brokerclient

package

v0.5.2 Latest Latest Go to latest Published: May 2, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tjorri/paddock

Links

Open Source Insights

Documentation ¶

Overview ¶

Package brokerclient is the shared HTTPS plumbing for the controller's and the proxy's broker clients. It owns TLS-config construction from a CA bundle, the projected SA-token attach, X-Paddock-Run / X-Paddock-Run-Namespace header attach, and the brokerapi.ErrorResponse envelope decode. Operation-specific methods (controller's Issue, proxy's ValidateEgress / SubstituteAuth) stay in their respective packages and call into this one for plumbing.

Index ¶

type BrokerError
- func (e *BrokerError) Error() string
type Client
- func New(opts Options) (*Client, error)
- func NewForTest(opts Options, hc *http.Client) *Client
- func (c *Client) Do(ctx context.Context, path string, body []byte) (*http.Response, error)
type Options
type TokenReader
- func FileTokenReader(path string) TokenReader

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type BrokerError ¶

type BrokerError struct {
	Status  int
	Code    string
	Message string
}

BrokerError is the typed error returned for any non-2xx broker response. Code is brokerapi.ErrorResponse.Code (or HTTP%d if the envelope was missing). Status is the HTTP status code.

func (*BrokerError) Error ¶

func (e *BrokerError) Error() string

type Client ¶

type Client struct {
	Endpoint     string
	TokenReader  TokenReader
	RunName      string
	RunNamespace string
	// contains filtered or unexported fields
}

Client is the shared HTTPS broker client. Operation-specific methods live in caller packages (controller's Issue, proxy's ValidateEgress / SubstituteAuth) — this struct only owns the plumbing.

Zero value not usable; construct via New.

Concurrency: Client itself is not safe for concurrent use. RunName and RunNamespace may be updated between calls when the same Client instance is reused across multiple runs (the controller reconcile loop does this); the surrounding call site must serialise such mutations. The proxy holds a Client per run and does not mutate these fields.

func New ¶

func New(opts Options) (*Client, error)

New constructs a Client. Endpoint is required (caller decides whether an empty endpoint means "disabled" or "error").

func NewForTest ¶

func NewForTest(opts Options, hc *http.Client) *Client

NewForTest builds a Client that talks to httptest-server URLs (e.g. https://127.0.0.1:NNNNN) which the F-29 validator in New rejects. The supplied http.Client is used as the transport — typically srv.Client() from a httptest.Server.

Production callers MUST NOT use this function. It exists solely to support the brokerclienttest sub-package, which is the single approved callsite. Validation is intentionally bypassed; the TokenReader and RunName/RunNamespace from opts are used as-is.

func (*Client) Do ¶

func (c *Client) Do(ctx context.Context, path string, body []byte) (*http.Response, error)

Do POSTs body to path with the SA token + Paddock headers attached. On non-2xx, returns a *BrokerError; on 2xx, the caller decodes the response body. Caller is responsible for closing resp.Body in the success case.

type Options ¶

type Options struct {
	// Endpoint is the broker's HTTPS base URL (no trailing slash
	// required; New trims it).
	Endpoint string

	// CABundlePath is the file holding the CA the broker's serving
	// cert chains to. Empty falls back to the system trust store —
	// only correct when the broker presents a publicly trusted cert,
	// which is not Paddock's default.
	CABundlePath string

	// TokenReader returns the SA bearer for every call. Required.
	TokenReader TokenReader

	// RunName / RunNamespace are attached as X-Paddock-Run /
	// X-Paddock-Run-Namespace on every outbound request. RunNamespace
	// may be empty (the broker then infers from the caller's SA).
	RunName      string
	RunNamespace string

	// Timeout caps each Do call (TLS handshake + request + response
	// read). Required — callers pick the budget appropriate to their
	// path.
	Timeout time.Duration
}

Options configures New.

type TokenReader ¶

type TokenReader func() ([]byte, error)

TokenReader returns the SA bearer token to attach to every outbound request. The default produced by FileTokenReader re-reads from disk on every call (the projected ServiceAccountToken file rotates on disk; an in-memory cache would invite expired-token failures after Pod lifetime ≥ the token's 1h TTL). Tests inject inline byte slices.

func FileTokenReader ¶

func FileTokenReader(path string) TokenReader

FileTokenReader returns a TokenReader that reads from path on every call.

Source Files ¶

View all Source files

brokerclient.go

Directories ¶

Path	Synopsis
brokerclienttest Package brokerclienttest is a test-only support package: it lets out-of-package tests in internal/controller and internal/proxy construct a brokerclient.Client without going through the F-29 canonical-endpoint validator.	Package brokerclienttest is a test-only support package: it lets out-of-package tests in internal/controller and internal/proxy construct a brokerclient.Client without going through the F-29 canonical-endpoint validator.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL