Documentation
¶
Index ¶
- Constants
- Variables
- func CleanAWS(asAdmin Client, accessKeyID string, log Logger) error
- func LambdaName(appID apps.AppID, version apps.AppVersion, function string) string
- func Region() string
- func S3BucketName() string
- func S3ManifestName(appID apps.AppID, version apps.AppVersion) string
- func S3StaticName(appID apps.AppID, version apps.AppVersion, name string) string
- type ARN
- type AssetData
- type Client
- type FunctionData
- type InitParams
- type InitResult
- type Logger
- type Name
- type PolicyDocument
- type PolicyStatement
- type ProvisionAppParams
- type ProvisionAppResult
- type ProvisionData
- type StaticUpstream
- type Upstream
Constants ¶
View Source
const ( AccessEnvVar = "MM_APPS_AWS_ACCESS_KEY" // nolint:gosec SecretEnvVar = "MM_APPS_AWS_SECRET_KEY" // nolint:gosec ProvisionAccessEnvVar = "MM_APPS_PROVISION_AWS_ACCESS_KEY" // nolint:gosec ProvisionSecretEnvVar = "MM_APPS_PROVISION_AWS_SECRET_KEY" // nolint:gosec DeprecatedCloudAccessEnvVar = "APPS_INVOKE_AWS_ACCESS_KEY" // nolint:gosec DeprecatedCloudSecretEnvVar = "APPS_INVOKE_AWS_SECRET_KEY" // nolint:gosec // S3BucketEnvVar is the environment variable containing the S3 bucket name // used to host Apps' assets. S3BucketEnvVar = "MM_APPS_S3_BUCKET" DefaultS3Bucket = "mattermost-apps-bucket" RegionEnvVar = "MM_APPS_AWS_REGION" DefaultRegion = "us-east-1" )
View Source
const ( DefaultExecuteRoleName = "mattermost-apps-execute-lambda-role" DefaultPolicyName = "mattermost-apps-invoke-policy" DefaultUserName = "mattermost-apps-invoke" DefaultGroupName = "mattermost-apps-invoke-group" )
View Source
const AssumeRolePolicyDocument = `` /* 170-byte string literal not displayed */
View Source
const InitialInvokePolicyDocument = `` /* 245-byte string literal not displayed */
View Source
const LambdaExecutionPolicyARN = ARN(`arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole`)
View Source
const MaxLambdaName = 64
Variables ¶
View Source
var InvokePolicyDocumentTemplate = template.Must(template.New("InvokePolicyDocument").Parse(InitialInvokePolicyDocument))
Functions ¶
func LambdaName ¶
LambdaName generates function name for a specific app, name can be 64 characters long.
func S3BucketName ¶
func S3BucketName() string
func S3ManifestName ¶
func S3ManifestName(appID apps.AppID, version apps.AppVersion) string
ManifestS3Name generates key for a specific manifest in S3, key can be 1024 characters long.
func S3StaticName ¶
S3StaticName generates key for a specific asset in S3, key can be 1024 characters long.
Types ¶
type AssetData ¶
type AssetData struct {
File io.ReadCloser `json:"-"`
Key string `json:"key"`
}
type Client ¶
type Client interface {
// Proxy methods
GetS3(bucket, item string) ([]byte, error)
InvokeLambda(name string, invocationType string, payload []byte) ([]byte, error)
// Admin methods
AddResourcesToPolicyDocument(*iam.Policy, []ARN) (string, error)
AddUserToGroup(u, g Name) error
AttachGroupPolicy(g Name, p ARN) error
AttachRolePolicy(roleName Name, policyARN ARN) error
CreateAccessKey(user Name) (string, string, error)
CreateGroup(name Name) (ARN, error)
CreateLambda(zipFile io.Reader, function, handler, runtime string, role ARN) (ARN, error)
CreateOrUpdateLambda(zipFile io.Reader, function, handler, runtime string, role ARN) (ARN, error)
CreatePolicy(name Name, data string) (ARN, error)
CreateRole(name Name) (ARN, error)
CreateS3Bucket(bucket string) error
CreateUser(name Name) (ARN, error)
DeleteAccessKeys(user Name, accessKeyID string) error
DeleteGroup(Name) error
DeletePolicy(ARN) error
DeleteRole(name Name) error
DeleteS3Bucket(name string) error
DeleteUser(name Name) error
DetachGroupPolicy(g Name, p ARN) error
ExistsS3Bucket(name string) (bool, error)
FindGroup(name Name) (ARN, error)
FindPolicy(policyName Name) (*iam.Policy, error)
FindRole(name Name) (ARN, error)
FindUser(name Name) (ARN, error)
RemoveUserFromGroup(u, g Name) error
UploadS3(bucket, key string, body io.Reader, publicRead bool) (string, error)
}
Client is an authenticated client for interacting with AWS resources. It provides a thin layer on top of aws-sdk-go, and contains all AWS dependencies.
type FunctionData ¶
type FunctionData struct {
Bundle io.ReadCloser `json:"-"`
Name string `json:"name"`
Handler string `json:"handler"`
Runtime string `json:"runtime"`
}
type InitParams ¶
type InitResult ¶
type InitResult struct {
Bucket string
PolicyARN ARN
UserARN ARN
GroupARN ARN
ExecuteRoleARN ARN
AccessKeyID string
AccessKeySecret string
}
func InitializeAWS ¶
func InitializeAWS(asAdmin Client, log Logger, params InitParams) (r *InitResult, err error)
type PolicyDocument ¶
type PolicyDocument struct {
Version string
Statement []PolicyStatement
}
type PolicyStatement ¶
func DefaultAllowLambdaStatement ¶
func DefaultAllowLambdaStatement(in PolicyStatement) PolicyStatement
type ProvisionAppParams ¶
type ProvisionAppResult ¶
type ProvisionAppResult struct {
InvokePolicyDoc string
InvokePolicyARN ARN
ExecuteRoleARN ARN
ExecutePolicyARN ARN
LambdaARNs []ARN
StaticARNs []ARN
ManifestURL string
Manifest apps.Manifest
}
func ProvisionAppFromFile ¶
func ProvisionAppFromFile(c Client, path string, log Logger, params ProvisionAppParams) (*ProvisionAppResult, error)
type ProvisionData ¶
type ProvisionData struct {
// StaticFiles key is the name of the static file in the /static folder
// Staticfiles value is the S3 Key where file should be provisioned
StaticFiles map[string]AssetData `json:"static_files"`
// LambdaFunctions key is the name of the lambda function zip bundle
// LambdaFunctions value contains info for provisioning a function in the AWS.
// LambdaFunctions value's Name field contains functions name in the AWS.
LambdaFunctions map[string]FunctionData `json:"lambda_functions"`
Manifest *apps.Manifest `json:"-"`
ManifestKey string `json:"manifest_key"`
}
ProvisionData contains all the necessary data for provisioning an app
func GetProvisionDataFromFile ¶
func GetProvisionDataFromFile(path string, log Logger) (*ProvisionData, error)
func (*ProvisionData) IsValid ¶
func (pd *ProvisionData) IsValid() error
type StaticUpstream ¶
type StaticUpstream struct {
// contains filtered or unexported fields
}
func NewStaticUpstream ¶
func NewStaticUpstream(m *apps.Manifest, awsClient Client, bucket string) *StaticUpstream
func (*StaticUpstream) GetStatic ¶
func (u *StaticUpstream) GetStatic(path string) (io.ReadCloser, int, error)
type Upstream ¶
type Upstream struct {
StaticUpstream
// contains filtered or unexported fields
}
Upstream wraps an awsClient to make requests to the App. It should not be reused between requests, nor cached.
func (*Upstream) InvokeFunction ¶
InvokeFunction is a public method used in appsctl, but is not a part of the upstream.Upstream interface. It invokes a function with a specified name, with no conversion.
func (*Upstream) Roundtrip ¶
func (u *Upstream) Roundtrip(call *apps.CallRequest, async bool) (io.ReadCloser, error)
Source Files
Click to show internal directories.
Click to hide internal directories.