models

package
v1.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 13, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// Secret storage with global scope can be accessed by all projects
	GlobalSecretStorageScope SecretStorageScope = "global"
	// Secret storage with project scope can only be accessed by the project that it belongs to
	ProjectSecretStorageScope SecretStorageScope = "project"

	// InternalSecretStorageType secret storage stores secret in the MLP database
	InternalSecretStorageType SecretStorageType = "internal"
	// VaultSecretStorageType secret storage stores secret in a Vault instance
	VaultSecretStorageType SecretStorageType = "vault"

	// Use gcp authentication method to communicate with Vault
	// https://developer.hashicorp.com/vault/docs/auth/gcp
	GCPAuthMethod AuthMethod = "gcp"
	// Use gce authentication method to communicate with Vault
	// https://developer.hashicorp.com/vault/docs/auth/gcp#gce-login
	GCEGCPAuthType GCPAuthType = "gce"
	// Use iam authentication method to communicate with Vault
	// https://developer.hashicorp.com/vault/docs/auth/gcp#iam-login
	IAMGCPAuthType GCPAuthType = "iam"

	// Use token authentication method to communicate with Vault
	// Only use this method when Vault is running in dev mode
	TokenAuthMethod AuthMethod = "token"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Application

type Application struct {
	ID          ID                 `json:"id"`
	Name        string             `json:"name"`
	Description string             `json:"description"`
	Href        string             `json:"href"`
	IconName    string             `json:"icon" gorm:"column:icon"`
	UseProjects bool               `json:"use_projects"`
	IsInBeta    bool               `json:"is_in_beta"`
	IsDisabled  bool               `json:"is_disabled"`
	Config      *ApplicationConfig `json:"config"`
}

type ApplicationConfig

type ApplicationConfig struct {
	Sections []ApplicationSection `json:"sections"`
}

func (*ApplicationConfig) Scan

func (c *ApplicationConfig) Scan(value interface{}) error

func (ApplicationConfig) Value

func (c ApplicationConfig) Value() (driver.Value, error)

type ApplicationSection

type ApplicationSection struct {
	Name string `json:"name"`
	Href string `json:"href"`
}

func (*ApplicationSection) Scan

func (c *ApplicationSection) Scan(value interface{}) error

func (ApplicationSection) Value

func (c ApplicationSection) Value() (driver.Value, error)

type AuthMethod added in v1.8.0

type AuthMethod string

AuthMethod is the authentication type to be used when communicating with Vault

type CreatedUpdated

type CreatedUpdated struct {
	CreatedAt time.Time `json:"created_at"`
	UpdatedAt time.Time `json:"updated_at"`
}

type GCPAuthType added in v1.8.0

type GCPAuthType string

GCPAuthType is the GCP authentication type to be used when communicating with Vault

type ID

type ID int

func ParseID

func ParseID(id string) (ID, error)

func (ID) String

func (id ID) String() string

type Label

type Label struct {
	Key   string `json:"key"`
	Value string `json:"value"`
}

type Labels

type Labels []Label

func (*Labels) Scan

func (labels *Labels) Scan(value interface{}) error

func (Labels) Value

func (labels Labels) Value() (driver.Value, error)

type Project

type Project struct {
	ID   ID     `json:"id"`
	Name string `json:"name" validate:"required,min=3,max=50,subdomain_rfc1123"`
	// nolint:lll // Next line is 121 characters (lll)
	MLFlowTrackingURL string         `json:"mlflow_tracking_url" gorm:"column:mlflow_tracking_url" validate:"omitempty,url"`
	Administrators    pq.StringArray `json:"administrators" gorm:"column:administrators;type:varchar(256)[]"`
	Readers           pq.StringArray `json:"readers" gorm:"column:readers;type:varchar(256)[]"`
	Team              string         `json:"team" validate:"required,min=1,max=64"`
	Stream            string         `json:"stream" validate:"required,min=1,max=64"`
	Labels            Labels         `json:"labels,omitempty" gorm:"column:labels"`
	CreatedUpdated
}

type Secret

type Secret struct {
	// ID is the unique identifier of the secret
	ID ID `json:"id"`
	// ProjectID is the unique identifier of the project
	ProjectID ID `json:"project_id"`
	// Project is the project of the secret
	Project *Project `json:"-"`
	// Name is the name of the secret
	Name string `json:"name"`
	// Data is secret value
	Data string `json:"data"`
	// SecretStorageID is the unique identifier of the secret storage for storing the secret
	SecretStorageID *ID `json:"secret_storage_id,omitempty"`
	// SecretStorage is the secret storage for storing the secret
	SecretStorage *SecretStorage `json:"secret_storage,omitempty"`
	// CreatedUpdated is the timestamp of the secret creation and update
	CreatedUpdated
}

Secret represents user defined secret

func (*Secret) CopyValueFrom

func (s *Secret) CopyValueFrom(secret *Secret)

func (*Secret) DecryptData

func (s *Secret) DecryptData(passphrase string) (*Secret, error)

func (*Secret) EncryptData

func (s *Secret) EncryptData(passphrase string) (*Secret, error)

func (*Secret) IsValidForInsertion

func (s *Secret) IsValidForInsertion() bool

func (*Secret) IsValidForMutation

func (s *Secret) IsValidForMutation() bool

type SecretStorage added in v1.8.0

type SecretStorage struct {
	// ID is the unique identifier of the secret storage
	ID ID `json:"id"`
	// Name is the name of the secret storage
	Name string `json:"name"`
	// Type is the type of the secret storage
	Type SecretStorageType `json:"type"`
	// Scope of the secret storage, it can be either "global" or "project"
	Scope SecretStorageScope `json:"scope"`
	// ProjectID is the ID of the project that the secret storage belongs to when the scope is "project"
	ProjectID *ID `json:"project_id,omitempty"`
	// Project is the project that the secret storage belongs to when the scope is "project"
	Project *Project `json:"-"`
	// Config is type-specific secret storage configuration
	Config SecretStorageConfig `json:"config,omitempty"`
	// CreatedUpdated is the timestamp of the creation and last update of the secret storage
	CreatedUpdated
}

SecretStorage represents the external secret storage service for storing a secret

func (*SecretStorage) MergeValue added in v1.8.0

func (s *SecretStorage) MergeValue(other *SecretStorage) error

func (*SecretStorage) ValidateForCreation added in v1.8.0

func (s *SecretStorage) ValidateForCreation() error

func (*SecretStorage) ValidateForMutation added in v1.8.0

func (s *SecretStorage) ValidateForMutation() error

type SecretStorageConfig added in v1.8.0

type SecretStorageConfig struct {
	// VaultConfig is the configuration of the Vault secret storage.
	// This field is populated when the type is "vault"
	VaultConfig *VaultConfig `json:"vault_config,omitempty"`
}

func (*SecretStorageConfig) Scan added in v1.8.0

func (c *SecretStorageConfig) Scan(value interface{}) error

func (SecretStorageConfig) Value added in v1.8.0

func (c SecretStorageConfig) Value() (driver.Value, error)

type SecretStorageScope added in v1.8.0

type SecretStorageScope string

SecretStorageScope is the scope of the secret storage

type SecretStorageType added in v1.8.0

type SecretStorageType string

SecretStorageType is the type of the secret storage

type VaultConfig added in v1.8.0

type VaultConfig struct {
	// Vault URL
	URL string `json:"url"`
	// Role to be used when communicating with Vault
	Role string `json:"role"`
	// MountPath is the path of the secret storage in Vault
	MountPath string `json:"mount_path"`
	// PathPrefix is the prefix of the path of the secret in Vault
	PathPrefix string `json:"path_prefix"`
	// AuthMethod is the authentication method to be used when communicating with Vault
	AuthMethod AuthMethod `json:"auth_method"`
	// GCPAuthType is the GCP authentication type to be used when communicating with Vault.
	// The value can be either "iam" or "gce"
	GCPAuthType GCPAuthType `json:"gcp_auth_type,omitempty"`
	// Token is the token to be used when communicating with Vault
	// This field is only used when the auth method is "token"
	// Only use this method when Vault is running in dev mode
	Token string `json:"token,omitempty"`
	// ServiceAccountEmail is the service account email to be used when communicating with Vault
	// This field is only used when the AuthMethod is "gcp" and GCPAuthType is "iam"
	ServiceAccountEmail string `json:"service_account_email"`
}

VaultConfig is the configuration of the Vault secret storage

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL