 Documentation
      ¶
      Documentation
      ¶
    
    
  
    
  
    Index ¶
- Constants
- Variables
- func IsErrAlreadyExists(err error) bool
- func IsErrAttestationStateConflict(err error) bool
- func IsErrInvalidTimeWindow(err error) bool
- func IsErrInvalidUUID(err error) bool
- func IsErrNotImplemented(err error) bool
- func IsErrUnauthorized(err error) bool
- func IsErrValidation(err error) bool
- func IsNotFound(err error) bool
- func NewErrAttestationStateConflict(got, want string) error
- func NewErrReferrerAmbiguous(digest string, kinds []string) error
- func PbRoleToBiz(r pb.MembershipRole) authz.Role
- func ValidateIsDNS1123(name string) error
- func WithKind(kind string) func(*GetFromRootFilters)
- func WithPublicVisibility(public bool) func(*GetFromRootFilters)
- type APIToken
- type APITokenRepo
- type APITokenSyncerUseCase
- type APITokenUseCase
- func (uc *APITokenUseCase) Create(ctx context.Context, name string, description *string, ...) (*APIToken, error)
- func (uc *APITokenUseCase) FindByID(ctx context.Context, id string) (*APIToken, error)
- func (uc *APITokenUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*APIToken, error)
- func (uc *APITokenUseCase) List(ctx context.Context, orgID string, includeRevoked bool) ([]*APIToken, error)
- func (uc *APITokenUseCase) Revoke(ctx context.Context, orgID, id string) error
 
- type AttachOpts
- type Attestation
- type AttestationState
- type AttestationStateRepo
- type AttestationStateSaveOpts
- type AttestationStateUseCase
- func (uc *AttestationStateUseCase) Initialized(ctx context.Context, workflowID, runID string) (bool, error)
- func (uc *AttestationStateUseCase) Read(ctx context.Context, workflowID, runID, passphrase string) (*AttestationState, error)
- func (uc *AttestationStateUseCase) Reset(ctx context.Context, workflowID, runID string) error
- func (uc *AttestationStateUseCase) Save(ctx context.Context, workflowID, runID string, state *v1.CraftingState, ...) error
 
- type AttestationUseCase
- type ByStatusCount
- type CASBackend
- type CASBackendCreateOpts
- type CASBackendLimits
- type CASBackendOpts
- type CASBackendProvider
- type CASBackendReader
- type CASBackendRepo
- type CASBackendUpdateOpts
- type CASBackendUseCase
- func (uc *CASBackendUseCase) Create(ctx context.Context, orgID, name, location, description string, ...) (*CASBackend, error)
- func (uc *CASBackendUseCase) CreateInlineFallbackBackend(ctx context.Context, orgID string) (*CASBackend, error)
- func (uc *CASBackendUseCase) CreateOrUpdate(ctx context.Context, orgID, name, username, password string, ...) (*CASBackend, error)deprecated
- func (uc *CASBackendUseCase) Delete(ctx context.Context, id string) error
- func (uc *CASBackendUseCase) FindByIDInOrg(ctx context.Context, orgID, id string) (*CASBackend, error)
- func (uc *CASBackendUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*CASBackend, error)
- func (uc *CASBackendUseCase) FindDefaultBackend(ctx context.Context, orgID string) (*CASBackend, error)
- func (uc *CASBackendUseCase) FindFallbackBackend(ctx context.Context, orgID string) (*CASBackend, error)
- func (uc *CASBackendUseCase) List(ctx context.Context, orgID string) ([]*CASBackend, error)
- func (uc *CASBackendUseCase) PerformValidation(ctx context.Context, id string) (err error)
- func (uc *CASBackendUseCase) SoftDelete(ctx context.Context, orgID, id string) error
- func (uc *CASBackendUseCase) Update(ctx context.Context, orgID, id, description string, creds any, defaultB bool) (*CASBackend, error)
 
- type CASBackendValidationStatus
- type CASClient
- type CASClientFactory
- type CASClientOpts
- type CASClientUseCase
- func (uc *CASClientUseCase) Download(ctx context.Context, backendType, secretID string, w io.Writer, digest string) error
- func (uc *CASClientUseCase) IsReady(ctx context.Context) (bool, error)
- func (uc *CASClientUseCase) Upload(ctx context.Context, backendType, secretID string, content io.Reader, ...) error
 
- type CASCredentialsUseCase
- type CASCredsOpts
- type CASDownloader
- type CASMapping
- type CASMappingLookupRef
- type CASMappingRepo
- type CASMappingUseCase
- func (uc *CASMappingUseCase) Create(ctx context.Context, digest string, casBackendID, workflowRunID string) (*CASMapping, error)
- func (uc *CASMappingUseCase) FindByDigest(ctx context.Context, digest string) ([]*CASMapping, error)
- func (uc *CASMappingUseCase) FindCASMappingForDownloadByOrg(ctx context.Context, digest string, orgs []string) (*CASMapping, error)
- func (uc *CASMappingUseCase) FindCASMappingForDownloadByUser(ctx context.Context, digest string, userID string) (*CASMapping, error)
- func (uc *CASMappingUseCase) LookupDigestsInAttestation(att *dsse.Envelope) ([]*CASMappingLookupRef, error)
 
- type CASUploader
- type Contract
- type ContractCreateOpts
- type ContractRawFormat
- type ContractUpdateOpts
- type CreateOpt
- type DayRunsCount
- type ErrAlreadyExists
- type ErrAmbiguousReferrer
- type ErrAttestationStateConflict
- type ErrInvalidTimeWindow
- type ErrInvalidUUID
- type ErrNotFound
- type ErrNotImplemented
- type ErrUnauthorized
- type ErrValidation
- type GetFromRootFilter
- type GetFromRootFilters
- type Integration
- type IntegrationAndAttachment
- type IntegrationAttachment
- type IntegrationAttachmentRepo
- type IntegrationCreateOpts
- type IntegrationRepo
- type IntegrationUseCase
- func (uc *IntegrationUseCase) AttachToWorkflow(ctx context.Context, opts *AttachOpts) (*IntegrationAttachment, error)
- func (uc *IntegrationUseCase) Delete(ctx context.Context, orgID, integrationID string) error
- func (uc *IntegrationUseCase) Detach(ctx context.Context, orgID, attachmentID string) error
- func (uc *IntegrationUseCase) FindByIDInOrg(ctx context.Context, orgID, id string) (*Integration, error)
- func (uc *IntegrationUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*Integration, error)
- func (uc *IntegrationUseCase) List(ctx context.Context, orgID string) ([]*Integration, error)
- func (uc *IntegrationUseCase) ListAttachments(ctx context.Context, orgID, workflowID string) ([]*IntegrationAndAttachment, error)
- func (uc *IntegrationUseCase) RegisterAndSave(ctx context.Context, orgID, name, description string, i sdk.FanOut, ...) (*Integration, error)
 
- type InvitationCreateOpt
- type Membership
- type MembershipCreateOpt
- type MembershipRepo
- type MembershipUseCase
- func (uc *MembershipUseCase) ByOrg(ctx context.Context, orgID string) ([]*Membership, error)
- func (uc *MembershipUseCase) ByUser(ctx context.Context, userID string) ([]*Membership, error)
- func (uc *MembershipUseCase) Create(ctx context.Context, orgID, userID string, opts ...MembershipCreateOpt) (*Membership, error)
- func (uc *MembershipUseCase) DeleteOther(ctx context.Context, orgID, userID, membershipID string) error
- func (uc *MembershipUseCase) FindByOrgAndUser(ctx context.Context, orgID, userID string) (*Membership, error)
- func (uc *MembershipUseCase) LeaveAndDeleteOrg(ctx context.Context, userID, membershipID string) error
- func (uc *MembershipUseCase) SetCurrent(ctx context.Context, userID, membershipID string) (*Membership, error)
- func (uc *MembershipUseCase) UpdateRole(ctx context.Context, orgID, userID, membershipID string, role authz.Role) (*Membership, error)
 
- type NewIntegrationUseCaseOpts
- type NewUserUseCaseParams
- type OrgInvitation
- type OrgInvitationRepo
- type OrgInvitationStatus
- type OrgInvitationUseCase
- func (uc *OrgInvitationUseCase) AcceptInvitation(ctx context.Context, invitationID string) error
- func (uc *OrgInvitationUseCase) AcceptPendingInvitations(ctx context.Context, receiverEmail string) error
- func (uc *OrgInvitationUseCase) Create(ctx context.Context, orgID, senderID, receiverEmail string, ...) (*OrgInvitation, error)
- func (uc *OrgInvitationUseCase) FindByID(ctx context.Context, invitationID string) (*OrgInvitation, error)
- func (uc *OrgInvitationUseCase) ListByOrg(ctx context.Context, orgID string) ([]*OrgInvitation, error)
- func (uc *OrgInvitationUseCase) Revoke(ctx context.Context, orgID, invitationID string) error
 
- type OrgMetricsRepo
- type OrgMetricsUseCase
- func (uc *OrgMetricsUseCase) DailyRunsCount(ctx context.Context, orgID string, workflowID *string, timeWindow *TimeWindow) ([]*DayRunsCount, error)
- func (uc *OrgMetricsUseCase) GetLastWorkflowStatusByRun(ctx context.Context, orgName string) ([]*prometheuscollector.WorkflowLastStatusByRunReport, error)
- func (uc *OrgMetricsUseCase) RunsTotal(ctx context.Context, orgID string, timeWindow *TimeWindow) (int32, error)
- func (uc *OrgMetricsUseCase) RunsTotalByRunnerType(ctx context.Context, orgID string, timeWindow *TimeWindow) (map[string]int32, error)
- func (uc *OrgMetricsUseCase) RunsTotalByStatus(ctx context.Context, orgID string, timeWindow *TimeWindow) (map[string]int32, error)
- func (uc *OrgMetricsUseCase) TopWorkflowsByRunsCount(ctx context.Context, orgID string, numWorkflows int, timeWindow *TimeWindow) ([]*TopWorkflowsByRunsCountItem, error)
 
- type Organization
- type OrganizationRepo
- type OrganizationUseCase
- func (uc *OrganizationUseCase) AutoOnboardOrganizations(ctx context.Context, userID string) error
- func (uc *OrganizationUseCase) Create(ctx context.Context, name string, opts ...CreateOpt) (*Organization, error)
- func (uc *OrganizationUseCase) CreateWithRandomName(ctx context.Context, opts ...CreateOpt) (*Organization, error)
- func (uc *OrganizationUseCase) Delete(ctx context.Context, id string) error
- func (uc *OrganizationUseCase) FindByID(ctx context.Context, id string) (*Organization, error)
 
- type PromObservable
- type PrometheusUseCase
- func (uc *PrometheusUseCase) GetRegistryByOrganizationName(orgName string) *registry.PrometheusRegistry
- func (uc *PrometheusUseCase) ObserveAttestationIfNeeded(ctx context.Context, run *WorkflowRun, status WorkflowRunStatus) bool
- func (uc *PrometheusUseCase) OrganizationHasRegistry(orgName string) bool
 
- type Referrer
- type ReferrerRepo
- type ReferrerUseCase
- func (s *ReferrerUseCase) ExtractAndPersist(ctx context.Context, att *dsse.Envelope, workflowID string) error
- func (s *ReferrerUseCase) GetFromRoot(ctx context.Context, digest, rootKind string, orgIDs []uuid.UUID) (*StoredReferrer, error)
- func (s *ReferrerUseCase) GetFromRootInPublicSharedIndex(ctx context.Context, digest, rootKind string) (*StoredReferrer, error)
- func (s *ReferrerUseCase) GetFromRootUser(ctx context.Context, digest, rootKind, userID string) (*StoredReferrer, error)
 
- type RobotAccount
- type RobotAccountRepo
- type RobotAccountUseCase
- func (uc *RobotAccountUseCase) Create(ctx context.Context, name string, orgID, workflowID string) (*RobotAccount, error)
- func (uc *RobotAccountUseCase) FindByID(ctx context.Context, id string) (*RobotAccount, error)
- func (uc *RobotAccountUseCase) List(ctx context.Context, orgID, workflowID string, includeRevoked bool) ([]*RobotAccount, error)
- func (uc *RobotAccountUseCase) Revoke(ctx context.Context, orgID, id string) error
 
- type RunListFilters
- type SaveOption
- type SigningUseCase
- type StoredReferrer
- type TimeWindow
- type TopWorkflowsByRunsCountItem
- type User
- type UserOrgFinder
- type UserRepo
- type UserUseCase
- func (uc *UserUseCase) CurrentMembership(ctx context.Context, userID string) (*Membership, error)
- func (uc *UserUseCase) DeleteUser(ctx context.Context, userID string) error
- func (uc *UserUseCase) FindByID(ctx context.Context, userID string) (*User, error)
- func (uc *UserUseCase) FindOrCreateByEmail(ctx context.Context, email string, disableAutoOnboarding ...bool) (*User, error)
 
- type Workflow
- type WorkflowContract
- type WorkflowContractCreateOpts
- type WorkflowContractRepo
- type WorkflowContractUpdateOpts
- type WorkflowContractUseCase
- func (uc *WorkflowContractUseCase) Create(ctx context.Context, opts *WorkflowContractCreateOpts) (*WorkflowContract, error)
- func (uc *WorkflowContractUseCase) Delete(ctx context.Context, orgID, contractID string) error
- func (uc *WorkflowContractUseCase) Describe(ctx context.Context, orgID, contractID string, revision int) (*WorkflowContractWithVersion, error)
- func (uc *WorkflowContractUseCase) FindByIDInOrg(ctx context.Context, orgID, contractID string) (*WorkflowContract, error)
- func (uc *WorkflowContractUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*WorkflowContract, error)
- func (uc *WorkflowContractUseCase) FindVersionByID(ctx context.Context, versionID string) (*WorkflowContractVersion, error)
- func (uc *WorkflowContractUseCase) GetPolicy(providerName, policyName, token string) (*schemav1.Policy, error)
- func (uc *WorkflowContractUseCase) List(ctx context.Context, orgID string) ([]*WorkflowContract, error)
- func (uc *WorkflowContractUseCase) Update(ctx context.Context, orgID, name string, opts *WorkflowContractUpdateOpts) (*WorkflowContractWithVersion, error)
- func (uc *WorkflowContractUseCase) ValidateContractPolicies(rawSchema []byte, token string) error
 
- type WorkflowContractVersion
- type WorkflowContractWithVersion
- type WorkflowCreateOpts
- type WorkflowRepo
- type WorkflowRun
- type WorkflowRunCreateOpts
- type WorkflowRunExpirerOpts
- type WorkflowRunExpirerUseCase
- type WorkflowRunRepo
- type WorkflowRunRepoCreateOpts
- type WorkflowRunStatus
- type WorkflowRunUseCase
- func (uc *WorkflowRunUseCase) Create(ctx context.Context, opts *WorkflowRunCreateOpts) (*WorkflowRun, error)
- func (uc *WorkflowRunUseCase) ExistsInWorkflow(ctx context.Context, workflowID, id string) (bool, error)
- func (uc *WorkflowRunUseCase) GetByDigestInOrgOrPublic(ctx context.Context, orgID, digest string) (*WorkflowRun, error)
- func (uc *WorkflowRunUseCase) GetByIDInOrg(ctx context.Context, orgID, runID string) (*WorkflowRun, error)
- func (uc *WorkflowRunUseCase) GetByIDInOrgOrPublic(ctx context.Context, orgID, runID string) (*WorkflowRun, error)
- func (uc *WorkflowRunUseCase) List(ctx context.Context, orgID string, f *RunListFilters, ...) ([]*WorkflowRun, string, error)
- func (uc *WorkflowRunUseCase) MarkAsFinished(ctx context.Context, id string, status WorkflowRunStatus, reason string) error
- func (uc *WorkflowRunUseCase) SaveAttestation(ctx context.Context, id string, envelope *dsse.Envelope) (string, error)
 
- type WorkflowRunWithContract
- type WorkflowUpdateOpts
- type WorkflowUseCase
- func (uc *WorkflowUseCase) Create(ctx context.Context, opts *WorkflowCreateOpts) (*Workflow, error)
- func (uc *WorkflowUseCase) Delete(ctx context.Context, orgID, workflowID string) error
- func (uc *WorkflowUseCase) FindByID(ctx context.Context, workflowID string) (*Workflow, error)
- func (uc *WorkflowUseCase) FindByIDInOrg(ctx context.Context, orgID, workflowID string) (*Workflow, error)
- func (uc *WorkflowUseCase) FindByNameInOrg(ctx context.Context, orgID, workflowName string) (*Workflow, error)
- func (uc *WorkflowUseCase) IncRunsCounter(ctx context.Context, workflowID string) error
- func (uc *WorkflowUseCase) List(ctx context.Context, orgID string) ([]*Workflow, error)
- func (uc *WorkflowUseCase) Update(ctx context.Context, orgID, workflowID string, opts *WorkflowUpdateOpts) (*Workflow, error)
 
