Documentation
¶
Index ¶
- Constants
- func IsCronKind(kind ModuleMonitorKind) bool
- type Base
- type DeploymentMechanism
- type GithubAppInstallation
- type GithubAppOAuth
- type GithubPullRequest
- type GithubPullRequestComment
- type GithubWebhook
- type HasEncryptedFields
- type LockPriority
- type Module
- type ModuleDeploymentConfig
- type ModuleEnvVarsVersion
- type ModuleLockKind
- type ModuleMonitor
- type ModuleMonitorKind
- type ModuleMonitorPresetPolicyName
- type ModuleMonitorResult
- type ModuleQueuePriority
- type ModuleRun
- type ModuleRunConfig
- type ModuleRunKind
- type ModuleRunQueue
- type ModuleRunQueueItem
- type ModuleRunStatus
- type ModuleRunToken
- type ModuleRunTriggerKind
- type ModuleValues
- type ModuleValuesVersion
- type ModuleValuesVersionKind
- type MonitorPolicyBytesVersion
- type MonitorResultSeverity
- type MonitorResultStatus
- type Notification
- type NotificationInbox
- type Organization
- type OrganizationInviteLink
- func (o *OrganizationInviteLink) BeforeCreate(tx *gorm.DB) error
- func (o *OrganizationInviteLink) Decrypt(key *[32]byte) error
- func (o *OrganizationInviteLink) Encrypt(key *[32]byte) error
- func (o *OrganizationInviteLink) GetPublicInviteLink(serverURL, orgName, inviterAddress string) string
- func (o *OrganizationInviteLink) IsExpired() bool
- func (o *OrganizationInviteLink) ToAPIType(key *[32]byte, serverURL, orgName string) *types.OrganizationInvite
- func (o *OrganizationInviteLink) ToAPITypeSanitized() *types.OrganizationInviteSanitized
- func (o *OrganizationInviteLink) VerifyToken(tok []byte) (bool, error)
- type OrganizationMember
- type OrganizationPolicy
- type PasswordResetToken
- type PersonalAccessToken
- type PresetPolicyName
- type PresetTeamPolicyName
- type SharedOAuthFields
- type Team
- type TeamMember
- type TeamPolicy
- type User
- type UserAccountKind
- type UserSession
- type VerifyEmailToken
- type WorkerToken
Constants ¶
View Source
const LogLocationFileStorage string = "file"
Variables ¶
This section is empty.
Functions ¶
func IsCronKind ¶
func IsCronKind(kind ModuleMonitorKind) bool
Types ¶
type Base ¶
type Base struct {
ID string `gorm:"primarykey"`
CreatedAt time.Time
UpdatedAt time.Time `gorm:"index"`
DeletedAt gorm.DeletedAt `gorm:"index"`
}
func (*Base) ToAPITypeMetadata ¶
func (b *Base) ToAPITypeMetadata() *types.APIResourceMeta
type DeploymentMechanism ¶
type DeploymentMechanism string
const ( DeploymentMechanismGithub DeploymentMechanism = "github" DeploymentMechanismGitlab DeploymentMechanism = "gitlab" DeploymentMechanismAPI DeploymentMechanism = "api" DeploymentMechanismLocal DeploymentMechanism = "local" )
type GithubAppInstallation ¶
type GithubAppInstallation struct {
Base
GithubAppOAuthID string
GithubAppOAuth GithubAppOAuth `gorm:"foreignKey:GithubAppOAuthID"`
AccountName string
AccountAvatarURL string
AccountID int64
InstallationID int64
InstallationSettingsURL string
}
func (*GithubAppInstallation) ToAPIType ¶
func (g *GithubAppInstallation) ToAPIType() *types.GithubAppInstallation
type GithubAppOAuth ¶
GithubAppOAuth represents a user authenticated to a Github app via oauth
type GithubPullRequest ¶
type GithubPullRequest struct {
Base
TeamID string
GithubRepositoryOwner string
GithubRepositoryName string
GithubPullRequestID int64
GithubPullRequestTitle string
GithubPullRequestNumber int64
GithubPullRequestHeadBranch string
GithubPullRequestBaseBranch string
GithubPullRequestState string
GithubPullRequestComments []GithubPullRequestComment
}
GithubPullRequest contains data about a Github PR
func (*GithubPullRequest) ToAPIType ¶
func (g *GithubPullRequest) ToAPIType() *types.GithubPullRequest
type GithubPullRequestComment ¶
type GithubPullRequestComment struct {
Base
GithubPullRequestID string
ModuleID string
GithubCommentID int64
}
