store

package
v1.208.0-test.20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2026 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Overview

Package store is a generated GoMock package.

Package store is a generated GoMock package.

Index

Constants

View Source 
const (

	// AzureKeyVaultHyphen is the hyphen character used for Azure Key Vault secret name normalization.
	AzureKeyVaultHyphen = "-"
)

Variables

View Source 
var (
	// Common validation errors.
	ErrEmptyStack           = errors.New("stack cannot be empty")
	ErrEmptyComponent       = errors.New("component cannot be empty")
	ErrEmptyKey             = errors.New("key cannot be empty")
	ErrStackDelimiterNotSet = errors.New("stack delimiter is not set")
	ErrGetKey               = errors.New("failed to get key")

	// AWS SSM specific errors.
	ErrRegionRequired = errors.New("region is required in ssm store configuration")
	ErrLoadAWSConfig  = errors.New("failed to load AWS config")
	ErrSetParameter   = errors.New("failed to set parameter")
	ErrGetParameter   = errors.New("failed to get parameter")

	// Azure Key Vault specific errors.
	ErrVaultURLRequired = errors.New("vault_url is required in azure key vault store configuration")
	ErrCreateClient     = errors.New("failed to create client")
	ErrAccessSecret     = errors.New("failed to access secret")
	ErrResourceNotFound = errors.New("resource not found")
	ErrPermissionDenied = errors.New("permission denied")

	// Redis specific errors.
	ErrParseRedisURL   = errors.New("failed to parse redis url")
	ErrMissingRedisURL = errors.New("either url must be set in options or ATMOS_REDIS_URL environment variable must be set")
	ErrGetRedisKey     = errors.New("failed to get key from redis")

	// Artifactory specific errors.
	ErrMissingArtifactoryToken = errors.New("either access_token must be set in options or one of JFROG_ACCESS_TOKEN or ARTIFACTORY_ACCESS_TOKEN environment variables must be set")
	ErrCreateTempDir           = errors.New("failed to create temp dir")
	ErrCreateTempFile          = errors.New("failed to create temp file")
	ErrDownloadFile            = errors.New("failed to download file")
	ErrNoFilesDownloaded       = errors.New("no files downloaded")
	ErrReadFile                = errors.New("failed to read file")
	ErrUnmarshalFile           = errors.New("failed to unmarshal file")
	ErrWriteTempFile           = errors.New("failed to write to temp file")
	ErrUploadFile              = errors.New("failed to upload file")

	// Google Secret Manager specific errors.
	ErrProjectIDRequired = errors.New("project_id is required in Google Secret Manager store configuration")
	ErrValueMustBeString = errors.New("value must be a string")
	ErrCreateSecret      = errors.New("failed to create secret")
	ErrAddSecretVersion  = errors.New("failed to add secret version")

	// Registry specific errors.
	ErrParseArtifactoryOptions = errors.New("failed to parse Artifactory store options")
	ErrParseSSMOptions         = errors.New("failed to parse SSM store options")
	ErrParseRedisOptions       = errors.New("failed to parse Redis store options")
	ErrStoreTypeNotFound       = errors.New("store type not found")

	// Identity errors.
	ErrIdentityNotConfigured   = errors.New("store identity is configured but auth resolver is not set")
	ErrAuthContextNotAvailable = errors.New("auth context not available for identity")

	// Shared errors.
	ErrSerializeJSON = errors.New("failed to serialize value to JSON")
	ErrMarshalValue  = errors.New("failed to marshal value")
	ErrNilValue      = errors.New("cannot store nil value")
)

Common errors shared across store implementations.

Functions

This section is empty.

