adapter

package
v0.9.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2020 License: Apache-2.0 Imports: 18 Imported by: 0

README

This folder contains adaptors for various platforms hosting data (e.g. GCP).

An adaptor translates the generic GA4GH concepts to their corresponding ones for the particular data host platform and applying them. In particular:

  • managing platform specific identities, e.g. creating a service account on GCP
  • managing access permissions to resources hosted on the platform, e.g. permissions to access a GCS bucket on GCP
  • managing platform tokens, e.g. obtaining a token for a service account on GCP

The code is organized by platform, e.g. adopters for GCP platform are located under gcp subfolder.

Documentation

Overview

Package adapter allows the DAM to take actions.

Index

Constants

View Source
const (
	// SawAdapterName is the name identifier exposed in config files.
	SawAdapterName = "saw"

	// SawMaxUserIDLength is the service account desc max length.
	SawMaxUserIDLength = 100
)
View Source
const (
	// AdapterDataType is the name of adapter file types.
	AdapterDataType = "adapter"
)
View Source
const (
	// AwsAdapterName is the name identifier exposed in config files.
	AwsAdapterName = "aws"
)

Variables

This section is empty.

Functions

func GetItemVariables

func GetItemVariables(adapters *ServiceAdapters, adapterName string, item *pb.View_Item) (map[string]string, string, error)

GetItemVariables returns a map of variables and their values for a given view item.

func ResolveServiceRole

func ResolveServiceRole(roleName string, view *pb.View, res *pb.Resource, cfg *pb.DamConfig) (*pb.ServiceRole, error)

ResolveServiceRole is a helper function that returns a ServiceRole structure from a role name on a view.

Types

type Action

type Action struct {
	Aggregates      []*AggregateView
	ClientID        string
	Config          *pb.DamConfig
	GrantRole       string
	Identity        *ga4gh.Identity
	Issuer          string
	MaxTTL          time.Duration
	ResourceID      string
	Resource        *pb.Resource
	ServiceRole     *pb.ServiceRole
	ServiceTemplate *pb.ServiceTemplate
	TTL             time.Duration
	ViewID          string
	View            *pb.View
	Interface       string
	TokenFormat     string
}

Action provides inputs to action methods on adapters.

type AggregateView

type AggregateView struct {
	Index int
	Res   *pb.Resource
	View  *pb.View
}

AggregateView defines an aggregated view.

type AggregatorAdapter

type AggregatorAdapter struct {
	// contains filtered or unexported fields
}

AggregatorAdapter combines views from other adapters.

func (*AggregatorAdapter) CheckConfig

func (a *AggregatorAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)

CheckConfig validates that a new configuration is compatible with this adapter.

func (*AggregatorAdapter) Descriptors added in v0.8.4

func (a *AggregatorAdapter) Descriptors() map[string]*pb.ServiceDescriptor

Descriptors returns a map of Service descriptors.

func (*AggregatorAdapter) IsAggregator

func (a *AggregatorAdapter) IsAggregator() bool

IsAggregator returns true if this adapter requires TokenAction.Aggregates.

func (*AggregatorAdapter) MintToken

func (a *AggregatorAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)

MintToken has the adapter mint a token.

func (*AggregatorAdapter) Name

func (a *AggregatorAdapter) Name() string

Name returns the name identifier of the adapter as used in configurations.

func (*AggregatorAdapter) Platform

func (a *AggregatorAdapter) Platform() string

Platform returns the name identifier of the platform on which this adapter operates.

type AwsAdapter added in v0.9.7

type AwsAdapter struct {
	// contains filtered or unexported fields
}

AwsAdapter is the AWS IAM adapter.

func (*AwsAdapter) CheckConfig added in v0.9.7

func (a *AwsAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)

CheckConfig validates that a new configuration is compatible with this adapter.

func (*AwsAdapter) Descriptors added in v0.9.7

func (a *AwsAdapter) Descriptors() map[string]*pb.ServiceDescriptor

Descriptors returns a map of ServiceDescriptor descriptor.

func (*AwsAdapter) IsAggregator added in v0.9.7

func (a *AwsAdapter) IsAggregator() bool

IsAggregator returns true if this adapter requires TokenAction.Aggregates.

func (*AwsAdapter) MintToken added in v0.9.7

func (a *AwsAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)

MintToken has the adapter mint a token.

func (*AwsAdapter) Name added in v0.9.7

func (a *AwsAdapter) Name() string

Name returns the name identifier of the adapter as used in configurations.

func (*AwsAdapter) Platform added in v0.9.7

func (a *AwsAdapter) Platform() string

Platform returns the name identifier of the platform on which this adapter operates.

type GatekeeperAdapter

type GatekeeperAdapter struct {
	// contains filtered or unexported fields
}

GatekeeperAdapter generates downstream access tokens.

func (*GatekeeperAdapter) CheckConfig

func (a *GatekeeperAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)

CheckConfig validates that a new configuration is compatible with this adapter.

func (*GatekeeperAdapter) Descriptors added in v0.8.4

func (a *GatekeeperAdapter) Descriptors() map[string]*pb.ServiceDescriptor

Descriptors returns a map of ServiceAdapter descriptors.

func (*GatekeeperAdapter) IsAggregator

func (a *GatekeeperAdapter) IsAggregator() bool

IsAggregator returns true if this adapter requires TokenAction.Aggregates.

func (*GatekeeperAdapter) MintToken

func (a *GatekeeperAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)

MintToken has the adapter mint a token.

func (*GatekeeperAdapter) Name

func (a *GatekeeperAdapter) Name() string

Name returns the name identifier of the adapter as used in configurations.

func (*GatekeeperAdapter) Platform

func (a *GatekeeperAdapter) Platform() string

Platform returns the name identifier of the platform on which this adapter operates.

type GatekeeperToken

type GatekeeperToken struct {
	*ga4gh.StdClaims
	Scopes []string `json:"scopes,omitempty"`
}

GatekeeperToken is the token format that is minted here.

type MintTokenResult

type MintTokenResult struct {
	// A set of credential information like "account" and "access_token", or whatever
	// may apply for the given target service.
	Credentials map[string]string
	// A set of metadata labels about the result to provide context to the client application.
	Labels map[string]string
	// The type of token, if applicable, that was able to be generated, which may vary from
	// the TokenFormat requested in the Action depending on service requirements.
	TokenFormat string
}

MintTokenResult is returned by the MintToken() method.

type Options added in v0.9.7

type Options struct {
	// Store: data storage and configuration storage
	Store storage.Store
	// Warehouse: resource token creator service
	Warehouse clouds.ResourceTokenCreator
	// AWSClient: a client for interacting with the AWS API
	AWSClient aws.APIClient
	// Signer: the signer use for signing jwt.
	Signer kms.Signer
}

Options contains parameters to adapters.

type SawAdapter

type SawAdapter struct {
	// contains filtered or unexported fields
}

SawAdapter is a Service Account Warehouse (SAW) adapter.

func (*SawAdapter) CheckConfig

func (a *SawAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)

CheckConfig validates that a new configuration is compatible with this adapter.

func (*SawAdapter) Descriptors added in v0.8.4

func (a *SawAdapter) Descriptors() map[string]*pb.ServiceDescriptor

Descriptors returns a map of ServiceDescriptor descriptor.

func (*SawAdapter) IsAggregator

func (a *SawAdapter) IsAggregator() bool

IsAggregator returns true if this adapter requires TokenAction.Aggregates.

func (*SawAdapter) MintToken

func (a *SawAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)

MintToken has the adapter mint a token.

func (*SawAdapter) Name

func (a *SawAdapter) Name() string

Name returns the name identifier of the adapter as used in configurations.

func (*SawAdapter) Platform

func (a *SawAdapter) Platform() string

Platform returns the name identifier of the platform on which this adapter operates.

type ServiceAdapter added in v0.8.4

type ServiceAdapter interface {
	// Name returns the name identifier of the adapter as used in configurations.
	Name() string

	// Platform returns the name identifier of the platform on which this adapter operates.
	Platform() string

	// Descriptors returns a map of service descriptors.
	Descriptors() map[string]*pb.ServiceDescriptor

	// IsAggregator returns true if this adapter requires TokenAction.Aggregates.
	IsAggregator() bool

	// CheckConfig validates that a new configuration is compatible with this adapter.
	CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)

	// MintToken has the adapter mint a token.
	MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
}

ServiceAdapter defines the interface for all DAM adapters that take access actions.

func NewAggregatorAdapter

func NewAggregatorAdapter(adapters *ServiceAdapters) (ServiceAdapter, error)

NewAggregatorAdapter creates a AggregatorAdapter.

func NewAwsAdapter added in v0.9.7

func NewAwsAdapter(store storage.Store, awsClient aws.APIClient) (ServiceAdapter, error)

NewAwsAdapter creates a new AwsAdapter.

func NewGatekeeperAdapter

func NewGatekeeperAdapter(signer kms.Signer) (ServiceAdapter, error)

NewGatekeeperAdapter creates a GatekeeperAdapter.

func NewSawAdapter

func NewSawAdapter(warehouse clouds.ResourceTokenCreator) (ServiceAdapter, error)

NewSawAdapter creates a Service Account Warehouse (SAW) adapter.

type ServiceAdapters added in v0.8.4

type ServiceAdapters struct {
	ByAdapterName map[string]ServiceAdapter
	ByServiceName map[string]ServiceAdapter
	Descriptors   map[string]*pb.ServiceDescriptor
	VariableREs   map[string]map[string]*regexp.Regexp // serviceName.variableName.regexp
	// contains filtered or unexported fields
}

ServiceAdapters includes all adapters that are registered with the system.

func CreateAdapters

func CreateAdapters(opts *Options) (*ServiceAdapters, error)

CreateAdapters registers and collects all adapters with the system.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL