Conversation
Contributor
Author
|
Hang on, force-pushing to resolve conflicts cleanly. |
Over time, 'units/zone_signer.rs' will be split up into the 'signer' directory. The first step is to add 'SignerState' for signing-related per-zone state, and 'SignerZoneHandle' for signer-related operations.
These fields are part of refactoring how sign operations are stored and enqueued. They also track the necessary 'SignedZoneBuilder's for integrating with the new zone storage.
This is analogous to 'loader::refresh()'; it will serve as the top-level signing function. Over time, the implementation in 'zone_signer.rs' will be moved here and refactored.
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 6, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
reviewed
Mar 9, 2026
ximon18
approved these changes
Mar 9, 2026
Member
ximon18
left a comment
ximon18
left a comment
There was a problem hiding this comment.
LGTM, I find some names & comments confusing but perhaps that is just a consequence of this work being only part of the changes that are planned and that only the whole makes complete sense?
- 'SigningTrigger' has been split into re-signing and non-re-signing variants, and moved to 'signer/mod.rs'. - The newly introduced 'ResigningTrigger' specialization now allows multiple triggers to be accumulated. - 'cascade_api::SigningTrigger' has been updated to match. - All previous uses of 'SigningTrigger' are switched to the new version; where possible, 'crate::signer::SigningTrigger' is imported instead of 'cascade_api::SigningTrigger'. See <#499 (comment)>.
ximon18
reviewed
Mar 11, 2026
| "unsigned zone review approved", | ||
| SigningTrigger::KeySetModifiedAfterCron => | ||
| "keyset cron modified keyset state", | ||
| SigningTrigger::Load => "loading a new instance", |
Member
There was a problem hiding this comment.
Nit: This block and the block below look identical. Factor them out? I'm fine if you leave it as this is a knock-on effect of changes for prior review feedback and perfect is the enemy of getting this merged ;-)
ximon18
approved these changes
Mar 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR introduces
src/signer, a module into which the zone signer module should eventually be refactored. It introduces thesigner::zonemodel, which works very similarly toloader::zone; signing and re-signing operations can be enqueued and started when possible.Signing operations need to be enqueued because the backing zone storage might be busy. I have built the enqueuing logic to account for limiting simultaneous signing operations, but that code was hard to extract from
zone_signer.rs. I'll get to it later.At the moment, none of the new functions are used anywhere. They need to wait until the actual signing code is adapted to use the
SignedZoneBuilder, otherwise they risk deadlocking the zone storage state machine. The PR performing the actual integration will deal with that.