v1

package
v0.89.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 8, 2024 License: Apache-2.0 Imports: 23 Imported by: 7

Documentation

Overview

Package v1 is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Package v1 contains the API of Crypto services.

Index

Constants

View Source
const (

	// EventTypeCACertificateCreated is the type of event fired after a CA certificate has been created
	// SubjectID contains the ID of the CA certificate.
	EventTypeCACertificateCreated = "crypto.cacertificate.created"
	// EventTypeCACertificateUpdated is the type of event fired after a CA certificate has been updated
	// SubjectID contains the ID of the CA certificate.
	EventTypeCACertificateUpdated = "crypto.cacertificate.updated"
	// EventTypeCACertificateDeleted is the type of event fired after a CA certificate has been (marked for) deleted
	// SubjectID contains the ID of the CA certificate.
	EventTypeCACertificateDeleted = "crypto.cacertificate.deleted"
)
View Source
const (

	// PermissionCACertificateList is needed for listing CA certificates in a project
	PermissionCACertificateList = "crypto.cacertificate.list"
	// PermissionCACertificateGet is needed for fetching an individual CA certificates in a project
	PermissionCACertificateGet = "crypto.cacertificate.get"
	// PermissionCACertificateCreate is needed for create a CA certificate
	PermissionCACertificateCreate = "crypto.cacertificate.create"
	// PermissionCACertificateClone is needed for cloning a CA certificate
	PermissionCACertificateClone = "crypto.cacertificate.clone"
	// PermissionCACertificateUpdate is needed for updating a CA certificate
	PermissionCACertificateUpdate = "crypto.cacertificate.update"
	// PermissionCACertificateDelete is needed for deleting a CA certificate
	PermissionCACertificateDelete = "crypto.cacertificate.delete"
	// PermissionCACertificateSetDefault is needed for setting a CA certificate as default
	PermissionCACertificateSetDefault = "crypto.cacertificate.set-default"
)
View Source
const (
	// APIID contains identifier of this API
	APIID = "crypto/v1"
	// APIMajorVersion contains major version of this API
	APIMajorVersion = 1
	// APIMinorVersion contains minor version of this API
	APIMinorVersion = 4
	// APIPatchVersion contains patch version of this API
	APIPatchVersion = 0
)
View Source
const (
	// KindCACertificate is a constants for the kind of CACertificate resources.
	KindCACertificate = "CACertificate"
)

Variables

View Source
var File_crypto_proto protoreflect.FileDescriptor

Functions

func CACertificateURL

func CACertificateURL(organizationID, projectID, cacertID string) string

CACertificateURL creates a resource URL for the CACertificate with given ID in given context.

func ForEachCACertificate

func ForEachCACertificate(ctx context.Context, listFunc func(ctx context.Context, req *common.ListOptions) (*CACertificateList, error),
	opts *common.ListOptions, cb CACertificateCallback) error

ForEachCACertificate iterates over all CA certificates in the project identified by the given context ID, invoking the given callback for each certificate.

func RegisterCryptoServiceHandler

func RegisterCryptoServiceHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterCryptoServiceHandler registers the http handlers for service CryptoService to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterCryptoServiceHandlerClient

func RegisterCryptoServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client CryptoServiceClient) error

RegisterCryptoServiceHandlerClient registers the http handlers for service CryptoService to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "CryptoServiceClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "CryptoServiceClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "CryptoServiceClient" to call the correct interceptors.

func RegisterCryptoServiceHandlerFromEndpoint

func RegisterCryptoServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterCryptoServiceHandlerFromEndpoint is same as RegisterCryptoServiceHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterCryptoServiceHandlerServer

func RegisterCryptoServiceHandlerServer(ctx context.Context, mux *runtime.ServeMux, server CryptoServiceServer) error

RegisterCryptoServiceHandlerServer registers the http handlers for service CryptoService to "mux". UnaryRPC :call CryptoServiceServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterCryptoServiceHandlerFromEndpoint instead.

func RegisterCryptoServiceServer

func RegisterCryptoServiceServer(s *grpc.Server, srv CryptoServiceServer)

Types

type CACertificate

type CACertificate struct {

	// System identifier of the CA certificate.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// URL of this resource
	// This is a read-only value.
	Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"`
	// Name of the CA certificate
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Description of the CA certificate
	Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"`
	// Identifier of the project that owns this CA certificate.
	// This value cannot be changed after creation.
	ProjectId string `protobuf:"bytes,5,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty"`
	// Time from creation of the CA certificate to expiration.
	// This value cannot be changed after creation.
	Lifetime *durationpb.Duration `protobuf:"bytes,6,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// The creation timestamp of the CA certificate
	// This is a read-only value.
	CreatedAt *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The deletion timestamp of the CA certificate
	// This is a read-only value.
	DeletedAt *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// The expiration timestamp of the CA certificate
	// This is a read-only value.
	ExpiresAt *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// A PEM encoded representation of the public key of the CA certificate.
	// This is a read-only value.
	CertificatePem string `protobuf:"bytes,10,opt,name=certificate_pem,json=certificatePem,proto3" json:"certificate_pem,omitempty"`
	// Set when this CA certificate is deleted.
	// This is a read-only value.
	IsDeleted bool `protobuf:"varint,11,opt,name=is_deleted,json=isDeleted,proto3" json:"is_deleted,omitempty"`
	// Set when this CA certificate has expired.
	// This is a read-only value.
	IsExpired bool `protobuf:"varint,12,opt,name=is_expired,json=isExpired,proto3" json:"is_expired,omitempty"`
	// Set when this CA certificate will expire in the next month.
	// This is a read-only value.
	WillExpireSoon bool `protobuf:"varint,13,opt,name=will_expire_soon,json=willExpireSoon,proto3" json:"will_expire_soon,omitempty"`
	// Set when this certificate is the default in its project.
	// This is a read-only value.
	IsDefault bool `protobuf:"varint,14,opt,name=is_default,json=isDefault,proto3" json:"is_default,omitempty"`
	// When enabled, deployments using this certificate use a well known TLS certificate on the 8529 port.
	// The self-signed certificates is always hosted on port 18529.
	UseWellKnownCertificate bool `` /* 136-byte string literal not displayed */
	// If set, this certificate cannot be deleted.
	// To delete, first update the with locked set to false.
	Locked bool `protobuf:"varint,16,opt,name=locked,proto3" json:"locked,omitempty"`
	// Set when this CA certificate will expire in the next 48 hours.
	// This is a read-only value.
	RotationNeeded bool `protobuf:"varint,17,opt,name=rotation_needed,json=rotationNeeded,proto3" json:"rotation_needed,omitempty"`
	// If set, contains the ID of a CA certificate from which this certificate was cloned.
	// This is a read-only value.
	ClonedFromId string `protobuf:"bytes,18,opt,name=cloned_from_id,json=clonedFromId,proto3" json:"cloned_from_id,omitempty"`
	// contains filtered or unexported fields
}

A CACertificate is represents a self-signed certificate authority used to sign TLS certificates for deployments & client authentication.

func (*CACertificate) Descriptor deprecated

func (*CACertificate) Descriptor() ([]byte, []int)

Deprecated: Use CACertificate.ProtoReflect.Descriptor instead.

func (*CACertificate) GetCertificatePem

func (x *CACertificate) GetCertificatePem() string

func (*CACertificate) GetClonedFromId added in v0.50.11

func (x *CACertificate) GetClonedFromId() string

func (*CACertificate) GetCreatedAt

func (x *CACertificate) GetCreatedAt() *timestamppb.Timestamp

func (*CACertificate) GetDeletedAt

func (x *CACertificate) GetDeletedAt() *timestamppb.Timestamp

func (*CACertificate) GetDescription

func (x *CACertificate) GetDescription() string

func (*CACertificate) GetExpiresAt

func (x *CACertificate) GetExpiresAt() *timestamppb.Timestamp

func (*CACertificate) GetId

func (x *CACertificate) GetId() string

func (*CACertificate) GetIsDefault

func (x *CACertificate) GetIsDefault() bool

func (*CACertificate) GetIsDeleted

func (x *CACertificate) GetIsDeleted() bool

func (*CACertificate) GetIsExpired

func (x *CACertificate) GetIsExpired() bool

func (*CACertificate) GetLifetime

func (x *CACertificate) GetLifetime() *durationpb.Duration

func (*CACertificate) GetLocked added in v0.47.0

func (x *CACertificate) GetLocked() bool

func (*CACertificate) GetName

func (x *CACertificate) GetName() string

func (*CACertificate) GetProjectId

func (x *CACertificate) GetProjectId() string

func (*CACertificate) GetRotationNeeded added in v0.50.9

func (x *CACertificate) GetRotationNeeded() bool

func (*CACertificate) GetUrl

func (x *CACertificate) GetUrl() string

func (*CACertificate) GetUseWellKnownCertificate

func (x *CACertificate) GetUseWellKnownCertificate() bool

func (*CACertificate) GetWillExpireSoon

func (x *CACertificate) GetWillExpireSoon() bool

func (*CACertificate) ProtoMessage

func (*CACertificate) ProtoMessage()

func (*CACertificate) ProtoReflect added in v0.89.0

func (x *CACertificate) ProtoReflect() protoreflect.Message

func (*CACertificate) Reset

func (x *CACertificate) Reset()

func (*CACertificate) String

func (x *CACertificate) String() string

type CACertificateCallback

type CACertificateCallback func(context.Context, *CACertificate) error

CACertificateCallback is a callback for individual certificates.

type CACertificateInstructions

type CACertificateInstructions struct {

	// Per platform instructions for install/uninstall of the CA certificate
	Platforms []*CACertificateInstructions_PlatformInstructions `protobuf:"bytes,1,rep,name=platforms,proto3" json:"platforms,omitempty"`
	// contains filtered or unexported fields
}

Instructions for installing & uninstalling CA certificates

func (*CACertificateInstructions) Descriptor deprecated

func (*CACertificateInstructions) Descriptor() ([]byte, []int)

Deprecated: Use CACertificateInstructions.ProtoReflect.Descriptor instead.

func (*CACertificateInstructions) GetPlatforms

func (*CACertificateInstructions) ProtoMessage

func (*CACertificateInstructions) ProtoMessage()

func (*CACertificateInstructions) ProtoReflect added in v0.89.0

func (*CACertificateInstructions) Reset

func (x *CACertificateInstructions) Reset()

func (*CACertificateInstructions) String

func (x *CACertificateInstructions) String() string

type CACertificateInstructions_PlatformInstructions

type CACertificateInstructions_PlatformInstructions struct {

	// Human readable description of platform.
	// E.g. "MacOS"
	Platform string `protobuf:"bytes,1,opt,name=platform,proto3" json:"platform,omitempty"`
	// Steps needed to install
	InstallSteps []string `protobuf:"bytes,2,rep,name=install_steps,json=installSteps,proto3" json:"install_steps,omitempty"`
	// Steps needed to uninstall
	UninstallSteps []string `protobuf:"bytes,3,rep,name=uninstall_steps,json=uninstallSteps,proto3" json:"uninstall_steps,omitempty"`
	// contains filtered or unexported fields
}

Instructions for a specific platform

func (*CACertificateInstructions_PlatformInstructions) Descriptor deprecated

Deprecated: Use CACertificateInstructions_PlatformInstructions.ProtoReflect.Descriptor instead.

func (*CACertificateInstructions_PlatformInstructions) GetInstallSteps

func (*CACertificateInstructions_PlatformInstructions) GetPlatform

func (*CACertificateInstructions_PlatformInstructions) GetUninstallSteps

func (x *CACertificateInstructions_PlatformInstructions) GetUninstallSteps() []string

func (*CACertificateInstructions_PlatformInstructions) ProtoMessage

func (*CACertificateInstructions_PlatformInstructions) ProtoReflect added in v0.89.0

func (*CACertificateInstructions_PlatformInstructions) Reset

func (*CACertificateInstructions_PlatformInstructions) String

type CACertificateList

type CACertificateList struct {
	Items []*CACertificate `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	// contains filtered or unexported fields
}

List of CACertificates.

func (*CACertificateList) Descriptor deprecated

func (*CACertificateList) Descriptor() ([]byte, []int)

Deprecated: Use CACertificateList.ProtoReflect.Descriptor instead.

func (*CACertificateList) GetItems

func (x *CACertificateList) GetItems() []*CACertificate

func (*CACertificateList) ProtoMessage

func (*CACertificateList) ProtoMessage()

func (*CACertificateList) ProtoReflect added in v0.89.0

func (x *CACertificateList) ProtoReflect() protoreflect.Message

func (*CACertificateList) Reset

func (x *CACertificateList) Reset()

func (*CACertificateList) String

func (x *CACertificateList) String() string

type CryptoServiceClient

type CryptoServiceClient interface {
	// Get the current API version of this service.
	// Required permissions:
	// - None
	GetAPIVersion(ctx context.Context, in *v1.Empty, opts ...grpc.CallOption) (*v1.Version, error)
	// Fetch all CA certificates in the project identified by the given context ID.
	// Required permissions:
	// - crypto.cacertificate.list on the project identified by the given context ID
	ListCACertificates(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*CACertificateList, error)
	// Fetch all CA certificates in the project identified by the given project ID
	// that match the given filter.
	// Required permissions:
	// - crypto.cacertificate.list on the project identified by the given context ID
	ListCACertificatesWithFilter(ctx context.Context, in *ListCACertificatesRequest, opts ...grpc.CallOption) (*CACertificateList, error)
	// Fetch a CA certificate by its id.
	// Required permissions:
	// - crypto.cacertificate.get on the CA certificate identified by the given ID
	GetCACertificate(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*CACertificate, error)
	// Fetch instructions for installing & unistalling a CA certificate identified by its id
	// on various platforms.
	// Required permissions:
	// - crypto.cacertificate.get on the CA certificate identified by the given ID
	GetCACertificateInstructions(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*CACertificateInstructions, error)
	// Create a new CA certificate
	// Required permissions:
	// - crypto.cacertificate.create on the project that owns the CA certificate
	CreateCACertificate(ctx context.Context, in *CACertificate, opts ...grpc.CallOption) (*CACertificate, error)
	// Clone a CA certificate identified by given id.
	// Required permissions:
	// - crypto.cacertificate.clone on the project that owns the CA certificate identified by the given ID
	CloneCACertificate(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*CACertificate, error)
	// Update a CA certificate
	// Required permissions:
	// - crypto.cacertificate.update on the CA certificate
	UpdateCACertificate(ctx context.Context, in *CACertificate, opts ...grpc.CallOption) (*CACertificate, error)
	// Delete a CA certificate
	// Note that CA certificate are initially only marked for deleted.
	// Once all the resources that depend on it are removed the CA certificate itself is deleted
	// and cannot be restored.
	// Required permissions:
	// - crypto.cacertificate.delete on the CA certificate
	DeleteCACertificate(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// Mark the given CA certificate as default for its containing project.
	// Required permissions:
	// - crypto.cacertificate.set-default on the project that owns the certificate.
	SetDefaultCACertificate(ctx context.Context, in *CACertificate, opts ...grpc.CallOption) (*v1.Empty, error)
}

CryptoServiceClient is the client API for CryptoService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

