profiles

package
v0.4.5-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2026 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package profiles provides infrastructure for remote profile fetching and caching.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetHTTPStatusCode 

func GetHTTPStatusCode(err error) int

GetHTTPStatusCode returns the status code if the error is an HTTPError, or 0.

func IsHTTPError 

func IsHTTPError(err error) bool

IsHTTPError returns true if the error is an HTTPError.

Types

type AuthRule 

type AuthRule struct {
	// Pattern is a URL prefix to match (e.g., "https://example.com/").
	// More specific patterns take precedence.
	Pattern string

	// AuthType is the type of authentication: "bearer", "basic", or "header".
	AuthType string

	// Token is used for bearer auth.
	Token string

	// Username and Password are used for basic auth.
	Username string
	Password string

	// HeaderValue is the raw Authorization header value for "header" type.
	HeaderValue string
}

AuthRule defines authentication for URLs matching a pattern.

type ChainAuthProvider 

type ChainAuthProvider struct {
	Providers []interface {
		GetAuthHeader(context.Context, string) (string, error)
	}
}

ChainAuthProvider tries multiple providers in order until one returns a non-empty header.

func NewChainAuthProvider 

func NewChainAuthProvider(providers ...interface {
	GetAuthHeader(context.Context, string) (string, error)
}) *ChainAuthProvider

NewChainAuthProvider creates a provider that chains multiple providers.

func (*ChainAuthProvider) GetAuthHeader 

func (p *ChainAuthProvider) GetAuthHeader(ctx context.Context, url string) (string, error)

GetAuthHeader tries each provider in order until one returns a non-empty header.

type FSProfileCacheRepository 

type FSProfileCacheRepository struct {
	// Root is the base directory for the cache.
	// Default: ~/.reglet/profiles
	Root string
}

FSProfileCacheRepository implements ProfileCacheRepository using the filesystem. Profiles are stored at ~/.reglet/profiles/<cache-key>/

func NewFSProfileCacheRepository 

func NewFSProfileCacheRepository(root string) (*FSProfileCacheRepository, error)

NewFSProfileCacheRepository creates a new filesystem-based cache repository.

func (*FSProfileCacheRepository) Delete 

func (r *FSProfileCacheRepository) Delete(ctx context.Context, ref values.ProfileReference) error

Delete removes a specific profile from cache.

func (*FSProfileCacheRepository) Find 

func (r *FSProfileCacheRepository) Find(ctx context.Context, ref values.ProfileReference) (*entities.ProfileCacheEntry, error)

Find retrieves a cached profile by reference.

func (*FSProfileCacheRepository) List 

func (r *FSProfileCacheRepository) List(ctx context.Context) ([]*entities.ProfileCacheEntry, error)

List returns all cached profiles.

func (*FSProfileCacheRepository) Prune 

func (r *FSProfileCacheRepository) Prune(ctx context.Context, maxAge time.Duration) (int, error)

Prune removes profiles older than the specified duration.

func (*FSProfileCacheRepository) Store 

func (r *FSProfileCacheRepository) Store(ctx context.Context, entry *entities.ProfileCacheEntry) error

Store persists a profile cache entry.

type HTTPError 

type HTTPError struct {
	Status     string
	URL        string
	StatusCode int
}

HTTPError represents an HTTP error response.

func (*HTTPError) Error 

func (e *HTTPError) Error() string

type HTTPProfileFetcher 

type HTTPProfileFetcher struct {
	// OnRedirect is called when a redirect is followed.
	// Returns an error to abort the redirect.
	OnRedirect func(req *http.Request, via []*http.Request) error

	// OnPrivateIPWarning is called when SSRF protection blocks a private IP.
	OnPrivateIPWarning func(ip string)

	// OnDNSPinning is called when DNS is resolved and pinned.
	OnDNSPinning func(host string, ip string)

	// OnContentTypeWarning is called when Content-Type is unexpected.
	OnContentTypeWarning func(contentType string)

	// OnRetry is called before each retry attempt.
	OnRetry func(attempt int, statusCode int)

	// OnSecretDetected is called when potential secrets are found in fetched content.
	// This implements Constitution II: Credential Hygiene - Secret Detection.
	OnSecretDetected func(findings []sensitivedata.SecretFinding)

	// UserAgent is the User-Agent header sent with requests.
	UserAgent string
}

HTTPProfileFetcher fetches profiles over HTTPS using secure defaults. It implements the ports.ProfileFetcher interface.

func NewHTTPProfileFetcher 

func NewHTTPProfileFetcher() *HTTPProfileFetcher

NewHTTPProfileFetcher creates a new HTTP profile fetcher with default settings.

func (*HTTPProfileFetcher) CheckForUpdate 

func (f *HTTPProfileFetcher) CheckForUpdate(
	ctx context.Context,
	ref values.ProfileReference,
	cachedETag string,
	opts ports.FetchOptions,
) (*UpdateCheckResult, error)

CheckForUpdate performs a HEAD request to check if a profile has been updated. Compares the remote ETag with the cached ETag to detect changes.

func (*HTTPProfileFetcher) Fetch 

func (f *HTTPProfileFetcher) Fetch(ctx context.Context, ref values.ProfileReference, opts ports.FetchOptions) (*ports.FetchResult, error)

Fetch retrieves profile content from the given HTTPS URL.

type HeaderAuthProvider 

type HeaderAuthProvider struct {
	// Rules maps URL patterns to auth configurations.
	// Patterns are matched from most specific to least specific.
	Rules []AuthRule
}

HeaderAuthProvider implements ProfileAuthProvider with configurable auth headers. Supports Bearer tokens, Basic auth, and custom Authorization headers.

func NewHeaderAuthProvider 

func NewHeaderAuthProvider(rules []AuthRule) *HeaderAuthProvider

NewHeaderAuthProvider creates a new provider with the given rules.

func (*HeaderAuthProvider) GetAuthHeader 

func (p *HeaderAuthProvider) GetAuthHeader(ctx context.Context, url string) (string, error)

GetAuthHeader returns the Authorization header value for the given URL. Returns empty string if no auth is configured for this URL.

type NoAuthProvider 

type NoAuthProvider struct{}

NoAuthProvider is an auth provider that provides no authentication. Useful as a default or for public profiles.

func (*NoAuthProvider) GetAuthHeader 

func (p *NoAuthProvider) GetAuthHeader(ctx context.Context, url string) (string, error)

GetAuthHeader always returns empty string.

type StaticHeaderAuthProvider 

type StaticHeaderAuthProvider struct {
	Header string
}

StaticHeaderAuthProvider is a simple implementation that returns a fixed header for all URLs. Useful for simple use cases with a single auth token.

func NewStaticBasicAuthProvider 

func NewStaticBasicAuthProvider(username, password string) *StaticHeaderAuthProvider

NewStaticBasicAuthProvider creates a provider with fixed Basic auth credentials.

func NewStaticBearerAuthProvider 

func NewStaticBearerAuthProvider(token string) *StaticHeaderAuthProvider

NewStaticBearerAuthProvider creates a provider with a fixed Bearer token.

func (*StaticHeaderAuthProvider) GetAuthHeader 

func (p *StaticHeaderAuthProvider) GetAuthHeader(ctx context.Context, url string) (string, error)

GetAuthHeader returns the static header for any URL.

type UpdateCheckResult 

type UpdateCheckResult struct {
	// CurrentETag is the ETag of the cached version.
	CurrentETag string
	// RemoteETag is the ETag of the remote version.
	RemoteETag string
	// LastModified is the Last-Modified header from the remote.
	LastModified string
	// HasUpdate indicates whether the remote content has changed.
	HasUpdate bool
}

UpdateCheckResult contains the result of an update check.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.