Constants ¶
const ( CASBackendDefaultMaxBytes int64 = 100 * 1024 * 1024 // 100MB // Inline, embedded CAS backend CASBackendInline CASBackendProvider = "INLINE" CASBackendInlineDefaultMaxBytes int64 = 500 * 1024 // 500KB )
const RandomNameMaxTries = 10
    Variables ¶
var EmptyDefaultContract = &Contract{ Raw: []byte("schemaVersion: v1"), Format: ContractRawFormatYAML, }
EmptyDefaultContract is the default contract that will be created if no contract is provided
var ProviderSet = wire.NewSet( NewWorkflowUsecase, NewUserUseCase, NewRootAccountUseCase, NewWorkflowRunUseCase, NewOrganizationUseCase, NewWorkflowContractUseCase, NewCASCredentialsUseCase, NewCASBackendUseCase, NewOrgMetricsUseCase, NewIntegrationUseCase, NewMembershipUseCase, NewCASClientUseCase, NewOrgInvitationUseCase, NewAttestationUseCase, NewWorkflowRunExpirerUseCase, NewCASMappingUseCase, NewReferrerUseCase, NewAPITokenUseCase, NewAPITokenSyncerUseCase, NewAttestationStateUseCase, NewChainloopSigningUseCase, NewPrometheusUseCase, wire.Bind(new(PromObservable), new(*PrometheusUseCase)), wire.Struct(new(NewIntegrationUseCaseOpts), "*"), wire.Struct(new(NewUserUseCaseParams), "*"), )
ProviderSet is biz providers.
Functions ¶
func IsErrAlreadyExists ¶ added in v0.95.6
func IsErrAttestationStateConflict ¶ added in v0.94.3
func IsErrInvalidTimeWindow ¶ added in v0.93.0
func IsErrInvalidUUID ¶
func IsErrNotImplemented ¶
func IsErrUnauthorized ¶
func IsErrValidation ¶
func IsNotFound ¶
func NewErrAttestationStateConflict ¶ added in v0.94.3
func NewErrReferrerAmbiguous ¶
func PbRoleToBiz ¶ added in v0.91.8
func PbRoleToBiz(r pb.MembershipRole) authz.Role
func ValidateIsDNS1123 ¶
func WithKind ¶
func WithKind(kind string) func(*GetFromRootFilters)
func WithPublicVisibility ¶
func WithPublicVisibility(public bool) func(*GetFromRootFilters)
Types ¶
type APIToken ¶
type APIToken struct {
	ID          uuid.UUID
	Name        string
	Description string
	// This is the JWT value returned only during creation
	JWT string
	// Tokens are scoped to organizations
	OrganizationID   uuid.UUID
	OrganizationName string
	CreatedAt        *time.Time
	// When the token expires
	ExpiresAt *time.Time
	// When the token was manually revoked
	RevokedAt *time.Time
}
    API Token is used for unattended access to the control plane API.
type APITokenRepo ¶
type APITokenRepo interface {
	Create(ctx context.Context, name string, description *string, expiresAt *time.Time, organizationID uuid.UUID) (*APIToken, error)
	// List all the tokens optionally filtering it by organization and including revoked tokens
	List(ctx context.Context, orgID *uuid.UUID, includeRevoked bool) ([]*APIToken, error)
	Revoke(ctx context.Context, orgID, ID uuid.UUID) error
	FindByID(ctx context.Context, ID uuid.UUID) (*APIToken, error)
	FindByNameInOrg(ctx context.Context, orgID uuid.UUID, name string) (*APIToken, error)
}
    type APITokenSyncerUseCase ¶
type APITokenSyncerUseCase struct {
	// contains filtered or unexported fields
}
    func NewAPITokenSyncerUseCase ¶
func NewAPITokenSyncerUseCase(tokenUC *APITokenUseCase) *APITokenSyncerUseCase
func (*APITokenSyncerUseCase) SyncPolicies ¶
func (suc *APITokenSyncerUseCase) SyncPolicies() error
Make sure all the API tokens contain the default policies NOTE: We'll remove this method once we have a proper policies management system where the user can add/remove policies
type APITokenUseCase ¶
type APITokenUseCase struct {
	DefaultAuthzPolicies []*authz.Policy
	// contains filtered or unexported fields
}
    func NewAPITokenUseCase ¶
func NewAPITokenUseCase(apiTokenRepo APITokenRepo, conf *conf.Auth, authzE *authz.Enforcer, orgUseCase *OrganizationUseCase, logger log.Logger) (*APITokenUseCase, error)
func (*APITokenUseCase) Create ¶
func (uc *APITokenUseCase) Create(ctx context.Context, name string, description *string, expiresIn *time.Duration, orgID string) (*APIToken, error)
expires in is a string that can be parsed by time.ParseDuration
func (*APITokenUseCase) FindByNameInOrg ¶ added in v0.93.0
type AttachOpts ¶
type Attestation ¶
type AttestationState ¶
type AttestationState struct {
	State *v1.CraftingState
	// Digest will be used for optimistic concurrency control
	Digest string
}
    type AttestationStateRepo ¶
type AttestationStateRepo interface {
	Initialized(ctx context.Context, workflowRunID uuid.UUID) (bool, error)
	Save(ctx context.Context, workflowRunID uuid.UUID, state []byte, baseDigest string) error
	Read(ctx context.Context, workflowRunID uuid.UUID) ([]byte, string, error)
	Reset(ctx context.Context, workflowRunID uuid.UUID) error
}
    type AttestationStateSaveOpts ¶ added in v0.94.3
type AttestationStateSaveOpts struct {
	BaseDigest string
}
    type AttestationStateUseCase ¶
type AttestationStateUseCase struct {
	// contains filtered or unexported fields
}
    func NewAttestationStateUseCase ¶
func NewAttestationStateUseCase(repo AttestationStateRepo, wfRunRepo WorkflowRunRepo) (*AttestationStateUseCase, error)
func (*AttestationStateUseCase) Initialized ¶
func (*AttestationStateUseCase) Read ¶
func (uc *AttestationStateUseCase) Read(ctx context.Context, workflowID, runID, passphrase string) (*AttestationState, error)
func (*AttestationStateUseCase) Reset ¶
func (uc *AttestationStateUseCase) Reset(ctx context.Context, workflowID, runID string) error
func (*AttestationStateUseCase) Save ¶
func (uc *AttestationStateUseCase) Save(ctx context.Context, workflowID, runID string, state *v1.CraftingState, passphrase string, opts ...SaveOption) error
type AttestationUseCase ¶
type AttestationUseCase struct {
	CASClient
	// contains filtered or unexported fields
}
    func NewAttestationUseCase ¶
func NewAttestationUseCase(client CASClient, logger log.Logger) *AttestationUseCase
func (*AttestationUseCase) UploadToCAS ¶
func (uc *AttestationUseCase) UploadToCAS(ctx context.Context, envelope *dsse.Envelope, backend *CASBackend, workflowRunID string) (*cr_v1.Hash, error)
type ByStatusCount ¶
type CASBackend ¶
type CASBackend struct {
	ID                                uuid.UUID
	Name                              string
	Location, Description, SecretName string
	CreatedAt, ValidatedAt            *time.Time
	OrganizationID                    uuid.UUID
	ValidationStatus                  CASBackendValidationStatus
	// OCI, S3, ...
	Provider CASBackendProvider
	// Whether this is the default cas backend for the organization
	Default bool
	// it's a inline backend, the artifacts are embedded in the attestation
	Inline bool
	// It's a fallback backend, it cannot be deleted
	Fallback bool
	Limits *CASBackendLimits
}
    type CASBackendCreateOpts ¶
type CASBackendCreateOpts struct {
	*CASBackendOpts
	Name     string
	Fallback bool
	MaxBytes int64
}
    type CASBackendLimits ¶
type CASBackendLimits struct {
	// Max number of bytes allowed to be stored in this backend per blob
	MaxBytes int64
}
    type CASBackendOpts ¶
type CASBackendOpts struct {
	OrgID                             uuid.UUID
	Location, SecretName, Description string
	Provider                          CASBackendProvider
	Default                           bool
}
    type CASBackendProvider ¶
type CASBackendProvider string
func (CASBackendProvider) Values ¶
func (CASBackendProvider) Values() (kinds []string)
Implements https://pkg.go.dev/entgo.io/ent/schema/field#EnumValues
type CASBackendReader ¶
type CASBackendRepo ¶
type CASBackendRepo interface {
	FindDefaultBackend(ctx context.Context, orgID uuid.UUID) (*CASBackend, error)
	FindFallbackBackend(ctx context.Context, orgID uuid.UUID) (*CASBackend, error)
	FindByID(ctx context.Context, ID uuid.UUID) (*CASBackend, error)
	FindByIDInOrg(ctx context.Context, OrgID, ID uuid.UUID) (*CASBackend, error)
	FindByNameInOrg(ctx context.Context, OrgID uuid.UUID, name string) (*CASBackend, error)
	List(ctx context.Context, orgID uuid.UUID) ([]*CASBackend, error)
	UpdateValidationStatus(ctx context.Context, ID uuid.UUID, status CASBackendValidationStatus) error
	Create(context.Context, *CASBackendCreateOpts) (*CASBackend, error)
	Update(context.Context, *CASBackendUpdateOpts) (*CASBackend, error)
	Delete(ctx context.Context, ID uuid.UUID) error
	SoftDelete(ctx context.Context, ID uuid.UUID) error
}
    type CASBackendUpdateOpts ¶
type CASBackendUpdateOpts struct {
	*CASBackendOpts
	ID uuid.UUID
}
    type CASBackendUseCase ¶
type CASBackendUseCase struct {
	// contains filtered or unexported fields
}
    func NewCASBackendUseCase ¶
func NewCASBackendUseCase(repo CASBackendRepo, credsRW credentials.ReaderWriter, providers backend.Providers, l log.Logger) *CASBackendUseCase
func (*CASBackendUseCase) Create ¶
func (uc *CASBackendUseCase) Create(ctx context.Context, orgID, name, location, description string, provider CASBackendProvider, creds any, defaultB bool) (*CASBackend, error)
func (*CASBackendUseCase) CreateInlineFallbackBackend ¶
func (uc *CASBackendUseCase) CreateInlineFallbackBackend(ctx context.Context, orgID string) (*CASBackend, error)
        
          
            func (*CASBackendUseCase) CreateOrUpdate
            deprecated
            
          
  
    
  
      
      func (uc *CASBackendUseCase) CreateOrUpdate(ctx context.Context, orgID, name, username, password string, provider CASBackendProvider, defaultB bool) (*CASBackend, error)
Deprecated: use Create and update methods separately instead
func (*CASBackendUseCase) Delete ¶
func (uc *CASBackendUseCase) Delete(ctx context.Context, id string) error
Delete will delete the secret in the external secrets manager and the CAS backend from the database This method is used during user off-boarding
func (*CASBackendUseCase) FindByIDInOrg ¶
func (uc *CASBackendUseCase) FindByIDInOrg(ctx context.Context, orgID, id string) (*CASBackend, error)
func (*CASBackendUseCase) FindByNameInOrg ¶ added in v0.93.0
func (uc *CASBackendUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*CASBackend, error)
func (*CASBackendUseCase) FindDefaultBackend ¶
func (uc *CASBackendUseCase) FindDefaultBackend(ctx context.Context, orgID string) (*CASBackend, error)
func (*CASBackendUseCase) FindFallbackBackend ¶
func (uc *CASBackendUseCase) FindFallbackBackend(ctx context.Context, orgID string) (*CASBackend, error)
func (*CASBackendUseCase) List ¶
func (uc *CASBackendUseCase) List(ctx context.Context, orgID string) ([]*CASBackend, error)
func (*CASBackendUseCase) PerformValidation ¶
func (uc *CASBackendUseCase) PerformValidation(ctx context.Context, id string) (err error)
Validate that the repository is valid and reachable
func (*CASBackendUseCase) SoftDelete ¶
func (uc *CASBackendUseCase) SoftDelete(ctx context.Context, orgID, id string) error
SoftDelete will mark the cas backend as deleted but will not delete the secret in the external secrets manager We keep it so it can be restored or referenced in the future while trying to download an asset
func (*CASBackendUseCase) Update ¶
func (uc *CASBackendUseCase) Update(ctx context.Context, orgID, id, description string, creds any, defaultB bool) (*CASBackend, error)
Update will update credentials, description or default status
type CASBackendValidationStatus ¶
type CASBackendValidationStatus string
var CASBackendValidationFailed CASBackendValidationStatus = "Invalid"
    var CASBackendValidationOK CASBackendValidationStatus = "OK"
    func (CASBackendValidationStatus) Values ¶
func (CASBackendValidationStatus) Values() (kinds []string)
Implements https://pkg.go.dev/entgo.io/ent/schema/field#EnumValues
type CASClient ¶
type CASClient interface {
	CASUploader
	CASDownloader
}
    type CASClientFactory ¶
type CASClientFactory func(conf *conf.Bootstrap_CASServer, token string) (casclient.DownloaderUploader, func(), error)
Function that returns a CAS client including a connection closer method
type CASClientOpts ¶
type CASClientOpts func(u *CASClientUseCase)
func WithClientFactory ¶
func WithClientFactory(f CASClientFactory) CASClientOpts
type CASClientUseCase ¶
type CASClientUseCase struct {
	// contains filtered or unexported fields
}
    func NewCASClientUseCase ¶
func NewCASClientUseCase(credsProvider *CASCredentialsUseCase, config *conf.Bootstrap_CASServer, l log.Logger, opts ...CASClientOpts) *CASClientUseCase
type CASCredentialsUseCase ¶
type CASCredentialsUseCase struct {
	// contains filtered or unexported fields
}
    func NewCASCredentialsUseCase ¶
func NewCASCredentialsUseCase(c *conf.Auth) (*CASCredentialsUseCase, error)
func (*CASCredentialsUseCase) GenerateTemporaryCredentials ¶
func (uc *CASCredentialsUseCase) GenerateTemporaryCredentials(backendRef *CASCredsOpts) (string, error)
type CASCredsOpts ¶
type CASCredsOpts struct {
	BackendType string // i.e OCI, S3
	SecretPath  string // path to for example the OCI secret in the vault
	Role        robotaccount.Role
	MaxBytes    int64
}
    type CASDownloader ¶
type CASMapping ¶
type CASMappingLookupRef ¶
type CASMappingLookupRef struct {
	Name, Digest string
}
    type CASMappingRepo ¶
type CASMappingUseCase ¶
type CASMappingUseCase struct {
	// contains filtered or unexported fields
}
    func NewCASMappingUseCase ¶
func NewCASMappingUseCase(repo CASMappingRepo, mRepo MembershipRepo, logger log.Logger) *CASMappingUseCase
func (*CASMappingUseCase) Create ¶
func (uc *CASMappingUseCase) Create(ctx context.Context, digest string, casBackendID, workflowRunID string) (*CASMapping, error)
func (*CASMappingUseCase) FindByDigest ¶
func (uc *CASMappingUseCase) FindByDigest(ctx context.Context, digest string) ([]*CASMapping, error)
func (*CASMappingUseCase) FindCASMappingForDownloadByOrg ¶
func (uc *CASMappingUseCase) FindCASMappingForDownloadByOrg(ctx context.Context, digest string, orgs []string) (*CASMapping, error)
func (*CASMappingUseCase) FindCASMappingForDownloadByUser ¶
func (uc *CASMappingUseCase) FindCASMappingForDownloadByUser(ctx context.Context, digest string, userID string) (*CASMapping, error)
FindCASMappingForDownloadByUser returns the CASMapping appropriate for the given digest and user This means, in order 1 - Any mapping that points to an organization which the user is member of 1.1 If there are multiple mappings, it will pick the default one or the first one 2 - Any mapping that is public
func (*CASMappingUseCase) LookupDigestsInAttestation ¶
func (uc *CASMappingUseCase) LookupDigestsInAttestation(att *dsse.Envelope) ([]*CASMappingLookupRef, error)
LookupCASItemsInAttestation returns a list of references to the materials that have been uploaded to CAS as well as the attestation digest itself
type CASUploader ¶
type Contract ¶ added in v0.96.0
type Contract struct {
	// Raw representation of the contract in yaml, json, or cue
	// it maintain the format provided by the user
	Raw []byte
	// Detected format as provided by the user
	Format ContractRawFormat
	// marhalled proto contract
	Schema *schemav1.CraftingSchema
}
    func SchemaToRawContract ¶ added in v0.96.0
func SchemaToRawContract(contract *schemav1.CraftingSchema) (*Contract, error)
generate a default representation of a contract
func UnmarshalAndValidateRawContract ¶ added in v0.96.0
func UnmarshalAndValidateRawContract(raw []byte, format ContractRawFormat) (*Contract, error)
Take the raw contract + format and will unmarshal the contract and validate it
type ContractCreateOpts ¶
type ContractRawFormat ¶ added in v0.96.0
type ContractRawFormat string
const ( ContractRawFormatJSON ContractRawFormat = "json" ContractRawFormatYAML ContractRawFormat = "yaml" ContractRawFormatCUE ContractRawFormat = "cue" )
func (ContractRawFormat) Values ¶ added in v0.96.0
func (ContractRawFormat) Values() (kinds []string)
Implements https://pkg.go.dev/entgo.io/ent/schema/field#EnumValues
type ContractUpdateOpts ¶
type CreateOpt ¶
type CreateOpt func(*createOptions)
func WithCreateInlineBackend ¶
func WithCreateInlineBackend() CreateOpt
Optionally create an inline CAS-backend
type DayRunsCount ¶
type DayRunsCount struct {
	Date   time.Time
	Totals []*ByStatusCount
}
    type ErrAlreadyExists ¶
type ErrAlreadyExists struct {
	// contains filtered or unexported fields
}
    func NewErrAlreadyExists ¶ added in v0.95.6
func NewErrAlreadyExists(err error) ErrAlreadyExists
func NewErrAlreadyExistsStr ¶ added in v0.95.6
func NewErrAlreadyExistsStr(errMsg string) ErrAlreadyExists
func (ErrAlreadyExists) Error ¶ added in v0.95.6
func (e ErrAlreadyExists) Error() string
type ErrAmbiguousReferrer ¶
type ErrAmbiguousReferrer struct {
	// contains filtered or unexported fields
}
    A referrer with the same digest points to two different artifact types and we require filtering out which one
func (ErrAmbiguousReferrer) Error ¶
func (e ErrAmbiguousReferrer) Error() string
type ErrAttestationStateConflict ¶ added in v0.94.3
type ErrAttestationStateConflict struct {
	// contains filtered or unexported fields
}
    func (*ErrAttestationStateConflict) Error ¶ added in v0.94.3
func (e *ErrAttestationStateConflict) Error() string
type ErrInvalidTimeWindow ¶ added in v0.93.0
type ErrInvalidTimeWindow struct {
	// contains filtered or unexported fields
}
    func NewErrInvalidTimeWindow ¶ added in v0.93.0
func NewErrInvalidTimeWindow(err error) ErrInvalidTimeWindow
func NewErrInvalidTimeWindowStr ¶ added in v0.93.0
func NewErrInvalidTimeWindowStr(errMsg string) ErrInvalidTimeWindow
func (ErrInvalidTimeWindow) Error ¶ added in v0.93.0
func (e ErrInvalidTimeWindow) Error() string
type ErrInvalidUUID ¶
type ErrInvalidUUID struct {
	// contains filtered or unexported fields
}
    func NewErrInvalidUUID ¶
func NewErrInvalidUUID(err error) ErrInvalidUUID
func (ErrInvalidUUID) Error ¶
func (e ErrInvalidUUID) Error() string
type ErrNotFound ¶
type ErrNotFound struct {
	// contains filtered or unexported fields
}
    func NewErrNotFound ¶
func NewErrNotFound(entity string) ErrNotFound
func (ErrNotFound) Error ¶
func (e ErrNotFound) Error() string
type ErrNotImplemented ¶
type ErrNotImplemented struct {
	// contains filtered or unexported fields
}
    func NewErrNotImplemented ¶
func NewErrNotImplemented(msg string) ErrNotImplemented
func (ErrNotImplemented) Error ¶
func (e ErrNotImplemented) Error() string
type ErrUnauthorized ¶
type ErrUnauthorized struct {
	// contains filtered or unexported fields
}
    func NewErrUnauthorized ¶
func NewErrUnauthorized(err error) ErrUnauthorized
func NewErrUnauthorizedStr ¶
func NewErrUnauthorizedStr(errMsg string) ErrUnauthorized
func (ErrUnauthorized) Error ¶
func (e ErrUnauthorized) Error() string
type ErrValidation ¶
type ErrValidation struct {
	// contains filtered or unexported fields
}
    func NewErrValidation ¶
func NewErrValidation(err error) ErrValidation
func NewErrValidationStr ¶
func NewErrValidationStr(errMsg string) ErrValidation
func (ErrValidation) Error ¶
func (e ErrValidation) Error() string
type GetFromRootFilter ¶
type GetFromRootFilter func(*GetFromRootFilters)
type GetFromRootFilters ¶
type Integration ¶
type Integration struct {
	ID uuid.UUID
	// Kind is the type of the integration, it matches the registered plugin ID
	Kind string
	// Name is a unique identifier for the integration registration
	Name string
	// Description is a human readable description of the integration registration
	// It helps to differentiate different instances of the same kind
	Description string
	// Registration Configuration, usually JSON marshalled
	Config []byte
	// Identifier to the external provider where any secret information is stored
	SecretName string
	CreatedAt  *time.Time
}
    type IntegrationAndAttachment ¶
type IntegrationAndAttachment struct {
	*Integration
	*IntegrationAttachment
}
    type IntegrationAttachment ¶
type IntegrationAttachmentRepo ¶
type IntegrationAttachmentRepo interface {
	Create(ctx context.Context, integrationID, workflowID uuid.UUID, config []byte) (*IntegrationAttachment, error)
	List(ctx context.Context, orgID, workflowID uuid.UUID) ([]*IntegrationAndAttachment, error)
	FindByIDInOrg(ctx context.Context, orgID, ID uuid.UUID) (*IntegrationAttachment, error)
	SoftDelete(ctx context.Context, ID uuid.UUID) error
}
    type IntegrationCreateOpts ¶
type IntegrationRepo ¶
type IntegrationRepo interface {
	Create(ctx context.Context, opts *IntegrationCreateOpts) (*Integration, error)
	List(ctx context.Context, orgID uuid.UUID) ([]*Integration, error)
	FindByIDInOrg(ctx context.Context, orgID, ID uuid.UUID) (*Integration, error)
	FindByNameInOrg(ctx context.Context, orgID uuid.UUID, ID string) (*Integration, error)
	SoftDelete(ctx context.Context, ID uuid.UUID) error
}
    type IntegrationUseCase ¶
type IntegrationUseCase struct {
	// contains filtered or unexported fields
}
    func NewIntegrationUseCase ¶
func NewIntegrationUseCase(opts *NewIntegrationUseCaseOpts) *IntegrationUseCase
func (*IntegrationUseCase) AttachToWorkflow ¶
func (uc *IntegrationUseCase) AttachToWorkflow(ctx context.Context, opts *AttachOpts) (*IntegrationAttachment, error)
- Integration and workflows exists in current organization - Run specific validation for the integration - Persist integration attachment
func (*IntegrationUseCase) Delete ¶
func (uc *IntegrationUseCase) Delete(ctx context.Context, orgID, integrationID string) error
func (*IntegrationUseCase) Detach ¶
func (uc *IntegrationUseCase) Detach(ctx context.Context, orgID, attachmentID string) error
Detach integration from workflow
func (*IntegrationUseCase) FindByIDInOrg ¶
func (uc *IntegrationUseCase) FindByIDInOrg(ctx context.Context, orgID, id string) (*Integration, error)
func (*IntegrationUseCase) FindByNameInOrg ¶ added in v0.93.0
func (uc *IntegrationUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*Integration, error)
func (*IntegrationUseCase) List ¶
func (uc *IntegrationUseCase) List(ctx context.Context, orgID string) ([]*Integration, error)
func (*IntegrationUseCase) ListAttachments ¶
func (uc *IntegrationUseCase) ListAttachments(ctx context.Context, orgID, workflowID string) ([]*IntegrationAndAttachment, error)
List attachments returns the list of attachments for a given organization and optionally workflow
func (*IntegrationUseCase) RegisterAndSave ¶
func (uc *IntegrationUseCase) RegisterAndSave(ctx context.Context, orgID, name, description string, i sdk.FanOut, regConfig *structpb.Struct) (*Integration, error)
Persist the secret and integration with its configuration in the database
type InvitationCreateOpt ¶
type InvitationCreateOpt func(*invitationCreateOpts)
func WithInvitationRole ¶
func WithInvitationRole(r authz.Role) InvitationCreateOpt
type Membership ¶
type MembershipCreateOpt ¶
type MembershipCreateOpt func(*membershipCreateOpts)
func WithCurrentMembership ¶
func WithCurrentMembership() MembershipCreateOpt
func WithMembershipRole ¶
func WithMembershipRole(r authz.Role) MembershipCreateOpt
type MembershipRepo ¶
type MembershipRepo interface {
	FindByUser(ctx context.Context, userID uuid.UUID) ([]*Membership, error)
	FindByOrg(ctx context.Context, orgID uuid.UUID) ([]*Membership, error)
	FindByIDInUser(ctx context.Context, userID, ID uuid.UUID) (*Membership, error)
	FindByIDInOrg(ctx context.Context, orgID, ID uuid.UUID) (*Membership, error)
	FindByOrgAndUser(ctx context.Context, orgID, userID uuid.UUID) (*Membership, error)
	SetCurrent(ctx context.Context, ID uuid.UUID) (*Membership, error)
	SetRole(ctx context.Context, ID uuid.UUID, role authz.Role) (*Membership, error)
	Create(ctx context.Context, orgID, userID uuid.UUID, current bool, role authz.Role) (*Membership, error)
	Delete(ctx context.Context, ID uuid.UUID) error
}
    type MembershipUseCase ¶
type MembershipUseCase struct {
	// contains filtered or unexported fields
}
    func NewMembershipUseCase ¶
func NewMembershipUseCase(repo MembershipRepo, orgUC *OrganizationUseCase, logger log.Logger) *MembershipUseCase
func (*MembershipUseCase) ByOrg ¶
func (uc *MembershipUseCase) ByOrg(ctx context.Context, orgID string) ([]*Membership, error)
func (*MembershipUseCase) ByUser ¶
func (uc *MembershipUseCase) ByUser(ctx context.Context, userID string) ([]*Membership, error)
func (*MembershipUseCase) Create ¶
func (uc *MembershipUseCase) Create(ctx context.Context, orgID, userID string, opts ...MembershipCreateOpt) (*Membership, error)
func (*MembershipUseCase) DeleteOther ¶
func (uc *MembershipUseCase) DeleteOther(ctx context.Context, orgID, userID, membershipID string) error
DeleteOther just deletes a membership from the database but ensures that the user is not deleting itself from the org
func (*MembershipUseCase) FindByOrgAndUser ¶
func (uc *MembershipUseCase) FindByOrgAndUser(ctx context.Context, orgID, userID string) (*Membership, error)
func (*MembershipUseCase) LeaveAndDeleteOrg ¶
func (uc *MembershipUseCase) LeaveAndDeleteOrg(ctx context.Context, userID, membershipID string) error
LeaveAndDeleteOrg deletes a membership (and the org i) from the database associated with the current user and the associated org if the user is the only member
func (*MembershipUseCase) SetCurrent ¶
func (uc *MembershipUseCase) SetCurrent(ctx context.Context, userID, membershipID string) (*Membership, error)
SetCurrent sets the current membership for the user and unsets the previous one
func (*MembershipUseCase) UpdateRole ¶
func (uc *MembershipUseCase) UpdateRole(ctx context.Context, orgID, userID, membershipID string, role authz.Role) (*Membership, error)
type NewIntegrationUseCaseOpts ¶
type NewIntegrationUseCaseOpts struct {
	IRepo   IntegrationRepo
	IaRepo  IntegrationAttachmentRepo
	WfRepo  WorkflowRepo
	CredsRW credentials.ReaderWriter
