Documentation
¶
Index ¶
- Variables
- type Config
- type Storage
- func (s *Storage) Delete(ctx context.Context, key string) error
- func (s *Storage) Exists(ctx context.Context, key string) bool
- func (s *Storage) List(ctx context.Context, prefix string, recursive bool) ([]string, error)
- func (s *Storage) Load(ctx context.Context, key string) ([]byte, error)
- func (s *Storage) Lock(ctx context.Context, key string) error
- func (s *Storage) Stat(ctx context.Context, key string) (certmagic.KeyInfo, error)
- func (s *Storage) Store(ctx context.Context, key string, value []byte) error
- func (s *Storage) Unlock(ctx context.Context, key string) error
Constants ¶
This section is empty.
Variables ¶
var ( // LockExpiration is the duration before which a Lock is considered expired LockExpiration = 1 * time.Minute // LockPollInterval is the interval between each check of the lock state. LockPollInterval = 1 * time.Second )
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// AEAD for Authenticated Encryption with Additional Data
AEAD tink.AEAD
// BucketName is the name of the GCS storage Bucket
BucketName string
// ClientOptions GCS storage client options
ClientOptions []option.ClientOption
}
type Storage ¶
type Storage struct {
// contains filtered or unexported fields
}
Storage is a certmagic.Storage backed by a GCS bucket
func (*Storage) Delete ¶
Delete deletes key. An error should be returned only if the key still exists when the method returns.
func (*Storage) List ¶
List returns all keys that match prefix. If recursive is true, non-terminal keys will be enumerated (i.e. "directories" should be walked); otherwise, only keys prefixed exactly by prefix will be listed.
func (*Storage) Lock ¶
Lock acquires the lock for key, blocking until the lock can be obtained or an error is returned. Note that, even after acquiring a lock, an idempotent operation may have already been performed by another process that acquired the lock before - so always check to make sure idempotent operations still need to be performed after acquiring the lock.
The actual implementation of obtaining of a lock must be an atomic operation so that multiple Lock calls at the same time always results in only one caller receiving the lock at any given time.
To prevent deadlocks, all implementations (where this concern is relevant) should put a reasonable expiration on the lock in case Unlock is unable to be called due to some sort of network failure or system crash. Additionally, implementations should honor context cancellation as much as possible (in case the caller wishes to give up and free resources before the lock can be obtained).
Source Files