GithubPullRequestComment are identified by their parent pull request along with a parent module ID. That is, all modules that are triggered by this PR will have their own comment
type GithubWebhook ¶
type GithubWebhook struct {
Base
HasEncryptedFields
TeamID string
GithubRepositoryOwner string
GithubRepositoryName string
// Encrypted data that contains the webhook signing secret
SigningSecret []byte
GithubAppInstallations []GithubAppInstallation `gorm:"many2many:github_webhooks_to_app_installations;"`
}
GithubWebhook contains data for a Github webhook
func NewGithubWebhook ¶
func NewGithubWebhook(teamID, repoOwner, repoName string) (*GithubWebhook, error)
func (*GithubWebhook) Decrypt ¶
func (gw *GithubWebhook) Decrypt(key *[32]byte) error
func (*GithubWebhook) Encrypt ¶
func (gw *GithubWebhook) Encrypt(key *[32]byte) error
type HasEncryptedFields ¶
type HasEncryptedFields struct {
FieldsAreEncrypted bool `gorm:"-"`
}
HasEncryptedFields is used for models which have an encrypted field. After Encrypt() and Decrypt() methods are called, these methods should set FieldsAreEncrypted correspondingly.
type LockPriority ¶
type LockPriority uint
const ( NoLockID LockPriority = 2 HasLockID LockPriority = 1 )
type Module ¶
type Module struct {
Base
TeamID string
Team Team `gorm:"foreignKey:TeamID"`
Name string
DeploymentMechanism DeploymentMechanism
DeploymentConfig ModuleDeploymentConfig
CurrentModuleValuesVersionID string
CurrentModuleValuesVersion ModuleValuesVersion `gorm:"foreignKey:CurrentModuleValuesVersionID"`
CurrentModuleEnvVarsVersionID string
CurrentModuleEnvVarsVersion ModuleEnvVarsVersion `gorm:"foreignKey:CurrentModuleEnvVarsVersionID"`
ModuleRunQueueID string
ModuleRunQueue ModuleRunQueue `gorm:"foreignKey:ModuleRunQueueID"`
// LockID represents a unique lock ID for the module. This operates at a higher level than the
// Terraform state lock. For a LockKind of type "github," this corresponds to a commit SHA.
LockID string
// LockKind describes the type of lock.
LockKind ModuleLockKind
Runs []ModuleRun
}
type ModuleDeploymentConfig ¶
type ModuleDeploymentConfig struct {
Base
ModuleID string
ModulePath string
// Local-related deployment config
UserID string
// Git-related deployment config
GitRepoName string
GitRepoOwner string
GitRepoBranch string
// Github-related deployment config
GithubAppInstallationID string
GithubAppInstallation GithubAppInstallation `gorm:"foreignKey:GithubAppInstallationID"`
}
func (*ModuleDeploymentConfig) ToAPIType ¶
func (m *ModuleDeploymentConfig) ToAPIType() *types.ModuleDeploymentConfig
type ModuleEnvVarsVersion ¶
type ModuleEnvVarsVersion struct {
Base
HasEncryptedFields
ModuleID string
Version uint
// JSON-based representation of module values, encrypted before storage
EnvVars []byte
}
func NewModuleEnvVarsVersion ¶
func (*ModuleEnvVarsVersion) Decrypt ¶
func (m *ModuleEnvVarsVersion) Decrypt(key *[32]byte) error
func (*ModuleEnvVarsVersion) Encrypt ¶
func (m *ModuleEnvVarsVersion) Encrypt(key *[32]byte) error
func (*ModuleEnvVarsVersion) GetEnvVars ¶
func (m *ModuleEnvVarsVersion) GetEnvVars(key *[32]byte) (map[string]string, error)
func (*ModuleEnvVarsVersion) ToAPIType ¶
func (m *ModuleEnvVarsVersion) ToAPIType(key *[32]byte) (*types.ModuleEnvVarsVersion, error)
type ModuleLockKind ¶
type ModuleLockKind string
const ( ModuleLockKindVCSBranch ModuleLockKind = "vcs_branch" ModuleLockKindManual ModuleLockKind = "manual" )
type ModuleMonitor ¶
type ModuleMonitor struct {
Base
TeamID string
DisplayName string
Description string
Kind ModuleMonitorKind
CronSchedule string
PresetPolicyName ModuleMonitorPresetPolicyName
CurrentMonitorPolicyBytesVersionID string
CurrentMonitorPolicyBytesVersion MonitorPolicyBytesVersion `gorm:"foreignKey:CurrentMonitorPolicyBytesVersionID"`
// A list of modules to target. If left empty, targets all modules.
Modules []Module `gorm:"many2many:monitors_to_modules;"`
// IsDefault controls whether this is a default monitor for all modules. If this is a default,
// it cannot be configured from the dashboard.
IsDefault bool
// Whether the monitor is disabled
Disabled bool
MatchChildModules []byte
MatchProviders []byte
MatchResources []byte
}
func (*ModuleMonitor) IsCronKind ¶
func (m *ModuleMonitor) IsCronKind() bool
func (*ModuleMonitor) ShouldRunForModule ¶
func (m *ModuleMonitor) ShouldRunForModule(modID string) bool
func (*ModuleMonitor) ToAPIType ¶
func (m *ModuleMonitor) ToAPIType() *types.ModuleMonitor
func (*ModuleMonitor) ToAPITypeMeta ¶
func (m *ModuleMonitor) ToAPITypeMeta() *types.ModuleMonitorMeta
type ModuleMonitorKind ¶
type ModuleMonitorKind string
const ( MonitorKindPlan ModuleMonitorKind = "plan" MonitorKindState ModuleMonitorKind = "state" MonitorKindBeforePlan ModuleMonitorKind = "before_plan" MonitorKindAfterPlan ModuleMonitorKind = "after_plan" MonitorKindBeforeApply ModuleMonitorKind = "before_apply" MonitorKindAfterApply ModuleMonitorKind = "after_apply" MonitorKindBeforeDestroy ModuleMonitorKind = "before_destroy" MonitorKindAfterDestroy ModuleMonitorKind = "after_destroy" )
type ModuleMonitorPresetPolicyName ¶
type ModuleMonitorPresetPolicyName string
const (
ModuleMonitorPresetPolicyNameDrift ModuleMonitorPresetPolicyName = "drift"
)
type ModuleMonitorResult ¶
type ModuleMonitorResult struct {
Base
TeamID string
ModuleID string
Module Module `gorm:"foreignKey:ModuleID"`
// (optional) The module run id, if this result is attached to a specific module run id (for
// before_plan, after_plan, etc)
ModuleRunID string
ModuleMonitorID string
Status MonitorResultStatus
Title string
Message string
Severity MonitorResultSeverity
}
func (*ModuleMonitorResult) ToAPIType ¶
func (m *ModuleMonitorResult) ToAPIType() *types.ModuleMonitorResult
type ModuleQueuePriority ¶
type ModuleQueuePriority uint
const ( ModuleQueuePriorityPlan ModuleQueuePriority = 3 ModuleQueuePriorityDestroy ModuleQueuePriority = 2 ModuleQueuePriorityApply ModuleQueuePriority = 1 )
Plans are run before applys. This is to handle the edge case where a plan and apply are queued at approximately the same time (ex. a forced merge on Github).
type ModuleRun ¶
type ModuleRun struct {
Base
// TeamID is only used by some queries where the team id is not implicit. This is not
// written to the module run table.