type CryptoServiceServer

type CryptoServiceServer interface {
	// Get the current API version of this service.
	// Required permissions:
	// - None
	GetAPIVersion(context.Context, *v1.Empty) (*v1.Version, error)
	// Fetch all CA certificates in the project identified by the given context ID.
	// Required permissions:
	// - crypto.cacertificate.list on the project identified by the given context ID
	ListCACertificates(context.Context, *v1.ListOptions) (*CACertificateList, error)
	// Fetch all CA certificates in the project identified by the given project ID
	// that match the given filter.
	// Required permissions:
	// - crypto.cacertificate.list on the project identified by the given context ID
	ListCACertificatesWithFilter(context.Context, *ListCACertificatesRequest) (*CACertificateList, error)
	// Fetch a CA certificate by its id.
	// Required permissions:
	// - crypto.cacertificate.get on the CA certificate identified by the given ID
	GetCACertificate(context.Context, *v1.IDOptions) (*CACertificate, error)
	// Fetch instructions for installing & unistalling a CA certificate identified by its id
	// on various platforms.
	// Required permissions:
	// - crypto.cacertificate.get on the CA certificate identified by the given ID
	GetCACertificateInstructions(context.Context, *v1.IDOptions) (*CACertificateInstructions, error)
	// Create a new CA certificate
	// Required permissions:
	// - crypto.cacertificate.create on the project that owns the CA certificate
	CreateCACertificate(context.Context, *CACertificate) (*CACertificate, error)
	// Clone a CA certificate identified by given id.
	// Required permissions:
	// - crypto.cacertificate.clone on the project that owns the CA certificate identified by the given ID
	CloneCACertificate(context.Context, *v1.IDOptions) (*CACertificate, error)
	// Update a CA certificate
	// Required permissions:
	// - crypto.cacertificate.update on the CA certificate
	UpdateCACertificate(context.Context, *CACertificate) (*CACertificate, error)
	// Delete a CA certificate
	// Note that CA certificate are initially only marked for deleted.
	// Once all the resources that depend on it are removed the CA certificate itself is deleted
	// and cannot be restored.
	// Required permissions:
	// - crypto.cacertificate.delete on the CA certificate
	DeleteCACertificate(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// Mark the given CA certificate as default for its containing project.
	// Required permissions:
	// - crypto.cacertificate.set-default on the project that owns the certificate.
	SetDefaultCACertificate(context.Context, *CACertificate) (*v1.Empty, error)
}

CryptoServiceServer is the server API for CryptoService service.

type ListCACertificatesRequest added in v0.50.11

type ListCACertificatesRequest struct {

	// Common list options.
	// Context_id is ignored.
	Options *v1.ListOptions `protobuf:"bytes,1,opt,name=options,proto3" json:"options,omitempty"`
	// Required ID of project to list certificates for.
	ProjectId string `protobuf:"bytes,2,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty"`
	// If set, include only certificates that were cloned from the certificate
	// with this ID.
	ClonedFromId string `protobuf:"bytes,10,opt,name=cloned_from_id,json=clonedFromId,proto3" json:"cloned_from_id,omitempty"`
	// contains filtered or unexported fields
}

Request arguments for ListCACertificatesWithFilter.

func (*ListCACertificatesRequest) Descriptor deprecated added in v0.50.11

func (*ListCACertificatesRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListCACertificatesRequest.ProtoReflect.Descriptor instead.

func (*ListCACertificatesRequest) GetClonedFromId added in v0.50.11

func (x *ListCACertificatesRequest) GetClonedFromId() string

func (*ListCACertificatesRequest) GetOptions added in v0.50.11

func (x *ListCACertificatesRequest) GetOptions() *v1.ListOptions

func (*ListCACertificatesRequest) GetProjectId added in v0.50.11

func (x *ListCACertificatesRequest) GetProjectId() string

func (*ListCACertificatesRequest) ProtoMessage added in v0.50.11

func (*ListCACertificatesRequest) ProtoMessage()

func (*ListCACertificatesRequest) ProtoReflect added in v0.89.0

func (*ListCACertificatesRequest) Reset added in v0.50.11

func (x *ListCACertificatesRequest) Reset()

func (*ListCACertificatesRequest) String added in v0.50.11

func (x *ListCACertificatesRequest) String() string

type UnimplementedCryptoServiceServer

type UnimplementedCryptoServiceServer struct {
}

UnimplementedCryptoServiceServer can be embedded to have forward compatible implementations.

func (*UnimplementedCryptoServiceServer) CloneCACertificate added in v0.50.11

func (*UnimplementedCryptoServiceServer) CreateCACertificate

func (*UnimplementedCryptoServiceServer) DeleteCACertificate

func (*UnimplementedCryptoServiceServer) GetAPIVersion

func (*UnimplementedCryptoServiceServer) GetCACertificate

func (*UnimplementedCryptoServiceServer) GetCACertificateInstructions

func (*UnimplementedCryptoServiceServer) ListCACertificates

func (*UnimplementedCryptoServiceServer) ListCACertificatesWithFilter added in v0.50.11

func (*UnimplementedCryptoServiceServer) SetDefaultCACertificate

func (*UnimplementedCryptoServiceServer) UpdateCACertificate

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL