bootstrap

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 26, 2026 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrConflict     = errors.New("resource already exists")
	ErrImmutable    = errors.New("resource cannot be modified")
	ErrInvalidInput = errors.New("invalid input")
	ErrNotFound     = errors.New("resource not found")
)

Functions

func ListBootstrapServerAdmins 

func ListBootstrapServerAdmins(state BootstrapCoreState) []string

func RepairBootstrapCoreDefaultACLs 

func RepairBootstrapCoreDefaultACLs(state BootstrapCoreState, orgFilter, superuserName string) (BootstrapCoreState, AdminRepairResult)

func RepairCoreObjectDefaultACLs 

func RepairCoreObjectDefaultACLs(state CoreObjectState, orgFilter, superuserName string) (CoreObjectState, AdminRepairResult)

func ValidCookbookRouteVersion 

func ValidCookbookRouteVersion(value string) bool

func ValidSandboxChecksum 

func ValidSandboxChecksum(value string) bool

Types

type AdminRepairResult 

type AdminRepairResult struct {
	Changed  bool
	Repaired []string
}

type BootstrapCoreOrganizationState 

type BootstrapCoreOrganizationState struct {
	Organization Organization
	Clients      map[string]Client
	ClientKeys   map[string]map[string]KeyRecord
	Groups       map[string]Group
	Containers   map[string]Container
	ACLs         map[string]authz.ACL
}

type BootstrapCoreState 

type BootstrapCoreState struct {
	Users    map[string]User
	UserACLs map[string]authz.ACL
	UserKeys map[string]map[string]KeyRecord
	Orgs     map[string]BootstrapCoreOrganizationState
}

func AddActorToBootstrapCoreGroup 

func AddActorToBootstrapCoreGroup(state BootstrapCoreState, orgName, groupName, actorType, actorName string) (BootstrapCoreState, []string, error)

func AddUserToBootstrapCoreOrg 

func AddUserToBootstrapCoreOrg(state BootstrapCoreState, orgName, username string, admin bool) (BootstrapCoreState, []string, error)

func CloneBootstrapCoreState 

func CloneBootstrapCoreState(state BootstrapCoreState) BootstrapCoreState

func GrantBootstrapServerAdmin 

func GrantBootstrapServerAdmin(state BootstrapCoreState, username string) (BootstrapCoreState, []string, error)

func RemoveActorFromBootstrapCoreGroup 

func RemoveActorFromBootstrapCoreGroup(state BootstrapCoreState, orgName, groupName, actorType, actorName string) (BootstrapCoreState, []string, error)

func RemoveUserFromBootstrapCoreOrg 

func RemoveUserFromBootstrapCoreOrg(state BootstrapCoreState, orgName, username string, force bool) (BootstrapCoreState, []string, error)

func RevokeBootstrapServerAdmin 

func RevokeBootstrapServerAdmin(state BootstrapCoreState, username string) (BootstrapCoreState, []string, error)

type BootstrapCoreStore 

type BootstrapCoreStore interface {
	LoadBootstrapCore() (BootstrapCoreState, error)
	SaveBootstrapCore(BootstrapCoreState) error
}

type Client 

type Client struct {
	Name         string `json:"name"`
	ClientName   string `json:"clientname"`
	Organization string `json:"orgname"`
	Validator    bool   `json:"validator"`
	Admin        bool   `json:"admin"`
	PublicKey    string `json:"public_key,omitempty"`
	URI          string `json:"uri,omitempty"`
}

type Container 

type Container struct {
	Name          string `json:"name,omitempty"`
	ContainerName string `json:"containername"`
	ContainerPath string `json:"containerpath"`
}

type CookbookArtifact 

type CookbookArtifact struct {
	Name       string         `json:"name"`
	Identifier string         `json:"identifier"`
	Version    string         `json:"version"`
	ChefType   string         `json:"chef_type"`
	Frozen     bool           `json:"frozen"`
	Metadata   map[string]any `json:"metadata"`
	AllFiles   []CookbookFile `json:"all_files"`
}

type CookbookFile 

type CookbookFile struct {
	Name        string `json:"name"`
	Path        string `json:"path"`
	Checksum    string `json:"checksum"`
	Specificity string `json:"specificity"`
}

