Documentation
¶
Overview ¶
Package enterprise provide glue to Enterprise code.
Index ¶
- func Enabled() bool
- func NewSpdxFrontend(_ *zap.Logger, _ SPDXOptions) (FrontendPlugin, SPDXSource, error)
- func NewVEXFrontend(_ context.Context, _ *errgroup.Group, _ *zap.Logger, _ VEXOptions) (FrontendPlugin, VEXSource, error)
- type AuthProvider
- type Checksummer
- type FrontendPlugin
- type Handler
- type ReadinessChecker
- type SPDXOptions
- type SPDXSource
- type ScannerOptions
- type VEXOptions
- type VEXSource
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewSpdxFrontend ¶ added in v1.1.0
func NewSpdxFrontend(_ *zap.Logger, _ SPDXOptions) (FrontendPlugin, SPDXSource, error)
NewSpdxFrontend returns a new Spdx FrontendPlugin.
func NewVEXFrontend ¶ added in v1.3.0
func NewVEXFrontend(_ context.Context, _ *errgroup.Group, _ *zap.Logger, _ VEXOptions) (FrontendPlugin, VEXSource, error)
NewVEXFrontend returns a new VEX FrontendPlugin.
Types ¶
type AuthProvider ¶ added in v1.2.0
type AuthProvider interface {
// Run starts the background reload loop and blocks until ctx is canceled.
Run(ctx context.Context) error
// Middleware returns an HTTP middleware that enforces authentication on the provided handler.
Middleware(Handler) Handler
// VerifyCredentials checks if the username/password pair is valid.
VerifyCredentials(username, password string) bool
// UsernameFromContext retrieves the authenticated username stored by the middleware.
UsernameFromContext(ctx context.Context) (string, bool)
}
AuthProvider defines an authentication provider.
func NewAuthProvider ¶ added in v1.2.0
func NewAuthProvider(_ *zap.Logger, _ string) (AuthProvider, error)
NewAuthProvider creates a new authentication provider.
type Checksummer ¶ added in v1.1.0
type Checksummer interface {
WriteChecksum(ctx context.Context, w http.ResponseWriter, r *http.Request, reader io.ReadCloser, size int64, filename, suffix string) error
}
Checksummer computes a checksum for a boot asset and writes the result to the HTTP response. The implementation lives behind the enterprise build tag; when enterprise is not enabled the Frontend receives a nil Checksummer and returns 402 for checksum requests.
suffix is the file-extension that triggered checksum mode (e.g. ".sha512", ".sha256", ".md5") and determines both the algorithm and the output filename.
func NewChecksummer ¶ added in v1.1.0
func NewChecksummer() Checksummer
NewChecksummer returns nil when enterprise is not enabled.
type FrontendPlugin ¶ added in v1.1.0
type FrontendPlugin interface {
Methods() []string
Path() string
Handle(context.Context, http.ResponseWriter, *http.Request, httprouter.Params) error
}
FrontendPlugin is the interface that Enterprise code must implement to extend the frontend.
func NewScannerFrontend ¶ added in v1.3.0
func NewScannerFrontend(_ context.Context, _ *errgroup.Group, _ *zap.Logger, _ ScannerOptions) (FrontendPlugin, error)
NewScannerFrontend returns a new Scanner FrontendPlugin.
type Handler ¶ added in v1.2.0
type Handler = func(ctx context.Context, w http.ResponseWriter, r *http.Request, p httprouter.Params) error
Handler is the type of HTTP handlers used by the enterprise frontend.
type ReadinessChecker ¶ added in v1.3.0
type ReadinessChecker interface {
// Ready reports nil when the plugin is ready to serve requests, or a
// non-nil error describing why it is not.
Ready() error
}
ReadinessChecker is implemented by FrontendPlugin instances whose readiness must factor into the /readyz response. Plugins that do not implement this interface are considered always ready.
type SPDXOptions ¶ added in v1.1.0
type SPDXOptions struct {
ExternalURL string
CacheImageSigner signer.Signer
SchematicFactory *schematic.Factory
ArtifactsManager *artifacts.Manager
AssetBuilder *asset.Builder
AuthProvider AuthProvider
CacheRepository string
RemoteOptions []remote.Option
RegistryRefreshInterval time.Duration
CacheInsecure bool
}
SPDXOptions holds configuration options for the SPDX frontend.
type SPDXSource ¶ added in v1.3.0
type SPDXSource interface {
Build(ctx context.Context, schematicID, versionTag string, arch artifacts.Arch) (io.ReadCloser, error)
}
SPDXSource produces a merged SPDX JSON document for the requested schematic, Talos version and architecture, applying ownership enforcement.
The SPDX builder satisfies this interface and is reused by the scanner frontend so the SBOM extraction and access control live in one place.
type ScannerOptions ¶ added in v1.3.0
type ScannerOptions struct {
VEXSource VEXSource
SPDXSource SPDXSource
SchematicFactory *schematic.Factory
AuthProvider AuthProvider
DatabaseURL string
MetricsNamespace string
CacheTTL time.Duration
CacheCapacity uint64
}
ScannerOptions holds configuration options for the Scanner frontend.
type VEXOptions ¶ added in v1.3.0
type VEXOptions struct {
Data string
MetricsNamespace string
RemoteOptions []remote.Option
VerifyOptions verify.VerifyOptions
RefreshInterval time.Duration
CacheTTL time.Duration
CacheCapacity uint64
DataInsecure bool
}
VEXOptions holds configuration options for the VEX frontend.