rename to serverless backend

proxy/src/auth/backend/mod.rs

@@ -36,7 +36,9 @@ use crate::{
 };
 use crate::{scram, EndpointCacheKey, EndpointId, RoleName};
 
-pub enum Backend<'a> {
+/// The [crate::serverless] module can authenticate either using control-plane
+/// to get authentication state, or by using JWKs stored in the filesystem.
+pub enum ServerlessBackend<'a> {
     /// Cloud API (V2).
     ControlPlane(&'a ControlPlaneBackend),
     /// Local proxy uses configured auth credentials and does not wake compute

proxy/src/auth/mod.rs

@@ -1,7 +1,7 @@
 //! Client authentication mechanisms.
 
 pub mod backend;
-pub use backend::Backend;
+pub use backend::ServerlessBackend;
 
 mod credentials;
 pub(crate) use credentials::{

proxy/src/bin/local_proxy.rs

@@ -197,7 +197,7 @@ async fn main() -> anyhow::Result<()> {
 
     let task = serverless::task_main(
         config,
-        auth::Backend::Local(auth_backend),
+        auth::ServerlessBackend::Local(auth_backend),
         http_listener,
         shutdown.clone(),
         Arc::new(CancellationHandlerMain::new(

proxy/src/bin/proxy.rs

@@ -480,7 +480,7 @@ async fn main() -> anyhow::Result<()> {
             if let Some(serverless_listener) = serverless_listener {
                 client_tasks.spawn(serverless::task_main(
                     config,
-                    auth::Backend::ControlPlane(auth_backend),
+                    auth::ServerlessBackend::ControlPlane(auth_backend),
                     serverless_listener,
                     cancellation_token.clone(),
                     cancellation_handler.clone(),

proxy/src/serverless/backend.rs

@@ -38,7 +38,7 @@ pub(crate) struct PoolingBackend {
     pub(crate) http_conn_pool: Arc<super::http_conn_pool::GlobalConnPool>,
     pub(crate) pool: Arc<GlobalConnPool<tokio_postgres::Client>>,
     pub(crate) config: &'static ProxyConfig,
-    pub(crate) auth_backend: crate::auth::Backend<'static>,
+    pub(crate) auth_backend: crate::auth::ServerlessBackend<'static>,
     pub(crate) endpoint_rate_limiter: Arc<EndpointRateLimiter>,
 }
 
@@ -50,8 +50,8 @@ impl PoolingBackend {
         password: &[u8],
     ) -> Result<ComputeCredentials, AuthError> {
         let cplane = match &self.auth_backend {
-            crate::auth::Backend::ControlPlane(cplane) => cplane,
-            crate::auth::Backend::Local(_local) => {
+            crate::auth::ServerlessBackend::ControlPlane(cplane) => cplane,
+            crate::auth::ServerlessBackend::Local(_local) => {
                 return Err(AuthError::bad_auth_method(
                     "password authentication not supported by local_proxy",
                 ))
@@ -119,7 +119,7 @@ impl PoolingBackend {
         jwt: String,
     ) -> Result<(), AuthError> {
         match &self.auth_backend {
-            crate::auth::Backend::ControlPlane(console) => {
+            crate::auth::ServerlessBackend::ControlPlane(console) => {
                 self.config
                     .authentication_config
                     .jwks_cache
@@ -135,7 +135,7 @@ impl PoolingBackend {
 
                 Ok(())
             }
-            crate::auth::Backend::Local(_) => {
+            crate::auth::ServerlessBackend::Local(_) => {
                 self.config
                     .authentication_config
                     .jwks_cache
@@ -182,7 +182,7 @@ impl PoolingBackend {
         info!(%conn_id, "pool: opening a new connection '{conn_info}'");
 
         match &self.auth_backend {
-            crate::auth::Backend::ControlPlane(cplane) => {
+            crate::auth::ServerlessBackend::ControlPlane(cplane) => {
                 crate::proxy::connect_compute::connect_to_compute(
                     ctx,
                     &TokioMechanism {
@@ -198,7 +198,7 @@ impl PoolingBackend {
                 )
                 .await
             }
-            crate::auth::Backend::Local(local_proxy) => {
+            crate::auth::ServerlessBackend::Local(local_proxy) => {
                 crate::proxy::connect_compute::connect_to_compute(
                     ctx,
                     &TokioMechanism {
@@ -225,10 +225,10 @@ impl PoolingBackend {
         conn_info: ConnInfo,
     ) -> Result<http_conn_pool::Client, HttpConnError> {
         let cplane = match &self.auth_backend {
-            crate::auth::Backend::Local(_) => {
+            crate::auth::ServerlessBackend::Local(_) => {
                 panic!("connect to local_proxy should not be called if we are already local_proxy")
             }
-            crate::auth::Backend::ControlPlane(cplane) => cplane,
+            crate::auth::ServerlessBackend::ControlPlane(cplane) => cplane,
         };
 
         info!("pool: looking for an existing connection");

proxy/src/serverless/mod.rs

@@ -32,7 +32,7 @@ use tokio::time::timeout;
 use tokio_rustls::TlsAcceptor;
 use tokio_util::task::TaskTracker;
 
-use crate::auth::Backend;
+use crate::auth::ServerlessBackend;
 use crate::cancellation::CancellationHandlerMain;
 use crate::config::ProxyConfig;
 use crate::context::RequestMonitoring;
@@ -55,7 +55,7 @@ pub(crate) const SERVERLESS_DRIVER_SNI: &str = "api";
 
 pub async fn task_main(
     config: &'static ProxyConfig,
-    auth_backend: crate::auth::Backend<'static>,
+    auth_backend: crate::auth::ServerlessBackend<'static>,
     ws_listener: TcpListener,
     cancellation_token: CancellationToken,
     cancellation_handler: Arc<CancellationHandlerMain>,
@@ -380,7 +380,7 @@ async fn request_handler(
     if config.http_config.accept_websockets
         && framed_websockets::upgrade::is_upgrade_request(&request)
     {
-        let Backend::ControlPlane(auth_backend) = backend.auth_backend else {
+        let ServerlessBackend::ControlPlane(auth_backend) = backend.auth_backend else {
             return json_response(StatusCode::BAD_REQUEST, "query is not supported");
         };