upaws

package
v1.2.1-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2023 License: Apache-2.0 Imports: 35 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AccessEnvVar       = "MM_APPS_AWS_ACCESS_KEY"        // nolint:gosec
	SecretEnvVar       = "MM_APPS_AWS_SECRET_KEY"        // nolint:gosec
	DeployAccessEnvVar = "MM_APPS_DEPLOY_AWS_ACCESS_KEY" // nolint:gosec
	DeploySecretEnvVar = "MM_APPS_DEPLOY_AWS_SECRET_KEY" // nolint:gosec

	DeprecatedCloudAccessEnvVar = "APPS_INVOKE_AWS_ACCESS_KEY" // nolint:gosec
	DeprecatedCloudSecretEnvVar = "APPS_INVOKE_AWS_SECRET_KEY" // nolint:gosec

	// S3BucketEnvVar is the environment variable containing the S3 bucket name
	// used to host Apps' assets.
	S3BucketEnvVar  = "MM_APPS_S3_BUCKET"
	DefaultS3Bucket = "mattermost-apps-bucket"

	RegionEnvVar  = "MM_APPS_AWS_REGION"
	DefaultRegion = "us-east-1"
)
View Source
const (
	DefaultExecuteRoleName = "mattermost-apps-execute-lambda-role"
	DefaultPolicyName      = "mattermost-apps-invoke-policy"
	DefaultUserName        = "mattermost-apps-invoke"
	DefaultGroupName       = "mattermost-apps-invoke-group"
)
View Source
const AssumeRolePolicyDocument = `` /* 170-byte string literal not displayed */
View Source
const InitialInvokePolicyDocument = `` /* 395-byte string literal not displayed */
View Source
const LambdaExecutionPolicyARN = ARN(`arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole`)
View Source
const MaxLambdaName = 64

Variables

View Source
var InvokePolicyDocumentTemplate = template.Must(template.New("InvokePolicyDocument").Parse(InitialInvokePolicyDocument))

Functions

func CleanAWS

func CleanAWS(asAdmin Client, accessKeyID string, log utils.Logger) error

func LambdaName

func LambdaName(appID apps.AppID, version apps.AppVersion, function string) string

LambdaName generates function name for a specific app, name can be 64 characters long.

func ParseS3ManifestName added in v1.0.0

func ParseS3ManifestName(key string) (apps.AppID, apps.AppVersion, error)

ParseManifestS3Name parses the AppID and AppVersion out of an S3 key.

func Region

func Region() string

func S3BucketName

func S3BucketName() string

func S3ManifestName

func S3ManifestName(appID apps.AppID, version apps.AppVersion) string

ManifestS3Name generates key for a specific manifest in S3, key can be 1024 characters long.

func S3StaticName

func S3StaticName(appID apps.AppID, version apps.AppVersion, name string) string

S3StaticName generates key for a specific asset in S3, key can be 1024 characters long.

Types

type ARN

type ARN string

func (ARN) AWSString

func (arn ARN) AWSString() *string

type AssetData

type AssetData struct {
	File io.ReadCloser `json:"-"`
	Key  string        `json:"key"`
}

type Client

type Client interface {
	// Proxy methods
	GetS3(ctx context.Context, bucket, item string) ([]byte, error)
	InvokeLambda(ctx context.Context, name string, invocationType string, payload []byte) ([]byte, error)

	// Admin methods
	AddResourcesToPolicyDocument(*iam.Policy, []ARN) (string, error)
	AddUserToGroup(u, g Name) error
	AttachGroupPolicy(g Name, p ARN) error
	AttachRolePolicy(roleName Name, policyARN ARN) error
	CreateAccessKey(user Name) (string, string, error)
	CreateGroup(name Name) (ARN, error)
	CreateLambda(zipFile io.Reader, function, handler, runtime string, role ARN) (ARN, error)
	CreateOrUpdateLambda(zipFile io.Reader, function, handler, runtime string, role ARN) (ARN, error)
	SetLambdaEnvironmentVariables(arn string, started time.Time, vars map[string]*string) error
	CreatePolicy(name Name, data string) (ARN, error)
	CreateRole(name Name) (ARN, error)
	CreateS3Bucket(bucket string) error
	CreateUser(name Name) (ARN, error)
	DeleteAccessKeys(user Name, accessKeyID string) error
	DeleteGroup(Name) error
	DeletePolicy(ARN) error
	DeleteRole(name Name) error
	DeleteS3Bucket(name string) error
	DeleteUser(name Name) error
	DetachGroupPolicy(g Name, p ARN) error
	ExistsS3Bucket(name string) (bool, error)
	FindGroup(name Name) (ARN, error)
	FindPolicy(policyName Name) (*iam.Policy, error)
	FindRole(name Name) (ARN, error)
	FindUser(name Name) (ARN, error)
	ListS3(bucket, prefix string) ([]string, error)
	RemoveUserFromGroup(u, g Name) error
	UploadS3(bucket, key string, body io.Reader, publicRead bool) (string, error)
}

Client is an authenticated client for interacting with AWS resources. It provides a thin layer on top of aws-sdk-go, and contains all AWS dependencies.

func MakeClient

func MakeClient(awsAccessKeyID, awsSecretAccessKey, region string, log utils.Logger) (Client, error)

type DeployAppParams added in v1.0.0

type DeployAppParams struct {
	Bucket           string
	InvokePolicyName Name
	ExecuteRoleName  Name
	ShouldUpdate     bool
	Environment      map[string]string
}

type DeployAppResult added in v1.0.0

type DeployAppResult struct {
	InvokePolicyDoc  string
	InvokePolicyARN  ARN
	ExecuteRoleARN   ARN
	ExecutePolicyARN ARN
	LambdaARNs       []ARN
	StaticARNs       []ARN
	ManifestURL      string
	Manifest         apps.Manifest
}

func DeployAppFromFile added in v1.0.0

func DeployAppFromFile(c Client, path string, log utils.Logger, params DeployAppParams) (*DeployAppResult, error)

type DeployData added in v1.0.0

type DeployData struct {
	// StaticFiles key is the name of the static file in the /static folder
	// Staticfiles value is the S3 Key where file should be deployed
	StaticFiles map[string]AssetData `json:"static_files"`

	// LambdaFunctions key is the name of the lambda function zip bundle
	// LambdaFunctions value contains info for deploying a function in the AWS.
	// LambdaFunctions value's Name field contains functions name in the AWS.
	LambdaFunctions map[string]FunctionData `json:"lambda_functions"`
	Manifest        *apps.Manifest          `json:"-"`
	ManifestKey     string                  `json:"manifest_key"`
}

DeployData contains all the necessary data for deploying an app.

func GetDeployDataFromFile added in v1.0.0

func GetDeployDataFromFile(path string, log utils.Logger) (*DeployData, error)

func (*DeployData) Validate added in v1.0.0

func (pd *DeployData) Validate() error

type FunctionData

type FunctionData struct {
	Bundle  io.ReadCloser `json:"-"`
	Name    string        `json:"name"`
	Handler string        `json:"handler"`
	Runtime string        `json:"runtime"`
}

type InitParams

type InitParams struct {
	Bucket                string
	Policy                Name
	User                  Name
	Group                 Name
	ExecuteRole           Name
	ShouldCreate          bool
	ShouldCreateAccessKey bool
}

type InitResult

type InitResult struct {
	Bucket          string
	PolicyARN       ARN
	UserARN         ARN
	GroupARN        ARN
	ExecuteRoleARN  ARN
	AccessKeyID     string
	AccessKeySecret string
}

func InitializeAWS

func InitializeAWS(asAdmin Client, log utils.Logger, params InitParams) (r *InitResult, err error)

type Name

type Name string

func (Name) AWSString

func (n Name) AWSString() *string

type PolicyDocument

type PolicyDocument struct {
	Version   string
	Statement []PolicyStatement
}

type PolicyStatement

type PolicyStatement struct {
	Sid      string
	Effect   string
	Action   []string
	Resource []string
}

func DefaultAllowLambdaStatement

func DefaultAllowLambdaStatement(in PolicyStatement) PolicyStatement

type Upstream

type Upstream struct {
	// contains filtered or unexported fields
}

Upstream wraps an awsClient to make requests to the App. It should not be reused between requests, nor cached.

func MakeUpstream added in v1.0.0

func MakeUpstream(accessKey, secret, region, staticS3bucket string, log utils.Logger) (*Upstream, error)

func (*Upstream) GetStatic

func (u *Upstream) GetStatic(ctx context.Context, app apps.App, path string) (io.ReadCloser, int, error)

func (*Upstream) ListS3Apps added in v1.0.0

func (u *Upstream) ListS3Apps(appPrefix string) ([]apps.AppID, error)

Lists all apps with manifests in S3.

func (*Upstream) ListS3Versions added in v1.0.0

func (u *Upstream) ListS3Versions(appID apps.AppID, versionPrefix string) ([]string, error)

Lists all apps with manifests in S3.

func (*Upstream) Roundtrip

func (u *Upstream) Roundtrip(ctx context.Context, app apps.App, creq apps.CallRequest, async bool) (io.ReadCloser, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL