security

package
v7.11.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 31, 2023 License: Apache-2.0 Imports: 45 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PermRead            = "read"
	PermWrite           = "write"
	PermAnnotate        = "annotate"
	PermDelete          = "delete"
	PermManage          = "manage"
	PermManagedXrayMeta = "managedXrayMeta"
	PermDistribute      = "distribute"
)
View Source 
const ApiKeyEndpoint = "artifactory/api/security/apiKey"
View Source 
const CertificateEndpoint = "artifactory/api/system/security/certificates/"
View Source 
const DistributionPublicKeysAPIEndPoint = "artifactory/api/security/keys/trusted"
View Source 
const GroupsEndpoint = "artifactory/api/security/groups/"
View Source 
const KeypairEndPoint = "artifactory/api/security/keypair/"
View Source 
const PermissionsEndPoint = "artifactory/api/v2/security/permissions/"

Variables

This section is empty.

Functions

func BuildPermissionTargetSchema 

func BuildPermissionTargetSchema() map[string]*schema.Schema

func CheckAccessToken 

func CheckAccessToken(id string, request *resty.Request) (*resty.Response, error)

func NewArtifactoryGroupResource added in v7.11.0 

func NewArtifactoryGroupResource() resource.Resource

func NewArtifactoryScopedTokenResource added in v7.11.2 

func NewArtifactoryScopedTokenResource() resource.Resource

func PackPermissionTarget 

func PackPermissionTarget(permissionTarget *PermissionTargetParams, d *schema.ResourceData) diag.Diagnostics

func PermTargetExists 

func PermTargetExists(id string, m interface{}) (bool, error)

func ResourceArtifactoryAccessToken 

func ResourceArtifactoryAccessToken() *schema.Resource

func ResourceArtifactoryApiKey 

func ResourceArtifactoryApiKey() *schema.Resource

func ResourceArtifactoryCertificate 

func ResourceArtifactoryCertificate() *schema.Resource

func ResourceArtifactoryDistributionPublicKey added in v7.9.0 

func ResourceArtifactoryDistributionPublicKey() *schema.Resource

func ResourceArtifactoryKeyPair 

func ResourceArtifactoryKeyPair() *schema.Resource

func ResourceArtifactoryPermissionTarget 

func ResourceArtifactoryPermissionTarget() *schema.Resource

func ResourceArtifactoryPermissionTargets 

func ResourceArtifactoryPermissionTargets() *schema.Resource

func TokenOptsToValues 

func TokenOptsToValues(t AccessTokenOptions) (url.Values, error)

func VerifyKeyPair 

func VerifyKeyPair(id string, request *resty.Request) (*resty.Response, error)

Types

type AccessTokenErrorResponseAPIModel added in v7.11.2 

type AccessTokenErrorResponseAPIModel struct {
	Code    string `json:"code"`
	Message string `json:"message"`
	Detail  string `json:"detail"`
}

type AccessTokenGetAPIModel added in v7.11.2 

type AccessTokenGetAPIModel struct {
	TokenId     string `json:"token_id"`
	Subject     string `json:"subject"`
	Expiry      int64  `json:"expiry"`
	IssuedAt    int64  `json:"issued_at"`
	Issuer      string `json:"issuer"`
	Description string `json:"description,omitempty"`
	Refreshable bool   `json:"refreshable"`
}

type AccessTokenOptions 

type AccessTokenOptions struct {
	// The grant type used to authenticate the request. In this case, the only value supported is "client_credentials" which is also the default value if this parameter is not specified.
	GrantType string `url:"grant_type,omitempty"` // [Optional, default: "client_credentials"]
	// The user name for which this token is created. If the user does not exist, a transient user is created. Non-admin users can only create tokens for themselves so they must specify their own username.
	// If the user does not exist, the member-of-groups scope token must be provided (e.g. member-of-groups: g1, g2, g3...)
	Username string `url:"username,omitempty"`
	// The scope to assign to the token provided as a space-separated list of scope tokens. Currently there are three possible scope tokens:
	//     - "api:*" - indicates that the token grants access to REST API calls. This is always granted by default whether specified in the call or not.
	//     - member-of-groups:[<group-name>] - indicates the groups that the token is associated with (e.g. member-of-groups: g1, g2, g3...). The token grants access according to the permission targets specified for the groups listed.
	//       Specify "*" for group-name to indicate that the token should provide the same access privileges that are given to the group of which the logged in user is a member.
	//       A non-admin user can only provide a scope that is a subset of the groups to which he belongs
	//     - "jfrt@<instance-id>:admin" - provides admin privileges on the specified Artifactory instance. This is only available for administrators.
	// If omitted and the username specified exists, the token is granted the scope of that user.
	Scope string `url:"scope,omitempty"` // [Optional if the user specified in username exists]
	// The time in seconds for which the token will be valid. To specify a token that never expires, set to zero. Non-admin can only set a value that is equal to or less than the default 3600.
	ExpiresIn int `url:"expires_in"` // [Optional, default: 3600]
	// If true, this token is refreshable and the refresh token can be used to replace it with a new token once it expires.
	Refreshable string `url:"refreshable,omitempty"` // [Optional, default: false]
	// A space-separate list of the other Artifactory instances or services that should accept this token identified by their Artifactory Service IDs as obtained from the Get Service ID endpoint.
	// In case you want the token to be accepted by all Artifactory instances you may use the following audience parameter "audience=jfrt@*".
	Audience string `url:"audience,omitempty"` // [Optional, default: Only the Service ID of the Artifactory instance that created the token]
}

type AccessTokenPostRequestAPIModel added in v7.11.2 

type AccessTokenPostRequestAPIModel struct {
	GrantType             string `json:"grant_type"`
	Username              string `json:"username,omitempty"`
	Scope                 string `json:"scope,omitempty"`
	ExpiresIn             int64  `json:"expires_in"`
	Refreshable           bool   `json:"refreshable"`
	Description           string `json:"description,omitempty"`
	Audience              string `json:"audience,omitempty"`
	IncludeReferenceToken bool   `json:"include_reference_token"`
}

type AccessTokenPostResponseAPIModel added in v7.11.2 

type AccessTokenPostResponseAPIModel struct {
	TokenId        string `json:"token_id"`
	AccessToken    string `json:"access_token"`
	RefreshToken   string `json:"refresh_token"`
	ExpiresIn      int64  `json:"expires_in"`
	Scope          string `json:"scope"`
	TokenType      string `json:"token_type"`
	ReferenceToken string `json:"reference_token"`
}

type AccessTokenRevokeOptions 

type AccessTokenRevokeOptions struct {
	Token string `url:"token,omitempty"`
}

AccessTokenRevokeOptions jfrog client go has no v1 code and moving to v2 would be a lot of work. To remove the dependency, we copy and past it here

type Actions 

type Actions struct {
	Users  map[string][]string `json:"users,omitempty"`
	Groups map[string][]string `json:"groups,omitempty"`
}

type ApiKey 

type ApiKey struct {
	ApiKey            string `json:"apiKey"`
	BlockCreateApiKey bool   `json:"blockCreateApiKey"` // not used currently. may in future.
}

type ArtifactoryGroupResource added in v7.11.0 

type ArtifactoryGroupResource struct {
	ProviderData utilsdk.ProvderMetadata
}

func (*ArtifactoryGroupResource) Configure added in v7.11.0 

func (r *ArtifactoryGroupResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)

func (*ArtifactoryGroupResource) Create added in v7.11.0 

func (r *ArtifactoryGroupResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)

func (*ArtifactoryGroupResource) Delete added in v7.11.0 

func (r *ArtifactoryGroupResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)

func (*ArtifactoryGroupResource) ImportState added in v7.11.0 

func (r *ArtifactoryGroupResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)

ImportState imports the resource into the Terraform state.

func (*ArtifactoryGroupResource) Metadata added in v7.11.0 

func (r *ArtifactoryGroupResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)

func (*ArtifactoryGroupResource) Read added in v7.11.0 

func (r *ArtifactoryGroupResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)

func (*ArtifactoryGroupResource) Schema added in v7.11.0 

func (r *ArtifactoryGroupResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)

func (*ArtifactoryGroupResource) Update added in v7.11.0 

func (r *ArtifactoryGroupResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)

type ArtifactoryGroupResourceAPIModel added in v7.11.0 

type ArtifactoryGroupResourceAPIModel struct {
	Name            string   `json:"name"`
	Description     string   `json:"description,omitempty"`
	ExternalId      string   `json:"externalId,omitempty"`
	AutoJoin        bool     `json:"autoJoin"`
	AdminPrivileges bool     `json:"adminPrivileges"`
	Realm           string   `json:"realm"`
	RealmAttributes string   `json:"realmAttributes,omitempty"`
	UsersNames      []string `json:"userNames"`
	WatchManager    bool     `json:"watchManager"`
	PolicyManager   bool     `json:"policyManager"`
	ReportsManager  bool     `json:"reportsManager"`
}

ArtifactoryGroupResourceAPIModel describes the API data model.

type ArtifactoryGroupResourceModel added in v7.11.0 

type ArtifactoryGroupResourceModel struct {
	Id              types.String `tfsdk:"id"`
	Name            types.String `tfsdk:"name"`
	Description     types.String `tfsdk:"description"`
	ExternalId      types.String `tfsdk:"external_id"`
	AutoJoin        types.Bool   `tfsdk:"auto_join"`
	AdminPrivileges types.Bool   `tfsdk:"admin_privileges"`
	Realm           types.String `tfsdk:"realm"`
	RealmAttributes types.String `tfsdk:"realm_attributes"`
	DetachAllUsers  types.Bool   `tfsdk:"detach_all_users"`
	UsersNames      types.Set    `tfsdk:"users_names"`
	WatchManager    types.Bool   `tfsdk:"watch_manager"`
	PolicyManager   types.Bool   `tfsdk:"policy_manager"`
	ReportsManager  types.Bool   `tfsdk:"reports_manager"`
}

ArtifactoryGroupResourceModel describes the Terraform resource data model to match the resource schema.

func (*ArtifactoryGroupResourceModel) ToState added in v7.11.0 

func (r *ArtifactoryGroupResourceModel) ToState(ctx context.Context, group *ArtifactoryGroupResourceAPIModel, includeUsers bool)

type ArtifactoryScopedTokenResource added in v7.11.2 

type ArtifactoryScopedTokenResource struct {
	ProviderData utilsdk.ProvderMetadata
}

func (*ArtifactoryScopedTokenResource) Configure added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)

func (*ArtifactoryScopedTokenResource) Create added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)

func (*ArtifactoryScopedTokenResource) Delete added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)

func (*ArtifactoryScopedTokenResource) ImportState added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)

ImportState imports the resource into the Terraform state.

func (*ArtifactoryScopedTokenResource) Metadata added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)

func (*ArtifactoryScopedTokenResource) Read added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)

func (*ArtifactoryScopedTokenResource) Schema added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)

func (*ArtifactoryScopedTokenResource) Update added in v7.11.2 

func (r *ArtifactoryScopedTokenResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)

type ArtifactoryScopedTokenResourceModel added in v7.11.2 

type ArtifactoryScopedTokenResourceModel struct {
	Id                    types.String `tfsdk:"id"`
	GrantType             types.String `tfsdk:"grant_type"`
	Username              types.String `tfsdk:"username"`
	Scopes                types.Set    `tfsdk:"scopes"`
	ExpiresIn             types.Int64  `tfsdk:"expires_in"`
	Refreshable           types.Bool   `tfsdk:"refreshable"`
	IncludeReferenceToken types.Bool   `tfsdk:"include_reference_token"`
	Description           types.String `tfsdk:"description"`
	Audiences             types.Set    `tfsdk:"audiences"`
	AccessToken           types.String `tfsdk:"access_token"`
	RefreshToken          types.String `tfsdk:"refresh_token"`
	ReferenceToken        types.String `tfsdk:"reference_token"`
	TokenType             types.String `tfsdk:"token_type"`
	Subject               types.String `tfsdk:"subject"`
	Expiry                types.Int64  `tfsdk:"expiry"`
	IssuedAt              types.Int64  `tfsdk:"issued_at"`
	Issuer                types.String `tfsdk:"issuer"`
}

ArtifactoryScopedTokenResourceModel describes the Terraform resource data model to match the resource schema.

func (*ArtifactoryScopedTokenResourceModel) GetResponseToState added in v7.11.2 

func (r *ArtifactoryScopedTokenResourceModel) GetResponseToState(accessToken *AccessTokenGetAPIModel)

func (*ArtifactoryScopedTokenResourceModel) PostResponseToState added in v7.11.2 

func (r *ArtifactoryScopedTokenResourceModel) PostResponseToState(ctx context.Context,
	accessTokenResp *AccessTokenPostResponseAPIModel, accessTokenPostBody *AccessTokenPostRequestAPIModel, getResult *AccessTokenGetAPIModel)

type CertificateDetails 

type CertificateDetails struct {
	CertificateAlias string `json:"certificateAlias,omitempty"`
	IssuedTo         string `json:"issuedTo,omitempty"`
	IssuedBy         string `json:"issuedby,omitempty"`
	IssuedOn         string `json:"issuedOn,omitempty"`
	ValidUntil       string `json:"validUntil,omitempty"`
	FingerPrint      string `json:"fingerPrint,omitempty"`
}

CertificateDetails this type doesn't even exist in the new go client. In fact, the whole API call doesn't

func FindCertificate 

func FindCertificate(alias string, m interface{}) (*CertificateDetails, error)

type DistributionPublicKeysList added in v7.9.0 

type DistributionPublicKeysList struct {
	Keys []distributionPublicKeyPayLoad `json:"keys"`
}

type KeyPairPayLoad 

type KeyPairPayLoad struct {
	PairName    string `hcl:"pair_name" json:"pairName"`
	PairType    string `hcl:"pair_type" json:"pairType"`
	Alias       string `hcl:"alias" json:"alias"`
	PrivateKey  string `hcl:"private_key" json:"privateKey"`
	Passphrase  string `hcl:"passphrase" json:"passphrase"`
	PublicKey   string `hcl:"public_key" json:"publicKey"`
	Unavailable bool   `hcl:"unavailable" json:"unavailable"`
}

func (KeyPairPayLoad) Id 

func (kp KeyPairPayLoad) Id() string

type PermissionTargetParams 

type PermissionTargetParams struct {
	Name          string                   `json:"name"`
	Repo          *PermissionTargetSection `json:"repo,omitempty"`
	Build         *PermissionTargetSection `json:"build,omitempty"`
	ReleaseBundle *PermissionTargetSection `json:"releaseBundle,omitempty"`
}

PermissionTargetParams Copy from https://github.com/jfrog/jfrog-client-go/blob/master/artifactory/services/permissiontarget.go#L116

Using struct pointers to keep the fields null if they are empty. Artifactory evaluates inner struct typed fields if they are not null, which can lead to failures in the request.

type PermissionTargetSection 

type PermissionTargetSection struct {
	IncludePatterns []string `json:"include-patterns,omitempty"`
	ExcludePatterns []string `json:"exclude-patterns,omitempty"`
	Repositories    []string `json:"repositories"`
	Actions         *Actions `json:"actions,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.