config

package
v0.0.20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 21, 2021 License: Apache-2.0 Imports: 23 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// DecodeJWT can be temporarily set to true to make marshalling decode JWT without verification. This is not thread safe.
	DecodeJWT bool
)

Functions

func EnvironmentMapping 

func EnvironmentMapping(r Reader, includeController bool) (map[string][]byte, error)

EnvironmentMapping returns an environment variable map from the specified configuration reader

Types

type APIServer 

type APIServer struct {
	// ApplicationsEndpoint is the URL of the applications endpoint
	ApplicationsEndpoint string `json:"applications_endpoint,omitempty"`
	// ExperimentsEndpoint is the URL of the experiments endpoint
	ExperimentsEndpoint string `json:"experiments_endpoint,omitempty"`
	// AccountsEndpoint is the URL of the accounts endpoint
	AccountsEndpoint string `json:"accounts_endpoint,omitempty"`
	// PerformanceTokenEndpoint is the URL of the Performance API token endpoint
	PerformanceTokenEndpoint string `json:"performance_token_endpoint,omitempty"`
}

APIServer is the API server metadata

type ApplicationServer 

type ApplicationServer struct {
	// BaseURL is the main entrypoint to the application.
	BaseURL string `json:"base_url,omitempty"`
	// AuthSuccessEndpoint is URL to direct the user to after a successful login.
	AuthSuccessEndpoint string `json:"auth_success_endpoint,omitempty"`
}

ApplicationServer is the user facing application.

type Authorization 

type Authorization struct {
	// Credential is the information that must be presented to prove authorization
	Credential Credential `json:"credential"`
}

Authorization contains information about remote server authorizations

func CurrentAuthorization 

func CurrentAuthorization(r Reader) (Authorization, error)

CurrentAuthorization returns the current authorization configuration

type AuthorizationServer 

type AuthorizationServer struct {
	// Issuer is the authorization server's identifier, it must be an "https" URL with no query or fragment
	Issuer string `json:"issuer"`
	// AuthorizationEndpoint is the URL of the authorization endpoint
	AuthorizationEndpoint string `json:"authorization_endpoint,omitempty"`
	// TokenEndpoint is the URL of the token endpoint
	TokenEndpoint string `json:"token_endpoint,omitempty"`
	// RevocationEndpoint is the URL of the revocation endpoint
	RevocationEndpoint string `json:"revocation_endpoint,omitempty"`
	// RegistrationEndpoint is the URL of the dynamic client registration endpoint
	RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
	// DeviceAuthorizationEndpoint is the URL of the device flow authorization endpoint
	DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint,omitempty"`
	// JSONWebKeySetURI is URL of the JSON Web Key Set
	JSONWebKeySetURI string `json:"jwks_uri,omitempty"`
}

AuthorizationServer is the authorization server metadata

type Change 

type Change func(cfg *Config) error

Change is used to apply a configuration change that should be persisted

func ApplyCurrentContext 

func ApplyCurrentContext(contextName, serverName, authorizationName, clusterName string) Change

ApplyCurrentContext is a configuration change that updates the values of a context and sets that context as the current context. If the context exists, non-empty values will overwrite; otherwise a new named context is created.

func SaveClientRegistration 

func SaveClientRegistration(name string, info *registration.ClientInformationResponse) Change

SaveClientRegistration stores the supplied registration response to the named controller (creating it if it does not exist)

func SaveServer 

func SaveServer(name string, srv *Server, env string) Change

SaveServer is a configuration change that persists the supplied server configuration. If the server exists, it is overwritten; otherwise a new named server is created.

func SaveToken 

func SaveToken(name string, t *oauth2.Token) Change

SaveToken is a configuration change that persists the supplied token as a named authorization. If the authorization exists, it is overwritten; otherwise a new named authorization is created.

func SetExecutionEnvironment 

func SetExecutionEnvironment(env string) Change

SetExecutionEnvironment is a configuration change that updates the execution environment

func SetProperty 

func SetProperty(name, value string) Change

SetProperty is a configuration change that updates a single property using a dotted name notation.

func UnsetProperty added in v0.0.20 

func UnsetProperty(name string) Change

UnsetProperty eliminates a configuration property. Note that in general, just setting a property to an empty value will not overwrite the existing value.

type ClientCredential 

type ClientCredential struct {
	// ClientID is the client identifier
	ClientID string `json:"client_id"`
	// ClientSecret is the client secret
	ClientSecret string `json:"client_secret"`
	// Scope is the space delimited list of allowable scopes for the client
	Scope string `json:"scope"`
}

ClientCredential represents a machine-to-machine credential

type ClientIdentity 

type ClientIdentity func(string) string

ClientIdentity is a mapping function that returns an OAuth 2.0 `client_id` given an authorization server issuer identifier

type Cluster 

type Cluster struct {
	// KubeConfig is the path to a kubeconfig file to use; leave blank to get the default file
	KubeConfig string `json:"kubeconfig,omitempty"`
	// Context is the kubeconfig context to use for the cluster; leave blank to get the current kubeconfig context
	Context string `json:"context"`
	// Namespace overrides the kubeconfig namespace to use for the cluster; leave blank to get the current kubeconfig namespace
	Namespace string `json:"namespace"`
	// Bin is the path to the kubectl binary to use
	Bin string `json:"bin,omitempty"`
	// Controller is the reference to a controller section to use when configuring this cluster
	Controller string `json:"controller,omitempty"`
}

Cluster contains information about communicating with a Kubernetes cluster

func CurrentCluster 

func CurrentCluster(r Reader) (Cluster, error)

CurrentCluster returns the current cluster configuration

type Config 

type Config struct {
	// Servers is a named list of server configurations
	Servers []NamedServer `json:"servers,omitempty"`
	// Authorizations is a named list of authorizations configurations
	Authorizations []NamedAuthorization `json:"authorizations,omitempty"`
	// Clusters is a named list of cluster configurations
	Clusters []NamedCluster `json:"clusters,omitempty"`
	// Controllers is a named list of controller configurations
	Controllers []NamedController `json:"controllers,omitempty"`
	// Contexts is a named list of context configurations
	Contexts []NamedContext `json:"contexts,omitempty"`
	// CurrentContext is the name of the default context
	CurrentContext string `json:"current-context,omitempty"`
	// Environment identifies the current execution environment
	Environment string `json:"env,omitempty"`
}

Config is the top level configuration structure for Optimize

func Minify 

func Minify(r Reader) (*Config, error)

Minify creates a new configuration using only the data available through the reader

type Context 

type Context struct {
	// Server is the name of the remote server to connect to
	Server string `json:"server,omitempty"`
	// Authorization is the name of authorization configuration to use
	Authorization string `json:"authorization,omitempty"`
	// Cluster is the name of the Kubernetes cluster to connect to; it is a name in THIS configuration and does not correspond to the kubeconfig name
	Cluster string `json:"cluster,omitempty"`
}

Context references a remote server...

type Controller 

type Controller struct {
	// DeploymentName is the name of the controller deployment object
	DeploymentName string `json:"deploymentName,omitempty"`
	// Namespace overrides the default namespace to use during configuration
	Namespace string `json:"namespace,omitempty"`
	// RegistrationClientURI is the fully qualified URL of the client configuration endpoint for the controller's client
	RegistrationClientURI string `json:"registration_client_uri,omitempty"`
	// RegistrationAccessToken is the access token to be used for the client configuration endpoint
	RegistrationAccessToken string `json:"registration_access_token,omitempty"`
	// Env defines additional environment variables to load into the controller during authorization
	Env []ControllerEnvVar `json:"env,omitempty"`
	// Resources allows overriding the default container resources for the controller.
	Resources *ControllerResources `json:"resources,omitempty"`
}

Controller contains additional controller configuration when working with Optimize on a specific cluster

func CurrentController 

func CurrentController(r Reader) (Controller, error)

CurrentController returns the current controller configuration

type ControllerEnvVar 

type ControllerEnvVar struct {
	// Name of the environment variable
	Name string `json:"name"`
	// Value of the environment variable
	Value string `json:"value"`
}

ControllerEnvVar is used to specify additional environment variables for a controller during authorization

type ControllerResources added in v0.0.19 

type ControllerResources struct {
	// Requests for container resources, keyed by resource type.
	Requests map[string]string `json:"requests,omitempty"`
	// Limits for container resources, keyed by resource type.
	Limits map[string]string `json:"limits,omitempty"`
}

ControllerResources is used to override the container resources for a controller during initialization.

type Credential 

type Credential struct {
	// TokenCredential is used to prove authorization using a token that has already been obtained
	*TokenCredential
	// ClientCredential is used to obtain a new token for authorization using the credential information
	*ClientCredential
}

Credential is use to represent a credential

func (*Credential) MarshalJSON 

func (c *Credential) MarshalJSON() ([]byte, error)

MarshalJSON ensures token expiry is persisted in UTC

func (*Credential) UnmarshalJSON 

func (c *Credential) UnmarshalJSON(data []byte) error

UnmarshalJSON determines which type of credential is being used

type Loader 

type Loader func(cfg *OptimizeConfig) error

Loader is used to initially populate an Optimize configuration

type NamedAuthorization 

type NamedAuthorization struct {
	// Name is the referencable name for the authorization
	Name string `json:"name"`
	// Authorization is the authorization configuration
	Authorization Authorization `json:"authorization"`
}

NamedAuthorization associates a name to an authorization configuration

type NamedCluster 

type NamedCluster struct {
	// Name is the referencable name for the cluster
	Name string `json:"name"`
	// Cluster is the cluster configuration
	Cluster Cluster `json:"cluster"`
}

NamedCluster associates a name to cluster configuration

type NamedContext 

type NamedContext struct {
	// Name is the referencable name for the context
	Name string `json:"name"`
	// Context is the context configuration
	Context Context `json:"context"`
}

NamedContext associates a name to context configuration

type NamedController 

type NamedController struct {
	// Name is the referencable name for the controller
	Name string `json:"name"`
	// Controller is the cluster configuration
	Controller Controller `json:"controller"`
}

NamedController associates a name to a controller configuration

type NamedServer 

type NamedServer struct {
	// Name is the referencable name for the server
	Name string `json:"name"`
	// Server is the server configuration
	Server Server `json:"server"`
}

NamedServer associates a name to a server configuration

type OptimizeConfig added in v0.0.10 

type OptimizeConfig struct {
	// Filename is the path to the configuration file; if left blank, it will be populated using XDG base directory conventions on the next Load
	Filename string
	// Overrides to the standard configuration
	Overrides Overrides
	// ClientIdentity is used to determine the OAuth 2.0 client identifier
	ClientIdentity ClientIdentity
	// AuthorizationParameters is used to provide additional parameters to the OAuth 2.0 endpoints
	AuthorizationParameters map[string][]string
	// contains filtered or unexported fields
}

OptimizeConfig is the structure used to manage configuration data

func (*OptimizeConfig) Authorize added in v0.0.10 

func (rsc *OptimizeConfig) Authorize(ctx context.Context, transport http.RoundTripper) (http.RoundTripper, error)

Authorize configures the supplied transport

func (*OptimizeConfig) Environment added in v0.0.10 

func (rsc *OptimizeConfig) Environment() string

Environment returns the name of the execution environment

func (*OptimizeConfig) Kubectl added in v0.0.10 

func (rsc *OptimizeConfig) Kubectl(ctx context.Context, arg ...string) (*exec.Cmd, error)

Kubectl returns an executable command for running kubectl

func (*OptimizeConfig) Load added in v0.0.10 

func (rsc *OptimizeConfig) Load(extra ...Loader) error

Load will populate the client configuration

func (*OptimizeConfig) MarshalJSON added in v0.0.10 

func (rsc *OptimizeConfig) MarshalJSON() ([]byte, error)

MarshalJSON ensures only the configuration data is marshalled

func (*OptimizeConfig) Merge added in v0.0.10 

func (rsc *OptimizeConfig) Merge(data *Config)

Merge combines the supplied data with what is already present in this client configuration; unlike Update, changes will not be persisted on the next write

func (*OptimizeConfig) NewAuthorization added in v0.0.10 

func (rsc *OptimizeConfig) NewAuthorization() (*authorizationcode.Config, error)

NewAuthorization creates a new authorization code flow with PKCE using the current context

func (*OptimizeConfig) NewDeviceAuthorization added in v0.0.10 

func (rsc *OptimizeConfig) NewDeviceAuthorization() (*devicecode.Config, error)

NewDeviceAuthorization creates a new device authorization flow using the current context

func (*OptimizeConfig) PerformanceAuthorization added in v0.0.17 

func (rsc *OptimizeConfig) PerformanceAuthorization(ctx context.Context) (tokenexchange.ExchangeTokenSource, error)

PerformanceAuthorization returns a source of authorization tokens for accessing Performance APIs.

func (*OptimizeConfig) Reader added in v0.0.10 

func (rsc *OptimizeConfig) Reader() Reader

Reader returns a configuration reader for accessing information from the configuration

func (*OptimizeConfig) RegisterClient added in v0.0.10 

func (rsc *OptimizeConfig) RegisterClient(ctx context.Context, client *registration.ClientMetadata) (*registration.ClientInformationResponse, error)

RegisterClient performs dynamic client registration

func (*OptimizeConfig) RevocationInfo added in v0.0.10 

func (rsc *OptimizeConfig) RevocationInfo() (*RevocationInformation, error)

RevocationInfo returns the information necessary to revoke an authorization entry from the configuration

func (*OptimizeConfig) SystemNamespace added in v0.0.10 

func (rsc *OptimizeConfig) SystemNamespace() (string, error)

SystemNamespace returns the namespace where the Optimize Controller is/should be installed

func (*OptimizeConfig) Update added in v0.0.10 

func (rsc *OptimizeConfig) Update(change Change) error

Update will make a change to the configuration data that should be persisted on the next call to Write

func (*OptimizeConfig) Write added in v0.0.10 

func (rsc *OptimizeConfig) Write() error

Write all unpersisted changes to disk

type Overrides 

type Overrides struct {
	// Environment overrides the execution environment name
	Environment string
	// Context overrides the current Optimize context name (_not_ the KubeConfig context)
	Context string
	// SystemNamespace overrides the current controller namespace (_not_ the Kube namespace)
	SystemNamespace string
	// ServerIdentifier overrides the current server's identifier and StormForge endpoints. Using this override, it is not possible to specify individual endpoint locations.
	ServerIdentifier string
	// ServerIssuer overrides the current server's authorization server issuer. Using this override, it is not possible to specify individual endpoint locations.
	ServerIssuer string
	// Credential overrides the current authorization
	Credential ClientCredential
	// KubeConfig overrides the current cluster's kubeconfig file
	KubeConfig string
	// Namespace overrides the current cluster's default namespace
	Namespace string
}

Overrides represent information which can be overridden in the configuration

type Reader 

type Reader interface {
	// ServerName returns the server name for the specified context
	ServerName(contextName string) (string, error)
	// Server returns the named server configuration
	Server(name string) (Server, error)
	// AuthorizationName returns authorization name for the specified context
	AuthorizationName(contextName string) (string, error)
	// Authorization returns the named authorization configuration
	Authorization(name string) (Authorization, error)
	// ClusterName returns cluster name for the specified context
	ClusterName(contextName string) (string, error)
	// Cluster returns the named cluster configuration
	Cluster(name string) (Cluster, error)
	// ControllerName returns controller name for the specified context (derived via the cluster)
	ControllerName(contextName string) (string, error)
	// Controller returns the named controller configuration
	Controller(name string) (Controller, error)
	// ContextName returns current context name
	ContextName() string
	// Context returns the named context configuration
	Context(name string) (Context, error)
}

Reader exposes information from a configuration

type RevocationInformation 

type RevocationInformation struct {
	// RevocationURL is the URL of the authorization server's revocation endpoint
	RevocationURL string
	// ClientID is the client identifier for the authorization
	ClientID string
	// Authorization is the credential that needs to be revoked
	Authorization Authorization
	// contains filtered or unexported fields
}

RevocationInformation contains the information necessary to revoke an authorization credential

func (*RevocationInformation) RemoveAuthorization 

func (ri *RevocationInformation) RemoveAuthorization() Change

RemoveAuthorization returns a configuration change to clear the credentials for an authorization.

func (*RevocationInformation) String 

func (ri *RevocationInformation) String() string

String returns a string representation of this revocation

type Server 

type Server struct {
	// Identifier is a URI used to identify a common set of endpoints making up a StormForge API Server. The identifier
	// may be used to resolve ".well-known" locations, used as an authorization audience, or used as a common base URL
	// when determining default endpoint addresses. The URL must not have any query or fragment components.
	Identifier string `json:"identifier"`
	// API contains the API server metadata necessary to access the programmatic interface.
	API APIServer `json:"api"`
	// Authorization contains the authorization server metadata necessary to access this server
	Authorization AuthorizationServer `json:"authorization"`
	// Application contains information about the public facing user interface.
	Application ApplicationServer `json:"application"`
}

Server contains information about how to communicate with a StormForge API Server

func CurrentServer 

func CurrentServer(r Reader) (Server, error)

CurrentServer returns the current server configuration

func (*Server) MarshalJSON 

func (srv *Server) MarshalJSON() ([]byte, error)

MarshalJSON omits empty structs

type TokenCredential 

type TokenCredential struct {
	// AccessToken is presented to the service being authenticated to
	AccessToken string `json:"access_token"`
	// TokenType is the type of the access token (i.e. "bearer")
	TokenType string `json:"token_type,omitempty"`
	// RefreshToken is presented to the authorization server when the access token expires
	RefreshToken string `json:"refresh_token,omitempty"`
	// Expiry is the time at which the access token expires (or 0 if the token does not expire)
	Expiry time.Time `json:"expiry,omitempty"`
}

TokenCredential represents a token based credential

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.