kv

package
v5.0.0-preview.1+incom... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2022 License: Apache-2.0 Imports: 45 Imported by: 24

Documentation

Index

Constants

View Source 
const (
	AdmCAKeyPath  = "/etc/neuvector/certs/internal/adm_ca.key"
	AdmCACertPath = "/etc/neuvector/certs/internal/adm_ca.cert"

	CertTypeAdmCtrl = "adm_ctrl"
	CertTypeFed     = "federation"
)
View Source 
const NODEMAX int = 600

to test policy calculation oversize issue adjust number of nodes(NODEMAX) and number of workloads per node(WLPERNODEMAX)

View Source 
const NeuvectorDir = "/var/neuvector/"
View Source 
const WLPERNODEMAX int = 250

Variables

View Source 
var CreditCardSensorDlpRule = &share.CLUSDlpSensor{
	Name:        share.CLUSDlpCcSensor,
	Groups:      make(map[string]string),
	RuleList:    make(map[string]*share.CLUSDlpRule),
	PreRuleList: make(map[string][]*share.CLUSDlpRule),
	RuleListNames: map[string]string{
		share.DlpRuleNameCcAxp:      share.DlpRuleNameCcAxp,
		share.DlpRuleNameCcDiscover: share.DlpRuleNameCcDiscover,
		share.DlpRuleNameCcMaster:   share.DlpRuleNameCcMaster,
		share.DlpRuleNameCcVisa:     share.DlpRuleNameCcVisa,
		share.DlpRuleNameCcDinerV1:  share.DlpRuleNameCcDinerV1,
		share.DlpRuleNameCcDinerV2:  share.DlpRuleNameCcDinerV2,
		share.DlpRuleNameCcJcb:      share.DlpRuleNameCcJcb,
	},
	Comment:   commentCcSensor,
	Predefine: true,
}
View Source 
var ErrCluster = errors.New("Failed to access cluster")
View Source 
var ErrIORead = errors.New("Failed on IO read")
View Source 
var ErrIOWrite = errors.New("Failed on IO write")
View Source 
var ErrIncompatibleFedRole = errors.New("File is from an incompatible federal-role cluster")
View Source 
var ErrIncompatibleFedRoleEx = errors.New("It's not allowed to import from federal-managed cluster to standalone cluster. To override it, select \"Import as standalone\" and try again")
View Source 
var ErrInvalidFileFormat = errors.New("Invalid file format")
View Source 
var FAKEWLID string = "9321f8a6951c550e2d1634b32b859ed6ed167752b8a8552f95dad7eb33de8e2a"
View Source 
var PreDlpSensors = []*share.CLUSDlpSensor{
	SsnSensorDlpRule,
	CreditCardSensorDlpRule,
}
View Source 
var SsnSensorDlpRule = &share.CLUSDlpSensor{
	Name:        share.CLUSDlpSsnSensor,
	Groups:      make(map[string]string),
	RuleList:    make(map[string]*share.CLUSDlpRule),
	PreRuleList: make(map[string][]*share.CLUSDlpRule),
	RuleListNames: map[string]string{
		share.DlpRuleNameSsn: share.DlpRuleNameSsn,
	},
	Comment:   commentSsnSensor,
	Predefine: true,
}

Functions

func CalculateIPPolicyFromCacheFake 

func CalculateIPPolicyFromCacheFake() []share.CLUSGroupIPPolicy

func CheckFedKvVersion 

func CheckFedKvVersion(verifier, reqFedKvVer string) (bool, int)

check if the request handling cluster can handle request from the requesting cluster for "fed kv version":

  1. the request handling cluster & requesting cluster have the same "fed kv version", it means they can handle requests from each other in the same federation
  2. if not, it means they shouldn't handle requests from each other 2-1: if the requesting cluster's "fed kv version" is in the handler cluster's phases, it means the requesting cluster needs upgrade 2-2: if the requesting cluster's "fed kv version" is not in the handler cluster's phases, it means the handler cluster needs upgrade

func CompressPolicyRuleList 

func CompressPolicyRuleList()

compress for existing rulelist pre-3.2.1 and 3.2.1

func ConvertRoleGroupsToGroupRoleDomains 

func ConvertRoleGroupsToGroupRoleDomains(roleGroups map[string][]string) ([]*share.GroupRoleMapping, error)

func CreateAdmCtrlStateByName 

func CreateAdmCtrlStateByName(svcName string, enable bool)

