Documentation
¶
Index ¶
Constants ¶
const ( // PolicyVisibilityPublic says the Policy is public on the registry. PolicyVisibilityPublic = iota + 1 // PolicyVisibilityPrivate says the Policy is private on the registry. PolicyVisibilityPrivate )
Variables ¶
var ( // AllDigestTypes are all known DigestTypes. AllDigestTypes = []DigestType{ DigestTypeP1, } )
Functions ¶
func DigestEqual ¶
DigestEqual returns true if the given Digests are considered equal.
If both Digests are nil, this returns true.
This checks both the DigestType and Digest value.
Types ¶
type Commit ¶
type Commit interface {
// PolicyKey returns the PolicyKey for the Commit.
PolicyKey() PolicyKey
// CreateTime returns the time the Commit was created on the BSR.
CreateTime() (time.Time, error)
// contains filtered or unexported methods
}
Commit represents a Commit for a Policy on the BSR.
type Digest ¶
type Digest interface {
// String() prints typeString:hexValue.
fmt.Stringer
// Type returns the type of digest.
//
// Always a valid value.
Type() DigestType
// Value returns the digest value.
//
// Always non-empty.
Value() []byte
// contains filtered or unexported methods
}
Digest is a digest of some content.
It consists of a DigestType and a digest value.
func NewDigest ¶
func NewDigest(digestType DigestType, bufcasDigest bufcas.Digest) (Digest, error)
NewDigest creates a new Digest.
func ParseDigest ¶
ParseDigest parses a Digest from its string representation.
A Digest string is of the form typeString:hexValue. The string is expected to be non-empty, If not, an error is returned.
This reverses Digest.String().
Returns an error of type *bufparse.ParseError if the string could not be parsed.
type DigestMismatchError ¶
type DigestMismatchError struct {
FullName bufparse.FullName
CommitID uuid.UUID
ExpectedDigest Digest
ActualDigest Digest
}
DigestMismatchError is the error returned if the Digest of a downloaded Policy does not match the expected digest in a buf.lock file.
func (*DigestMismatchError) Error ¶
func (m *DigestMismatchError) Error() string
Error implements the error interface.
type DigestType ¶
type DigestType int
DigestType is a type of digest.
const ( // DigestTypeP1 represents the p1 policy digest type. // // The string value of this is "p1". DigestTypeP1 DigestType = iota + 1 )
func ParseDigestType ¶
func ParseDigestType(s string) (DigestType, error)
ParseDigestType parses a DigestType from its string representation.
This reverses DigestType.String().
Returns an error of type *bufparse.ParseError if the string could not be parsed.
func UniqueDigestTypeForPolicyKeys ¶
func UniqueDigestTypeForPolicyKeys(policyKeys []PolicyKey) (DigestType, error)
UniqueDigestTypeForPolicyKeys returns the unique DigestType for the given PolicyKeys.
If the PolicyKeys have different DigestTypes, an error is returned. If the PolicyKeys slice is empty, an error is returned.
func (DigestType) String ¶
func (d DigestType) String() string
String prints the string representation of the DigestType.
type Policy ¶
type Policy interface {
// OpaqueID returns an unstructured ID that can uniquely identify a Policy
// relative to the Workspace.
//
// An OpaqueID's structure should not be relied upon, and is not a
// globally-unique identifier. It's uniqueness property only applies to
// the lifetime of the Policy, and only within the Workspace the Policy
// is defined in.
//
// If two Policies have the same Name, they will have the same OpaqueID.
OpaqueID() string
// Name returns the name of the Policy.
// - For local Policies, this is the path to the policy yaml file.
// - For remote Policies, this is the FullName of the Policy in the form
// remote/owner/name.
//
// This is never empty.
Name() string
// FullName returns the full name of the Policy.
//
// May be nil. Callers should not rely on this value being present.
// However, this is always present for remote Policies.
//
// Use OpaqueID as an always-present identifier.
FullName() bufparse.FullName
// CommitID returns the BSR ID of the Commit.
//
// It is up to the caller to convert this to a dashless ID when necessary.
//
// May be empty, that is CommitID() == uuid.Nil may be true.
// Callers should not rely on this value being present.
//
// If FullName is nil, this will always be empty.
CommitID() uuid.UUID
// Description returns a human-readable description of the Policy.
//
// This is used to construct descriptive error messages pointing to configured policies.
//
// This will never be empty. If a description was not explicitly set, this falls back to
// OpaqueID.
Description() string
// Digest returns the Policy digest for the given DigestType.
Digest(DigestType) (Digest, error)
// Data returns the bytes of the Policy in yaml.
Data() ([]byte, error)
// IsLocal return true if the Policy is a local Policy.
//
// Policies are either local or remote.
//
// A local Policy is one which was contained in the local context.
//
// A remote Policy is one which was not contained in the local context,
// and is a remote reference to a Policy.
//
// Remote Policies will always have FullNames.
IsLocal() bool
// contains filtered or unexported methods
}
Policy presents a BSR policy.
type PolicyData ¶
type PolicyData interface {
// PolicyKey used to download this PolicyData.
//
// The Digest from this PolicyKey is used for tamper-proofing. It will be checked
// against the actual data downloaded before Data() returns.
PolicyKey() PolicyKey
// Data returns the bytes of the Policy as a Wasm module.
//
// This is the raw bytes of the Wasm module in an uncompressed form.
Data() ([]byte, error)
// contains filtered or unexported methods
}
PolicyData presents the raw Policy data read by PolicyKey.
A PolicyData generally represents the data on a Policy read from the BSR API or a cache.
Tamper-proofing is done as part of every function.
func NewPolicyData ¶
func NewPolicyData( ctx context.Context, policyKey PolicyKey, getData func() ([]byte, error), ) (PolicyData, error)
NewPolicyData returns a new PolicyData.
getData is expected to be lazily-loaded function where possible.
type PolicyDataProvider ¶
type PolicyDataProvider interface {
// GetPolicyDatasForPolicyKeys gets the PolicyDatas for the PolicyKeys.
//
// Returned PolicyDatas will be in the same order as the input PolicyKeys.
//
// The input PolicyKeys are expected to be unique by FullName. The implementation
// may error if this is not the case.
//
// The input PolicyKeys are expected to have the same DigestType. The implementation
// may error if this is not the case.
//
// If there is no error, the length of the PolicyDatas returned will match the length of the PolicyKeys.
// If there is an error, no PolicyDatas will be returned.
// If any PolicyKey is not found, an error with fs.ErrNotExist will be returned.
GetPolicyDatasForPolicyKeys(
context.Context,
[]PolicyKey,
) ([]PolicyData, error)
}
PolicyDataProvider provides PolicyDatas.
var ( // NopPolicyDataProvider is a no-op PolicyDataProvider. NopPolicyDataProvider PolicyDataProvider = nopPolicyDataProvider{} )
type PolicyKey ¶
type PolicyKey interface {
// String returns "registry/owner/name:dashlessCommitID".
fmt.Stringer
// FullName returns the full name of the Policy.
//
// Always present.
FullName() bufparse.FullName
// CommitID returns the ID of the Commit.
//
// It is up to the caller to convert this to a dashless ID when necessary.
//
// Always present, that is CommitID() == uuid.Nil will always be false.
CommitID() uuid.UUID
// Digest returns the Policy digest.
Digest() (Digest, error)
// contains filtered or unexported methods
}
PolicyKey provides identifying information for a Policy.
PolicyKeys are returned from PolicyKeyProviders, and represent a Policy's complete identity. They also match to what we store in buf.lock files. PolicyKeys can be used to get Policies via a PolicyProvider.
func NewPolicyKey ¶
func NewPolicyKey( policyFullName bufparse.FullName, commitID uuid.UUID, getDigest func() (Digest, error), ) (PolicyKey, error)
NewPolicyKey returns a new PolicyKey.
