Documentation
¶
Overview ¶
Package contexts is the kubectl-style context store for the Entire CLIs.
One on-disk file at $ENTIRE_CONFIG_DIR/contexts.json (default ~/.config/entire/contexts.json) holds:
- a list of named contexts, each pairing a core URL, principal handle, and OS-keychain slot where the access + refresh tokens live;
- current_context, the active login: the preferred identity for cluster operations and the default for direct CLI commands not tied to a cluster.
File invariants: 0600, atomic temp+rename, exclusive flock under load. Both CLIs share the same file so a login from either is visible to the other.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DefaultConfigDir ¶
func DefaultConfigDir() string
DefaultConfigDir is $ENTIRE_CONFIG_DIR if set, else ~/.config/entire.
func FilePath ¶
FilePath returns $configDir/contexts.json after ensuring the directory exists with 0700 perms.
func Modify ¶
Modify atomically applies fn to contexts.json under a single exclusive flock — load, mutate, write all happen with the lock held. Use this for any read-modify-write sequence; calling Load and Save separately releases the lock between them and races concurrent writers (e.g. a parallel login recording a context).
fn returns (changed, err). When changed is false the file isn't rewritten — useful for idempotent operations that often have nothing to do. When err is non-nil the change is discarded.
Types ¶
type Context ¶
type Context struct {
// Name is the user-facing identifier. Defaults to the issuer host on
// auto-creation; overridable via login --name.
Name string `json:"name"`
// CoreURL is the JWT issuer URL — what STS exchanges hit. Set from
// the access token's signed iss claim, not the typed login URL.
CoreURL string `json:"core_url"`
// Handle is the principal handle returned from /api/auth/token.
Handle string `json:"handle"`
// KeychainService is the OS-keyring slot where the access token is
// filed; the refresh token lives at KeychainService+":refresh".
KeychainService string `json:"keychain_service"`
}
Context is a single kubectl-style entry: which core to talk to, as whom, and where the credentials are stored.
type File ¶
type File struct {
// CurrentContext is the active login; preferred identity for cluster
// operations (used when its CoreURL is eligible for the target cluster)
// and the default for direct CLI commands. Empty until the first login.
CurrentContext string `json:"current_context,omitempty"`
// Contexts is the list of stored credentials. Order is preserved on
// disk so list output stays stable across saves.
Contexts []*Context `json:"contexts,omitempty"`
}
File is the on-disk shape of contexts.json.
func Load ¶
Load reads contexts.json under configDir, returning an empty *File when the file doesn't exist yet (a fresh user). Holds an exclusive flock for the duration of the read.
func (*File) ContextsForIssuer ¶
ContextsForIssuer returns every context whose CoreURL matches issuer after trimming. Used by CLI flows that prompt the operator when multiple sessions are stored against the same core (logout, entiredb's admin/repo prompts). Order matches the on-disk order so prompt numbering is stable across saves.
func (*File) Delete ¶
Delete drops the context with the given name. If it was the current context, current_context is cleared — never reassigned to another context, so deleting your active login never silently switches you to a different identity.
Source Files