func CreateDefDlpRules 

func CreateDefDlpRules(withlock bool)

func CreateDefaultFedGroups 

func CreateDefaultFedGroups()

func CreatePreDlpSensor 

func CreatePreDlpSensor(withlock bool)

func DeletePolicyByCfgTypeTxn 

func DeletePolicyByCfgTypeTxn(txn *cluster.ClusterTransact, cfgType share.TCfgType)

func DeletePolicyByGroup 

func DeletePolicyByGroup(name string) int

func DeletePolicyByGroupTxn 

func DeletePolicyByGroupTxn(txn *cluster.ClusterTransact, name string) error

func DeletePolicyByGroups 

func DeletePolicyByGroups(names []string) int

func DeleteResponseRuleByGroup 

func DeleteResponseRuleByGroup(name string) int

func DeleteResponseRuleByGroupTxn 

func DeleteResponseRuleByGroupTxn(txn *cluster.ClusterTransact, name string) error

func GenTlsKeyCert 

func GenTlsKeyCert(cn, privKeyPath, certPath string, usage x509.ExtKeyUsage) bool

func GetFedCaCertPath 

func GetFedCaCertPath(masterID string) (string, error)

func GetFedKvVer 

func GetFedKvVer() string

func GetFedTlsKeyCertPath 

func GetFedTlsKeyCertPath(masterID, jointID string) (string, string, string)

func Init 

func Init(id, version, platform, flavor string, persist bool, isGroupMember FuncIsGroupMember, getConfigData FuncGetConfigKVData)

func IsImporting 

func IsImporting() bool

func SetImporting 

func SetImporting(value uint32)

func StringWithCharset 

func StringWithCharset(length int, charset string) string

func UpgradeAndConvert 

func UpgradeAndConvert(key string, value []byte) ([]byte, error)

This is called whenever we read from kv store or get notified by kv changes.

func ValidateWebhookCert 

func ValidateWebhookCert()

Types

type ClusterHelper 

type ClusterHelper interface {
	AcquireLock(key string, wait time.Duration) (cluster.LockInterface, error)
	ReleaseLock(cluster.LockInterface) error

	UpgradeClusterKV()
	UpgradeClusterImport(ver *share.CLUSCtrlVersion)
	FixMissingClusterKV()

	PutInstallationID() (string, error)
	GetInstallationID() (string, error)

	GetAllControllers() []*share.CLUSController
	GetAllEnforcers() []*share.CLUSAgent

	SetCtrlState(key string) error
	UnsetCtrlState(key string)
	GetCtrlState(key string) bool

	GetSystemConfigRev(acc *access.AccessControl) (*share.CLUSSystemConfig, uint64)
	PutSystemConfigRev(conf *share.CLUSSystemConfig, rev uint64) error
	GetScanConfigRev(acc *access.AccessControl) (*share.CLUSScanConfig, uint64)
	GetFedSystemConfigRev(acc *access.AccessControl) (*share.CLUSSystemConfig, uint64)
	PutFedSystemConfigRev(conf *share.CLUSSystemConfig, rev uint64) error

	GetDomain(name string, acc *access.AccessControl) (*share.CLUSDomain, uint64, error)
	PutDomain(cd *share.CLUSDomain, rev uint64) error
	PutDomainIfNotExist(cd *share.CLUSDomain) error
	DeleteDomain(name string) error

	GetAllLearnedGroups(acc *access.AccessControl) map[string]*share.CLUSGroup
	GetAllGroups(scope string, acc *access.AccessControl) map[string]*share.CLUSGroup
	GetAllGroupNames(scope string) utils.Set
	GetGroup(name string, acc *access.AccessControl) (*share.CLUSGroup, uint64, error)
	PutGroup(group *share.CLUSGroup, create bool) error
	PutGroupRev(group *share.CLUSGroup, rev uint64) error
	PutGroupTxn(txn *cluster.ClusterTransact, group *share.CLUSGroup) error
	DeleteGroup(name string) error
	DeleteGroupTxn(txn *cluster.ClusterTransact, name string) error

	GetPolicyRuleList() []*share.CLUSRuleHead
	PutPolicyRuleList(crhs []*share.CLUSRuleHead) error
	PutPolicyRuleListTxn(txn *cluster.ClusterTransact, crhs []*share.CLUSRuleHead) error
	PutPolicyRuleListZip(key string, array []byte) error
	GetPolicyRule(id uint32) (*share.CLUSPolicyRule, uint64)
	PutPolicyRule(rule *share.CLUSPolicyRule) error
	PutPolicyRuleTxn(txn *cluster.ClusterTransact, rule *share.CLUSPolicyRule) error
	PutPolicyRuleRev(rule *share.CLUSPolicyRule, rev uint64) error
	DeletePolicyRule(id uint32) error
	DeletePolicyRuleTxn(txn *cluster.ClusterTransact, id uint32) error
	PutPolicyVer(s *share.CLUSGroupIPPolicyVer) error

	GetResponseRuleList(policyName string) []*share.CLUSRuleHead
	PutResponseRuleList(policyName string, crhs []*share.CLUSRuleHead) error
	PutResponseRuleListTxn(policyName string, txn *cluster.ClusterTransact, crhs []*share.CLUSRuleHead) error
	GetResponseRule(policyName string, id uint32) (*share.CLUSResponseRule, uint64)
	PutResponseRule(policyName string, rule *share.CLUSResponseRule) error
	PutResponseRuleTxn(policyName string, txn *cluster.ClusterTransact, rule *share.CLUSResponseRule) error
	PutResponseRuleRev(policyName string, rule *share.CLUSResponseRule, rev uint64) error
	DeleteResponseRule(policyName string, id uint32) error
	DeleteResponseRuleTxn(policyName string, txn *cluster.ClusterTransact, id uint32) error

	GetAllServers(acc *access.AccessControl) map[string]*share.CLUSServer
	GetServerRev(name string, acc *access.AccessControl) (*share.CLUSServer, uint64, error)
	PutServerRev(server *share.CLUSServer, rev uint64) error
	PutServerIfNotExist(server *share.CLUSServer) error
	DeleteServer(name string) error

	GetAllUsers(acc *access.AccessControl) map[string]*share.CLUSUser
	GetAllUsersNoAuth() map[string]*share.CLUSUser
	GetUserRev(fullname string, acc *access.AccessControl) (*share.CLUSUser, uint64, error)
	PutUserRev(user *share.CLUSUser, rev uint64) error
	PutUser(user *share.CLUSUser) error
	CreateUser(user *share.CLUSUser) error
	DeleteUser(fullname string) error

	GetProcessProfile(group string) *share.CLUSProcessProfile
	PutProcessProfile(group string, pg *share.CLUSProcessProfile) error
	PutProcessProfileTxn(txn *cluster.ClusterTransact, group string, pg *share.CLUSProcessProfile) error
	PutProcessProfileIfNotExist(group string, pg *share.CLUSProcessProfile) error
	DeleteProcessProfile(group string) error
	DeleteProcessProfileTxn(txn *cluster.ClusterTransact, group string) error
	GetAllProcessProfileSubKeys(scope string) utils.Set

	GetScanner(id string, acc *access.AccessControl) *share.CLUSScanner
	GetAllScanner(acc *access.AccessControl) []*share.CLUSScanner
	PutScannerTxn(txn *cluster.ClusterTransact, s *share.CLUSScanner) error
	DeleteScanner(id string) error
	GetScannerStats(id string) (*share.CLUSScannerStats, error)
	CreateScannerStats(id string) error
	PutScannerStats(id string, objType share.ScanObjectType, result *share.ScanResult) error
	GetScannerDB(store string) []*share.CLUSScannerDB

	GetScanReport(key string) *share.CLUSScanReport
	GetScanState(key string) *share.CLUSScanState

	GetAllComplianceProfiles(acc *access.AccessControl) []*share.CLUSComplianceProfile
	GetComplianceProfile(name string, acc *access.AccessControl) (*share.CLUSComplianceProfile, uint64, error)
	PutComplianceProfile(cp *share.CLUSComplianceProfile, rev uint64) error
	PutComplianceProfileIfNotExist(cp *share.CLUSComplianceProfile) error

	GetAllVulnerabilityProfiles(acc *access.AccessControl) []*share.CLUSVulnerabilityProfile
	GetVulnerabilityProfile(name string, acc *access.AccessControl) (*share.CLUSVulnerabilityProfile, uint64, error)
	PutVulnerabilityProfile(cp *share.CLUSVulnerabilityProfile, rev uint64) error
	PutVulnerabilityProfileIfNotExist(cp *share.CLUSVulnerabilityProfile) error

