security

package
v8.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 11, 2023 License: Apache-2.0 Imports: 49 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PermRead            = "read"
	PermWrite           = "write"
	PermAnnotate        = "annotate"
	PermDelete          = "delete"
	PermManage          = "manage"
	PermManagedXrayMeta = "managedXrayMeta"
	PermDistribute      = "distribute"
)
View Source 
const ApiKeyEndpoint = "artifactory/api/security/apiKey"
View Source 
const CertificateEndpoint = "artifactory/api/system/security/certificates/"
View Source 
const DistributionPublicKeysAPIEndPoint = "artifactory/api/security/keys/trusted"
View Source 
const GroupsEndpoint = "artifactory/api/security/groups/"
View Source 
const KeypairEndPoint = "artifactory/api/security/keypair/"
View Source 
const PermissionsEndPoint = "artifactory/api/v2/security/permissions/"

Variables

This section is empty.

Functions

func CheckAccessToken 

func CheckAccessToken(id string, request *resty.Request) (*resty.Response, error)

func NewGlobalEnvironmentResource added in v8.8.1 

func NewGlobalEnvironmentResource() resource.Resource

func NewGroupResource 

func NewGroupResource() resource.Resource

func NewPermissionTargetResource 

func NewPermissionTargetResource() resource.Resource

func NewScopedTokenResource 

func NewScopedTokenResource() resource.Resource

func PermTargetExists 

func PermTargetExists(id string, m interface{}) (bool, error)

func ResourceArtifactoryAccessToken 

func ResourceArtifactoryAccessToken() *schema.Resource

func ResourceArtifactoryApiKey 

func ResourceArtifactoryApiKey() *schema.Resource

func ResourceArtifactoryCertificate 

func ResourceArtifactoryCertificate() *schema.Resource

func ResourceArtifactoryDistributionPublicKey 

func ResourceArtifactoryDistributionPublicKey() *schema.Resource

func ResourceArtifactoryKeyPair 

func ResourceArtifactoryKeyPair() *schema.Resource

func TokenOptsToValues 

func TokenOptsToValues(t AccessTokenOptions) (url.Values, error)

func VerifyKeyPair 

func VerifyKeyPair(id string, request *resty.Request) (*resty.Response, error)

Types

type AccessTokenErrorResponseAPIModel 

type AccessTokenErrorResponseAPIModel struct {
	Code    string `json:"code"`
	Message string `json:"message"`
	Detail  string `json:"detail"`
}

type AccessTokenGetAPIModel 

type AccessTokenGetAPIModel struct {
	TokenId     string `json:"token_id"`
	Subject     string `json:"subject"`
	Expiry      int64  `json:"expiry"`
	IssuedAt    int64  `json:"issued_at"`
	Issuer      string `json:"issuer"`
	Description string `json:"description"`
	Refreshable bool   `json:"refreshable"`
}

type AccessTokenOptions 

type AccessTokenOptions struct {
	// The grant type used to authenticate the request. In this case, the only value supported is "client_credentials" which is also the default value if this parameter is not specified.
	GrantType string `url:"grant_type,omitempty"` // [Optional, default: "client_credentials"]
	// The user name for which this token is created. If the user does not exist, a transient user is created. Non-admin users can only create tokens for themselves so they must specify their own username.
	// If the user does not exist, the member-of-groups scope token must be provided (e.g. member-of-groups: g1, g2, g3...)
	Username string `url:"username,omitempty"`
	// The scope to assign to the token provided as a space-separated list of scope tokens. Currently there are three possible scope tokens:
	//     - "api:*" - indicates that the token grants access to REST API calls. This is always granted by default whether specified in the call or not.
	//     - member-of-groups:[<group-name>] - indicates the groups that the token is associated with (e.g. member-of-groups: g1, g2, g3...). The token grants access according to the permission targets specified for the groups listed.
	//       Specify "*" for group-name to indicate that the token should provide the same access privileges that are given to the group of which the logged in user is a member.
	//       A non-admin user can only provide a scope that is a subset of the groups to which he belongs
	//     - "jfrt@<instance-id>:admin" - provides admin privileges on the specified Artifactory instance. This is only available for administrators.
	// If omitted and the username specified exists, the token is granted the scope of that user.
	Scope string `url:"scope,omitempty"` // [Optional if the user specified in username exists]
	// The time in seconds for which the token will be valid. To specify a token that never expires, set to zero. Non-admin can only set a value that is equal to or less than the default 3600.
	ExpiresIn int `url:"expires_in"` // [Optional, default: 3600]
	// If true, this token is refreshable and the refresh token can be used to replace it with a new token once it expires.
	Refreshable string `url:"refreshable,omitempty"` // [Optional, default: false]
	// A space-separate list of the other Artifactory instances or services that should accept this token identified by their Artifactory Service IDs as obtained from the Get Service ID endpoint.
	// In case you want the token to be accepted by all Artifactory instances you may use the following audience parameter "audience=jfrt@*".
	Audience string `url:"audience,omitempty"` // [Optional, default: Only the Service ID of the Artifactory instance that created the token]
}