	Logger  log.Logger
}
    type NewUserUseCaseParams ¶
type NewUserUseCaseParams struct {
	UserRepo            UserRepo
	MembershipUseCase   *MembershipUseCase
	OrganizationUseCase *OrganizationUseCase
	OnboardingConfig    []*config.OnboardingSpec
	Logger              log.Logger
}
    type OrgInvitation ¶
type OrgInvitation struct {
	ID            uuid.UUID
	Org           *Organization
	Sender        *User
	ReceiverEmail string
	CreatedAt     *time.Time
	Status        OrgInvitationStatus
	Role          authz.Role
}
    type OrgInvitationRepo ¶
type OrgInvitationRepo interface {
	Create(ctx context.Context, orgID, senderID uuid.UUID, receiverEmail string, role authz.Role) (*OrgInvitation, error)
	FindByID(ctx context.Context, ID uuid.UUID) (*OrgInvitation, error)
	PendingInvitation(ctx context.Context, orgID uuid.UUID, receiverEmail string) (*OrgInvitation, error)
	PendingInvitations(ctx context.Context, receiverEmail string) ([]*OrgInvitation, error)
	SoftDelete(ctx context.Context, id uuid.UUID) error
	ListByOrg(ctx context.Context, org uuid.UUID) ([]*OrgInvitation, error)
	ChangeStatus(ctx context.Context, ID uuid.UUID, status OrgInvitationStatus) error
}
    type OrgInvitationStatus ¶
type OrgInvitationStatus string
var ( OrgInvitationStatusPending OrgInvitationStatus = "pending" OrgInvitationStatusAccepted OrgInvitationStatus = "accepted" )
func (OrgInvitationStatus) Values ¶
func (OrgInvitationStatus) Values() (kinds []string)
Implements https://pkg.go.dev/entgo.io/ent/schema/field#EnumValues
type OrgInvitationUseCase ¶
type OrgInvitationUseCase struct {
	// contains filtered or unexported fields
}
    func NewOrgInvitationUseCase ¶
func NewOrgInvitationUseCase(r OrgInvitationRepo, mRepo MembershipRepo, uRepo UserRepo, l log.Logger) (*OrgInvitationUseCase, error)
func (*OrgInvitationUseCase) AcceptInvitation ¶
func (uc *OrgInvitationUseCase) AcceptInvitation(ctx context.Context, invitationID string) error
func (*OrgInvitationUseCase) AcceptPendingInvitations ¶
func (uc *OrgInvitationUseCase) AcceptPendingInvitations(ctx context.Context, receiverEmail string) error
AcceptPendingInvitations accepts all pending invitations for a given user email
func (*OrgInvitationUseCase) Create ¶
func (uc *OrgInvitationUseCase) Create(ctx context.Context, orgID, senderID, receiverEmail string, createOpts ...InvitationCreateOpt) (*OrgInvitation, error)
func (*OrgInvitationUseCase) FindByID ¶
func (uc *OrgInvitationUseCase) FindByID(ctx context.Context, invitationID string) (*OrgInvitation, error)
func (*OrgInvitationUseCase) ListByOrg ¶
func (uc *OrgInvitationUseCase) ListByOrg(ctx context.Context, orgID string) ([]*OrgInvitation, error)
type OrgMetricsRepo ¶
type OrgMetricsRepo interface {
	// Total number of runs within the provided time window (from now)
	RunsTotal(ctx context.Context, orgID uuid.UUID, timeWindow *TimeWindow) (int32, error)
	// Total number by run status
	RunsByStatusTotal(ctx context.Context, orgID uuid.UUID, timeWindow *TimeWindow) (map[string]int32, error)
	RunsByRunnerTypeTotal(ctx context.Context, orgID uuid.UUID, timeWindow *TimeWindow) (map[string]int32, error)
	TopWorkflowsByRunsCount(ctx context.Context, orgID uuid.UUID, numWorkflows int, timeWindow *TimeWindow) ([]*TopWorkflowsByRunsCountItem, error)
	DailyRunsCount(ctx context.Context, orgID, workflowID uuid.UUID, timeWindow *TimeWindow) ([]*DayRunsCount, error)
}
    type OrgMetricsUseCase ¶
type OrgMetricsUseCase struct {
	// contains filtered or unexported fields
}
    func NewOrgMetricsUseCase ¶
func NewOrgMetricsUseCase(r OrgMetricsRepo, orgRepo OrganizationRepo, wfUseCase *WorkflowUseCase, l log.Logger) (*OrgMetricsUseCase, error)
func (*OrgMetricsUseCase) DailyRunsCount ¶
func (uc *OrgMetricsUseCase) DailyRunsCount(ctx context.Context, orgID string, workflowID *string, timeWindow *TimeWindow) ([]*DayRunsCount, error)
DailyRunsCount returns the number of runs per day within the provided time window (from now) Optionally filtered by workflowID
func (*OrgMetricsUseCase) GetLastWorkflowStatusByRun ¶ added in v0.94.0
func (uc *OrgMetricsUseCase) GetLastWorkflowStatusByRun(ctx context.Context, orgName string) ([]*prometheuscollector.WorkflowLastStatusByRunReport, error)
GetLastWorkflowStatusByRun returns the last status of each workflow by its last run It only returns workflows with at least one run and skips workflows with initialized runs
func (*OrgMetricsUseCase) RunsTotal ¶
func (uc *OrgMetricsUseCase) RunsTotal(ctx context.Context, orgID string, timeWindow *TimeWindow) (int32, error)
func (*OrgMetricsUseCase) RunsTotalByRunnerType ¶
func (uc *OrgMetricsUseCase) RunsTotalByRunnerType(ctx context.Context, orgID string, timeWindow *TimeWindow) (map[string]int32, error)
func (*OrgMetricsUseCase) RunsTotalByStatus ¶
func (uc *OrgMetricsUseCase) RunsTotalByStatus(ctx context.Context, orgID string, timeWindow *TimeWindow) (map[string]int32, error)
func (*OrgMetricsUseCase) TopWorkflowsByRunsCount ¶
func (uc *OrgMetricsUseCase) TopWorkflowsByRunsCount(ctx context.Context, orgID string, numWorkflows int, timeWindow *TimeWindow) ([]*TopWorkflowsByRunsCountItem, error)
type Organization ¶
type OrganizationRepo ¶
type OrganizationUseCase ¶
type OrganizationUseCase struct {
	// contains filtered or unexported fields
}
    func NewOrganizationUseCase ¶
func NewOrganizationUseCase(repo OrganizationRepo, repoUC *CASBackendUseCase, iUC *IntegrationUseCase, mRepo MembershipRepo, onboardingConfig []*config.OnboardingSpec, l log.Logger) *OrganizationUseCase
func (*OrganizationUseCase) AutoOnboardOrganizations ¶ added in v0.91.8
func (uc *OrganizationUseCase) AutoOnboardOrganizations(ctx context.Context, userID string) error
AutoOnboardOrganizations creates the organizations specified in the onboarding config and assigns the user to them with the specified role if they are not already a member.
func (*OrganizationUseCase) Create ¶
func (uc *OrganizationUseCase) Create(ctx context.Context, name string, opts ...CreateOpt) (*Organization, error)
Create an organization with the given name
func (*OrganizationUseCase) CreateWithRandomName ¶
func (uc *OrganizationUseCase) CreateWithRandomName(ctx context.Context, opts ...CreateOpt) (*Organization, error)
func (*OrganizationUseCase) Delete ¶
func (uc *OrganizationUseCase) Delete(ctx context.Context, id string) error
Delete deletes an organization and all relevant data This includes: - The organization - The associated repositories - The associated integrations The reason for just deleting these two associated components only is because they have external secrets that need to be deleted as well, and for that we leverage their own delete methods The rest of the data gets removed by the database cascade delete
func (*OrganizationUseCase) FindByID ¶
func (uc *OrganizationUseCase) FindByID(ctx context.Context, id string) (*Organization, error)
type PromObservable ¶ added in v0.95.0
type PromObservable interface {
	ObserveAttestationIfNeeded(ctx context.Context, run *WorkflowRun, status WorkflowRunStatus) bool
}
    type PrometheusUseCase ¶ added in v0.94.0
type PrometheusUseCase struct {
	// contains filtered or unexported fields
}
    PrometheusUseCase is a use case for Prometheus where some metrics are exposed
func NewPrometheusUseCase ¶ added in v0.94.0
func NewPrometheusUseCase(conf []*conf.PrometheusIntegrationSpec, orgUseCase *OrganizationUseCase, orgMetricsUseCase *OrgMetricsUseCase, logger log.Logger) *PrometheusUseCase
NewPrometheusUseCase creates a new PrometheusUseCase
func (*PrometheusUseCase) GetRegistryByOrganizationName ¶ added in v0.94.0
func (uc *PrometheusUseCase) GetRegistryByOrganizationName(orgName string) *registry.PrometheusRegistry
GetRegistryByOrganizationName returns a registry by organization name
func (*PrometheusUseCase) ObserveAttestationIfNeeded ¶ added in v0.95.0
func (uc *PrometheusUseCase) ObserveAttestationIfNeeded(ctx context.Context, run *WorkflowRun, status WorkflowRunStatus) bool
Record an attestation if the run exists and there is a registry for the organization
func (*PrometheusUseCase) OrganizationHasRegistry ¶ added in v0.94.0
func (uc *PrometheusUseCase) OrganizationHasRegistry(orgName string) bool
OrganizationHasRegistry checks if an organization has a registry
type Referrer ¶
type ReferrerRepo ¶
type ReferrerRepo interface {
	Save(ctx context.Context, input []*Referrer, workflowID uuid.UUID) error
	// GetFromRoot returns the referrer identified by the provided content digest, including its first-level references
	// For example if sha:deadbeef represents an attestation, the result will contain the attestation + materials associated to it
	// OrgIDs represent an allowList of organizations where the referrers should be looked for
	GetFromRoot(ctx context.Context, digest string, orgIDS []uuid.UUID, filters ...GetFromRootFilter) (*StoredReferrer, error)
	// Check if a given referrer by digest exist.
	// The query can be scoped further down if needed by providing the kind or visibility status
	Exist(ctx context.Context, digest string, filters ...GetFromRootFilter) (bool, error)
}
    type ReferrerUseCase ¶
type ReferrerUseCase struct {
	// contains filtered or unexported fields
}
    func NewReferrerUseCase ¶
func NewReferrerUseCase(repo ReferrerRepo, wfRepo WorkflowRepo, mRepo MembershipRepo, indexCfg *conf.ReferrerSharedIndex, l log.Logger) (*ReferrerUseCase, error)
func (*ReferrerUseCase) ExtractAndPersist ¶
func (s *ReferrerUseCase) ExtractAndPersist(ctx context.Context, att *dsse.Envelope, workflowID string) error
ExtractAndPersist extracts the referrers (subject + materials) from the given attestation and store it as part of the referrers index table
func (*ReferrerUseCase) GetFromRoot ¶
func (s *ReferrerUseCase) GetFromRoot(ctx context.Context, digest, rootKind string, orgIDs []uuid.UUID) (*StoredReferrer, error)
func (*ReferrerUseCase) GetFromRootInPublicSharedIndex ¶
func (s *ReferrerUseCase) GetFromRootInPublicSharedIndex(ctx context.Context, digest, rootKind string) (*StoredReferrer, error)
Get the list of public referrers from organizations that have been allowed to be shown in a shared index NOTE: This is a public endpoint under /discover/[sha256:deadbeef]
func (*ReferrerUseCase) GetFromRootUser ¶
func (s *ReferrerUseCase) GetFromRootUser(ctx context.Context, digest, rootKind, userID string) (*StoredReferrer, error)
GetFromRootUser returns the referrer identified by the provided content digest, including its first-level references For example if sha:deadbeef represents an attestation, the result will contain the attestation + materials associated to it It only returns referrers that belong to organizations the user is member of
type RobotAccount ¶
type RobotAccountRepo ¶
type RobotAccountRepo interface {
	Create(ctx context.Context, name string, workflowID uuid.UUID) (*RobotAccount, error)
	List(ctx context.Context, workflowID uuid.UUID, includeRevoked bool) ([]*RobotAccount, error)
	FindByID(ctx context.Context, ID uuid.UUID) (*RobotAccount, error)
	Revoke(ctx context.Context, orgID, ID uuid.UUID) error
}
    type RobotAccountUseCase ¶
type RobotAccountUseCase struct {
	// contains filtered or unexported fields
}
    func NewRootAccountUseCase ¶
func NewRootAccountUseCase(robotAccountRepo RobotAccountRepo, workflowRepo WorkflowRepo, conf *conf.Auth, logger log.Logger) *RobotAccountUseCase
func (*RobotAccountUseCase) Create ¶
func (uc *RobotAccountUseCase) Create(ctx context.Context, name string, orgID, workflowID string) (*RobotAccount, error)
func (*RobotAccountUseCase) FindByID ¶
func (uc *RobotAccountUseCase) FindByID(ctx context.Context, id string) (*RobotAccount, error)
func (*RobotAccountUseCase) List ¶
func (uc *RobotAccountUseCase) List(ctx context.Context, orgID, workflowID string, includeRevoked bool) ([]*RobotAccount, error)
type RunListFilters ¶
type RunListFilters struct {
	WorkflowID uuid.UUID
	Status     WorkflowRunStatus
}
    type SaveOption ¶ added in v0.94.3
type SaveOption func(*AttestationStateSaveOpts)
func WithAttStateBaseDigest ¶ added in v0.94.3
func WithAttStateBaseDigest(digest string) SaveOption
type SigningUseCase ¶
type SigningUseCase struct {
	CA ca.CertificateAuthority
}
    func NewChainloopSigningUseCase ¶
func NewChainloopSigningUseCase(ca ca.CertificateAuthority) *SigningUseCase
func (*SigningUseCase) CreateSigningCert ¶
func (s *SigningUseCase) CreateSigningCert(ctx context.Context, orgID string, csrRaw []byte) ([]string, error)
CreateSigningCert signs a certificate request with a configured CA, and returns the full certificate chain
type StoredReferrer ¶
type StoredReferrer struct {
	*Referrer
	ID        uuid.UUID
	CreatedAt *time.Time
	// Fully expanded list of 1-level off references
	References          []*StoredReferrer
	OrgIDs, WorkflowIDs []uuid.UUID
}
    Actual referrer stored in the DB which includes a nested list of storedReferences
type TimeWindow ¶ added in v0.93.0
TimeWindow represents in time.Time format not in time.Duration
func (*TimeWindow) Validate ¶ added in v0.93.0
func (tw *TimeWindow) Validate() error
Validate validates the time window checking From and To are set
type UserOrgFinder ¶
type UserUseCase ¶
type UserUseCase struct {
	// contains filtered or unexported fields
}
    func NewUserUseCase ¶
func NewUserUseCase(opts *NewUserUseCaseParams) *UserUseCase
func (*UserUseCase) CurrentMembership ¶
func (uc *UserUseCase) CurrentMembership(ctx context.Context, userID string) (*Membership, error)
Find the membership associated with the user that's marked as current If none is selected, it will pick the first one and set it as current
func (*UserUseCase) DeleteUser ¶
func (uc *UserUseCase) DeleteUser(ctx context.Context, userID string) error
DeleteUser deletes the user, related memberships and organization if needed
func (*UserUseCase) FindOrCreateByEmail ¶
func (uc *UserUseCase) FindOrCreateByEmail(ctx context.Context, email string, disableAutoOnboarding ...bool) (*User, error)
FindOrCreateByEmail finds or creates a user by email. By default, it will auto-onboard the user to the organizations defined in the configuration. If disableAutoOnboarding is set to true, it will skip the auto-onboarding process.
type Workflow ¶
type Workflow struct {
	Name, Description, Team, Project string
	CreatedAt                        *time.Time
	RunsCounter                      int
	LastRun                          *WorkflowRun
	ID, ContractID, OrgID            uuid.UUID
	ContractName                     string
	// Latest available contract revision
	ContractRevisionLatest int
	// Public means that the associated workflow runs, attestations and materials
	// are reachable by other users, regardless of their organization
	// This field is also used to calculate if an user can download attestations/materials from the CAS
	Public bool
}
    type WorkflowContract ¶
type WorkflowContractRepo ¶
type WorkflowContractRepo interface {
	Create(ctx context.Context, opts *ContractCreateOpts) (*WorkflowContract, error)
	List(ctx context.Context, orgID uuid.UUID) ([]*WorkflowContract, error)
	FindByIDInOrg(ctx context.Context, orgID, ID uuid.UUID) (*WorkflowContract, error)
	FindByNameInOrg(ctx context.Context, orgID uuid.UUID, name string) (*WorkflowContract, error)
	Describe(ctx context.Context, orgID, contractID uuid.UUID, revision int) (*WorkflowContractWithVersion, error)
	FindVersionByID(ctx context.Context, versionID uuid.UUID) (*WorkflowContractVersion, error)
	Update(ctx context.Context, orgID uuid.UUID, name string, opts *ContractUpdateOpts) (*WorkflowContractWithVersion, error)
	SoftDelete(ctx context.Context, contractID uuid.UUID) error
}
    type WorkflowContractUseCase ¶
type WorkflowContractUseCase struct {
	// contains filtered or unexported fields
}
    func NewWorkflowContractUseCase ¶
func NewWorkflowContractUseCase(repo WorkflowContractRepo, policyRegistry *policies.Registry, logger log.Logger) *WorkflowContractUseCase
func (*WorkflowContractUseCase) Create ¶
func (uc *WorkflowContractUseCase) Create(ctx context.Context, opts *WorkflowContractCreateOpts) (*WorkflowContract, error)
we currently only support schema v1
func (*WorkflowContractUseCase) Delete ¶
func (uc *WorkflowContractUseCase) Delete(ctx context.Context, orgID, contractID string) error
Delete soft-deletes the entry
func (*WorkflowContractUseCase) Describe ¶
func (uc *WorkflowContractUseCase) Describe(ctx context.Context, orgID, contractID string, revision int) (*WorkflowContractWithVersion, error)
func (*WorkflowContractUseCase) FindByIDInOrg ¶
func (uc *WorkflowContractUseCase) FindByIDInOrg(ctx context.Context, orgID, contractID string) (*WorkflowContract, error)
func (*WorkflowContractUseCase) FindByNameInOrg ¶ added in v0.93.0
func (uc *WorkflowContractUseCase) FindByNameInOrg(ctx context.Context, orgID, name string) (*WorkflowContract, error)
func (*WorkflowContractUseCase) FindVersionByID ¶
func (uc *WorkflowContractUseCase) FindVersionByID(ctx context.Context, versionID string) (*WorkflowContractVersion, error)
func (*WorkflowContractUseCase) GetPolicy ¶ added in v0.95.7
func (uc *WorkflowContractUseCase) GetPolicy(providerName, policyName, token string) (*schemav1.Policy, error)
GetPolicy retrieves a policy from a policy provider
func (*WorkflowContractUseCase) List ¶
func (uc *WorkflowContractUseCase) List(ctx context.Context, orgID string) ([]*WorkflowContract, error)
func (*WorkflowContractUseCase) Update ¶
func (uc *WorkflowContractUseCase) Update(ctx context.Context, orgID, name string, opts *WorkflowContractUpdateOpts) (*WorkflowContractWithVersion, error)
func (*WorkflowContractUseCase) ValidateContractPolicies ¶ added in v0.96.0
func (uc *WorkflowContractUseCase) ValidateContractPolicies(rawSchema []byte, token string) error
type WorkflowContractVersion ¶
type WorkflowContractWithVersion ¶
type WorkflowContractWithVersion struct {
	Contract *WorkflowContract
	Version  *WorkflowContractVersion
}
    type WorkflowCreateOpts ¶
type WorkflowCreateOpts struct {
	Name, OrgID, Project, Team, ContractName, Description string
	ContractID                                            string
	// Public means that the associated workflow runs, attestations and materials
	// are reachable by other users, regardless of their organization
	Public bool
}
    TODO: move to pointer properties to handle empty values
type WorkflowRepo ¶
type WorkflowRepo interface {
	Create(ctx context.Context, opts *WorkflowCreateOpts) (*Workflow, error)
	Update(ctx context.Context, id uuid.UUID, opts *WorkflowUpdateOpts) (*Workflow, error)
	List(ctx context.Context, orgID uuid.UUID) ([]*Workflow, error)
	GetOrgScoped(ctx context.Context, orgID, workflowID uuid.UUID) (*Workflow, error)
	GetOrgScopedByName(ctx context.Context, orgID uuid.UUID, workflowName string) (*Workflow, error)
	IncRunsCounter(ctx context.Context, workflowID uuid.UUID) error
	FindByID(ctx context.Context, workflowID uuid.UUID) (*Workflow, error)
	SoftDelete(ctx context.Context, workflowID uuid.UUID) error
}
    type WorkflowRun ¶
type WorkflowRun struct {
	ID                    uuid.UUID
	State, Reason         string
	CreatedAt, FinishedAt *time.Time
	Workflow              *Workflow
	RunURL, RunnerType    string
	ContractVersionID     uuid.UUID
	Attestation           *Attestation
	CASBackends           []*CASBackend
	// The revision of the contract that was used
	ContractRevisionUsed int
	// The max revision of the contract at the time of the run
	ContractRevisionLatest int
}
    type WorkflowRunCreateOpts ¶
type WorkflowRunExpirerOpts ¶
type WorkflowRunExpirerUseCase ¶
type WorkflowRunExpirerUseCase struct {
	PromObservable PromObservable
	// contains filtered or unexported fields
}
    func NewWorkflowRunExpirerUseCase ¶
func NewWorkflowRunExpirerUseCase(wfrRepo WorkflowRunRepo, po PromObservable, logger log.Logger) *WorkflowRunExpirerUseCase
func (*WorkflowRunExpirerUseCase) ExpirationSweep ¶
func (uc *WorkflowRunExpirerUseCase) ExpirationSweep(ctx context.Context, olderThan time.Time) error
ExpirationSweep looks for runs older than the provider time and marks them as expired
func (*WorkflowRunExpirerUseCase) Run ¶
func (uc *WorkflowRunExpirerUseCase) Run(ctx context.Context, opts *WorkflowRunExpirerOpts)
type WorkflowRunRepo ¶
type WorkflowRunRepo interface {
	Create(ctx context.Context, opts *WorkflowRunRepoCreateOpts) (*WorkflowRun, error)
	FindByID(ctx context.Context, ID uuid.UUID) (*WorkflowRun, error)
	FindByAttestationDigest(ctx context.Context, digest string) (*WorkflowRun, error)
	FindByIDInOrg(ctx context.Context, orgID, ID uuid.UUID) (*WorkflowRun, error)
	MarkAsFinished(ctx context.Context, ID uuid.UUID, status WorkflowRunStatus, reason string) error
	SaveAttestation(ctx context.Context, ID uuid.UUID, att *dsse.Envelope, digest string) error
	List(ctx context.Context, orgID uuid.UUID, f *RunListFilters, p *pagination.CursorOptions) ([]*WorkflowRun, string, error)
	// List the runs that have not finished and are older than a given time
	ListNotFinishedOlderThan(ctx context.Context, olderThan time.Time) ([]*WorkflowRun, error)
	// Set run as expired
	Expire(ctx context.Context, id uuid.UUID) error
}
    type WorkflowRunStatus ¶
type WorkflowRunStatus string
const ( WorkflowRunInitialized WorkflowRunStatus = "initialized" WorkflowRunSuccess WorkflowRunStatus = "success" WorkflowRunError WorkflowRunStatus = "error" WorkflowRunExpired WorkflowRunStatus = "expired" WorkflowRunCancelled WorkflowRunStatus = "canceled" )
func (WorkflowRunStatus) Values ¶
func (WorkflowRunStatus) Values() (kinds []string)
Implements https://pkg.go.dev/entgo.io/ent/schema/field#EnumValues
type WorkflowRunUseCase ¶
type WorkflowRunUseCase struct {
	// contains filtered or unexported fields
}
    func NewWorkflowRunUseCase ¶
func NewWorkflowRunUseCase(wfrRepo WorkflowRunRepo, wfRepo WorkflowRepo, logger log.Logger) (*WorkflowRunUseCase, error)
func (*WorkflowRunUseCase) Create ¶
func (uc *WorkflowRunUseCase) Create(ctx context.Context, opts *WorkflowRunCreateOpts) (*WorkflowRun, error)
Create will add a new WorkflowRun, associate it to a schemaVersion and increment the counter in the associated workflow
func (*WorkflowRunUseCase) ExistsInWorkflow ¶
func (uc *WorkflowRunUseCase) ExistsInWorkflow(ctx context.Context, workflowID, id string) (bool, error)
The workflowRun belongs to the provided workflowRun
func (*WorkflowRunUseCase) GetByDigestInOrgOrPublic ¶
func (uc *WorkflowRunUseCase) GetByDigestInOrgOrPublic(ctx context.Context, orgID, digest string) (*WorkflowRun, error)
func (*WorkflowRunUseCase) GetByIDInOrg ¶
func (uc *WorkflowRunUseCase) GetByIDInOrg(ctx context.Context, orgID, runID string) (*WorkflowRun, error)
Returns the workflow run with the provided ID if it belongs to the org
func (*WorkflowRunUseCase) GetByIDInOrgOrPublic ¶
func (uc *WorkflowRunUseCase) GetByIDInOrgOrPublic(ctx context.Context, orgID, runID string) (*WorkflowRun, error)
Returns the workflow run with the provided ID if it belongs to the org or its public
func (*WorkflowRunUseCase) List ¶
func (uc *WorkflowRunUseCase) List(ctx context.Context, orgID string, f *RunListFilters, p *pagination.CursorOptions) ([]*WorkflowRun, string, error)
List the workflowruns associated with an org and optionally filtered by a workflow
func (*WorkflowRunUseCase) MarkAsFinished ¶
func (uc *WorkflowRunUseCase) MarkAsFinished(ctx context.Context, id string, status WorkflowRunStatus, reason string) error
func (*WorkflowRunUseCase) SaveAttestation ¶
type WorkflowRunWithContract ¶
type WorkflowRunWithContract struct {
	*WorkflowRun
	*WorkflowContractVersion
}
    type WorkflowUpdateOpts ¶
type WorkflowUseCase ¶
type WorkflowUseCase struct {
	// contains filtered or unexported fields
}
    func NewWorkflowUsecase ¶
func NewWorkflowUsecase(wfr WorkflowRepo, schemaUC *WorkflowContractUseCase, logger log.Logger) *WorkflowUseCase
func (*WorkflowUseCase) Create ¶
func (uc *WorkflowUseCase) Create(ctx context.Context, opts *WorkflowCreateOpts) (*Workflow, error)
func (*WorkflowUseCase) Delete ¶
func (uc *WorkflowUseCase) Delete(ctx context.Context, orgID, workflowID string) error
Delete soft-deletes the entry
func (*WorkflowUseCase) FindByIDInOrg ¶
func (*WorkflowUseCase) FindByNameInOrg ¶
func (*WorkflowUseCase) IncRunsCounter ¶
func (uc *WorkflowUseCase) IncRunsCounter(ctx context.Context, workflowID string) error
func (*WorkflowUseCase) Update ¶
func (uc *WorkflowUseCase) Update(ctx context.Context, orgID, workflowID string, opts *WorkflowUpdateOpts) (*Workflow, error)