	GetRegistry(name string, acc *access.AccessControl) (*share.CLUSRegistryConfig, uint64, error)
	GetAllRegistry() []*share.CLUSRegistryConfig
	PutRegistry(config *share.CLUSRegistryConfig, rev uint64) error
	PutRegistryIfNotExist(config *share.CLUSRegistryConfig) error
	DeleteRegistry(name string) error
	DeleteRegistryKeys(name string)
	PutRegistryState(name string, state *share.CLUSRegistryState) error
	GetRegistryState(name string) *share.CLUSRegistryState
	PutRegistryImageSummary(name, id string, sum *share.CLUSRegistryImageSummary) error
	PutRegistryImageSummaryAndReport(name, id string, sum *share.CLUSRegistryImageSummary, report *share.CLUSScanReport) error
	DeleteRegistryImageSummaryAndReport(name, id string) error

	GetAllFileMonitorProfile() map[string]*share.CLUSFileMonitorProfile
	GetAllFileMonitorProfileSubKeys(scope string) utils.Set
	GetFileMonitorProfile(name string) (*share.CLUSFileMonitorProfile, uint64)
	PutFileMonitorProfile(name string, conf *share.CLUSFileMonitorProfile, rev uint64) error
	PutFileMonitorProfileIfNotExist(name string, conf *share.CLUSFileMonitorProfile) error
	PutFileMonitorProfileTxn(txn *cluster.ClusterTransact, name string, conf *share.CLUSFileMonitorProfile) error
	DeleteFileMonitor(name string) error
	DeleteFileMonitorTxn(txn *cluster.ClusterTransact, name string) error

	GetAdmissionCertRev(svcName string) (*share.CLUSAdmissionCertCloaked, uint64) // obsolete
	GetObjectCertRev(cn string) (*share.CLUSX509Cert, uint64, error)
	PutObjectCert(cn, keyPath, certPath string, cert *share.CLUSX509Cert) error
	GetAdmissionStateRev(svcName string) (*share.CLUSAdmissionState, uint64)
	PutAdmissionRule(admType, ruleType string, rule *share.CLUSAdmissionRule) error
	PutAdmissionStateRev(svcName string, state *share.CLUSAdmissionState, rev uint64) error
	GetAdmissionRuleList(admType, ruleType string) ([]*share.CLUSRuleHead, error)
	PutAdmissionRuleList(admType, ruleType string, crhs []*share.CLUSRuleHead) error
	GetAdmissionRule(admType, ruleType string, id uint32) *share.CLUSAdmissionRule
	DeleteAdmissionRule(admType, ruleType string, id uint32) error
	GetAdmissionStatsRev() (*share.CLUSAdmissionStats, uint64)
	PutAdmissionStatsRev(stats *share.CLUSAdmissionStats, rev uint64) error
	// transaction APIs:
	PutAdmissionRuleTxn(txn *cluster.ClusterTransact, admType, ruleType string, rule *share.CLUSAdmissionRule) error
	PutAdmissionRuleListTxn(txn *cluster.ClusterTransact, admType, ruleType string, crhs []*share.CLUSRuleHead) error
	DeleteAdmissionRuleTxn(txn *cluster.ClusterTransact, admType, ruleType string, id uint32) error

	GetFileAccessRule(name string) (*share.CLUSFileAccessRule, uint64)
	PutFileAccessRule(name string, conf *share.CLUSFileAccessRule, rev uint64) error
	PutFileAccessRuleIfNotExist(name string, conf *share.CLUSFileAccessRule) error
	PutFileAccessRuleTxn(txn *cluster.ClusterTransact, name string, conf *share.CLUSFileAccessRule) error
	DeleteFileAccessRule(name string) error
	DeleteFileAccessRuleTxn(txn *cluster.ClusterTransact, name string) error
	GetAllFileAccessRuleSubKeys(scope string) utils.Set
	GetCrdSecurityRuleRecord(crdKind, crdName string) *share.CLUSCrdSecurityRule
	PutCrdSecurityRuleRecord(crdKind, crdName string, rules *share.CLUSCrdSecurityRule) error
	DeleteCrdSecurityRuleRecord(crdKind, crdName string) error
	GetCrdSecurityRuleRecordList(crdKind string) map[string]*share.CLUSCrdSecurityRule

	GetFedMembership() *share.CLUSFedMembership
	PutFedMembership(s *share.CLUSFedMembership) error
	GetFedJointClusterList() *share.CLUSFedJoinedClusterList
	PutFedJointClusterList(list *share.CLUSFedJoinedClusterList) error
	PutFedJointClusterStatus(id string, status *share.CLUSFedClusterStatus) error
	DeleteFedJointClusterStatus(id string) error
	GetFedJointCluster(id string) *share.CLUSFedJointClusterInfo
	PutFedJointCluster(jointCluster *share.CLUSFedJointClusterInfo) error
	DeleteFedJointCluster(id string) error
	GetFedRulesRevisionRev() (*share.CLUSFedRulesRevision, uint64)
	UpdateFedRulesRevision(ruleTypes []string) bool
	PutFedRulesRevision(txn *cluster.ClusterTransact, settings *share.CLUSFedRulesRevision) error
	FedTriggerInstantPingPoll(cmd, fullPolling uint32)
	EnableDisableJointClusters(ids []string, toDisable bool, fedKeyLocked bool)
	ConfigFedRole(userName, role string, acc *access.AccessControl) error

	GetDlpSensor(name string) *share.CLUSDlpSensor
	PutDlpSensor(sensor *share.CLUSDlpSensor, create bool) error
	DeleteDlpSensor(name string) error
	GetDlpGroup(group string) *share.CLUSDlpGroup
	PutDlpGroup(group *share.CLUSDlpGroup, create bool) error
	DeleteDlpGroup(group string) error

	GetWafSensor(name string) *share.CLUSWafSensor
	GetAllWafSensors() []*share.CLUSWafSensor
	PutWafSensor(sensor *share.CLUSWafSensor, create bool) error
	PutWafSensorTxn(txn *cluster.ClusterTransact, sensor *share.CLUSWafSensor) error
	DeleteWafSensor(name string) error
	DeleteWafSensorTxn(txn *cluster.ClusterTransact, name string) error
	GetWafGroup(group string) *share.CLUSWafGroup
	PutWafGroup(group *share.CLUSWafGroup, create bool) error
	PutWafGroupTxn(txn *cluster.ClusterTransact, group *share.CLUSWafGroup) error
	DeleteWafGroup(group string) error

	GetCustomCheckConfig(name string) (*share.CLUSCustomCheckGroup, uint64)
	GetAllCustomCheckConfig() map[string]*share.CLUSCustomCheckGroup
	PutCustomCheckConfig(name string, conf *share.CLUSCustomCheckGroup, rev uint64) error
	DeleteCustomCheckConfig(name string) error

	GetCrdRecord(string) *share.CLUSCrdRecord
	PutCrdRecord(*share.CLUSCrdRecord, string) error
	DeleteCrdRecord(string) error
	GetCrdEventQueue() *share.CLUSCrdEventRecord
	PutCrdEventQueue(*share.CLUSCrdEventRecord) error

	GetAwsCloudResource(projectName string) (*share.CLUSAwsResource, error)
	PutAwsCloudResource(project *share.CLUSAwsResource) error
	DeleteAwsCloudResource(projectName string) error
	GetAwsLambda(project, region, funcName string) *share.CLUSAwsFuncScanOutputList
	PutAwsLambda(project, region, funcName string, output *share.CLUSAwsFuncScanOutputList) error
	DeleteAwsLambda(project, region, funcName string) error
	DeleteAwsProjectCfg(projectName string) error
	GetAwsProjectCfg(projectName string, acc *access.AccessControl) (*share.CLUSAwsProjectCfg, error)
	PutAwsProjectCfg(projectName string, record *share.CLUSAwsProjectCfg) error
	// custom roles
	GetAllCustomRoles(acc *access.AccessControl) map[string]*share.CLUSUserRole
	GetCustomRoleRev(name string, acc *access.AccessControl) (*share.CLUSUserRole, uint64, error)
	PutCustomRoleRev(user *share.CLUSUserRole, rev uint64, acc *access.AccessControl) error
	CreateCustomRole(user *share.CLUSUserRole, acc *access.AccessControl) error
	DeleteCustomRole(name string) error

	//
	DuplicateNetworkKey(key string, value []byte) error
	DuplicateNetworkKeyTxn(txn *cluster.ClusterTransact, key string, value []byte) error
	RestoreNetworkKeys()

	// password profile
	GetAllPwdProfiles(acc *access.AccessControl) map[string]*share.CLUSPwdProfile
	GetPwdProfileRev(name string, acc *access.AccessControl) (*share.CLUSPwdProfile, uint64, error)
	PutPwdProfileRev(profile *share.CLUSPwdProfile, rev uint64) error
	DeletePwdProfile(name string) error
	GetActivePwdProfileName() string
	PutActivePwdProfileName(name string) error

	// import task
	GetImportTask() (share.CLUSImportTask, error)
	PutImportTask(importTask *share.CLUSImportTask) error

	// mock for unittest
	SetCacheMockCallback(keyStore string, mockFunc MockKvConfigUpdateFunc)
}

func GetClusterHelper 

func GetClusterHelper() ClusterHelper

type ConfigHelper 

type ConfigHelper interface {
	NotifyConfigChange(endpoint string)
	BackupAll()
	Restore() (string, error)
	Export(w *bufio.Writer, sections utils.Set) error
	Import(eps []*common.RPCEndpoint, localCtrlerID, localCtrlerIP string, loginDomainRoles access.DomainRole, importTask share.CLUSImportTask,
		tempToken string, revertFedRoles RevertFedRolesFunc, postImportOp PostImportFunc, pauseResumeStoreWatcher PauseResumeStoreWatcherFunc,
		ignoreFed bool) error
}

func GetConfigHelper 

func GetConfigHelper() ConfigHelper

type DispatcherHelper 

type DispatcherHelper interface {
	WorkloadJoin(node, group, id string, customGrps utils.Set, bLeader bool)
	WorkloadLeave(node, group, id string, customGrps utils.Set, bLeader bool)
	NodeLeave(node string, bLeader bool)
	CustomGroupUpdate(group string, serviceGrps utils.Set, bLeader bool)
	CustomGroupDelete(group string, bLeader bool)
	PutProfile(group, subkey string, value []byte, txn *cluster.ClusterTransact, bPutIfNotExist bool) error
	IsGroupAdded(group string) bool
}

func GetDispatchHelper 

func GetDispatchHelper() DispatcherHelper

type FuncGetConfigKVData 

type FuncGetConfigKVData func(key string) ([]byte, bool)

type FuncIsGroupMember 

type FuncIsGroupMember func(name, id string) bool

type LogEventFunc 

type LogEventFunc func(share.TLogEvent, time.Time, int, string)

type MockCluster 

type MockCluster struct {
	ClusterHelper

	ScanSums map[string]*share.CLUSRegistryImageSummary
	ScanRpts map[string]*share.CLUSScanReport

	DeletePolicyRuleCount uint

	FedMembership share.CLUSFedMembership
	// contains filtered or unexported fields
}

func (*MockCluster) AcquireLock 

func (m *MockCluster) AcquireLock(key string, wait time.Duration) (cluster.LockInterface, error)

func (*MockCluster) CreateCustomRole 

func (m *MockCluster) CreateCustomRole(role *share.CLUSUserRole, acc *access.AccessControl) error

func (*MockCluster) CreateUser 

func (m *MockCluster) CreateUser(user *share.CLUSUser) error

func (*MockCluster) DeleteCustomRole 

func (m *MockCluster) DeleteCustomRole(name string) error

func (*MockCluster) DeleteGroup 

func (m *MockCluster) DeleteGroup(name string) error

func (*MockCluster) DeletePolicyRule 

func (m *MockCluster) DeletePolicyRule(id uint32) error

func (*MockCluster) DeletePolicyRuleTxn 

func (m *MockCluster) DeletePolicyRuleTxn(txn *cluster.ClusterTransact, id uint32) error

func (*MockCluster) DeleteProcessProfile 

func (m *MockCluster) DeleteProcessProfile(group string) error

func (*MockCluster) DeletePwdProfile 

func (m *MockCluster) DeletePwdProfile(name string) error

func (*MockCluster) DeleteRegistry 

func (m *MockCluster) DeleteRegistry(name string) error

func (*MockCluster) DeleteRegistryImageSummaryAndReport 

func (m *MockCluster) DeleteRegistryImageSummaryAndReport(name, id string) error

func (*MockCluster) DeleteServer 

func (m *MockCluster) DeleteServer(name string) error

func (*MockCluster) DeleteUser 

func (m *MockCluster) DeleteUser(fullname string) error

func (*MockCluster) DoesGroupExist 

func (m *MockCluster) DoesGroupExist(name string, acc *access.AccessControl) bool

func (*MockCluster) GetActivePwdProfileName 

func (m *MockCluster) GetActivePwdProfileName() string

func (*MockCluster) GetAllComplianceProfiles 

func (m *MockCluster) GetAllComplianceProfiles(acc *access.AccessControl) []*share.CLUSComplianceProfile

func (*MockCluster) GetAllCustomCheckConfig 

func (m *MockCluster) GetAllCustomCheckConfig() map[string]*share.CLUSCustomCheckGroup

func (*MockCluster) GetAllCustomRoles 

func (m *MockCluster) GetAllCustomRoles(acc *access.AccessControl) map[string]*share.CLUSUserRole

func (*MockCluster) GetAllGroups 

func (m *MockCluster) GetAllGroups(scope string, acc *access.AccessControl) map[string]*share.CLUSGroup

func (*MockCluster) GetAllPwdProfiles 

func (m *MockCluster) GetAllPwdProfiles(acc *access.AccessControl) map[string]*share.CLUSPwdProfile

func (*MockCluster) GetAllRegistry 

func (m *MockCluster) GetAllRegistry() []*share.CLUSRegistryConfig

func (*MockCluster) GetAllServers 

func (m *MockCluster) GetAllServers(acc *access.AccessControl) map[string]*share.CLUSServer

func (*MockCluster) GetAllUsers 

func (m *MockCluster) GetAllUsers(acc *access.AccessControl) map[string]*share.CLUSUser

func (*MockCluster) GetAllUsersNoAuth 

func (m *MockCluster) GetAllUsersNoAuth() map[string]*share.CLUSUser

func (*MockCluster) GetAwsCloudResource 

func (m *MockCluster) GetAwsCloudResource(projectName string) (*share.CLUSAwsResource, error)

func (*MockCluster) GetAwsProjectCfg 

func (m *MockCluster) GetAwsProjectCfg(projectName string, acc *access.AccessControl) (*share.CLUSAwsProjectCfg, error)

func (*MockCluster) GetComplianceProfile 

func (m *MockCluster) GetComplianceProfile(name string, acc *access.AccessControl) (*share.CLUSComplianceProfile, uint64, error)

func (*MockCluster) GetCustomRoleRev 

func (m *MockCluster) GetCustomRoleRev(name string, acc *access.AccessControl) (*share.CLUSUserRole, uint64, error)

func (*MockCluster) GetFedMembership 

func (m *MockCluster) GetFedMembership() *share.CLUSFedMembership

func (*MockCluster) GetGroup 

func (m *MockCluster) GetGroup(name string, acc *access.AccessControl) (*share.CLUSGroup, uint64, error)

func (*MockCluster) GetInstallationID 

func (m *MockCluster) GetInstallationID() (string, error)

func (*MockCluster) GetPolicyRule 

func (m *MockCluster) GetPolicyRule(id uint32) (*share.CLUSPolicyRule, uint64)

func (*MockCluster) GetPolicyRuleList 

func (m *MockCluster) GetPolicyRuleList() []*share.CLUSRuleHead

func (*MockCluster) GetProcessProfile 

func (m *MockCluster) GetProcessProfile(group string) *share.CLUSProcessProfile

func (*MockCluster) GetPwdProfileRev 

func (m *MockCluster) GetPwdProfileRev(name string, acc *access.AccessControl) (*share.CLUSPwdProfile, uint64, error)

func (*MockCluster) GetRegistry 

func (m *MockCluster) GetRegistry(name string, acc *access.AccessControl) (*share.CLUSRegistryConfig, uint64, error)

func (*MockCluster) GetResponseRuleList 

func (m *MockCluster) GetResponseRuleList(policyName string) []*share.CLUSRuleHead

func (*MockCluster) GetScanReport 

func (m *MockCluster) GetScanReport(key string) *share.CLUSScanReport

func (*MockCluster) GetServerRev 

func (m *MockCluster) GetServerRev(name string, acc *access.AccessControl) (*share.CLUSServer, uint64, error)

func (*MockCluster) GetSystemConfigRev 

func (m *MockCluster) GetSystemConfigRev(acc *access.AccessControl) (*share.CLUSSystemConfig, uint64)

func (*MockCluster) GetUserRev 

func (m *MockCluster) GetUserRev(fullname string, acc *access.AccessControl) (*share.CLUSUser, uint64, error)

func (*MockCluster) Init 

func (m *MockCluster) Init(rules []*share.CLUSPolicyRule, groups []*share.CLUSGroup)

func (*MockCluster) PutActivePwdProfileName 

func (m *MockCluster) PutActivePwdProfileName(name string) error

func (*MockCluster) PutComplianceProfile 

func (m *MockCluster) PutComplianceProfile(cp *share.CLUSComplianceProfile, rev uint64) error

func (*MockCluster) PutComplianceProfileIfNotExist 

func (m *MockCluster) PutComplianceProfileIfNotExist(cp *share.CLUSComplianceProfile) error

func (*MockCluster) PutCustomRoleRev 

func (m *MockCluster) PutCustomRoleRev(role *share.CLUSUserRole, rev uint64, acc *access.AccessControl) error

func (*MockCluster) PutGroup 

func (m *MockCluster) PutGroup(group *share.CLUSGroup, create bool) error

func (*MockCluster) PutPolicyRule 

func (m *MockCluster) PutPolicyRule(rule *share.CLUSPolicyRule) error

func (*MockCluster) PutPolicyRuleList 

func (m *MockCluster) PutPolicyRuleList(crhs []*share.CLUSRuleHead) error

func (*MockCluster) PutPolicyRuleListTxn 

func (m *MockCluster) PutPolicyRuleListTxn(txn *cluster.ClusterTransact, crhs []*share.CLUSRuleHead) error

func (*MockCluster) PutPolicyRuleRev 

func (m *MockCluster) PutPolicyRuleRev(rule *share.CLUSPolicyRule, rev uint64) error

func (*MockCluster) PutPolicyRuleTxn 

func (m *MockCluster) PutPolicyRuleTxn(txn *cluster.ClusterTransact, rule *share.CLUSPolicyRule) error

func (*MockCluster) PutProcessProfile 

func (m *MockCluster) PutProcessProfile(group string, pg *share.CLUSProcessProfile) error

func (*MockCluster) PutPwdProfileRev 

func (m *MockCluster) PutPwdProfileRev(profile *share.CLUSPwdProfile, rev uint64) error

func (*MockCluster) PutRegistry 

func (m *MockCluster) PutRegistry(config *share.CLUSRegistryConfig, rev uint64) error

func (*MockCluster) PutRegistryIfNotExist 

func (m *MockCluster) PutRegistryIfNotExist(config *share.CLUSRegistryConfig) error

func (*MockCluster) PutRegistryImageSummary 

func (m *MockCluster) PutRegistryImageSummary(name, id string, sum *share.CLUSRegistryImageSummary) error

func (*MockCluster) PutRegistryImageSummaryAndReport 

func (m *MockCluster) PutRegistryImageSummaryAndReport(name, id string, sum *share.CLUSRegistryImageSummary, report *share.CLUSScanReport) error

func (*MockCluster) PutServerIfNotExist 

func (m *MockCluster) PutServerIfNotExist(server *share.CLUSServer) error

func (*MockCluster) PutServerRev 

func (m *MockCluster) PutServerRev(server *share.CLUSServer, rev uint64) error

func (*MockCluster) PutSystemConfigRev 

func (m *MockCluster) PutSystemConfigRev(conf *share.CLUSSystemConfig, rev uint64) error

func (*MockCluster) PutUserRev 

func (m *MockCluster) PutUserRev(user *share.CLUSUser, rev uint64) error

func (*MockCluster) ReleaseLock 

func (m *MockCluster) ReleaseLock(lock cluster.LockInterface) error

func (*MockCluster) SetCacheMockCallback 

func (m *MockCluster) SetCacheMockCallback(keyStore string, mockFunc MockKvConfigUpdateFunc)

func (*MockCluster) UpdateFedRulesRevision 

func (m *MockCluster) UpdateFedRulesRevision(ruleTypes []string) bool

type MockKvConfigUpdateFunc 

type MockKvConfigUpdateFunc func(nType cluster.ClusterNotifyType, key string, value []byte)

type PauseResumeStoreWatcherFunc 

type PauseResumeStoreWatcherFunc func(ip string, port uint16, req share.CLUSStoreWatcherInfo) error

type PostImportFunc 

type PostImportFunc func(err error, importTask share.CLUSImportTask, loginDomainRoles access.DomainRole, tempToken, importType string)

type RevertFedRolesFunc 

type RevertFedRolesFunc func(acc *access.AccessControl)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.