Types

type AWSAuthConfig 

type AWSAuthConfig struct {
	CredentialsFile string
	ConfigFile      string
	Profile         string
	Region          string
}

AWSAuthConfig holds the AWS-specific authentication configuration resolved from an identity. This mirrors the relevant fields from schema.AWSAuthContext without importing pkg/schema to avoid circular dependencies (pkg/schema imports pkg/store).

type ArtifactoryClient added in v1.148.1 

type ArtifactoryClient interface {
	DownloadFiles(...services.DownloadParams) (int, int, error)
	UploadFiles(artifactory.UploadServiceOptions, ...services.UploadParams) (int, int, error)
}

ArtifactoryClient interface allows us to mock the Artifactory Services Manager in test with only the methods we are using in the ArtifactoryStore.

type ArtifactoryStore added in v1.148.1 

type ArtifactoryStore struct {
	// contains filtered or unexported fields
}

func (*ArtifactoryStore) Get added in v1.148.1 

func (s *ArtifactoryStore) Get(stack string, component string, key string) (interface{}, error)

func (*ArtifactoryStore) GetKey added in v1.187.0 

func (s *ArtifactoryStore) GetKey(key string) (interface{}, error)

func (*ArtifactoryStore) Set added in v1.148.1 

func (s *ArtifactoryStore) Set(stack string, component string, key string, value interface{}) error

type ArtifactoryStoreOptions added in v1.148.1 

type ArtifactoryStoreOptions struct {
	AccessToken    *string `mapstructure:"access_token"`
	Prefix         *string `mapstructure:"prefix"`
	RepoName       string  `mapstructure:"repo_name"`
	StackDelimiter *string `mapstructure:"stack_delimiter"`
	URL            string  `mapstructure:"url"`
}

type AuthContextResolver 

type AuthContextResolver interface {
	// ResolveAWSAuthContext authenticates the named identity and returns AWS credentials.
	ResolveAWSAuthContext(ctx context.Context, identityName string) (*AWSAuthConfig, error)

	// ResolveAzureAuthContext authenticates the named identity and returns Azure credentials.
	ResolveAzureAuthContext(ctx context.Context, identityName string) (*AzureAuthConfig, error)

	// ResolveGCPAuthContext authenticates the named identity and returns GCP credentials.
	ResolveGCPAuthContext(ctx context.Context, identityName string) (*GCPAuthConfig, error)
}

AuthContextResolver resolves an identity name to a cloud-specific auth configuration. Implemented outside this package (in pkg/store/authbridge) to avoid circular deps.

type AzureAuthConfig 

type AzureAuthConfig struct {
	CredentialsFile string
	SubscriptionID  string
	TenantID        string
	UseOIDC         bool
	ClientID        string
	TokenFilePath   string
}

AzureAuthConfig holds the Azure-specific authentication configuration resolved from an identity. Fields mirror schema.AzureAuthContext; realm-scoped paths are embedded in CredentialsFile.

type AzureKeyVaultClient added in v1.181.0 

type AzureKeyVaultClient interface {
	SetSecret(ctx context.Context, name string, parameters azsecrets.SetSecretParameters, options *azsecrets.SetSecretOptions) (azsecrets.SetSecretResponse, error)
	GetSecret(ctx context.Context, name string, version string, options *azsecrets.GetSecretOptions) (azsecrets.GetSecretResponse, error)
}

AzureKeyVaultClient interface allows us to mock the Azure Key Vault client.

type AzureKeyVaultStore added in v1.181.0 

type AzureKeyVaultStore struct {
	// contains filtered or unexported fields
}

AzureKeyVaultStore is an implementation of the Store interface for Azure Key Vault.

func (*AzureKeyVaultStore) Get added in v1.181.0 

func (s *AzureKeyVaultStore) Get(stack string, component string, key string) (interface{}, error)

func (*AzureKeyVaultStore) GetKey added in v1.187.0 

func (s *AzureKeyVaultStore) GetKey(key string) (interface{}, error)

func (*AzureKeyVaultStore) Set added in v1.181.0 

func (s *AzureKeyVaultStore) Set(stack string, component string, key string, value interface{}) error

func (*AzureKeyVaultStore) SetAuthContext 

func (s *AzureKeyVaultStore) SetAuthContext(resolver AuthContextResolver, identityName string)

SetAuthContext implements IdentityAwareStore. If identityName is non-empty, it overrides the store's identity. Otherwise, the existing identity is preserved.

type AzureKeyVaultStoreOptions added in v1.181.0 

type AzureKeyVaultStoreOptions struct {
	VaultURL       string  `mapstructure:"vault_url"`
	Prefix         *string `mapstructure:"prefix"`
	StackDelimiter *string `mapstructure:"stack_delimiter"`
}

type GCPAuthConfig 

type GCPAuthConfig struct {
	CredentialsFile string
	ProjectID       string
}

GCPAuthConfig holds the GCP-specific authentication configuration resolved from an identity. Fields mirror schema.GCPAuthContext; realm-scoped paths are embedded in CredentialsFile.

type GSMClient added in v1.166.0 

type GSMClient interface {
	CreateSecret(ctx context.Context, req *secretmanagerpb.CreateSecretRequest, opts ...gax.CallOption) (*secretmanagerpb.Secret, error)
	AddSecretVersion(ctx context.Context, req *secretmanagerpb.AddSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.SecretVersion, error)
	AccessSecretVersion(ctx context.Context, req *secretmanagerpb.AccessSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error)
	Close() error
}

GSMClient is the interface that wraps the Google Secret Manager client methods we use.

type GSMStore added in v1.166.0 

type GSMStore struct {
	// contains filtered or unexported fields
}

GSMStore is an implementation of the Store interface for Google Secret Manager.

func (*GSMStore) Get added in v1.166.0 

func (s *GSMStore) Get(stack string, component string, key string) (any, error)

Get retrieves a value by key from Google Secret Manager.

func (*GSMStore) GetKey added in v1.187.0 

func (s *GSMStore) GetKey(key string) (interface{}, error)

func (*GSMStore) Set added in v1.166.0 

func (s *GSMStore) Set(stack string, component string, key string, value any) error

Set stores a key-value pair in Google Secret Manager.

func (*GSMStore) SetAuthContext 

func (s *GSMStore) SetAuthContext(resolver AuthContextResolver, identityName string)

SetAuthContext implements IdentityAwareStore. If identityName is non-empty, it overrides the store's identity. Otherwise, the existing identity is preserved.

type GSMStoreOptions added in v1.166.0 

type GSMStoreOptions struct {
	Prefix         *string   `mapstructure:"prefix"`
	ProjectID      string    `mapstructure:"project_id"`
	StackDelimiter *string   `mapstructure:"stack_delimiter"`
	Credentials    *string   `mapstructure:"credentials"` // Optional JSON credentials
	Locations      *[]string `mapstructure:"locations"`   // Optional replication locations
}

GSMStoreOptions defines the configuration options for Google Secret Manager store.

type IdentityAwareStore 

type IdentityAwareStore interface {
	Store
	// SetAuthContext injects the resolver and identity name so the store can
	// lazily resolve credentials on first Get/Set call.
	SetAuthContext(resolver AuthContextResolver, identityName string)
}

IdentityAwareStore is implemented by stores that support identity-based authentication. Stores that implement this interface can authenticate using Atmos auth identities instead of the default credential chain.

type MockAuthContextResolver 

type MockAuthContextResolver struct {
	// contains filtered or unexported fields
}

MockAuthContextResolver is a mock of AuthContextResolver interface.

func NewMockAuthContextResolver 

func NewMockAuthContextResolver(ctrl *gomock.Controller) *MockAuthContextResolver

NewMockAuthContextResolver creates a new mock instance.

func (*MockAuthContextResolver) EXPECT 

func (m *MockAuthContextResolver) EXPECT() *MockAuthContextResolverMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

func (*MockAuthContextResolver) ResolveAWSAuthContext 

func (m *MockAuthContextResolver) ResolveAWSAuthContext(ctx context.Context, identityName string) (*AWSAuthConfig, error)

