cloud

package
v0.0.0-...-84dfa8d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2025 License: AGPL-3.0 Imports: 20 Imported by: 2

Documentation

Overview

Package cloud defines an API endpoint for functions dealing with the controller's cloud definition, and cloud credentials.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Register 

func Register(registry facade.FacadeRegistry)

Register is called to expose a package of facades onto a given registry.

Types

type CloudAPI 

type CloudAPI struct {
	// contains filtered or unexported fields
}

CloudAPI implements the cloud interface and is the concrete implementation of the api end point.

func NewCloudAPI 

func NewCloudAPI(
	ctx context.Context,
	controllerTag names.ControllerTag,
	controllerCloud string,
	cloudService CloudService,
	cloudAccessService CloudAccessService,
	credentialService CredentialService,
	authorizer facade.Authorizer, logger corelogger.Logger,
) (*CloudAPI, error)

NewCloudAPI creates a new API server endpoint for managing the controller's cloud definition and cloud credentials.

func (*CloudAPI) AddCloud 

func (api *CloudAPI) AddCloud(ctx context.Context, cloudArgs params.AddCloudArgs) error

AddCloud adds a new cloud, different from the one managed by the controller.

func (*CloudAPI) AddCredentials 

func (api *CloudAPI) AddCredentials(ctx context.Context, args params.TaggedCredentials) (params.ErrorResults, error)

AddCredentials adds new credentials. In contrast to UpdateCredentials() below, the new credentials can be for a cloud that the controller does not manage (this is required for CAAS models)

func (*CloudAPI) Cloud 

func (api *CloudAPI) Cloud(ctx context.Context, args params.Entities) (params.CloudResults, error)

Cloud returns the cloud definitions for the specified clouds.

func (*CloudAPI) CloudInfo 

func (api *CloudAPI) CloudInfo(ctx context.Context, args params.Entities) (params.CloudInfoResults, error)

CloudInfo returns information about the specified clouds.

func (*CloudAPI) Clouds 

func (api *CloudAPI) Clouds(ctx context.Context) (params.CloudsResult, error)

Clouds returns the definitions of all clouds supported by the controller that the logged in user can see.

func (*CloudAPI) Credential 

func (api *CloudAPI) Credential(ctx context.Context, args params.Entities) (params.CloudCredentialResults, error)

Credential returns the specified cloud credential for each tag, minus secrets.

func (*CloudAPI) CredentialContents 

func (api *CloudAPI) CredentialContents(ctx context.Context, args params.CloudCredentialArgs) (params.CredentialContentResults, error)

CredentialContents returns the specified cloud credentials, including the secrets if requested. If no specific credential name/cloud was passed in, all credentials for this user are returned. Only credential owner can see its contents as well as what models use it. Controller admin has no special superpowers here and is treated the same as all other users.

func (*CloudAPI) ListCloudInfo 

func (api *CloudAPI) ListCloudInfo(ctx context.Context, req params.ListCloudsRequest) (params.ListCloudInfoResults, error)

ListCloudInfo returns clouds that the specified user has access to. Controller admins (superuser) can list clouds for any user. Other users can only ask about their own clouds.

func (*CloudAPI) ModifyCloudAccess 

func (api *CloudAPI) ModifyCloudAccess(ctx context.Context, args params.ModifyCloudAccessRequest) (params.ErrorResults, error)

ModifyCloudAccess changes the model access granted to users.

func (*CloudAPI) RemoveClouds 

func (api *CloudAPI) RemoveClouds(ctx context.Context, args params.Entities) (params.ErrorResults, error)

RemoveClouds removes the specified clouds from the controller. If a cloud is in use (has models deployed to it), the removal will fail.

func (*CloudAPI) RevokeCredentialsCheckModels 

func (api *CloudAPI) RevokeCredentialsCheckModels(ctx context.Context, args params.RevokeCredentialArgs) (params.ErrorResults, error)

RevokeCredentialsCheckModels revokes a set of cloud credentials. If the credentials are used by any of the models, the credential deletion will be aborted. If credential-in-use needs to be revoked nonetheless, this method allows the use of force.

func (*CloudAPI) UpdateCloud 

func (api *CloudAPI) UpdateCloud(ctx context.Context, cloudArgs params.UpdateCloudArgs) (params.ErrorResults, error)

UpdateCloud updates an existing cloud that the controller knows about.

func (*CloudAPI) UpdateCredentialsCheckModels 

func (api *CloudAPI) UpdateCredentialsCheckModels(ctx context.Context, args params.UpdateCredentialArgs) (params.UpdateCredentialResults, error)

UpdateCredentialsCheckModels updates a set of cloud credentials' content. If there are any models that are using a credential and these models are not going to be visible with updated credential content, there will be detailed validation errors per model. Such model errors are returned separately and do not contribute to the overall method error status. Controller admins can 'force' an update of the credential regardless of whether it is deemed valid or not.

func (*CloudAPI) UserCredentials 

func (api *CloudAPI) UserCredentials(ctx context.Context, args params.UserClouds) (params.StringsResults, error)

UserCredentials returns the cloud credentials for a set of users.

type CloudAccessService 

type CloudAccessService interface {
	// ReadUserAccessLevelForTarget returns the access level for the provided
	// subject (user) for the given target (cloud).
	ReadUserAccessLevelForTarget(ctx context.Context, subject user.Name, target corepermission.ID) (corepermission.Access, error)
	// ReadAllUserAccessForTarget  returns the user access for all users for
	// the given target (cloud).
	ReadAllUserAccessForTarget(ctx context.Context, target corepermission.ID) ([]corepermission.UserAccess, error)
	// CreatePermission sets the access level for a user on the given cloud.
	CreatePermission(ctx context.Context, spec corepermission.UserAccessSpec) (corepermission.UserAccess, error)
	// UpdatePermission updates the access level for a user on the given cloud.
	UpdatePermission(ctx context.Context, args access.UpdatePermissionArgs) error
	// ReadAllAccessForUserAndObjectType returns UserAccess for the given
	// subject (user) for all clouds based on objectType.
	ReadAllAccessForUserAndObjectType(ctx context.Context, subject user.Name, objectType corepermission.ObjectType) ([]corepermission.UserAccess, error)
	// AllModelAccessForCloudCredential for a given (cloud) credential key, return all
	// model name and model access levels.
	AllModelAccessForCloudCredential(ctx context.Context, key credential.Key) ([]access.CredentialOwnerModelAccess, error)
}

CloudAccessService provides access to cloud permissions.

type CloudService 

type CloudService interface {
	// ListAll returns a slice Clouds representing all clouds.
	ListAll(context.Context) ([]cloud.Cloud, error)
	// Cloud return Cloud data for the requested cloud.
	Cloud(context.Context, string) (*cloud.Cloud, error)
	// CreateCloud creates a new cloud including setting Admin permission
	// for the owner.
	CreateCloud(ctx context.Context, ownerName user.Name, cloud cloud.Cloud) error
	// UpdateCloud updates the definition of a current cloud.
	UpdateCloud(ctx context.Context, cld cloud.Cloud) error
	// DeleteCloud removes a cloud, and any permissions associated with it.
	DeleteCloud(ctx context.Context, name string) error
}

CloudService provides access to clouds.

type CloudV7 

type CloudV7 interface {
	AddCloud(ctx context.Context, cloudArgs params.AddCloudArgs) error
	AddCredentials(ctx context.Context, args params.TaggedCredentials) (params.ErrorResults, error)
	Cloud(ctx context.Context, args params.Entities) (params.CloudResults, error)
	Clouds(ctx context.Context) (params.CloudsResult, error)
	Credential(ctx context.Context, args params.Entities) (params.CloudCredentialResults, error)
	CredentialContents(ctx context.Context, credentialArgs params.CloudCredentialArgs) (params.CredentialContentResults, error)
	ModifyCloudAccess(ctx context.Context, args params.ModifyCloudAccessRequest) (params.ErrorResults, error)
	RevokeCredentialsCheckModels(ctx context.Context, args params.RevokeCredentialArgs) (params.ErrorResults, error)
	UpdateCredentialsCheckModels(ctx context.Context, args params.UpdateCredentialArgs) (params.UpdateCredentialResults, error)
	UserCredentials(ctx context.Context, args params.UserClouds) (params.StringsResults, error)
	UpdateCloud(ctx context.Context, cloudArgs params.UpdateCloudArgs) (params.ErrorResults, error)
}

CloudV7 defines the methods on the cloud API facade, version 7.

type CredentialService 

type CredentialService interface {
	CloudCredential(ctx context.Context, key credential.Key) (cloud.Credential, error)
	AllCloudCredentialsForOwner(ctx context.Context, owner user.Name) (map[credential.Key]cloud.Credential, error)
	CloudCredentialsForOwner(ctx context.Context, owner user.Name, cloudName string) (map[string]cloud.Credential, error)
	UpdateCloudCredential(ctx context.Context, key credential.Key, cred cloud.Credential) error
	RemoveCloudCredential(ctx context.Context, key credential.Key) error
	WatchCredential(ctx context.Context, key credential.Key) (watcher.NotifyWatcher, error)
	CheckAndUpdateCredential(ctx context.Context, key credential.Key, cred cloud.Credential, force bool) ([]credentialservice.UpdateCredentialModelResult, error)
	CheckAndRevokeCredential(ctx context.Context, key credential.Key, force bool) error
}

CredentialService provides access to the credential domain service.

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.