Documentation
¶
Index ¶
- Constants
- Variables
- func CleanAWS(asAdmin Client, accessKeyID string, log utils.Logger) error
- func LambdaName(appID apps.AppID, version apps.AppVersion, function string) string
- func ParseS3ManifestName(key string) (apps.AppID, apps.AppVersion, error)
- func Region() string
- func S3BucketName() string
- func S3ManifestName(appID apps.AppID, version apps.AppVersion) string
- func S3StaticName(appID apps.AppID, version apps.AppVersion, name string) string
- type ARN
- type AssetData
- type Client
- type DeployAppParams
- type DeployAppResult
- type DeployData
- type FunctionData
- type InitParams
- type InitResult
- type Name
- type PolicyDocument
- type PolicyStatement
- type Upstream
- func (u *Upstream) GetStatic(ctx context.Context, app apps.App, path string) (io.ReadCloser, int, error)
- func (u *Upstream) ListS3Apps(appPrefix string) ([]apps.AppID, error)
- func (u *Upstream) ListS3Versions(appID apps.AppID, versionPrefix string) ([]string, error)
- func (u *Upstream) Roundtrip(ctx context.Context, app apps.App, creq apps.CallRequest, async bool) (io.ReadCloser, error)
Constants ¶
View Source
const ( AccessEnvVar = "MM_APPS_AWS_ACCESS_KEY" // nolint:gosec SecretEnvVar = "MM_APPS_AWS_SECRET_KEY" // nolint:gosec DeployAccessEnvVar = "MM_APPS_DEPLOY_AWS_ACCESS_KEY" // nolint:gosec DeploySecretEnvVar = "MM_APPS_DEPLOY_AWS_SECRET_KEY" // nolint:gosec DeprecatedCloudAccessEnvVar = "APPS_INVOKE_AWS_ACCESS_KEY" // nolint:gosec DeprecatedCloudSecretEnvVar = "APPS_INVOKE_AWS_SECRET_KEY" // nolint:gosec // S3BucketEnvVar is the environment variable containing the S3 bucket name // used to host Apps' assets. S3BucketEnvVar = "MM_APPS_S3_BUCKET" DefaultS3Bucket = "mattermost-apps-bucket" RegionEnvVar = "MM_APPS_AWS_REGION" DefaultRegion = "us-east-1" )
View Source
const ( DefaultExecuteRoleName = "mattermost-apps-execute-lambda-role" DefaultPolicyName = "mattermost-apps-invoke-policy" DefaultUserName = "mattermost-apps-invoke" DefaultGroupName = "mattermost-apps-invoke-group" )
View Source
const AssumeRolePolicyDocument = `` /* 170-byte string literal not displayed */
View Source
const InitialInvokePolicyDocument = `` /* 395-byte string literal not displayed */
View Source
const LambdaExecutionPolicyARN = ARN(`arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole`)
View Source
const MaxLambdaName = 64
Variables ¶
View Source
var InvokePolicyDocumentTemplate = template.Must(template.New("InvokePolicyDocument").Parse(InitialInvokePolicyDocument))
Functions ¶
func LambdaName ¶
LambdaName generates function name for a specific app, name can be 64 characters long.
func ParseS3ManifestName ¶ added in v1.0.0
ParseManifestS3Name parses the AppID and AppVersion out of an S3 key.
func S3BucketName ¶
func S3BucketName() string
func S3ManifestName ¶
func S3ManifestName(appID apps.AppID, version apps.AppVersion) string
ManifestS3Name generates key for a specific manifest in S3, key can be 1024 characters long.
func S3StaticName ¶
S3StaticName generates key for a specific asset in S3, key can be 1024 characters long.
Types ¶
type AssetData ¶
type AssetData struct {
File io.ReadCloser `json:"-"`
Key string `json:"key"`
}
type Client ¶
type Client interface {
// Proxy methods
GetS3(ctx context.Context, bucket, item string) ([]byte, error)
InvokeLambda(ctx context.Context, name string, invocationType string, payload []byte) ([]byte, error)
// Admin methods
AddResourcesToPolicyDocument(*iam.Policy, []ARN) (string, error)
AddUserToGroup(u, g Name) error
AttachGroupPolicy(g Name, p ARN) error
AttachRolePolicy(roleName Name, policyARN ARN) error
CreateAccessKey(user Name) (string, string, error)
CreateGroup(name Name) (ARN, error)
CreateLambda(zipFile io.Reader, function, handler, runtime string, role ARN) (ARN, error)
CreateOrUpdateLambda(zipFile io.Reader, function, handler, runtime string, role ARN) (ARN, error)
SetLambdaEnvironmentVariables(arn string, started time.Time, vars map[string]*string) error
CreatePolicy(name Name, data string) (ARN, error)
CreateRole(name Name) (ARN, error)
CreateS3Bucket(bucket string) error
CreateUser(name Name) (ARN, error)
DeleteAccessKeys(user Name, accessKeyID string) error
DeleteGroup(Name) error
DeletePolicy(ARN) error
DeleteRole(name Name) error
DeleteS3Bucket(name string) error
DeleteUser(name Name) error
DetachGroupPolicy(g Name, p ARN) error
ExistsS3Bucket(name string) (bool, error)
FindGroup(name Name) (ARN, error)
FindPolicy(policyName Name) (*iam.Policy, error)
FindRole(name Name) (ARN, error)
FindUser(name Name) (ARN, error)
ListS3(bucket, prefix string) ([]string, error)
RemoveUserFromGroup(u, g Name) error
UploadS3(bucket, key string, body io.Reader, publicRead bool) (string, error)
}
Client is an authenticated client for interacting with AWS resources. It provides a thin layer on top of aws-sdk-go, and contains all AWS dependencies.
type DeployAppParams ¶ added in v1.0.0
type DeployAppResult ¶ added in v1.0.0
type DeployAppResult struct {
InvokePolicyDoc string
InvokePolicyARN ARN
ExecuteRoleARN ARN
ExecutePolicyARN ARN
LambdaARNs []ARN
StaticARNs []ARN
ManifestURL string
Manifest apps.Manifest
}
func DeployAppFromFile ¶ added in v1.0.0
func DeployAppFromFile(c Client, path string, log utils.Logger, params DeployAppParams) (*DeployAppResult, error)
type DeployData ¶ added in v1.0.0
type DeployData struct {
// StaticFiles key is the name of the static file in the /static folder
// Staticfiles value is the S3 Key where file should be deployed
StaticFiles map[string]AssetData `json:"static_files"`
// LambdaFunctions key is the name of the lambda function zip bundle
// LambdaFunctions value contains info for deploying a function in the AWS.
// LambdaFunctions value's Name field contains functions name in the AWS.
LambdaFunctions map[string]FunctionData `json:"lambda_functions"`
Manifest *apps.Manifest `json:"-"`
ManifestKey string `json:"manifest_key"`
}
DeployData contains all the necessary data for deploying an app.
func GetDeployDataFromFile ¶ added in v1.0.0
func GetDeployDataFromFile(path string, log utils.Logger) (*DeployData, error)
func (*DeployData) Validate ¶ added in v1.0.0
func (pd *DeployData) Validate() error
type FunctionData ¶
type FunctionData struct {
Bundle io.ReadCloser `json:"-"`
Name string `json:"name"`
Handler string `json:"handler"`
Runtime string `json:"runtime"`
}
type InitParams ¶
type InitResult ¶
type InitResult struct {
Bucket string
PolicyARN ARN
UserARN ARN
GroupARN ARN
ExecuteRoleARN ARN
AccessKeyID string
AccessKeySecret string
}
func InitializeAWS ¶
func InitializeAWS(asAdmin Client, log utils.Logger, params InitParams) (r *InitResult, err error)
type PolicyDocument ¶
type PolicyDocument struct {
Version string
Statement []PolicyStatement
}
type PolicyStatement ¶
func DefaultAllowLambdaStatement ¶
func DefaultAllowLambdaStatement(in PolicyStatement) PolicyStatement
type Upstream ¶
type Upstream struct {
// contains filtered or unexported fields
}
Upstream wraps an awsClient to make requests to the App. It should not be reused between requests, nor cached.
func MakeUpstream ¶ added in v1.0.0
func (*Upstream) ListS3Apps ¶ added in v1.0.0
Lists all apps with manifests in S3.
func (*Upstream) ListS3Versions ¶ added in v1.0.0
Lists all apps with manifests in S3.
Source Files
Click to show internal directories.
Click to hide internal directories.