type CookbookStore 

type CookbookStore interface {
	HasCookbookVersion(orgName, name, version string) (bool, bool)
	ListCookbookArtifacts(orgName string) (map[string][]CookbookArtifact, bool)
	ListCookbookArtifactsByName(orgName, name string) ([]CookbookArtifact, bool, bool)
	GetCookbookArtifact(orgName, name, identifier string) (CookbookArtifact, bool, bool)
	CreateCookbookArtifact(orgName string, artifact CookbookArtifact) (CookbookArtifact, error)
	DeleteCookbookArtifactWithReleasedChecksums(orgName, name, identifier string) (CookbookArtifact, []string, error)
	ListCookbookVersions(orgName string) (map[string][]CookbookVersionRef, bool)
	ListCookbookVersionsByName(orgName, name string) ([]CookbookVersionRef, bool, bool)
	ListCookbookVersionModelsByName(orgName, name string) ([]CookbookVersion, bool, bool)
	GetCookbookVersion(orgName, name, version string) (CookbookVersion, bool, bool)
	UpsertCookbookVersionWithReleasedChecksums(orgName string, version CookbookVersion, force bool) (CookbookVersion, []string, bool, error)
	DeleteCookbookVersionWithReleasedChecksums(orgName, name, version string) (CookbookVersion, []string, error)
	DeleteCookbookChecksumReferencesFromRemaining(remaining map[string]struct{})
	CookbookChecksumReferenced(checksum string) bool
}

type CookbookVersion 

type CookbookVersion struct {
	Name         string         `json:"name"`
	CookbookName string         `json:"cookbook_name"`
	Version      string         `json:"version"`
	JSONClass    string         `json:"json_class"`
	ChefType     string         `json:"chef_type"`
	Frozen       bool           `json:"frozen"`
	Metadata     map[string]any `json:"metadata"`
	AllFiles     []CookbookFile `json:"all_files"`
}

type CookbookVersionRef 

type CookbookVersionRef struct {
	Name    string `json:"name"`
	Version string `json:"version"`
}

type CoreObjectOrganizationState 

type CoreObjectOrganizationState struct {
	DataBags     map[string]DataBag
	DataBagItems map[string]map[string]DataBagItem
	Environments map[string]Environment
	Nodes        map[string]Node
	Roles        map[string]Role
	Sandboxes    map[string]Sandbox
	Policies     map[string]map[string]PolicyRevision
	PolicyGroups map[string]PolicyGroup
	ACLs         map[string]authz.ACL
}

type CoreObjectState 

type CoreObjectState struct {
	Orgs map[string]CoreObjectOrganizationState
}

func CloneCoreObjectState 

func CloneCoreObjectState(state CoreObjectState) CoreObjectState

type CoreObjectStore 

type CoreObjectStore interface {
	LoadCoreObjects() (CoreObjectState, error)
	SaveCoreObjects(CoreObjectState) error
}

type CreateClientInput 

type CreateClientInput struct {
	Name             string
	Validator        bool
	Admin            bool
	PublicKey        string
	CreateDefaultKey bool
}

type CreateCookbookArtifactInput 

type CreateCookbookArtifactInput struct {
	Name           string
	Identifier     string
	Payload        map[string]any
	ChecksumExists func(string) (bool, error)
}

type CreateDataBagInput 

type CreateDataBagInput struct {
	Payload map[string]any
	Creator authn.Principal
}

type CreateDataBagItemInput 

type CreateDataBagItemInput struct {
	Payload map[string]any
}

type CreateEnvironmentInput 

type CreateEnvironmentInput struct {
	Payload map[string]any
	Creator authn.Principal
}

type CreateKeyInput 

type CreateKeyInput struct {
	Name           string
	PublicKey      string
	CreateKey      bool
	ExpirationDate string
}

type CreateNodeInput 

type CreateNodeInput struct {
	Payload map[string]any
	Creator authn.Principal
}

type CreateOrganizationInput 

type CreateOrganizationInput struct {
	Name      string
	FullName  string
	OrgType   string
	OwnerName string
}

type CreatePolicyRevisionInput 

type CreatePolicyRevisionInput struct {
	Payload map[string]any
	Creator authn.Principal
}

type CreateRoleInput 

type CreateRoleInput struct {
	Payload map[string]any
	Creator authn.Principal
}

type CreateSandboxInput 

type CreateSandboxInput struct {
	Checksums []string
}

type CreateUserInput 

type CreateUserInput struct {
	Username         string
	DisplayName      string
	Email            string
	FirstName        string
	LastName         string
	PublicKey        string
	CreateDefaultKey bool
}

type DataBag 

type DataBag struct {
	Name      string `json:"name"`
	JSONClass string `json:"json_class"`
	ChefType  string `json:"chef_type"`
}

type DataBagItem 

type DataBagItem struct {
	ID      string         `json:"id"`
	RawData map[string]any `json:"raw_data"`
}

type DepsolverError 

type DepsolverError struct {
	Detail map[string]any
	// contains filtered or unexported fields
}

func (*DepsolverError) Error 

func (e *DepsolverError) Error() string

type Environment 

type Environment struct {
	Name               string            `json:"name"`
	Description        string            `json:"description"`
	CookbookVersions   map[string]string `json:"cookbook_versions"`
	JSONClass          string            `json:"json_class"`
	ChefType           string            `json:"chef_type"`
	DefaultAttributes  map[string]any    `json:"default_attributes"`
	OverrideAttributes map[string]any    `json:"override_attributes"`
}

type FrozenCookbookError 

type FrozenCookbookError struct {
	Name    string
	Version string
}

func (*FrozenCookbookError) Error 

func (e *FrozenCookbookError) Error() string

func (*FrozenCookbookError) Unwrap 

func (e *FrozenCookbookError) Unwrap() error

type Group 

type Group struct {
	Name         string   `json:"name"`
	GroupName    string   `json:"groupname"`
	Organization string   `json:"orgname"`
	Actors       []string `json:"actors"`
	Users        []string `json:"users"`
	Clients      []string `json:"clients"`
	Groups       []string `json:"groups,omitempty"`
}

type KeyMaterial 

type KeyMaterial struct {
	Name           string `json:"name"`
	URI            string `json:"uri"`
	PrivateKeyPEM  string `json:"private_key,omitempty"`
	PublicKeyPEM   string `json:"public_key,omitempty"`
	ExpirationDate string `json:"expiration_date"`
}

type KeyRecord 

type KeyRecord struct {
	Name           string     `json:"name"`
	URI            string     `json:"uri"`
	PublicKeyPEM   string     `json:"public_key"`
	ExpirationDate string     `json:"expiration_date"`
	Expired        bool       `json:"expired"`
	ExpiresAt      *time.Time `json:"-"`
}

type MemoryBootstrapCoreStore 

type MemoryBootstrapCoreStore struct {
	// contains filtered or unexported fields
}

func NewMemoryBootstrapCoreStore 

func NewMemoryBootstrapCoreStore(initial BootstrapCoreState) *MemoryBootstrapCoreStore

func (*MemoryBootstrapCoreStore) LoadBootstrapCore 

func (s *MemoryBootstrapCoreStore) LoadBootstrapCore() (BootstrapCoreState, error)

func (*MemoryBootstrapCoreStore) SaveBootstrapCore 

func (s *MemoryBootstrapCoreStore) SaveBootstrapCore(state BootstrapCoreState) error

type MemoryCoreObjectStore 

type MemoryCoreObjectStore struct {
	// contains filtered or unexported fields
}

func NewMemoryCoreObjectStore 

func NewMemoryCoreObjectStore(initial CoreObjectState) *MemoryCoreObjectStore

func (*MemoryCoreObjectStore) LoadCoreObjects 

func (s *MemoryCoreObjectStore) LoadCoreObjects() (CoreObjectState, error)

func (*MemoryCoreObjectStore) SaveCoreObjects 

func (s *MemoryCoreObjectStore) SaveCoreObjects(state CoreObjectState) error

type MissingChecksumError 

type MissingChecksumError struct {
	Checksum string
}

func (*MissingChecksumError) Error 

func (e *MissingChecksumError) Error() string

type Node 

type Node struct {
	Name            string         `json:"name"`
	JSONClass       string         `json:"json_class"`
	ChefType        string         `json:"chef_type"`
	ChefEnvironment string         `json:"chef_environment"`
	Override        map[string]any `json:"override"`
	Normal          map[string]any `json:"normal"`
	Default         map[string]any `json:"default"`
	Automatic       map[string]any `json:"automatic"`
	RunList         []string       `json:"run_list"`
	PolicyName      string         `json:"policy_name,omitempty"`
	PolicyGroup     string         `json:"policy_group,omitempty"`
}