ResolveAWSAuthContext mocks base method.

func (*MockAuthContextResolver) ResolveAzureAuthContext 

func (m *MockAuthContextResolver) ResolveAzureAuthContext(ctx context.Context, identityName string) (*AzureAuthConfig, error)

ResolveAzureAuthContext mocks base method.

func (*MockAuthContextResolver) ResolveGCPAuthContext 

func (m *MockAuthContextResolver) ResolveGCPAuthContext(ctx context.Context, identityName string) (*GCPAuthConfig, error)

ResolveGCPAuthContext mocks base method.

type MockAuthContextResolverMockRecorder 

type MockAuthContextResolverMockRecorder struct {
	// contains filtered or unexported fields
}

MockAuthContextResolverMockRecorder is the mock recorder for MockAuthContextResolver.

func (*MockAuthContextResolverMockRecorder) ResolveAWSAuthContext 

func (mr *MockAuthContextResolverMockRecorder) ResolveAWSAuthContext(ctx, identityName any) *gomock.Call

ResolveAWSAuthContext indicates an expected call of ResolveAWSAuthContext.

func (*MockAuthContextResolverMockRecorder) ResolveAzureAuthContext 

func (mr *MockAuthContextResolverMockRecorder) ResolveAzureAuthContext(ctx, identityName any) *gomock.Call

ResolveAzureAuthContext indicates an expected call of ResolveAzureAuthContext.

func (*MockAuthContextResolverMockRecorder) ResolveGCPAuthContext 

func (mr *MockAuthContextResolverMockRecorder) ResolveGCPAuthContext(ctx, identityName any) *gomock.Call

ResolveGCPAuthContext indicates an expected call of ResolveGCPAuthContext.

type MockIdentityAwareStore 

type MockIdentityAwareStore struct {
	// contains filtered or unexported fields
}

MockIdentityAwareStore is a mock of IdentityAwareStore interface.

func NewMockIdentityAwareStore 

func NewMockIdentityAwareStore(ctrl *gomock.Controller) *MockIdentityAwareStore

NewMockIdentityAwareStore creates a new mock instance.

func (*MockIdentityAwareStore) EXPECT 

func (m *MockIdentityAwareStore) EXPECT() *MockIdentityAwareStoreMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

func (*MockIdentityAwareStore) Get 

func (m *MockIdentityAwareStore) Get(stack, component, key string) (any, error)

Get mocks base method.

func (*MockIdentityAwareStore) GetKey 

func (m *MockIdentityAwareStore) GetKey(key string) (any, error)

GetKey mocks base method.

func (*MockIdentityAwareStore) Set 

func (m *MockIdentityAwareStore) Set(stack, component, key string, value any) error

Set mocks base method.

func (*MockIdentityAwareStore) SetAuthContext 

func (m *MockIdentityAwareStore) SetAuthContext(resolver AuthContextResolver, identityName string)

SetAuthContext mocks base method.

type MockIdentityAwareStoreMockRecorder 

type MockIdentityAwareStoreMockRecorder struct {
	// contains filtered or unexported fields
}

MockIdentityAwareStoreMockRecorder is the mock recorder for MockIdentityAwareStore.

func (*MockIdentityAwareStoreMockRecorder) Get 

func (mr *MockIdentityAwareStoreMockRecorder) Get(stack, component, key any) *gomock.Call

Get indicates an expected call of Get.

func (*MockIdentityAwareStoreMockRecorder) GetKey 

func (mr *MockIdentityAwareStoreMockRecorder) GetKey(key any) *gomock.Call

GetKey indicates an expected call of GetKey.

func (*MockIdentityAwareStoreMockRecorder) Set 

func (mr *MockIdentityAwareStoreMockRecorder) Set(stack, component, key, value any) *gomock.Call

Set indicates an expected call of Set.

func (*MockIdentityAwareStoreMockRecorder) SetAuthContext 

func (mr *MockIdentityAwareStoreMockRecorder) SetAuthContext(resolver, identityName any) *gomock.Call

SetAuthContext indicates an expected call of SetAuthContext.

type MockStore added in v1.203.0 

type MockStore struct {
	// contains filtered or unexported fields
}

MockStore is a mock of Store interface.

func NewMockStore added in v1.203.0 

func NewMockStore(ctrl *gomock.Controller) *MockStore

NewMockStore creates a new mock instance.

func (*MockStore) EXPECT added in v1.203.0 

func (m *MockStore) EXPECT() *MockStoreMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

func (*MockStore) Get added in v1.203.0 

func (m *MockStore) Get(stack, component, key string) (any, error)

Get mocks base method.

func (*MockStore) GetKey added in v1.203.0 

func (m *MockStore) GetKey(key string) (any, error)

GetKey mocks base method.

func (*MockStore) Set added in v1.203.0 

func (m *MockStore) Set(stack, component, key string, value any) error

Set mocks base method.

type MockStoreMockRecorder added in v1.203.0 

type MockStoreMockRecorder struct {
	// contains filtered or unexported fields
}

MockStoreMockRecorder is the mock recorder for MockStore.

func (*MockStoreMockRecorder) Get added in v1.203.0 

func (mr *MockStoreMockRecorder) Get(stack, component, key any) *gomock.Call

Get indicates an expected call of Get.

func (*MockStoreMockRecorder) GetKey added in v1.203.0 

func (mr *MockStoreMockRecorder) GetKey(key any) *gomock.Call

GetKey indicates an expected call of GetKey.

func (*MockStoreMockRecorder) Set added in v1.203.0 

func (mr *MockStoreMockRecorder) Set(stack, component, key, value any) *gomock.Call

Set indicates an expected call of Set.

type RedisClient added in v1.159.0 

type RedisClient interface {
	Get(ctx context.Context, key string) *redis.StringCmd
	Set(ctx context.Context, key string, value interface{}, expiration time.Duration) *redis.StatusCmd
}

RedisClient interface allows us to mock the Redis Client in test with only the methods we are using in the RedisStore.

type RedisStore added in v1.159.0 

type RedisStore struct {
	// contains filtered or unexported fields
}

func (*RedisStore) Get added in v1.159.0 

func (s *RedisStore) Get(stack string, component string, key string) (interface{}, error)

func (*RedisStore) GetKey added in v1.187.0 

func (s *RedisStore) GetKey(key string) (interface{}, error)

func (*RedisStore) RedisClient added in v1.187.0 

func (s *RedisStore) RedisClient() RedisClient

RedisClient returns the underlying Redis client for testing purposes.

func (*RedisStore) Set added in v1.159.0 

func (s *RedisStore) Set(stack string, component string, key string, value interface{}) error

type RedisStoreOptions added in v1.159.0 

type RedisStoreOptions struct {
	Prefix         *string `mapstructure:"prefix"`
	StackDelimiter *string `mapstructure:"stack_delimiter"`
	URL            *string `mapstructure:"url"`
}

type SSMClient 

type SSMClient interface {
	PutParameter(ctx context.Context, params *ssm.PutParameterInput, optFns ...func(*ssm.Options)) (*ssm.PutParameterOutput, error)
	GetParameter(ctx context.Context, params *ssm.GetParameterInput, optFns ...func(*ssm.Options)) (*ssm.GetParameterOutput, error)
}

SSMClient interface allows us to mock the AWS SSM client.

type SSMStore 

type SSMStore struct {
	// contains filtered or unexported fields
}

SSMStore is an implementation of the Store interface for AWS SSM Parameter Store.

func (*SSMStore) Get 

func (s *SSMStore) Get(stack string, component string, key string) (any, error)

Get retrieves a value by key for an Atmos component in a stack from AWS SSM Parameter Store.

func (*SSMStore) GetKey added in v1.187.0 

func (s *SSMStore) GetKey(key string) (any, error)

GetKey retrieves a value by key from AWS SSM Parameter Store.

func (*SSMStore) Set 

func (s *SSMStore) Set(stack string, component string, key string, value any) error

Set stores a key-value pair in AWS SSM Parameter Store.

func (*SSMStore) SetAuthContext 

func (s *SSMStore) SetAuthContext(resolver AuthContextResolver, identityName string)

SetAuthContext implements IdentityAwareStore. If identityName is non-empty, it overrides the store's identity. Otherwise, the existing identity is preserved.

type SSMStoreOptions 

type SSMStoreOptions struct {
	Prefix         *string `mapstructure:"prefix"`
	Region         string  `mapstructure:"region"`
	StackDelimiter *string `mapstructure:"stack_delimiter"`
	ReadRoleArn    *string `mapstructure:"read_role_arn"`
	WriteRoleArn   *string `mapstructure:"write_role_arn"`
}

type STSClient added in v1.168.0 

type STSClient interface {
	AssumeRole(ctx context.Context, params *sts.AssumeRoleInput, optFns ...func(*sts.Options)) (*sts.AssumeRoleOutput, error)
}

STSClient interface allows us to mock the AWS STS client.

type Store 

type Store interface {
	// Set stores a value for a specific stack, component, and key combination.
	Set(stack string, component string, key string, value any) error
	// Get retrieves a value for a specific stack, component, and key combination.
	Get(stack string, component string, key string) (any, error)
	// GetKey retrieves a value directly by key without stack or component context.
	GetKey(key string) (any, error)
}

Store defines the common interface for all store implementations.

func NewArtifactoryStore added in v1.148.1 

func NewArtifactoryStore(options ArtifactoryStoreOptions) (Store, error)

func NewAzureKeyVaultStore added in v1.181.0 

func NewAzureKeyVaultStore(options AzureKeyVaultStoreOptions, identityName string) (Store, error)

NewAzureKeyVaultStore creates a new Azure Key Vault store. If identityName is non-empty, client initialization is deferred until first use (lazy init).

func NewGSMStore added in v1.166.0 

func NewGSMStore(options GSMStoreOptions, identityName string) (Store, error)

NewGSMStore initializes a new Google Secret Manager Store. If identityName is non-empty, client initialization is deferred until first use (lazy init).

func NewRedisStore added in v1.159.0 

func NewRedisStore(options RedisStoreOptions) (Store, error)

func NewSSMStore 

func NewSSMStore(options SSMStoreOptions, identityName string) (Store, error)

NewSSMStore initializes a new SSMStore. If identityName is non-empty, client initialization is deferred until first use (lazy init).

type StoreConfig 

type StoreConfig struct {
	Type     string                 `yaml:"type"`
	Identity string                 `yaml:"identity,omitempty"`
	Options  map[string]interface{} `yaml:"options"`
}

type StoreFactory 

type StoreFactory func(options map[string]any) (Store, error)

StoreFactory is a function type to initialize a new store.

type StoreRegistry 

type StoreRegistry map[string]Store

func NewStoreRegistry 

func NewStoreRegistry(config *StoresConfig) (StoreRegistry, error)

func (StoreRegistry) SetAuthContextResolver 

func (r StoreRegistry) SetAuthContextResolver(resolver AuthContextResolver)

SetAuthContextResolver injects an auth context resolver into all identity-aware stores that have an identity configured. This should be called after authentication is complete and before stores are accessed.

type StoresConfig 

type StoresConfig = map[string]StoreConfig

Source Files

View all Source files

Directories

Path Synopsis
Package authbridge provides an implementation of store.AuthContextResolver that bridges the store package with the auth system.
 Package authbridge provides an implementation of store.AuthContextResolver that bridges the store package with the auth system.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.