ctx context.Context, sm secrets.SecretManager, ref string) ([]byte, error) {
-	iface, err := r.valuesCache.WriteThruLookup(ref, func() (interface{}, error) {
+	typ, err := r.valuesCache.WriteThruLookup(ref, func() ([]byte, error) {
 		result, err := sm.GetSecretValue(ctx, ref)
 		if err != nil {
 			return nil, fmt.Errorf("failed to get secret value %s: %w", ref, err)
@@ -112,11 +107,6 @@ func (r *SecretResolver) ResolveValue(ctx context.Context, sm secrets.SecretMana
 	if err != nil {
 		return nil, err
 	}
-
-	typ, ok := iface.([]byte)
-	if !ok {
-		return nil, fmt.Errorf("result for %s is not []byte: %T", ref, iface)
-	}
 	return typ, nil
 }