service

package
v0.0.0-...-56cb166 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 19, 2025 License: AGPL-3.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var InitialNamespaceChanges = eventsource.InitialNamespaceChanges

It's for testing.

Functions

func AdminBackendConfigGetterFunc 

func AdminBackendConfigGetterFunc(
	backendService *WatchableService, modelUUID coremodel.UUID,
) func(stdCtx context.Context) (*provider.ModelBackendConfigInfo, error)

AdminBackendConfigGetterFunc returns a function that gets the admin config for a given model's current secret backend.

func UserSecretBackendConfigGetterFunc 

func UserSecretBackendConfigGetterFunc(backendService *WatchableService, modelUUID coremodel.UUID) func(
	stdCtx context.Context, gsg secretservice.GrantedSecretsGetter, accessor secretservice.SecretAccessor,
) (*provider.ModelBackendConfigInfo, error)

UserSecretBackendConfigGetterFunc returns a function that gets the config for a given model's current secret backend for creating or updating user secrets.

Types

type BackendConfigParams 

type BackendConfigParams struct {
	GrantedSecretsGetter secretservice.GrantedSecretsGetter
	LeaderToken          leadership.Token
	Accessor             secretservice.SecretAccessor
	ModelUUID            coremodel.UUID
	BackendIDs           []string
	SameController       bool
}

BackendConfigParams are used to get config for reading secrets from a secret backend.

type DeleteSecretBackendParams 

type DeleteSecretBackendParams struct {
	secretbackend.BackendIdentifier
	// DeleteInUse is specified to delete the backend even if it is in use.
	DeleteInUse bool
}

DeleteSecretBackendParams is used to delete a secret backend.

type DrainBackendConfigParams 

type DrainBackendConfigParams struct {
	GrantedSecretsGetter secretservice.GrantedSecretsGetter
	LeaderToken          leadership.Token
	Accessor             secretservice.SecretAccessor
	ModelUUID            coremodel.UUID
	BackendID            string
}

DrainBackendConfigParams are used to get config for draining a secret backend.

type ModelSecretBackendService 

type ModelSecretBackendService struct {
	// contains filtered or unexported fields
}

ModelSecretBackendService is a service for interacting with the secret backend state for a specific model.

func NewModelSecretBackendService 

func NewModelSecretBackendService(modelID coremodel.UUID, st State) *ModelSecretBackendService

NewModelSecretBackendService creates a new ModelSecretBackendService for interacting with the secret backend state for a specific model.

func (*ModelSecretBackendService) GetModelSecretBackend 

func (s *ModelSecretBackendService) GetModelSecretBackend(ctx context.Context) (string, error)

GetModelSecretBackend returns the secret backend name for the current model ID, returning an error satisfying [modelerrors.NotFound] if the model provided does not exist.

func (*ModelSecretBackendService) SetModelSecretBackend 

func (s *ModelSecretBackendService) SetModelSecretBackend(ctx context.Context, backendName string) error

SetModelSecretBackend sets the secret backend config for the current model ID, returning an error satisfying secretbackenderrors.NotFound if the backend provided does not exist, returning an error satisfying [modelerrors.NotFound] if the model provided does not exist, returning an error satisfying secretbackenderrors.NotValid if the backend name provided is not valid.

type RevisionInfo 

type RevisionInfo struct {
	Revision int
	ValueRef *coresecrets.ValueRef
}

RevisionInfo is used to hold info about an external secret revision.

type SecretBackendInfo 

type SecretBackendInfo struct {
	coresecrets.SecretBackend

	NumSecrets int
	Status     string
	Message    string
}

SecretBackendInfo contains information about a secret backend.

type SecretProviderRegistry 

type SecretProviderRegistry func(backendType string) (provider.SecretBackendProvider, error)

SecretProviderRegistry is a function that returns a secret backend provider for the given backend type.

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewService 

func NewService(
	st State, logger logger.Logger,
) *Service

NewService creates a new Service for interacting with the secret backend state.

func (*Service) BackendConfigInfo 

func (s *Service) BackendConfigInfo(
	ctx context.Context, p BackendConfigParams,
) (*provider.ModelBackendConfigInfo, error)

BackendConfigInfo returns the config to create a secret backend for the specified backend IDs. This is called to provide config to a client like a unit agent which needs to access secretService. The accessor is the agent which needs access. The client is expected to be restricted to write only those secretService owned by the agent, and read only those secretService shared with the agent. The result includes config for all relevant backends, including the id of the current active backend.

func (*Service) BackendSummaryInfo 

func (s *Service) BackendSummaryInfo(ctx context.Context, reveal bool, names ...string) ([]*SecretBackendInfo, error)

BackendSummaryInfo returns a summary of the secret backends. If names are specified, just those backends are included, else all.

func (*Service) BackendSummaryInfoForModel 

func (s *Service) BackendSummaryInfoForModel(ctx context.Context, modelUUID coremodel.UUID) ([]*SecretBackendInfo, error)

BackendSummaryInfoForModel returns a summary of the secret backends which contain secrets from the specified model.

func (*Service) CreateSecretBackend 

func (s *Service) CreateSecretBackend(ctx context.Context, backend coresecrets.SecretBackend) error

CreateSecretBackend creates a new secret backend.

func (*Service) DeleteSecretBackend 

func (s *Service) DeleteSecretBackend(ctx context.Context, params DeleteSecretBackendParams) error

DeleteSecretBackend deletes a secret backend.

func (*Service) DrainBackendConfigInfo 

func (s *Service) DrainBackendConfigInfo(
	ctx context.Context, p DrainBackendConfigParams,
) (*provider.ModelBackendConfigInfo, error)

DrainBackendConfigInfo returns the secret backend config for the drain worker to use.

func (*Service) GetRevisionsToDrain 

func (s *Service) GetRevisionsToDrain(ctx context.Context, modelUUID coremodel.UUID, revs []coresecrets.SecretExternalRevision) ([]RevisionInfo, error)

GetRevisionsToDrain looks at the supplied revisions and returns any which should be drained to a different backend for the specified model.

func (*Service) GetSecretBackendConfigForAdmin 

func (s *Service) GetSecretBackendConfigForAdmin(ctx context.Context, modelUUID coremodel.UUID) (*provider.ModelBackendConfigInfo, error)

GetSecretBackendConfigForAdmin returns the secret backend configuration for the given backend ID for an admin user, returning an error satisfying secretbackenderrors.NotFound if the backend is not found.

func (*Service) ListBackendIDs 

func (s *Service) ListBackendIDs(ctx context.Context) ([]string, error)

ListBackendIDs returns the IDs of all the secret backends.

func (*Service) RotateBackendToken 

func (s *Service) RotateBackendToken(ctx context.Context, backendID string) error

RotateBackendToken rotates the token for the given secret backend.

func (*Service) UpdateSecretBackend 

func (s *Service) UpdateSecretBackend(ctx context.Context, params UpdateSecretBackendParams) error

UpdateSecretBackend updates an existing secret backend.

type State 

type State interface {
	CreateSecretBackend(ctx context.Context, params secretbackend.CreateSecretBackendParams) (string, error)
	UpdateSecretBackend(ctx context.Context, params secretbackend.UpdateSecretBackendParams) (string, error)
	DeleteSecretBackend(ctx context.Context, _ secretbackend.BackendIdentifier, deleteInUse bool) error
	GetSecretBackend(context.Context, secretbackend.BackendIdentifier) (*secretbackend.SecretBackend, error)
	ListSecretBackends(ctx context.Context) ([]*secretbackend.SecretBackend, error)
	ListSecretBackendIDs(ctx context.Context) ([]string, error)
	SecretBackendRotated(ctx context.Context, backendID string, next time.Time) error
	SetModelSecretBackend(ctx context.Context, modelUUID coremodel.UUID, secretBackendName string) error

	ListSecretBackendsForModel(ctx context.Context, modelUUID coremodel.UUID, includeEmpty bool) ([]*secretbackend.SecretBackend, error)
	GetModelSecretBackendDetails(ctx context.Context, modelUUID coremodel.UUID) (secretbackend.ModelSecretBackend, error)
	GetModelType(ctx context.Context, modelUUID coremodel.UUID) (coremodel.ModelType, error)

	GetInternalAndActiveBackendUUIDs(ctx context.Context, modelUUID coremodel.UUID) (string, string, error)

	InitialWatchStatementForSecretBackendRotationChanges() (string, string)
	GetSecretBackendRotateChanges(ctx context.Context, backendIDs ...string) ([]watcher.SecretBackendRotateChange, error)
}

State provides methods for working with secret backends.

type UpdateSecretBackendParams 

type UpdateSecretBackendParams struct {
	secretbackend.UpdateSecretBackendParams
	// SkipPing is specified to skip pinging the backend.
	SkipPing bool
	// Reset is a list of configs to reset.
	Reset []string
}

UpdateSecretBackendParams is used to update a secret backend.

type WatchableService 

type WatchableService struct {
	Service
	// contains filtered or unexported fields
}

WatchableService defines a service that can be watched for changes.

func NewWatchableService 

func NewWatchableService(
	st State, logger logger.Logger,
	wf WatcherFactory,
) *WatchableService

NewWatchableService creates a new WatchableService for interacting with the secret backend state and watching for changes.

func (*WatchableService) WatchModelSecretBackendChanged 

func (s *WatchableService) WatchModelSecretBackendChanged(_ context.Context, modelUUID coremodel.UUID) (watcher.NotifyWatcher, error)

WatchSecretBackendChanged notifies when the model secret backend has changed.

func (*WatchableService) WatchSecretBackendRotationChanges 

func (s *WatchableService) WatchSecretBackendRotationChanges(context.Context) (watcher.SecretBackendRotateWatcher, error)

WatchSecretBackendRotationChanges returns a watcher for secret backend rotation changes.

type WatcherFactory 

type WatcherFactory interface {
	// NewNamespaceWatcher returns a new namespace watcher
	// for events based on the input change mask.
	NewNamespaceWatcher(string, changestream.ChangeType, eventsource.NamespaceQuery) (watcher.StringsWatcher, error)

	// NewValueWatcher returns a watcher for a particular change
	// value in a namespace, based on the input change mask.
	NewValueWatcher(namespace, changeValue string, changeMask changestream.ChangeType) (watcher.NotifyWatcher, error)
}

WatcherFactory describes methods for creating watchers.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.