type Options 

type Options struct {
	SuperuserName             string
	CookbookStoreFactory      func(*Service) CookbookStore
	BootstrapCoreStoreFactory func(*Service) BootstrapCoreStore
	CoreObjectStoreFactory    func(*Service) CoreObjectStore
	InitialBootstrapCoreState *BootstrapCoreState
	InitialCoreObjectState    *CoreObjectState
}

type Organization 

type Organization struct {
	Name     string `json:"name"`
	FullName string `json:"full_name"`
	OrgType  string `json:"org_type,omitempty"`
	GUID     string `json:"guid"`
}

type PolicyAssignmentPlan 

type PolicyAssignmentPlan struct {
	Revision        PolicyRevision
	CreatesPolicy   bool
	CreatesRevision bool
}

type PolicyGroup 

type PolicyGroup struct {
	Name     string            `json:"name"`
	Policies map[string]string `json:"policies"`
}

type PolicyRevision 

type PolicyRevision struct {
	Name       string         `json:"name"`
	RevisionID string         `json:"revision_id"`
	Payload    map[string]any `json:"-"`
}

type RepairDefaultACLsInput added in v0.2.0 

type RepairDefaultACLsInput struct {
	Organization string
	DryRun       bool
}

RepairDefaultACLsInput scopes a default-ACL repair to one organization when requested. DryRun is used by tests and future previews to reuse the same normalization path without persisting changes.

type RepairDefaultACLsResult added in v0.2.0 

type RepairDefaultACLsResult struct {
	Changed            bool
	BootstrapRepaired  []string
	CoreObjectRepaired []string
}

RepairDefaultACLsResult reports the two ACL families repaired by the live service seam so operators can distinguish bootstrap ACLs from object ACLs.

type RepairGroupMembershipInput added in v0.2.0 

type RepairGroupMembershipInput struct {
	Action       string
	Organization string
	Group        string
	ActorType    string
	Actor        string
}

RepairGroupMembershipInput describes a group actor-membership repair. Action is intentionally aligned with the admin CLI verbs: add-actor or remove-actor.

type RepairMembershipResult added in v0.2.0 

type RepairMembershipResult struct {
	Changed bool
	Members []string
}

RepairMembershipResult reports membership changes made through live repair seams. Members contains stable labels for the memberships touched.

type RepairOrgMembershipInput added in v0.2.0 

type RepairOrgMembershipInput struct {
	Action       string
	Organization string
	Username     string
	Admin        bool
	Force        bool
}

RepairOrgMembershipInput describes an org user-membership repair. Action is intentionally aligned with the admin CLI verbs: add-user or remove-user.

type RepairServerAdminMembershipInput added in v0.2.0 

type RepairServerAdminMembershipInput struct {
	Action   string
	Username string
}

RepairServerAdminMembershipInput describes global server-admin repair. The current compatibility model maps server-admins onto each org's admins group.

type Role 

type Role struct {
	Name               string              `json:"name"`
	Description        string              `json:"description"`
	JSONClass          string              `json:"json_class"`
	ChefType           string              `json:"chef_type"`
	DefaultAttributes  map[string]any      `json:"default_attributes"`
	OverrideAttributes map[string]any      `json:"override_attributes"`
	RunList            []string            `json:"run_list"`
	EnvRunLists        map[string][]string `json:"env_run_lists"`
}

type Sandbox 

type Sandbox struct {
	ID           string    `json:"sandbox_id"`
	Organization string    `json:"-"`
	Checksums    []string  `json:"checksums"`
	CreatedAt    time.Time `json:"-"`
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewService 

func NewService(keyStore *authn.MemoryKeyStore, opts Options) *Service

func (*Service) AddUserToGroup 

func (s *Service) AddUserToGroup(orgName, groupName, username string) error

func (*Service) CleanupUnreferencedChecksums 

func (s *Service) CleanupUnreferencedChecksums(candidates []string, cleanup func(string) error) error

func (*Service) CookbookUniverse 

func (s *Service) CookbookUniverse(orgName string) (map[string][]UniverseEntry, bool)

func (*Service) CreateClient 

func (s *Service) CreateClient(orgName string, input CreateClientInput) (Client, *KeyMaterial, error)

func (*Service) CreateClientKey 

func (s *Service) CreateClientKey(orgName, clientName string, input CreateKeyInput) (*KeyMaterial, error)

func (*Service) CreateCookbookArtifact 

func (s *Service) CreateCookbookArtifact(orgName string, input CreateCookbookArtifactInput) (CookbookArtifact, error)

func (*Service) CreateDataBag 

func (s *Service) CreateDataBag(orgName string, input CreateDataBagInput) (DataBag, error)

func (*Service) CreateDataBagItem 

func (s *Service) CreateDataBagItem(orgName, bagName string, input CreateDataBagItemInput) (DataBagItem, error)

func (*Service) CreateEnvironment 

func (s *Service) CreateEnvironment(orgName string, input CreateEnvironmentInput) (Environment, error)

func (*Service) CreateNode 

func (s *Service) CreateNode(orgName string, input CreateNodeInput) (Node, error)

func (*Service) CreateOrganization 

func (s *Service) CreateOrganization(input CreateOrganizationInput) (Organization, Client, *KeyMaterial, error)

func (*Service) CreatePolicyRevision 

func (s *Service) CreatePolicyRevision(orgName, targetName string, input CreatePolicyRevisionInput) (PolicyRevision, error)

func (*Service) CreateRole 

func (s *Service) CreateRole(orgName string, input CreateRoleInput) (Role, error)

func (*Service) CreateSandbox 

func (s *Service) CreateSandbox(orgName string, input CreateSandboxInput) (Sandbox, error)

func (*Service) CreateUser 

func (s *Service) CreateUser(input CreateUserInput) (User, *KeyMaterial, error)

func (*Service) CreateUserKey 

func (s *Service) CreateUserKey(name string, input CreateKeyInput) (*KeyMaterial, error)

func (*Service) DeleteClient 

func (s *Service) DeleteClient(orgName, clientName string) (Client, error)

func (*Service) DeleteClientKey 

func (s *Service) DeleteClientKey(orgName, clientName, keyName string) error

func (*Service) DeleteCookbookArtifact 

func (s *Service) DeleteCookbookArtifact(orgName, name, identifier string) (CookbookArtifact, error)

func (*Service) DeleteCookbookArtifactWithReleasedChecksums 

func (s *Service) DeleteCookbookArtifactWithReleasedChecksums(orgName, name, identifier string) (CookbookArtifact, []string, error)

func (*Service) DeleteCookbookVersion 

func (s *Service) DeleteCookbookVersion(orgName, name, version string) (CookbookVersion, error)

func (*Service) DeleteCookbookVersionWithReleasedChecksums 

func (s *Service) DeleteCookbookVersionWithReleasedChecksums(orgName, name, version string) (CookbookVersion, []string, error)

func (*Service) DeleteDataBag 

func (s *Service) DeleteDataBag(orgName, bagName string) (DataBag, error)

func (*Service) DeleteDataBagItem 

func (s *Service) DeleteDataBagItem(orgName, bagName, itemID string) (DataBagItem, error)

func (*Service) DeleteEnvironment 

func (s *Service) DeleteEnvironment(orgName, name string) (Environment, error)

func (*Service) DeleteNode 

func (s *Service) DeleteNode(orgName, nodeName string) (Node, error)

func (*Service) DeletePolicy 

func (s *Service) DeletePolicy(orgName, policyName string) ([]string, error)

func (*Service) DeletePolicyGroup 

func (s *Service) DeletePolicyGroup(orgName, groupName string) (PolicyGroup, error)

func (*Service) DeletePolicyGroupAssignment 

func (s *Service) DeletePolicyGroupAssignment(orgName, groupName, policyName string) (PolicyRevision, error)

func (*Service) DeletePolicyRevision 

func (s *Service) DeletePolicyRevision(orgName, policyName, revisionID string) (PolicyRevision, error)

func (*Service) DeleteRole 

func (s *Service) DeleteRole(orgName, roleName string) (Role, error)

func (*Service) DeleteSandbox 

func (s *Service) DeleteSandbox(orgName, sandboxID string) (Sandbox, error)

func (*Service) DeleteUserKey 

func (s *Service) DeleteUserKey(name, keyName string) error

func (*Service) GetClient 

func (s *Service) GetClient(orgName, clientName string) (Client, bool)

func (*Service) GetClientKey 

func (s *Service) GetClientKey(orgName, clientName, keyName string) (KeyRecord, bool, bool, bool)

func (*Service) GetContainer 

func (s *Service) GetContainer(orgName, containerName string) (Container, bool)

func (*Service) GetCookbookArtifact 

func (s *Service) GetCookbookArtifact(orgName, name, identifier string) (CookbookArtifact, bool, bool)

func (*Service) GetCookbookVersion 

func (s *Service) GetCookbookVersion(orgName, name, version string) (CookbookVersion, bool, bool)

func (*Service) GetDataBag 

func (s *Service) GetDataBag(orgName, bagName string) (DataBag, bool, bool)

func (*Service) GetDataBagItem 

func (s *Service) GetDataBagItem(orgName, bagName, itemID string) (DataBagItem, bool, bool, bool)

func (*Service) GetEnvironment 

func (s *Service) GetEnvironment(orgName, name string) (Environment, bool, bool)

func (*Service) GetEnvironmentCookbookVersions 

func (s *Service) GetEnvironmentCookbookVersions(orgName, environmentName, cookbookName string, numVersions int, allVersions bool) ([]CookbookVersionRef, bool, bool, bool)

func (*Service) GetGroup 

func (s *Service) GetGroup(orgName, groupName string) (Group, bool)

func (*Service) GetNode 

func (s *Service) GetNode(orgName, nodeName string) (Node, bool, bool)

func (*Service) GetOrganization 

func (s *Service) GetOrganization(name string) (Organization, bool)

func (*Service) GetPolicy 

func (s *Service) GetPolicy(orgName, policyName string) (map[string]PolicyRevision, bool, bool)

func (*Service) GetPolicyGroup 

func (s *Service) GetPolicyGroup(orgName, groupName string) (PolicyGroup, bool, bool)

func (*Service) GetPolicyGroupAssignment 

func (s *Service) GetPolicyGroupAssignment(orgName, groupName, policyName string) (PolicyRevision, bool, bool, bool)

func (*Service) GetPolicyRevision 

func (s *Service) GetPolicyRevision(orgName, policyName, revisionID string) (PolicyRevision, bool, bool, bool)

func (*Service) GetRole 

func (s *Service) GetRole(orgName, roleName string) (Role, bool, bool)

func (*Service) GetSandbox 

func (s *Service) GetSandbox(orgName, sandboxID string) (Sandbox, bool, bool)

func (*Service) GetUser 

func (s *Service) GetUser(name string) (User, bool)

func (*Service) GetUserKey 

func (s *Service) GetUserKey(name, keyName string) (KeyRecord, bool, bool)

func (*Service) GroupsFor 

func (s *Service) GroupsFor(_ context.Context, subject authz.Subject) ([]string, error)

func (*Service) ListClientKeys 

func (s *Service) ListClientKeys(orgName, clientName string) ([]KeyRecord, bool, bool)

func (*Service) ListClients 

func (s *Service) ListClients(orgName string) (map[string]string, bool)

func (*Service) ListContainers 

func (s *Service) ListContainers(orgName string) (map[string]string, bool)

func (*Service) ListCookbookArtifacts 

func (s *Service) ListCookbookArtifacts(orgName string) (map[string][]CookbookArtifact, bool)

func (*Service) ListCookbookArtifactsByName 

func (s *Service) ListCookbookArtifactsByName(orgName, name string) ([]CookbookArtifact, bool, bool)

func (*Service) ListCookbookVersions 

func (s *Service) ListCookbookVersions(orgName string) (map[string][]CookbookVersionRef, bool)

func (*Service) ListCookbookVersionsByName 

func (s *Service) ListCookbookVersionsByName(orgName, name string) ([]CookbookVersionRef, bool, bool)

func (*Service) ListDataBagItems 

func (s *Service) ListDataBagItems(orgName, bagName string) (map[string]string, bool, bool)

func (*Service) ListDataBags 

func (s *Service) ListDataBags(orgName string) (map[string]string, bool)

func (*Service) ListEnvironmentCookbookVersions 

func (s *Service) ListEnvironmentCookbookVersions(orgName, environmentName string, numVersions int, allVersions bool) (map[string][]CookbookVersionRef, bool, bool)

func (*Service) ListEnvironmentNodes 

func (s *Service) ListEnvironmentNodes(orgName, environmentName string) (map[string]string, bool, bool)

func (*Service) ListEnvironments 

func (s *Service) ListEnvironments(orgName string) (map[string]string, bool)

func (*Service) ListGroups 

func (s *Service) ListGroups(orgName string) (map[string]string, bool)

func (*Service) ListNodes 

func (s *Service) ListNodes(orgName string) (map[string]string, bool)

func (*Service) ListOrganizations 

func (s *Service) ListOrganizations() map[string]string

func (*Service) ListPolicies 

func (s *Service) ListPolicies(orgName string) (map[string][]string, bool)

func (*Service) ListPolicyGroups 

func (s *Service) ListPolicyGroups(orgName string) (map[string]PolicyGroup, bool)

func (*Service) ListRoles 

func (s *Service) ListRoles(orgName string) (map[string]string, bool)

func (*Service) ListServerAdmins added in v0.2.0 

func (s *Service) ListServerAdmins() []string

ListServerAdmins returns the current compatibility server-admin set from live service state. It is read-only and does not require maintenance.

func (*Service) ListUserKeys 

func (s *Service) ListUserKeys(name string) ([]KeyRecord, bool)

func (*Service) ListUsers 

func (s *Service) ListUsers() map[string]string

func (*Service) PolicyGroupsForRevision 

func (s *Service) PolicyGroupsForRevision(orgName, policyName, revisionID string) ([]string, bool, bool, bool)

func (*Service) PreviewPolicyGroupAssignment 

func (s *Service) PreviewPolicyGroupAssignment(orgName, targetPolicyName string, payload map[string]any) (PolicyAssignmentPlan, error)

func (*Service) RehydrateKeyStore 

func (s *Service) RehydrateKeyStore() error

func (*Service) ReloadPersistedState added in v0.2.0 

func (s *Service) ReloadPersistedState() error

ReloadPersistedState refreshes the service's in-memory bootstrap/core object maps from its configured stores and rebuilds the request verifier cache. It is intentionally all-or-nothing so future online repair workflows cannot leave live reads using partially refreshed state.

func (*Service) RepairDefaultACLs added in v0.2.0 

func (s *Service) RepairDefaultACLs(input RepairDefaultACLsInput) (RepairDefaultACLsResult, error)

RepairDefaultACLs repairs missing default ACL documents through the live service state and its configured persistence stores. Online maintenance repair uses this seam instead of writing PostgreSQL directly so process-local authorization caches cannot stay stale after the command reports success.

func (*Service) RepairGroupMembership added in v0.2.0 

func (s *Service) RepairGroupMembership(input RepairGroupMembershipInput) (RepairMembershipResult, error)

RepairGroupMembership updates group actor membership through live service state and the configured bootstrap persistence seam.

func (*Service) RepairOrgMembership added in v0.2.0 

func (s *Service) RepairOrgMembership(input RepairOrgMembershipInput) (RepairMembershipResult, error)

RepairOrgMembership updates org user membership through live service state and the configured bootstrap persistence seam. It rolls live state back if persistence fails so authorization decisions cannot observe a failed repair.

func (*Service) RepairServerAdminMembership added in v0.2.0 

func (s *Service) RepairServerAdminMembership(input RepairServerAdminMembershipInput) (RepairMembershipResult, error)

RepairServerAdminMembership updates the compatibility server-admin set. The implementation intentionally reuses admins-group membership so Chef-facing authorization behavior remains unchanged.

func (*Service) ResolveACL 

func (s *Service) ResolveACL(_ context.Context, resource authz.Resource) (authz.ACL, bool, error)

func (*Service) SeedPrincipal 

func (s *Service) SeedPrincipal(principal authn.Principal)

func (*Service) SeedPublicKey 

func (s *Service) SeedPublicKey(principal authn.Principal, name, publicKeyPEM string) error

func (*Service) SolveEnvironmentCookbookVersions 

func (s *Service) SolveEnvironmentCookbookVersions(orgName, environmentName string, payload map[string]any) (map[string]CookbookVersion, bool, bool, error)

func (*Service) SuperuserName 

func (s *Service) SuperuserName() string

func (*Service) UpdateClient 

func (s *Service) UpdateClient(orgName, clientName string, input UpdateClientInput) (Client, *KeyMaterial, error)