type AccessTokenPostRequestAPIModel 

type AccessTokenPostRequestAPIModel struct {
	GrantType             string `json:"grant_type"`
	Username              string `json:"username,omitempty"`
	ProjectKey            string `json:"project_key"`
	Scope                 string `json:"scope,omitempty"`
	ExpiresIn             int64  `json:"expires_in"`
	Refreshable           bool   `json:"refreshable"`
	Description           string `json:"description,omitempty"`
	Audience              string `json:"audience,omitempty"`
	IncludeReferenceToken bool   `json:"include_reference_token"`
}

type AccessTokenPostResponseAPIModel 

type AccessTokenPostResponseAPIModel struct {
	TokenId        string `json:"token_id"`
	AccessToken    string `json:"access_token"`
	RefreshToken   string `json:"refresh_token"`
	ExpiresIn      int64  `json:"expires_in"`
	Scope          string `json:"scope"`
	TokenType      string `json:"token_type"`
	ReferenceToken string `json:"reference_token"`
}

type AccessTokenRevokeOptions 

type AccessTokenRevokeOptions struct {
	Token string `url:"token,omitempty"`
}

AccessTokenRevokeOptions jfrog client go has no v1 code and moving to v2 would be a lot of work. To remove the dependency, we copy and past it here

type Actions 

type Actions struct {
	Users  map[string][]string `json:"users,omitempty"`
	Groups map[string][]string `json:"groups,omitempty"`
}

type ApiKey 

type ApiKey struct {
	ApiKey            string `json:"apiKey"`
	BlockCreateApiKey bool   `json:"blockCreateApiKey"` // not used currently. may in future.
}

type ArtifactoryGroupResource 

type ArtifactoryGroupResource struct {
	ProviderData utilsdk.ProvderMetadata
}

func (*ArtifactoryGroupResource) Configure 

func (r *ArtifactoryGroupResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)

func (*ArtifactoryGroupResource) Create 

func (r *ArtifactoryGroupResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)

func (*ArtifactoryGroupResource) Delete 

func (r *ArtifactoryGroupResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)

func (*ArtifactoryGroupResource) ImportState 

func (r *ArtifactoryGroupResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)

ImportState imports the resource into the Terraform state.

func (*ArtifactoryGroupResource) Metadata 

func (r *ArtifactoryGroupResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)

func (*ArtifactoryGroupResource) Read 

func (r *ArtifactoryGroupResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)

func (*ArtifactoryGroupResource) Schema 

func (r *ArtifactoryGroupResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)

func (*ArtifactoryGroupResource) Update 

func (r *ArtifactoryGroupResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)

type ArtifactoryGroupResourceAPIModel 

type ArtifactoryGroupResourceAPIModel struct {
	Name            string   `json:"name"`
	Description     string   `json:"description,omitempty"`
	ExternalId      string   `json:"externalId,omitempty"`
	AutoJoin        bool     `json:"autoJoin"`
	AdminPrivileges bool     `json:"adminPrivileges"`
	Realm           string   `json:"realm"`
	RealmAttributes string   `json:"realmAttributes,omitempty"`
	UsersNames      []string `json:"userNames"`
	WatchManager    bool     `json:"watchManager"`
	PolicyManager   bool     `json:"policyManager"`
	ReportsManager  bool     `json:"reportsManager"`
}

ArtifactoryGroupResourceAPIModel describes the API data model.

type ArtifactoryGroupResourceModel 

type ArtifactoryGroupResourceModel struct {
	Id              types.String `tfsdk:"id"`
	Name            types.String `tfsdk:"name"`
	Description     types.String `tfsdk:"description"`
	ExternalId      types.String `tfsdk:"external_id"`
	AutoJoin        types.Bool   `tfsdk:"auto_join"`
	AdminPrivileges types.Bool   `tfsdk:"admin_privileges"`
	Realm           types.String `tfsdk:"realm"`
	RealmAttributes types.String `tfsdk:"realm_attributes"`
	DetachAllUsers  types.Bool   `tfsdk:"detach_all_users"`
	UsersNames      types.Set    `tfsdk:"users_names"`
	WatchManager    types.Bool   `tfsdk:"watch_manager"`
	PolicyManager   types.Bool   `tfsdk:"policy_manager"`
	ReportsManager  types.Bool   `tfsdk:"reports_manager"`
}

ArtifactoryGroupResourceModel describes the Terraform resource data model to match the resource schema.

func (*ArtifactoryGroupResourceModel) ToState 

func (r *ArtifactoryGroupResourceModel) ToState(ctx context.Context, group ArtifactoryGroupResourceAPIModel) diag.Diagnostics

type CertificateDetails 

type CertificateDetails struct {
	CertificateAlias string `json:"certificateAlias,omitempty"`
	IssuedTo         string `json:"issuedTo,omitempty"`
	IssuedBy         string `json:"issuedby,omitempty"`
	IssuedOn         string `json:"issuedOn,omitempty"`
	ValidUntil       string `json:"validUntil,omitempty"`
	FingerPrint      string `json:"fingerPrint,omitempty"`
}

CertificateDetails this type doesn't even exist in the new go client. In fact, the whole API call doesn't

func FindCertificate 

func FindCertificate(alias string, m interface{}) (*CertificateDetails, error)

type DistributionPublicKeysList 

type DistributionPublicKeysList struct {
	Keys []distributionPublicKeyPayLoad `json:"keys"`
}

type GlobalEnvironmentModel added in v8.8.1 

type GlobalEnvironmentModel struct {
	Id   types.String `tfsdk:"id"`
	Name types.String `tfsdk:"name"`
}

GlobalEnvironmentModel describes the Terraform resource data model to match the resource schema.

type GlobalEnvironmentPostRenameRequestAPIModel added in v8.8.1 

type GlobalEnvironmentPostRenameRequestAPIModel struct {
	Name string `json:"new_name"`
}

type GlobalEnvironmentPostRequestAPIModel added in v8.8.1 

type GlobalEnvironmentPostRequestAPIModel struct {
	Name string `json:"name"`
}

type GlobalEnvironmentResource added in v8.8.1 

type GlobalEnvironmentResource struct {
	ProviderData utilsdk.ProvderMetadata
}

func (*GlobalEnvironmentResource) Configure added in v8.8.1 

func (r *GlobalEnvironmentResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)

func (*GlobalEnvironmentResource) Create added in v8.8.1 

func (r *GlobalEnvironmentResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)

func (*GlobalEnvironmentResource) Delete added in v8.8.1 

func (r *GlobalEnvironmentResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)

func (*GlobalEnvironmentResource) ImportState added in v8.8.1 

func (r *GlobalEnvironmentResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)

ImportState imports the resource into the Terraform state.

func (*GlobalEnvironmentResource) Metadata added in v8.8.1 

func (r *GlobalEnvironmentResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)

func (*GlobalEnvironmentResource) Read added in v8.8.1 

func (r *GlobalEnvironmentResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)

func (*GlobalEnvironmentResource) Schema added in v8.8.1 

func (r *GlobalEnvironmentResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)

func (*GlobalEnvironmentResource) Update added in v8.8.1 

func (r *GlobalEnvironmentResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)

type GlobalEnvironmentsAPIModel added in v8.8.1 

type GlobalEnvironmentsAPIModel []struct {
	Name string `json:"name"`
}

type KeyPairPayLoad 

type KeyPairPayLoad struct {
	PairName    string `hcl:"pair_name" json:"pairName"`
	PairType    string `hcl:"pair_type" json:"pairType"`
	Alias       string `hcl:"alias" json:"alias"`
	PrivateKey  string `hcl:"private_key" json:"privateKey"`
	Passphrase  string `hcl:"passphrase" json:"passphrase"`
	PublicKey   string `hcl:"public_key" json:"publicKey"`
	Unavailable bool   `hcl:"unavailable" json:"unavailable"`
}

func (KeyPairPayLoad) Id 

func (kp KeyPairPayLoad) Id() string

type PermissionTargetResource 

type PermissionTargetResource struct {
	ProviderData utilsdk.ProvderMetadata
}

func (*PermissionTargetResource) Configure 

func (r *PermissionTargetResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)

func (*PermissionTargetResource) Create 

func (r *PermissionTargetResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)

func (*PermissionTargetResource) Delete 

func (r *PermissionTargetResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)

func (*PermissionTargetResource) ImportState 

func (r *PermissionTargetResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)

ImportState imports the resource into the Terraform state.

func (*PermissionTargetResource) Metadata 

func (r *PermissionTargetResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)

func (*PermissionTargetResource) Read 

func (r *PermissionTargetResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)

func (*PermissionTargetResource) Schema 

func (r *PermissionTargetResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)

func (*PermissionTargetResource) Update 

func (r *PermissionTargetResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)

type PermissionTargetResourceAPIModel 

type PermissionTargetResourceAPIModel struct {
	Name          string                   `json:"name"`
	Repo          *PermissionTargetSection `json:"repo,omitempty"`
	Build         *PermissionTargetSection `json:"build,omitempty"`
	ReleaseBundle *PermissionTargetSection `json:"releaseBundle,omitempty"`
}

PermissionTargetResourceAPIModel describes the API data model. Copy from https://github.com/jfrog/jfrog-client-go/blob/master/artifactory/services/permissiontarget.go#L116

Using struct pointers to keep the fields null if they are empty. Artifactory evaluates inner struct typed fields if they are not null, which can lead to failures in the request.

type PermissionTargetResourceModel 

type PermissionTargetResourceModel struct {
	Id            types.String `tfsdk:"id"`
	Name          types.String `tfsdk:"name"`
	Repo          types.Set    `tfsdk:"repo"`
	Build         types.Set    `tfsdk:"build"`
	ReleaseBundle types.Set    `tfsdk:"release_bundle"`
}

PermissionTargetResourceModel describes the Terraform resource data model to match the resource schema.

func (*PermissionTargetResourceModel) ToState 

func (r *PermissionTargetResourceModel) ToState(ctx context.Context, diags diag.Diagnostics, permissionTarget *PermissionTargetResourceAPIModel)

type PermissionTargetSection 

type PermissionTargetSection struct {
	IncludePatterns []string `json:"include-patterns,omitempty"`
	ExcludePatterns []string `json:"exclude-patterns,omitempty"`
	Repositories    []string `json:"repositories"`
	Actions         *Actions `json:"actions,omitempty"`
}

type ScopedTokenResource 

type ScopedTokenResource struct {
	ProviderData utilsdk.ProvderMetadata
}

func (*ScopedTokenResource) Configure 

func (r *ScopedTokenResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)

func (*ScopedTokenResource) Create 

func (r *ScopedTokenResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)

func (*ScopedTokenResource) Delete 

func (r *ScopedTokenResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)

func (*ScopedTokenResource) ImportState 

func (r *ScopedTokenResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)

ImportState imports the resource into the Terraform state.

func (*ScopedTokenResource) Metadata 

func (r *ScopedTokenResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)

func (*ScopedTokenResource) Read 

func (r *ScopedTokenResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)

func (*ScopedTokenResource) Schema 

func (r *ScopedTokenResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)

func (*ScopedTokenResource) Update 

func (r *ScopedTokenResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)

type ScopedTokenResourceModel 

type ScopedTokenResourceModel struct {
	Id                    types.String `tfsdk:"id"`
	GrantType             types.String `tfsdk:"grant_type"`
	Username              types.String `tfsdk:"username"`
	ProjectKey            types.String `tfsdk:"project_key"`
	Scopes                types.Set    `tfsdk:"scopes"`
	ExpiresIn             types.Int64  `tfsdk:"expires_in"`
	Refreshable           types.Bool   `tfsdk:"refreshable"`
	IncludeReferenceToken types.Bool   `tfsdk:"include_reference_token"`
	Description           types.String `tfsdk:"description"`
	Audiences             types.Set    `tfsdk:"audiences"`
	AccessToken           types.String `tfsdk:"access_token"`
	RefreshToken          types.String `tfsdk:"refresh_token"`
	ReferenceToken        types.String `tfsdk:"reference_token"`
	TokenType             types.String `tfsdk:"token_type"`
	Subject               types.String `tfsdk:"subject"`
	Expiry                types.Int64  `tfsdk:"expiry"`
	IssuedAt              types.Int64  `tfsdk:"issued_at"`
	Issuer                types.String `tfsdk:"issuer"`
}

ScopedTokenResourceModel describes the Terraform resource data model to match the resource schema.

func (*ScopedTokenResourceModel) GetResponseToState 

func (r *ScopedTokenResourceModel) GetResponseToState(ctx context.Context, accessToken *AccessTokenGetAPIModel)

func (*ScopedTokenResourceModel) PostResponseToState 

func (r *ScopedTokenResourceModel) PostResponseToState(ctx context.Context,
	accessTokenResp *AccessTokenPostResponseAPIModel, accessTokenPostBody *AccessTokenPostRequestAPIModel, getResult *AccessTokenGetAPIModel) diag.Diagnostics

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.