The Digest will be loaded lazily if needed. Note this means that NewPolicyKey does *not* validate the digest. If you need to validate the digest, call Digest() and evaluate the returned error.
type PolicyKeyProvider ¶
type PolicyKeyProvider interface {
// GetPolicyKeysForPolicyRefs gets the PolicyKets for the given PolicyRefs.
//
// Returned PolicyKeys will be in the same order as the input PolicyRefs.
//
// The input PolicyRefs are expected to be unique by FullName. The implementation
// may error if this is not the case.
//
// If there is no error, the length of the PolicyKeys returned will match the length of the Refs.
// If there is an error, no PolicyKeys will be returned.
// If any PolicyRef is not found, an error with fs.ErrNotExist will be returned.
GetPolicyKeysForPolicyRefs(context.Context, []bufparse.Ref, DigestType) ([]PolicyKey, error)
}
PolicyKeyProvider provides PolicyKeys for bufparse.Refs.
var ( // NopPolicyKeyProvider is a no-op PolicyKeyProvider. NopPolicyKeyProvider PolicyKeyProvider = nopPolicyKeyProvider{} )
func NewStaticPolicyKeyProvider ¶
func NewStaticPolicyKeyProvider(policyKeys []PolicyKey) (PolicyKeyProvider, error)
NewStaticPolicyKeyProvider returns a new PolicyKeyProvider for a static set of PolicyKeys.
The set of PolicyKeys must be unique by FullName. If there are duplicates, an error will be returned.
When resolving Refs, the Ref will be matched to the PolicyKey by FullName. If the Ref is not found in the set of provided keys, an fs.ErrNotExist will be returned.
type PolicyVisibility ¶
type PolicyVisibility int
PolicyVisibility is the visibility of a Policy on a registry.
Only used for Upload for now.
func ParsePolicyVisibility ¶
func ParsePolicyVisibility(s string) (PolicyVisibility, error)
ParsePolicyVisibility parses the PolicyVisibility from the string.
type UploadOption ¶
type UploadOption func(*uploadOptions)
UploadOption is an option for an Upload.
func UploadWithCreateIfNotExist ¶
func UploadWithCreateIfNotExist(createPolicyVisibility PolicyVisibility) UploadOption
UploadWithCreateIfNotExist returns a new UploadOption that will result in the Policies being created on the registry with the given visibility if they do not exist.
func UploadWithLabels ¶
func UploadWithLabels(labels ...string) UploadOption
UploadWithLabels returns a new UploadOption that adds the given labels.
This can be called multiple times. The unique result set of labels will be used.
func UploadWithSourceControlURL ¶
func UploadWithSourceControlURL(sourceControlURL string) UploadOption
UploadWithSourceControlURL returns a new UploadOption that will set the source control url for the policy contents uploaded.
type UploadOptions ¶
type UploadOptions interface {
// Labels returns the unique and sorted set of labels to add. Labels
// are set using the `--label` flag when calling `buf policy upload`
// and represent the labels that are set when uploading policy data.
Labels() []string
// CreateIfNotExist says to create Policies if they do not exist on the registry.
CreateIfNotExist() bool
// CreatePolicyVisibility returns the visibility to create Policies with.
//
// Will always be present if CreateIfNotExist() is true.
CreatePolicyVisibility() PolicyVisibility
// SourceControlURL returns the source control URL set by the user for the policy
// contents uploaded. We set the same source control URL for all policy contents.
SourceControlURL() string
// contains filtered or unexported methods
}
UploadOptions are the possible options for upload.
This is used by Uploader implementations.
func NewUploadOptions ¶
func NewUploadOptions(options []UploadOption) (UploadOptions, error)
NewUploadOptions returns a new UploadOptions.
Source Files