Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

gatekeeper

package module

Go to main page

Versions in this module

v0

v0.2.0

Feb 2, 2024

v0.1.0

Feb 2, 2024

Changes in this version

+ var ErrHostMismatch = errors.New(...)

+ var ErrMaxTokensGiven = errors.New("Maximum number of tokens given to this task.")

+ var ErrNoPolicy = errors.New("Your task doesn't match any configured policy.")

+ var ErrNoPolicyConfigured = errors.New("No policies have been configured.")

+ var ErrNoSuchRole = errors.New("The role requested does not exist.")

+ var ErrRoleMismatch = errors.New("Your task does not have permission to use this role.")

+ var ErrSealed = errors.New("Gatekeeper is sealed.")

+ var ErrTaskNotFresh = errors.New("This task has been running too long to request a token.")

+ func GetLog(r *http.Request) logrus.FieldLogger

+ func ListenAndServeTLS(addr, certFile, keyFile string, handler http.Handler) error

+ func LogEntrySetField(r *http.Request, key string, value interface{})

+ func LogEntrySetFields(r *http.Request, fields map[string]interface{})

+ func NewKeypairReloader(certFile, keyFile string) (*keypairReloader, error)

+ func NewLogger(logger *logrus.Logger) func(next http.Handler) http.Handler

+ type Config struct

+ Backoff *backoff.ExponentialBackOff

+ DefaultScheduler string

+ HostCheck bool

+ ListenAddress string

+ MaxTaskLife time.Duration

+ Metrics struct{ ... }

+ Peers string

+ PolicyPath string

+ Schedulers []string

+ SkipPolicyLoading bool

+ Store string

+ StoreVaultPath string

+ TlsCert string

+ TlsKey string

+ Unsealer unsealer.Unsealer

+ UseImageNames bool

+ Vault struct{ ... }

+ Version string

+ type Gatekeeper struct

+ PeerId string

+ Policies *policy.Policies

+ Schedulers map[string]scheduler.Scheduler

+ Started time.Time

+ Stats struct{ ... }

+ Store usagestore.UsageStore

+ Token string

+ func NewGatekeeper(conf Config) (*Gatekeeper, error)

+ func (g *Gatekeeper) ErrorResponse(w http.ResponseWriter, code int, err string)

+ func (g *Gatekeeper) GetPolicyConfig() ([]byte, error)

+ func (g *Gatekeeper) GetRoleId(roleName string, authToken string) (string, error)

+ func (g *Gatekeeper) GetSecretId(roleName string, authToken string) (string, error)

+ func (g *Gatekeeper) IsUnsealed() bool

+ func (g *Gatekeeper) LoadPeers(myId string, startup bool) ([]peer, error)

+ func (g *Gatekeeper) NewMetrics(conf Config) (*metrics, error)

+ func (g *Gatekeeper) OkResponse(w http.ResponseWriter, message string)

+ func (g *Gatekeeper) Peers() []peer

+ func (g *Gatekeeper) RenewToken() error

+ func (g *Gatekeeper) RenewalWorker(controlChan chan struct{})

+ func (g *Gatekeeper) RequestToken(providerKey string, taskId string, requestedRole string, remoteAddr string) (string, time.Duration, error)

+ func (g *Gatekeeper) Routes() http.Handler

+ func (g *Gatekeeper) Seal() error

+ func (g *Gatekeeper) Serve() error

+ func (g *Gatekeeper) TokenTtl() (time.Duration, error)

+ func (g *Gatekeeper) Unseal(u unsealer.Unsealer) error