TeamID string `gorm:"-"`
ModuleID string
Status ModuleRunStatus
StatusDescription string
Kind ModuleRunKind
LockID string
LockOperation string
LockInfo string
LockWho string
LockVersion string
LockCreated string
LockPath string
Tokens []ModuleRunToken
ModuleRunConfig ModuleRunConfig
LogLocation string
Monitors []ModuleMonitor `gorm:"many2many:module_runs_to_monitors;"`
ModuleMonitorResults []ModuleMonitorResult
}
func (*ModuleRun) ToAPITypeOverview ¶
func (m *ModuleRun) ToAPITypeOverview() *types.ModuleRunOverview
func (*ModuleRun) ToTerraformLockType ¶
func (m *ModuleRun) ToTerraformLockType() *types.TerraformLock
type ModuleRunConfig ¶
type ModuleRunConfig struct {
Base
ModuleRunID string
TriggerKind ModuleRunTriggerKind
// For VCS-triggered runs, this is the corresponding commit SHA that triggered the run
GitCommitSHA string
// For locally-triggered runs, this is the hostname of the machine that performed this run
LocalHostname string
// Github-specific fields
GithubCheckID int64
GithubCommentID int64
GithubPullRequestID int64
ModuleValuesVersionID string
ModuleValuesVersion ModuleValuesVersion `gorm:"foreignKey:ModuleValuesVersionID"`
ModuleEnvVarsVersionID string
ModuleEnvVarsVersion ModuleEnvVarsVersion `gorm:"foreignKey:ModuleEnvVarsVersionID"`
}
type ModuleRunKind ¶
type ModuleRunKind string
const ( ModuleRunKindPlan ModuleRunKind = "plan" ModuleRunKindApply ModuleRunKind = "apply" ModuleRunKindInit ModuleRunKind = "init" ModuleRunKindDestroy ModuleRunKind = "destroy" ModuleRunKindMonitor ModuleRunKind = "monitor" )
type ModuleRunQueue ¶
type ModuleRunQueue struct {
Base
ModuleID string
Items []ModuleRunQueueItem
}
type ModuleRunQueueItem ¶
type ModuleRunQueueItem struct {
Base
ModuleRunQueueID string
ModuleRunID string
ModuleRunKind ModuleRunKind
LockPriority LockPriority
LockID string
LockKind ModuleLockKind
Priority ModuleQueuePriority
}
type ModuleRunStatus ¶
type ModuleRunStatus string
const ( ModuleRunStatusQueued ModuleRunStatus = "queued" ModuleRunStatusInProgress ModuleRunStatus = "in_progress" ModuleRunStatusCompleted ModuleRunStatus = "completed" ModuleRunStatusFailed ModuleRunStatus = "failed" )
type ModuleRunToken ¶
type ModuleRunToken struct {
Base
HasEncryptedFields
// The subject of the token (service account user)
UserID string
// The run id that this token was created for
ModuleRunID string
// When this PAT expires. This should match what's in the JWT data
Expires *time.Time
// Whether the personal access token has been revoked
Revoked bool
// Encrypted data that contains the token signing secret for that specific token
SigningSecret []byte
}
func NewModuleRunTokenFromRunID ¶
func NewModuleRunTokenFromRunID(userID, runID string) (*ModuleRunToken, error)
func (*ModuleRunToken) Decrypt ¶
func (m *ModuleRunToken) Decrypt(key *[32]byte) error
func (*ModuleRunToken) Encrypt ¶
func (m *ModuleRunToken) Encrypt(key *[32]byte) error
func (*ModuleRunToken) IsExpired ¶
func (m *ModuleRunToken) IsExpired() bool
type ModuleRunTriggerKind ¶
type ModuleRunTriggerKind string
const ( ModuleRunTriggerKindVCS ModuleRunTriggerKind = "vcs" ModuleRunTriggerKindManual ModuleRunTriggerKind = "manual" )
type ModuleValues ¶
type ModuleValues struct {
Base
HasEncryptedFields
ModuleValuesVersionID string
// JSON-based representation of module values, encrypted before storage
Values []byte
}
func (*ModuleValues) Decrypt ¶
func (m *ModuleValues) Decrypt(key *[32]byte) error
func (*ModuleValues) Encrypt ¶
func (m *ModuleValues) Encrypt(key *[32]byte) error
type ModuleValuesVersion ¶
type ModuleValuesVersion struct {
Base
ModuleID string
Version uint
Kind ModuleValuesVersionKind
// Git-specific params
GitValuesPath string
GitRepoName string
GitRepoOwner string
GitRepoBranch string
// Github-specific params
GithubAppInstallationID string
GithubAppInstallation GithubAppInstallation `gorm:"foreignKey:GithubAppInstallationID"`
}
func (*ModuleValuesVersion) ToAPIType ¶
func (m *ModuleValuesVersion) ToAPIType(mv *ModuleValues) (*types.ModuleValues, error)
type ModuleValuesVersionKind ¶
type ModuleValuesVersionKind string
const ( ModuleValuesVersionKindDatabase ModuleValuesVersionKind = "db" ModuleValuesVersionKindVCS ModuleValuesVersionKind = "vcs" )
type MonitorResultSeverity ¶
type MonitorResultSeverity string
const ( MonitorResultSeverityCritical MonitorResultSeverity = "critical" MonitorResultSeverityHigh MonitorResultSeverity = "high" MonitorResultSeverityLow MonitorResultSeverity = "low" )
type MonitorResultStatus ¶
type MonitorResultStatus string
const ( MonitorResultStatusSucceeded MonitorResultStatus = "succeeded" MonitorResultStatusFailed MonitorResultStatus = "failed" )
type Notification ¶
type Notification struct {
Base
TeamID string
NotificationInboxID string
NotificationID string
Title string
Message string
LastNotified *time.Time
// Whether this has been resolved - can be manually resolved
Resolved bool
// Whether this has been auto-resolved - for example, if a monitor eventually succeeds
AutoResolved bool
// A list of runs for failed module operations
Runs []ModuleRun `gorm:"many2many:notification_to_runs;"`
// A list of monitor results for monitor failures
MonitorResults []ModuleMonitorResult `gorm:"many2many:notification_to_monitor_results;"`
ModuleID string
Module Module `gorm:"foreignKey:ModuleID"`
}
func (*Notification) ToAPIType ¶
func (n *Notification) ToAPIType() *types.Notification
func (*Notification) ToAPITypeMeta ¶
func (n *Notification) ToAPITypeMeta() *types.NotificationMeta
type NotificationInbox ¶
type NotificationInbox struct {
Base
TeamID string `gorm:"unique"`
Notifications []Notification
}
type Organization ¶
type Organization struct {
Base
DisplayName string
Icon string
// an organization has a single owner, which is a user model
OwnerID string
Owner User `gorm:"foreignKey:OwnerID"`
// The list of members of this organization. This is not typically returned
// in queries unless you're explicitly calling list methods for org members.
OrgMembers []OrganizationMember
// The list of policies for this organization
OrgPolicies []OrganizationPolicy
// The list of teams for this organization
Teams []Team
}
func (*Organization) BeforeCreate ¶
func (o *Organization) BeforeCreate(tx *gorm.DB) error
func (*Organization) ToAPIType ¶
func (o *Organization) ToAPIType() *types.Organization
type OrganizationInviteLink ¶
type OrganizationInviteLink struct {
Base
HasEncryptedFields
OrganizationID string
OrganizationMemberID string
InviterEmail string
InviteeEmail string
Expires *time.Time
// Whether the invite link has been used
Used bool
// Encrypted before write
Token []byte
// Encrypted before write
InviteLinkURL []byte
}
func NewOrganizationInviteLink ¶
func NewOrganizationInviteLink(serverURL, orgID, inviterEmail string) (*OrganizationInviteLink, error)
func (*OrganizationInviteLink) BeforeCreate ¶
func (o *OrganizationInviteLink) BeforeCreate(tx *gorm.DB) error
func (*OrganizationInviteLink) Decrypt ¶
func (o *OrganizationInviteLink) Decrypt(key *[32]byte) error
func (*OrganizationInviteLink) Encrypt ¶
func (o *OrganizationInviteLink) Encrypt(key *[32]byte) error
func (*OrganizationInviteLink) GetPublicInviteLink ¶
func (o *OrganizationInviteLink) GetPublicInviteLink(serverURL, orgName, inviterAddress string) string
func (*OrganizationInviteLink) IsExpired ¶
func (o *OrganizationInviteLink) IsExpired() bool
func (*OrganizationInviteLink) ToAPIType ¶
func (o *OrganizationInviteLink) ToAPIType(key *[32]byte, serverURL, orgName string) *types.OrganizationInvite
func (*OrganizationInviteLink) ToAPITypeSanitized ¶
func (o *OrganizationInviteLink) ToAPITypeSanitized() *types.OrganizationInviteSanitized
func (*OrganizationInviteLink) VerifyToken ¶
func (o *OrganizationInviteLink) VerifyToken(tok []byte) (bool, error)
type OrganizationMember ¶
type OrganizationMember struct {
Base
// The parent organization ID, for the hasMany relationship
OrganizationID string
InviteLink OrganizationInviteLink
InviteAccepted bool
// The referenced user
UserID string
User User `gorm:"foreignKey:UserID"`
// The attached roles for this user.
OrgPolicies []OrganizationPolicy `gorm:"many2many:organization_member_policies;"`
// Whether this org member corresponds to a service account runner. This
// is to make queries easier.
IsServiceAccountRunner bool
}
func (*OrganizationMember) AfterFind ¶
func (o *OrganizationMember) AfterFind(tx *gorm.DB) (err error)
func (*OrganizationMember) ToAPIType ¶
func (o *OrganizationMember) ToAPIType(key *[32]byte, serverURL, orgName string) *types.OrganizationMember
func (*OrganizationMember) ToAPITypeSanitized ¶
func (o *OrganizationMember) ToAPITypeSanitized() *types.OrganizationMemberSanitized
type OrganizationPolicy ¶
type OrganizationPolicy struct {
Base
// The parent organization ID, for the hasMany relationship
OrganizationID string
IsCustom bool
PolicyName string
// Policy bytes MAY be empty if this is a preset policy, in which case they are preloaded
// into the server binary.
Policy []byte
}
func (*OrganizationPolicy) ToAPITypeMeta ¶
func (o *OrganizationPolicy) ToAPITypeMeta() *types.OrganizationPolicyMeta
type PasswordResetToken ¶
type PasswordResetToken struct {
Base
HasEncryptedFields
// Email is the target email of the user that initiated the password reset request
Email string
// Revoked represents whether the token has been revoked (used) or not
Revoked bool
// Expiry time
Expires *time.Time
// Token is hashed before storage
Token []byte
}
PasswordResetToken represents a password reset request for a user. The token is hashed and stored in the database, with the raw (unhashed) token sent to the user. The token is discovered via token ID and compared to its hashed value.
func NewPasswordResetTokenFromEmail ¶
func NewPasswordResetTokenFromEmail(targetEmail string) (*PasswordResetToken, error)
func (*PasswordResetToken) BeforeCreate ¶
func (p *PasswordResetToken) BeforeCreate(tx *gorm.DB) error
func (*PasswordResetToken) IsExpired ¶
func (p *PasswordResetToken) IsExpired() bool
func (*PasswordResetToken) VerifyToken ¶
func (p *PasswordResetToken) VerifyToken(tok string) (bool, error)
type PersonalAccessToken ¶
type PersonalAccessToken struct {
Base
HasEncryptedFields
// How this token gets displayed to the user
DisplayName string
// When this PAT expires. This should match what's in the JWT data
Expires *time.Time
// Whether the personal access token has been revoked
Revoked bool
// Encrypted data that contains the token signing secret for that specific token
SigningSecret []byte
// The user id that this PAT has been written for.
UserID string
}
PersonalAccessToken contains additional data about the JWT token, and provides a mechanism for revoking an otherwise-valid JWT.
func NewPATFromUserID ¶
func NewPATFromUserID(displayName, userID string) (*PersonalAccessToken, error)
func (*PersonalAccessToken) Decrypt ¶
func (p *PersonalAccessToken) Decrypt(key *[32]byte) error
func (*PersonalAccessToken) Encrypt ¶
func (p *PersonalAccessToken) Encrypt(key *[32]byte) error
func (*PersonalAccessToken) IsExpired ¶
func (p *PersonalAccessToken) IsExpired() bool
func (*PersonalAccessToken) ToAPIType ¶
func (p *PersonalAccessToken) ToAPIType() *types.PersonalAccessToken
type PresetPolicyName ¶
type PresetPolicyName string
const ( PresetPolicyNameOwner PresetPolicyName = "owner" PresetPolicyNameAdmin PresetPolicyName = "admin" PresetPolicyNameMember PresetPolicyName = "member" )
type PresetTeamPolicyName ¶
type PresetTeamPolicyName string
const ( PresetTeamPolicyNameAdmin PresetTeamPolicyName = "admin" PresetTeamPolicyNameMember PresetTeamPolicyName = "member" )
type SharedOAuthFields ¶
type SharedOAuthFields struct {
ClientID []byte `json:"client-id"`
AccessToken []byte `json:"access-token"`
RefreshToken []byte `json:"refresh-token"`
// If 0, token will never refresh
Expiry time.Time
// The id of the user that linked oauth
}
SharedOAuthFields stores general fields needed for an oauth integration
func (*SharedOAuthFields) Decrypt ¶
func (s *SharedOAuthFields) Decrypt(key *[32]byte) error
func (*SharedOAuthFields) Encrypt ¶
func (s *SharedOAuthFields) Encrypt(key *[32]byte) error
type Team ¶
type Team struct {
Base
DisplayName string
// The parent organization id
OrganizationID string
// The list of members of this team
TeamMembers []TeamMember
// The list of policies for this team
TeamPolicies []TeamPolicy
// The service account runner user belonging to this team
ServiceAccountRunnerID string
ServiceAccountRunner User `gorm:"foreignKey:ServiceAccountRunnerID"`
// The github webhooks registered for this team
GithubWebhooks []GithubWebhook
}
type TeamMember ¶
type TeamMember struct {
Base
// The parent team ID, for the hasMany relationship
TeamID string
// The referenced org member
OrgMemberID string
OrgMember OrganizationMember `gorm:"foreignKey:OrgMemberID"`
// The attached roles for this user.
TeamPolicies []TeamPolicy `gorm:"many2many:team_member_policies;"`
// Whether this team member corresponds to a service account runner. This
// is to make queries easier.
IsServiceAccountRunner bool
}
func (*TeamMember) ToAPIType ¶
func (o *TeamMember) ToAPIType() *types.TeamMember
type TeamPolicy ¶
type TeamPolicy struct {
Base
// The team organization ID, for the hasMany relationship
TeamID string
IsCustom bool
PolicyName string
// Policy bytes MAY be empty if this is a preset policy, in which case they are preloaded
// into the server binary.
Policy []byte
}
func (*TeamPolicy) ToAPITypeMeta ¶
func (o *TeamPolicy) ToAPITypeMeta() *types.TeamPolicyMeta
type User ¶
type User struct {
Base
DisplayName string
Email string `gorm:"unique"`
EmailVerified bool
Password string
Icon string
UserAccountKind UserAccountKind
}
func (*User) HashPassword ¶
func (*User) ToOrgUserPublishedData ¶
func (u *User) ToOrgUserPublishedData() *types.UserOrgPublishedData
type UserAccountKind ¶
type UserAccountKind string
const ( UserAccountEmail UserAccountKind = "email" UserAccountService UserAccountKind = "serviceaccount" )
type UserSession ¶
type VerifyEmailToken ¶
type VerifyEmailToken struct {
Base
// Email is the target email of the user that initiated the password reset request
Email string
// Revoked represents whether the token has been revoked (used) or not
Revoked bool
// Expiry time
Expires *time.Time
// Token is hashed before storage
Token []byte
}
VerifyEmailToken represents an email verification request for a user. The token is hashed and stored in the database, with the raw (unhashed) token sent to the user. The token is discovered via token ID and compared to its hashed value.
func NewVerifyEmailTokenFromEmail ¶
func NewVerifyEmailTokenFromEmail(targetEmail string) (*VerifyEmailToken, error)
func (*VerifyEmailToken) BeforeCreate ¶
func (p *VerifyEmailToken) BeforeCreate(tx *gorm.DB) error
func (*VerifyEmailToken) IsExpired ¶
func (p *VerifyEmailToken) IsExpired() bool
func (*VerifyEmailToken) VerifyToken ¶
func (p *VerifyEmailToken) VerifyToken(tok string) (bool, error)
type WorkerToken ¶
type WorkerToken struct {
Base
HasEncryptedFields
// The subject of the token (team ID)
TeamID string
// When this worker token expires. This should match what's in the JWT data
Expires *time.Time
// Whether the worker token has been revoked
Revoked bool
// Encrypted data that contains the token signing secret for that specific token
SigningSecret []byte
}
func NewWorkerTokenFromTeamID ¶
func NewWorkerTokenFromTeamID(teamID string) (*WorkerToken, error)
func (*WorkerToken) Decrypt ¶
func (w *WorkerToken) Decrypt(key *[32]byte) error
func (*WorkerToken) Encrypt ¶
func (w *WorkerToken) Encrypt(key *[32]byte) error
func (*WorkerToken) IsExpired ¶
func (w *WorkerToken) IsExpired() bool
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.