UpdateClient applies mutable client metadata and, when explicitly requested by legacy API v0 routes, replaces the client's default verifier key.

func (*Service) UpdateClientKey 

func (s *Service) UpdateClientKey(orgName, clientName, keyName string, input UpdateKeyInput) (UpdateKeyResult, error)

func (*Service) UpdateDataBagItem 

func (s *Service) UpdateDataBagItem(orgName, bagName, itemID string, input UpdateDataBagItemInput) (DataBagItem, error)

func (*Service) UpdateEnvironment 

func (s *Service) UpdateEnvironment(orgName, currentName string, input UpdateEnvironmentInput) (UpdateEnvironmentResult, error)

func (*Service) UpdateNode 

func (s *Service) UpdateNode(orgName, nodeName string, input UpdateNodeInput) (Node, error)

func (*Service) UpdateRole 

func (s *Service) UpdateRole(orgName, roleName string, input UpdateRoleInput) (Role, error)

func (*Service) UpdateUser 

func (s *Service) UpdateUser(input UpdateUserInput) (User, *KeyMaterial, error)

UpdateUser applies actor metadata changes while keeping default-key mutation explicit for the API-version gate in the HTTP layer.

func (*Service) UpdateUserKey 

func (s *Service) UpdateUserKey(name, keyName string, input UpdateKeyInput) (UpdateKeyResult, error)

func (*Service) UpsertCookbookVersion 

func (s *Service) UpsertCookbookVersion(orgName string, input UpsertCookbookVersionInput) (CookbookVersion, bool, error)

func (*Service) UpsertCookbookVersionWithReleasedChecksums 

func (s *Service) UpsertCookbookVersionWithReleasedChecksums(orgName string, input UpsertCookbookVersionInput) (CookbookVersion, []string, bool, error)

func (*Service) UpsertPolicyGroupAssignment 

func (s *Service) UpsertPolicyGroupAssignment(orgName, groupName, targetPolicyName string, input UpdatePolicyGroupAssignmentInput) (PolicyRevision, bool, error)

type UniverseEntry 

type UniverseEntry struct {
	Version      string
	Dependencies map[string]string
}

type UpdateClientInput 

type UpdateClientInput struct {
	Validator *bool
	Admin     *bool
	PublicKey *string
}

type UpdateDataBagItemInput 

type UpdateDataBagItemInput struct {
	Payload map[string]any
}

type UpdateEnvironmentInput 

type UpdateEnvironmentInput struct {
	Payload map[string]any
}

type UpdateEnvironmentResult 

type UpdateEnvironmentResult struct {
	Environment Environment
	Renamed     bool
}

type UpdateKeyInput 

type UpdateKeyInput struct {
	Name           *string
	PublicKey      *string
	CreateKey      *bool
	ExpirationDate *string
}

type UpdateKeyResult 

type UpdateKeyResult struct {
	KeyMaterial KeyMaterial
	Renamed     bool
}

type UpdateNodeInput 

type UpdateNodeInput struct {
	Payload map[string]any
}

type UpdatePolicyGroupAssignmentInput 

type UpdatePolicyGroupAssignmentInput struct {
	Payload map[string]any
	Creator authn.Principal
}

type UpdateRoleInput 

type UpdateRoleInput struct {
	Payload map[string]any
}

type UpdateUserInput 

type UpdateUserInput struct {
	Username    string
	DisplayName *string
	Email       *string
	FirstName   *string
	LastName    *string
	PublicKey   *string
}

type UpsertCookbookVersionInput 

type UpsertCookbookVersionInput struct {
	Name           string
	Version        string
	Payload        map[string]any
	Force          bool
	ChecksumExists func(string) (bool, error)
}

type User 

type User struct {
	Username    string `json:"username"`
	DisplayName string `json:"display_name,omitempty"`
	Email       string `json:"email,omitempty"`
	FirstName   string `json:"first_name,omitempty"`
	LastName    string `json:"last_name,omitempty"`
}

type ValidationError 

type ValidationError struct {
	Messages []string
}

func ValidateDepsolverPayload 

func ValidateDepsolverPayload(payload map[string]any) *ValidationError

ValidateDepsolverPayload checks the depsolver request body fields that upstream validates during malformed-request handling, before environment lookup or authz.

func (*ValidationError) Error 

func (e *ValidationError) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.