security

package
v6.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2022 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PERM_READ     = "read"
	PERM_WRITE    = "write"
	PERM_ANNOTATE = "annotate"
	PERM_DELETE   = "delete"
	PERM_MANAGE   = "manage"

	PERMISSION_SCHEMA = "application/vnd.org.jfrog.artifactory.security.PermissionTargetV2+json"
)
View Source 
const ApiKeyEndpoint = "artifactory/api/security/apiKey"
View Source 
const GroupsEndpoint = "artifactory/api/security/groups/"

Variables

This section is empty.

Functions

func PermTargetExists 

func PermTargetExists(id string, m interface{}) (bool, error)

func ResourceArtifactoryAccessToken 

func ResourceArtifactoryAccessToken() *schema.Resource

func ResourceArtifactoryApiKey 

func ResourceArtifactoryApiKey() *schema.Resource

func ResourceArtifactoryCertificate 

func ResourceArtifactoryCertificate() *schema.Resource

func ResourceArtifactoryGroup 

func ResourceArtifactoryGroup() *schema.Resource

func ResourceArtifactoryKeyPair 

func ResourceArtifactoryKeyPair() *schema.Resource

func ResourceArtifactoryPermissionTarget 

func ResourceArtifactoryPermissionTarget() *schema.Resource

func ResourceArtifactoryPermissionTargets 

func ResourceArtifactoryPermissionTargets() *schema.Resource

func TokenOptsToValues 

func TokenOptsToValues(t AccessTokenOptions) (url.Values, error)

Types

type AccessToken 

type AccessToken struct {
	AccessToken  string `json:"access_token,omitempty"`
	ExpiresIn    int    `json:"expires_in,omitempty"`
	Scope        string `json:"scope,omitempty"`
	TokenType    string `json:"token_type,omitempty"`
	RefreshToken string `json:"refresh_token,omitempty"`
}

type AccessTokenOptions 

type AccessTokenOptions struct {
	// The grant type used to authenticate the request. In this case, the only value supported is "client_credentials" which is also the default value if this parameter is not specified.
	GrantType string `url:"grant_type,omitempty"` // [Optional, default: "client_credentials"]
	// The user name for which this token is created. If the user does not exist, a transient user is created. Non-admin users can only create tokens for themselves so they must specify their own username.
	// If the user does not exist, the member-of-groups scope token must be provided (e.g. member-of-groups: g1, g2, g3...)
	Username string `url:"username,omitempty"`
	// The scope to assign to the token provided as a space-separated list of scope tokens. Currently there are three possible scope tokens:
	//     - "api:*" - indicates that the token grants access to REST API calls. This is always granted by default whether specified in the call or not.
	//     - member-of-groups:[<group-name>] - indicates the groups that the token is associated with (e.g. member-of-groups: g1, g2, g3...). The token grants access according to the permission targets specified for the groups listed.
	//       Specify "*" for group-name to indicate that the token should provide the same access privileges that are given to the group of which the logged in user is a member.
	//       A non-admin user can only provide a scope that is a subset of the groups to which he belongs
	//     - "jfrt@<instance-id>:admin" - provides admin privileges on the specified Artifactory instance. This is only available for administrators.
	// If omitted and the username specified exists, the token is granted the scope of that user.
	Scope string `url:"scope,omitempty"` // [Optional if the user specified in username exists]
	// The time in seconds for which the token will be valid. To specify a token that never expires, set to zero. Non-admin can only set a value that is equal to or less than the default 3600.
	ExpiresIn int `url:"expires_in"` // [Optional, default: 3600]
	// If true, this token is refreshable and the refresh token can be used to replace it with a new token once it expires.
	Refreshable string `url:"refreshable,omitempty"` // [Optional, default: false]
	// A space-separate list of the other Artifactory instances or services that should accept this token identified by their Artifactory Service IDs as obtained from the Get Service ID endpoint.
	// In case you want the token to be accepted by all Artifactory instances you may use the following audience parameter "audience=jfrt@*".
	Audience string `url:"audience,omitempty"` // [Optional, default: Only the Service ID of the Artifactory instance that created the token]
}

type AccessTokenRevokeOptions 

type AccessTokenRevokeOptions struct {
	Token string `url:"token,omitempty"`
}

AccessTokenRevokeOptions jfrog client go has no v1 code and moving to v2 would be a lot of work. To remove the dependency, we copy and past it here

type Actions 

type Actions struct {
	Users  map[string][]string `json:"users,omitempty"`
	Groups map[string][]string `json:"groups,omitempty"`
}

type ApiKey 

type ApiKey struct {
	ApiKey string `json:"apiKey"`
}

type CertificateDetails 

type CertificateDetails struct {
	CertificateAlias string `json:"certificateAlias,omitempty"`
	IssuedTo         string `json:"issuedTo,omitempty"`
	IssuedBy         string `json:"issuedby,omitempty"`
	IssuedOn         string `json:"issuedOn,omitempty"`
	ValidUntil       string `json:"validUntil,omitempty"`
	FingerPrint      string `json:"fingerPrint,omitempty"`
}

CertificateDetails this type doesn't even exist in the new go client. In fact, the whole API call doesn't

func FindCertificate 

func FindCertificate(alias string, m interface{}) (*CertificateDetails, error)

type Group 

type Group struct {
	Name            string   `json:"name,omitempty"`
	Description     string   `json:"description,omitempty"`
	AutoJoin        bool     `json:"autoJoin,omitempty"`
	AdminPrivileges bool     `json:"adminPrivileges,omitempty"`
	Realm           string   `json:"realm,omitempty"`
	RealmAttributes string   `json:"realmAttributes,omitempty"`
	UsersNames      []string `json:"userNames"`
	WatchManager    bool     `json:"watchManager"`
	PolicyManager   bool     `json:"policyManager"`
	ReportsManager  bool     `json:"reportsManager"`
}

Group is a encoding struct to match https://www.jfrog.com/confluence/display/JFROG/Security+Configuration+JSON#SecurityConfigurationJSON-application/vnd.org.jfrog.artifactory.security.Group+json

func (Group) Id 

func (g Group) Id() string

type KeyPairPayLoad 

type KeyPairPayLoad struct {
	PairName    string `hcl:"pair_name" json:"pairName"`
	PairType    string `hcl:"pair_type" json:"pairType"`
	Alias       string `hcl:"alias" json:"alias"`
	PrivateKey  string `hcl:"private_key" json:"privateKey"`
	Passphrase  string `hcl:"passphrase" json:"passphrase"`
	PublicKey   string `hcl:"public_key" json:"publicKey"`
	Unavailable bool   `hcl:"unavailable" json:"unavailable"`
}

func (KeyPairPayLoad) Id 

func (kp KeyPairPayLoad) Id() string

type PermissionTargetParams 

type PermissionTargetParams struct {
	Name          string                   `json:"name"`
	Repo          *PermissionTargetSection `json:"repo,omitempty"`
	Build         *PermissionTargetSection `json:"build,omitempty"`
	ReleaseBundle *PermissionTargetSection `json:"releaseBundle,omitempty"`
}

Copy from https://github.com/jfrog/jfrog-client-go/blob/master/artifactory/services/permissiontarget.go#L116

Using struct pointers to keep the fields null if they are empty. Artifactory evaluates inner struct typed fields if they are not null, which can lead to failures in the request.

type PermissionTargetSection 

type PermissionTargetSection struct {
	IncludePatterns []string `json:"include-patterns,omitempty"`
	ExcludePatterns []string `json:"exclude-patterns,omitempty"`
	Repositories    []string `json:"repositories"`
	Actions         *Actions `json:"actions,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.