controller

package
v0.6.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 27, 2021 License: MPL-2.0 Imports: 85 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DefaultOrgId                             = "o_1234567890"
	DefaultProjectId                         = "p_1234567890"
	DefaultTestPasswordAuthMethodId          = "ampw_1234567890"
	DefaultTestOidcAuthMethodId              = "amoidc_1234567890"
	DefaultTestLoginName                     = "admin"
	DefaultTestUnprivilegedLoginName         = "user"
	DefaultTestPassword                      = "passpass"
	DefaultTestUserId                        = "u_1234567890"
	DefaultTestPasswordAccountId             = intglobals.NewPasswordAccountPrefix + "_1234567890"
	DefaultTestOidcAccountId                 = "acctoidc_1234567890"
	DefaultTestUnprivilegedPasswordAccountId = intglobals.NewPasswordAccountPrefix + "_0987654321"
	DefaultTestUnprivilegedOidcAccountId     = "acctoidc_0987654321"
)

Variables

View Source
var RecoveryNonceCleanupInterval = 2 * time.Minute

This is exported so it can be tweaked in tests

Functions

This section is empty.

Types

type Config

type Config struct {
	// The base Server object, containing things shared between Controllers and
	// Workers
	*base.Server
	// The underlying configuration, passed in here to avoid duplicating values
	// everywhere
	RawConfig *config.Config
	// If set, authorization checking occurrs but failures are ignored
	DisableAuthorizationFailures bool
}

type Controller

type Controller struct {

	// Repo factory methods
	AuthTokenRepoFn       common.AuthTokenRepoFactory
	VaultCredentialRepoFn common.VaultCredentialRepoFactory
	IamRepoFn             common.IamRepoFactory
	OidcRepoFn            common.OidcAuthRepoFactory
	PasswordAuthRepoFn    common.PasswordAuthRepoFactory
	ServersRepoFn         common.ServersRepoFactory
	SessionRepoFn         common.SessionRepoFactory
	StaticHostRepoFn      common.StaticRepoFactory
	TargetRepoFn          common.TargetRepoFactory
	// contains filtered or unexported fields
}

func New

func New(ctx context.Context, conf *Config) (*Controller, error)

func (*Controller) Shutdown

func (c *Controller) Shutdown(serversOnly bool) error

func (*Controller) Start

func (c *Controller) Start() error

func (*Controller) WorkerStatusUpdateTimes

func (c *Controller) WorkerStatusUpdateTimes() *sync.Map

WorkerStatusUpdateTimes returns the map, which specifically is held in _this_ controller, not the DB. It's used in tests to verify that a given controller is receiving updates from an expected set of workers, to test out balancing and auto reconnection.

type HandlerProperties

type HandlerProperties struct {
	ListenerConfig *listenerutil.ListenerConfig
	CancelCtx      context.Context
}

type TestController

type TestController struct {
	// contains filtered or unexported fields
}

TestController wraps a base.Server and Controller to provide a fully-programmatic controller for tests. Error checking (for instance, for valid config) is not stringent at the moment.

func NewTestController

func NewTestController(t *testing.T, opts *TestControllerOpts) *TestController

func (*TestController) AddClusterControllerMember

func (tc *TestController) AddClusterControllerMember(t *testing.T, opts *TestControllerOpts) *TestController

func (*TestController) ApiAddrs

func (tc *TestController) ApiAddrs() []string

func (*TestController) AuthTokenRepo

func (tc *TestController) AuthTokenRepo() *authtoken.Repository

func (*TestController) Cancel

func (tc *TestController) Cancel()

func (*TestController) Client

func (tc *TestController) Client() *api.Client

func (*TestController) ClusterAddrs

func (tc *TestController) ClusterAddrs() []string

func (*TestController) Config

func (tc *TestController) Config() *Config

func (*TestController) Context

func (tc *TestController) Context() context.Context

func (*TestController) Controller

func (tc *TestController) Controller() *Controller

Controller returns the underlying controller

func (*TestController) DbConn

func (tc *TestController) DbConn() *gorm.DB

func (*TestController) IamRepo

func (tc *TestController) IamRepo() *iam.Repository

func (*TestController) Kms

func (tc *TestController) Kms() *kms.Kms

func (*TestController) Logger

func (tc *TestController) Logger() hclog.Logger

func (*TestController) Name

func (tc *TestController) Name() string

func (*TestController) Server added in v0.1.6

func (tc *TestController) Server() *base.Server

Server returns the underlying base server

func (*TestController) ServersRepo

func (tc *TestController) ServersRepo() *servers.Repository

func (*TestController) Shutdown

func (tc *TestController) Shutdown()

Shutdown runs any cleanup functions; be sure to run this after your test is done

func (*TestController) Token

func (tc *TestController) Token() *authtokens.AuthToken

func (*TestController) UnprivilegedToken added in v0.1.6

func (tc *TestController) UnprivilegedToken() *authtokens.AuthToken

func (*TestController) WaitForNextWorkerStatusUpdate added in v0.5.0

func (tc *TestController) WaitForNextWorkerStatusUpdate(workerId string) error

WaitForNextWorkerStatusUpdate waits for the next status check from a worker to come in. If it does not come in within the default status grace period, this function returns an error.

type TestControllerOpts

type TestControllerOpts struct {
	// ConfigHcl is the HCL to be parsed to generate the initial config.
	// Overrides Config if both are set.
	ConfigHcl string

	// Config; if not provided a dev one will be created, unless ConfigHcl is
	// set.
	Config *config.Config

	// DefaultPasswordAuthMethodId is the default password method ID to use, if set.
	DefaultPasswordAuthMethodId string

	// DefaultOidcAuthMethodId is the default OIDC method ID to use, if set.
	DefaultOidcAuthMethodId string

	// DefaultLoginName is the login name used when creating the default admin account.
	DefaultLoginName string

	// DefaultUnprivilegedLoginName is the login name used when creating the default unprivileged account.
	DefaultUnprivilegedLoginName string

	// DefaultPassword is the password used when creating the default accounts.
	DefaultPassword string

	// DisableInitialLoginRoleCreation can be set true to disable creating the
	// global scope login role automatically.
	DisableInitialLoginRoleCreation bool

	// DisableAuthMethodCreation can be set true to disable creating an auth
	// method automatically.
	DisableAuthMethodCreation bool

	// DisableOidcAuthMethodCreation can be set true to disable the built-in
	// OIDC listener. Useful for e.g. unix listener tests.
	DisableOidcAuthMethodCreation bool

	// DisableScopesCreation can be set true to disable creating scopes
	// automatically.
	DisableScopesCreation bool

	// DisableHostResourcesCreation can be set true to disable creating a host
	// catalog and related resources automatically.
	DisableHostResourcesCreation bool

	// DisableTargetCreation can be set true to disable creating a target
	// automatically.
	DisableTargetCreation bool

	// DisableDatabaseCreation can be set true to disable creating a dev
	// database
	DisableDatabaseCreation bool

	// DisableDatabaseDestruction can be set true to allow a database to be
	// created but examined after-the-fact
	DisableDatabaseDestruction bool

	// If set, instead of creating a dev database, it will connect to an
	// existing database given the url
	DatabaseUrl string

	// If true, the controller will not be started
	DisableAutoStart bool

	// DisableAuthorizationFailures will still cause authz checks to be
	// performed but they won't cause 403 Forbidden. Useful for API-level
	// testing to avoid a lot of faff.
	DisableAuthorizationFailures bool

	// The controller KMS to use, or one will be created
	RootKms wrapping.Wrapper

	// The worker auth KMS to use, or one will be created
	WorkerAuthKms wrapping.Wrapper

	// The recovery KMS to use, or one will be created
	RecoveryKms wrapping.Wrapper

	// Disables KMS key creation. Only valid when a database url is specified,
	// at the moment.
	DisableKmsKeyCreation bool

	// The name to use for the controller, otherwise one will be randomly
	// generated, unless provided in a non-nil Config
	Name string

	// The suffix to use for initial resources
	InitialResourcesSuffix string

	// The logger to use, or one will be created
	Logger hclog.Logger

	// A cluster address for overriding the advertised controller listener
	// (overrides address provided in config, if any)
	PublicClusterAddr string

	// The amount of time to wait before marking connections as closed when a
	// worker has not reported in
	StatusGracePeriodDuration time.Duration
}

Directories

Path Synopsis
Package common contains types and helper functions that are used across the different packages under internal/server/controller.
Package common contains types and helper functions that are used across the different packages under internal/server/controller.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL