Documentation
¶
Index ¶
Examples ¶
Constants ¶
View Source
const ( ContainerRepoEnvVar = "CERBOS_TEST_CONTAINER_REPO" ContainerTagEnvVar = "CERBOS_TEST_CONTAINER_TAG" DebugEnvVar = "CERBOS_TEST_DEBUG" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CerbosServerInstance ¶
type CerbosServerInstance struct {
Stop func() error
Host string
GRPCPort string
HTTPPort string
// contains filtered or unexported fields
}
func LaunchCerbosServer ¶
func LaunchCerbosServer(ctx context.Context, launchConf LaunchConf) (*CerbosServerInstance, error)
LaunchCerbosServer is a utility method to start a Cerbos server and wait for it be ready.
Example ¶
package main
import (
"context"
"fmt"
"log"
"time"
"github.com/cerbos/cerbos-sdk-go/cerbos"
"github.com/cerbos/cerbos-sdk-go/testutil"
)
func main() {
// Configure Cerbos with the SQLite storage driver
conf := testutil.LaunchConf{
Cmd: []string{
"server",
"--set=storage.driver=sqlite3",
"--set=storage.sqlite3.dsn=:mem:?_fk=true",
},
Env: []string{
"CERBOS_LOG_LEVEL=error",
},
}
// Set timeout for launching the server
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
s, err := testutil.LaunchCerbosServer(ctx, conf)
if err != nil {
log.Fatalf("Failed to launch Cerbos server: %v", err)
}
defer s.Stop()
c, err := cerbos.New("passthrough:///"+s.GRPCAddr(), cerbos.WithPlaintext())
if err != nil {
log.Fatalf("Failed to create Cerbos client: %v", err)
}
allowed, err := c.IsAllowed(context.TODO(),
cerbos.NewPrincipal("john").
WithRoles("employee", "manager").
WithAttr("department", "marketing").
WithAttr("geography", "GB"),
cerbos.NewResource("leave_request", "XX125").
WithAttributes(map[string]any{
"department": "marketing",
"geography": "GB",
"owner": "harry",
"status": "DRAFT",
}),
"view",
)
if err != nil {
log.Fatalf("API request failed: %v", err)
}
fmt.Println(allowed)
}
Output: false
func (*CerbosServerInstance) GRPCAddr ¶
func (csi *CerbosServerInstance) GRPCAddr() string
func (*CerbosServerInstance) HTTPAddr ¶
func (csi *CerbosServerInstance) HTTPAddr() string
func (*CerbosServerInstance) IsHealthy ¶
func (csi *CerbosServerInstance) IsHealthy() (bool, error)
func (*CerbosServerInstance) WaitForReady ¶
func (csi *CerbosServerInstance) WaitForReady(ctx context.Context) error
type CerbosServerLauncher ¶
type CerbosServerLauncher struct {
// contains filtered or unexported fields
}
func NewCerbosServerLauncher ¶
func NewCerbosServerLauncher() (*CerbosServerLauncher, error)
NewCerbosServerLauncher creates a launcher for Cerbos containers. By default it launches ghcr.io/cerbos/cerbos:latest. The image and/or tag can be overridden with environment variables. CERBOS_TEST_CONTAINER_REPO overrides the default container image repository. CERBOS_TEST_CONTAINER_TAG overrides the default container tag. CERBOS_TEST_DEBUG if set to true, configures the launcher to output container logs to stdout and stderr.
func NewCerbosServerLauncherFromImage ¶
func NewCerbosServerLauncherFromImage(repo, tag string) (*CerbosServerLauncher, error)
func (*CerbosServerLauncher) Launch ¶
func (csl *CerbosServerLauncher) Launch(conf LaunchConf) (*CerbosServerInstance, error)
Source Files
Click to show internal directories.
Click to hide internal directories.