Documentation ¶
Index ¶
- Constants
- Variables
- func NewStore(ctx context.Context, conf *Conf) (storage.BinaryStore, error)
- type Bundle
- func (b *Bundle) Close() error
- func (b *Bundle) GetFirstMatch(_ context.Context, candidates []namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
- func (b *Bundle) InspectPolicies(ctx context.Context, listParams storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
- func (b *Bundle) ListPolicyIDs(_ context.Context, _ storage.ListPolicyIDsParams) ([]string, error)
- func (b *Bundle) ListSchemaIDs(_ context.Context) ([]string, error)
- func (b *Bundle) LoadSchema(_ context.Context, path string) (io.ReadCloser, error)
- func (b *Bundle) Release() error
- type CloudAPIClient
- type Conf
- type HybridStore
- func (hs *HybridStore) Close() (outErr error)
- func (*HybridStore) Driver() string
- func (hs *HybridStore) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
- func (hs *HybridStore) InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
- func (hs *HybridStore) ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) ([]string, error)
- func (hs *HybridStore) ListSchemaIDs(ctx context.Context) ([]string, error)
- func (hs *HybridStore) LoadSchema(ctx context.Context, id string) (io.ReadCloser, error)
- func (hs *HybridStore) SourceKind() string
- type LocalParams
- type LocalSource
- func (ls *LocalSource) Close() error
- func (ls *LocalSource) Driver() string
- func (ls *LocalSource) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (ps *runtimev1.RunnablePolicySet, err error)
- func (ls *LocalSource) InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
- func (ls *LocalSource) ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) (ids []string, err error)
- func (ls *LocalSource) ListSchemaIDs(ctx context.Context) (ids []string, err error)
- func (ls *LocalSource) LoadSchema(ctx context.Context, id string) (schema io.ReadCloser, err error)
- func (ls *LocalSource) Reload(_ context.Context) error
- func (ls *LocalSource) SourceKind() string
- type LocalSourceConf
- type OpenOpts
- type RemoteSource
- func (s *RemoteSource) Close() error
- func (s *RemoteSource) Driver() string
- func (s *RemoteSource) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
- func (s *RemoteSource) Init(ctx context.Context) error
- func (s *RemoteSource) InitWithClient(ctx context.Context, client CloudAPIClient) error
- func (s *RemoteSource) InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
- func (s *RemoteSource) IsHealthy() bool
- func (s *RemoteSource) ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) ([]string, error)
- func (s *RemoteSource) ListSchemaIDs(ctx context.Context) ([]string, error)
- func (s *RemoteSource) LoadSchema(ctx context.Context, id string) (io.ReadCloser, error)
- func (s *RemoteSource) Reload(ctx context.Context) error
- func (s *RemoteSource) SourceKind() string
- type RemoteSourceConf
- type Source
Constants ¶
View Source
const DriverName = "hub"
Variables ¶
View Source
var ErrBundleNotLoaded = errors.New("bundle not loaded yet")
View Source
var ErrNoSource = errors.New("at least one of local or remote sources must be defined")
Functions ¶
Types ¶
type Bundle ¶
type Bundle struct {
// contains filtered or unexported fields
}
func (*Bundle) GetFirstMatch ¶
func (*Bundle) InspectPolicies ¶
func (b *Bundle) InspectPolicies(ctx context.Context, listParams storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
func (*Bundle) ListPolicyIDs ¶
func (*Bundle) LoadSchema ¶
type CloudAPIClient ¶
type Conf ¶
type Conf struct { // Remote holds configuration for remote bundle source. Takes precedence over local if both are defined. Remote *RemoteSourceConf `yaml:"remote"` // Local holds configuration for local bundle source. Local *LocalSourceConf `yaml:"local"` // Credentials holds Cerbos Hub credentials. Credentials *hub.CredentialsConf `yaml:"credentials" conf:",ignore"` // CacheSize defines the number of policies to cache in memory. CacheSize uint `yaml:"cacheSize" conf:",example=1024"` }
Conf is required (if driver is set to 'hub') configuration for hub storage driver. +desc=This section is required only if storage.driver is hub.
func (*Conf) SetDefaults ¶
func (conf *Conf) SetDefaults()
type HybridStore ¶
type HybridStore struct {
// contains filtered or unexported fields
}
func (*HybridStore) Close ¶
func (hs *HybridStore) Close() (outErr error)
func (*HybridStore) Driver ¶
func (*HybridStore) Driver() string
func (*HybridStore) GetFirstMatch ¶
func (hs *HybridStore) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
func (*HybridStore) InspectPolicies ¶
func (hs *HybridStore) InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
func (*HybridStore) ListPolicyIDs ¶
func (hs *HybridStore) ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) ([]string, error)
func (*HybridStore) ListSchemaIDs ¶
func (hs *HybridStore) ListSchemaIDs(ctx context.Context) ([]string, error)
func (*HybridStore) LoadSchema ¶
func (hs *HybridStore) LoadSchema(ctx context.Context, id string) (io.ReadCloser, error)
func (*HybridStore) SourceKind ¶
func (hs *HybridStore) SourceKind() string
type LocalParams ¶
type LocalSource ¶
type LocalSource struct {
// contains filtered or unexported fields
}
LocalSource loads a bundle from local disk.
func NewLocalSource ¶
func NewLocalSource(params LocalParams) (*LocalSource, error)
func NewLocalSourceFromConf ¶
func NewLocalSourceFromConf(_ context.Context, conf *Conf) (*LocalSource, error)
func (*LocalSource) Close ¶
func (ls *LocalSource) Close() error
func (*LocalSource) Driver ¶
func (ls *LocalSource) Driver() string
func (*LocalSource) GetFirstMatch ¶
func (ls *LocalSource) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (ps *runtimev1.RunnablePolicySet, err error)
func (*LocalSource) InspectPolicies ¶
func (ls *LocalSource) InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
func (*LocalSource) ListPolicyIDs ¶
func (ls *LocalSource) ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) (ids []string, err error)
func (*LocalSource) ListSchemaIDs ¶
func (ls *LocalSource) ListSchemaIDs(ctx context.Context) (ids []string, err error)
func (*LocalSource) LoadSchema ¶
func (ls *LocalSource) LoadSchema(ctx context.Context, id string) (schema io.ReadCloser, err error)
func (*LocalSource) SourceKind ¶
func (ls *LocalSource) SourceKind() string
type LocalSourceConf ¶
type LocalSourceConf struct { // BundlePath is the full path to the local bundle file. BundlePath string `yaml:"bundlePath" conf:"required,example=/path/to/bundle.crbp"` // TempDir is the directory to use for temporary files. TempDir string `yaml:"tempDir" conf:",example=${TEMP}"` }
LocalSourceConf holds configuration for local bundle store.
type OpenOpts ¶
type OpenOpts struct { Credentials *credentials.Credentials ScratchFS afero.Fs BundlePath string Source string CacheSize uint }
type RemoteSource ¶
type RemoteSource struct {
// contains filtered or unexported fields
}
RemoteSource implements a bundle store that loads bundles from a remote source.
func NewRemoteSource ¶
func NewRemoteSource(conf *Conf) (*RemoteSource, error)
func (*RemoteSource) Close ¶
func (s *RemoteSource) Close() error
func (*RemoteSource) Driver ¶
func (s *RemoteSource) Driver() string
func (*RemoteSource) GetFirstMatch ¶
func (s *RemoteSource) GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (*runtimev1.RunnablePolicySet, error)
func (*RemoteSource) InitWithClient ¶
func (s *RemoteSource) InitWithClient(ctx context.Context, client CloudAPIClient) error
func (*RemoteSource) InspectPolicies ¶
func (s *RemoteSource) InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
func (*RemoteSource) IsHealthy ¶
func (s *RemoteSource) IsHealthy() bool
func (*RemoteSource) ListPolicyIDs ¶
func (s *RemoteSource) ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) ([]string, error)
func (*RemoteSource) ListSchemaIDs ¶
func (s *RemoteSource) ListSchemaIDs(ctx context.Context) ([]string, error)
func (*RemoteSource) LoadSchema ¶
func (s *RemoteSource) LoadSchema(ctx context.Context, id string) (io.ReadCloser, error)
func (*RemoteSource) SourceKind ¶
func (s *RemoteSource) SourceKind() string
type RemoteSourceConf ¶
type RemoteSourceConf struct { // Connection defines settings for the remote server connection. Connection *hub.ConnectionConf `yaml:"connection" conf:",ignore"` // BundleLabel to fetch from the server. BundleLabel string `yaml:"bundleLabel" conf:"required,example=latest"` // CacheDir is the directory to use for caching downloaded bundles. CacheDir string `yaml:"cacheDir" conf:",example=${XDG_CACHE_DIR}"` // TempDir is the directory to use for temporary files. TempDir string `yaml:"tempDir" conf:",example=${TEMP}"` // DisableAutoUpdate sets whether new bundles should be automatically downloaded and applied. DisableAutoUpdate bool `yaml:"disableAutoUpdate"` }
RemoteSourceConf holds configuration for remote bundle store.
Click to show internal directories.
Click to hide internal directories.