Documentation ¶
Overview ¶
Package controlplane contains the gRPC server implementation for the control plane
Index ¶
- Constants
- Variables
- func DeleteUser(ctx context.Context, store db.Store, authzClient authz.Client, ...) error
- func EntityContextProjectInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, ...) (any, error)
- func FilterOptsFromStrings(values []string, f func(string) history.FilterOpt) []history.FilterOpt
- func GetProjectID(ctx context.Context) uuid.UUID
- func GetProviderName(ctx context.Context) string
- func HandleAdminEvents(ctx context.Context, store db.Store, authzClient authz.Client, ...)
- func HandleEvents(ctx context.Context, store db.Store, authzClient authz.Client, ...)
- func ProjectAuthorizationInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, ...) (any, error)
- func RegisterGRPCServices(s *Server)
- func RegisterGatewayHTTPHandlers(ctx context.Context, gwmux *runtime.ServeMux, grpcAddress string, ...)
- func SubscribeToAdminEvents(ctx context.Context, store db.Store, authzClient authz.Client, ...) error
- func SubscribeToIdentityEvents(ctx context.Context, store db.Store, authzClient authz.Client, ...) error
- func TokenValidationInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, ...) (any, error)
- type AccountEvent
- type AdminEvent
- type HasProtoContext
- type HasProtoContextV2
- type HasProtoContextV2Compat
- type ProviderGetter
- type Server
- func (s *Server) AssignRole(ctx context.Context, req *minder.AssignRoleRequest) (*minder.AssignRoleResponse, error)
- func (s *Server) CheckHealth(ctx context.Context, _ *pb.CheckHealthRequest) (*pb.CheckHealthResponse, error)
- func (s *Server) CreateEntityReconciliationTask(ctx context.Context, in *pb.CreateEntityReconciliationTaskRequest) (*pb.CreateEntityReconciliationTaskResponse, error)
- func (s *Server) CreateProfile(ctx context.Context, cpr *minderv1.CreateProfileRequest) (*minderv1.CreateProfileResponse, error)
- func (s *Server) CreateProject(ctx context.Context, req *minderv1.CreateProjectRequest) (*minderv1.CreateProjectResponse, error)
- func (s *Server) CreateProvider(ctx context.Context, req *minderv1.CreateProviderRequest) (*minderv1.CreateProviderResponse, error)
- func (s *Server) CreateRuleType(ctx context.Context, crt *minderv1.CreateRuleTypeRequest) (*minderv1.CreateRuleTypeResponse, error)
- func (s *Server) CreateUser(ctx context.Context, _ *pb.CreateUserRequest) (*pb.CreateUserResponse, error)
- func (s *Server) DeleteProfile(ctx context.Context, in *minderv1.DeleteProfileRequest) (*minderv1.DeleteProfileResponse, error)
- func (s *Server) DeleteProject(ctx context.Context, _ *minderv1.DeleteProjectRequest) (*minderv1.DeleteProjectResponse, error)
- func (s *Server) DeleteProvider(ctx context.Context, _ *minderv1.DeleteProviderRequest) (*minderv1.DeleteProviderResponse, error)
- func (s *Server) DeleteProviderByID(ctx context.Context, in *minderv1.DeleteProviderByIDRequest) (*minderv1.DeleteProviderByIDResponse, error)
- func (s *Server) DeleteRepositoryById(ctx context.Context, in *pb.DeleteRepositoryByIdRequest) (*pb.DeleteRepositoryByIdResponse, error)
- func (s *Server) DeleteRepositoryByName(ctx context.Context, in *pb.DeleteRepositoryByNameRequest) (*pb.DeleteRepositoryByNameResponse, error)
- func (s *Server) DeleteRuleType(ctx context.Context, in *minderv1.DeleteRuleTypeRequest) (*minderv1.DeleteRuleTypeResponse, error)
- func (s *Server) DeleteUser(ctx context.Context, _ *pb.DeleteUserRequest) (*pb.DeleteUserResponse, error)
- func (s *Server) GetArtifactById(ctx context.Context, in *pb.GetArtifactByIdRequest) (*pb.GetArtifactByIdResponse, error)
- func (s *Server) GetArtifactByName(ctx context.Context, in *pb.GetArtifactByNameRequest) (*pb.GetArtifactByNameResponse, error)
- func (s *Server) GetAuthorizationURL(ctx context.Context, req *pb.GetAuthorizationURLRequest) (*pb.GetAuthorizationURLResponse, error)
- func (s *Server) GetEvaluationHistory(ctx context.Context, in *minderv1.GetEvaluationHistoryRequest) (*minderv1.GetEvaluationHistoryResponse, error)
- func (s *Server) GetInviteDetails(ctx context.Context, req *pb.GetInviteDetailsRequest) (*pb.GetInviteDetailsResponse, error)
- func (s *Server) GetProfileById(ctx context.Context, in *minderv1.GetProfileByIdRequest) (*minderv1.GetProfileByIdResponse, error)
- func (s *Server) GetProfileByName(ctx context.Context, in *minderv1.GetProfileByNameRequest) (*minderv1.GetProfileByNameResponse, error)
- func (s *Server) GetProfileStatusByName(ctx context.Context, in *minderv1.GetProfileStatusByNameRequest) (*minderv1.GetProfileStatusByNameResponse, error)
- func (s *Server) GetProfileStatusByProject(ctx context.Context, _ *minderv1.GetProfileStatusByProjectRequest) (*minderv1.GetProfileStatusByProjectResponse, error)
- func (s *Server) GetProvider(ctx context.Context, req *minderv1.GetProviderRequest) (*minderv1.GetProviderResponse, error)
- func (s *Server) GetRepositoryById(ctx context.Context, in *pb.GetRepositoryByIdRequest) (*pb.GetRepositoryByIdResponse, error)
- func (s *Server) GetRepositoryByName(ctx context.Context, in *pb.GetRepositoryByNameRequest) (*pb.GetRepositoryByNameResponse, error)
- func (s *Server) GetRuleTypeById(ctx context.Context, in *minderv1.GetRuleTypeByIdRequest) (*minderv1.GetRuleTypeByIdResponse, error)
- func (s *Server) GetRuleTypeByName(ctx context.Context, in *minderv1.GetRuleTypeByNameRequest) (*minderv1.GetRuleTypeByNameResponse, error)
- func (s *Server) GetUser(ctx context.Context, _ *pb.GetUserRequest) (*pb.GetUserResponse, error)
- func (s *Server) HandleGitHubAppCallback() runtime.HandlerFunc
- func (s *Server) HandleOAuthCallback() runtime.HandlerFunc
- func (s *Server) ListArtifacts(ctx context.Context, in *pb.ListArtifactsRequest) (*pb.ListArtifactsResponse, error)
- func (s *Server) ListChildProjects(ctx context.Context, req *minderv1.ListChildProjectsRequest) (*minderv1.ListChildProjectsResponse, error)
- func (s *Server) ListEvaluationHistory(ctx context.Context, in *minderv1.ListEvaluationHistoryRequest) (*minderv1.ListEvaluationHistoryResponse, error)
- func (s *Server) ListEvaluationResults(ctx context.Context, in *minderv1.ListEvaluationResultsRequest) (*minderv1.ListEvaluationResultsResponse, error)
- func (s *Server) ListInvitations(ctx context.Context, _ *pb.ListInvitationsRequest) (*pb.ListInvitationsResponse, error)
- func (s *Server) ListProfiles(ctx context.Context, req *minderv1.ListProfilesRequest) (*minderv1.ListProfilesResponse, error)
- func (s *Server) ListProjects(ctx context.Context, _ *minderv1.ListProjectsRequest) (*minderv1.ListProjectsResponse, error)
- func (_ *Server) ListProviderClasses(_ context.Context, _ *minderv1.ListProviderClassesRequest) (*minderv1.ListProviderClassesResponse, error)
- func (s *Server) ListProviders(ctx context.Context, req *minderv1.ListProvidersRequest) (*minderv1.ListProvidersResponse, error)
- func (s *Server) ListRemoteRepositoriesFromProvider(ctx context.Context, in *pb.ListRemoteRepositoriesFromProviderRequest) (*pb.ListRemoteRepositoriesFromProviderResponse, error)
- func (s *Server) ListRepositories(ctx context.Context, in *pb.ListRepositoriesRequest) (*pb.ListRepositoriesResponse, error)
- func (s *Server) ListRoleAssignments(ctx context.Context, _ *minder.ListRoleAssignmentsRequest) (*minder.ListRoleAssignmentsResponse, error)
- func (*Server) ListRoles(_ context.Context, _ *minder.ListRolesRequest) (*minder.ListRolesResponse, error)
- func (s *Server) ListRuleTypes(ctx context.Context, _ *minderv1.ListRuleTypesRequest) (*minderv1.ListRuleTypesResponse, error)
- func (s *Server) PatchProfile(ctx context.Context, ppr *minderv1.PatchProfileRequest) (*minderv1.PatchProfileResponse, error)
- func (s *Server) PatchProject(ctx context.Context, req *minderv1.PatchProjectRequest) (*minderv1.PatchProjectResponse, error)
- func (s *Server) PatchProvider(ctx context.Context, req *minderv1.PatchProviderRequest) (*minderv1.PatchProviderResponse, error)
- func (s *Server) ReconcileEntityRegistration(ctx context.Context, in *pb.ReconcileEntityRegistrationRequest) (*pb.ReconcileEntityRegistrationResponse, error)
- func (s *Server) RegisterRepository(ctx context.Context, in *pb.RegisterRepositoryRequest) (*pb.RegisterRepositoryResponse, error)
- func (s *Server) RemoveRole(ctx context.Context, req *minder.RemoveRoleRequest) (*minder.RemoveRoleResponse, error)
- func (s *Server) ResolveInvitation(ctx context.Context, req *pb.ResolveInvitationRequest) (*pb.ResolveInvitationResponse, error)
- func (s *Server) StartGRPCServer(ctx context.Context) error
- func (s *Server) StartHTTPServer(ctx context.Context) error
- func (s *Server) StoreProviderToken(ctx context.Context, in *pb.StoreProviderTokenRequest) (*pb.StoreProviderTokenResponse, error)
- func (s *Server) UpdateProfile(ctx context.Context, cpr *minderv1.UpdateProfileRequest) (*minderv1.UpdateProfileResponse, error)
- func (s *Server) UpdateProject(ctx context.Context, req *minderv1.UpdateProjectRequest) (*minderv1.UpdateProjectResponse, error)
- func (s *Server) UpdateRole(ctx context.Context, req *minder.UpdateRoleRequest) (*minder.UpdateRoleResponse, error)
- func (s *Server) UpdateRuleType(ctx context.Context, urt *minderv1.UpdateRuleTypeRequest) (*minderv1.UpdateRuleTypeResponse, error)
- func (s *Server) VerifyProviderCredential(ctx context.Context, in *pb.VerifyProviderCredentialRequest) (*pb.VerifyProviderCredentialResponse, error)
- func (s *Server) VerifyProviderTokenFrom(ctx context.Context, in *pb.VerifyProviderTokenFromRequest) (*pb.VerifyProviderTokenFromResponse, error)
- type UpstreamRepoAndEntityRef
Constants ¶
const PaginationLimit = 10
PaginationLimit is the maximum number of items that can be returned in a single page
Variables ¶
var ( // ErrNoProjectInContext is returned when no project is found in the context ErrNoProjectInContext = errors.New("no project found in context") )
var ( // RequestBodyMaxBytes is the maximum number of bytes that can be read from a request body // We limit to 2MB for now RequestBodyMaxBytes int64 = 2 << 20 )
Functions ¶
func DeleteUser ¶
func DeleteUser( ctx context.Context, store db.Store, authzClient authz.Client, projectDeleter projects.ProjectDeleter, userId string, ) error
DeleteUser deletes a user and all their associated data from the minder database
func EntityContextProjectInterceptor ¶
func EntityContextProjectInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error)
EntityContextProjectInterceptor is a server interceptor that sets up the entity context project
func FilterOptsFromStrings ¶
func FilterOptsFromStrings( values []string, f func(string) history.FilterOpt, ) []history.FilterOpt
FilterOptsFromStrings calls the given function `f` on each element of values. Such elements are either "complex", i.e. they represent a comma-separated list of sub-elements, or "simple", they do not contain comma characters. If element contains one or more comma characters, it is further split into sub-elements before calling `f` in them.
func GetProjectID ¶
GetProjectID retrieves the project ID from the request context.
func GetProviderName ¶
GetProviderName retrieves the provider name from the request context.
func HandleAdminEvents ¶
func HandleAdminEvents( ctx context.Context, store db.Store, authzClient authz.Client, cfg *serverconfig.Config, projectDeleter projects.ProjectDeleter, )
HandleAdminEvents deletes users where the deletion occurred through the Keycloak API.
func HandleEvents ¶
func HandleEvents( ctx context.Context, store db.Store, authzClient authz.Client, cfg *serverconfig.Config, projectDeleter projects.ProjectDeleter, )
HandleEvents fetches events from the identity provider and performs any related changes to the minder database
func ProjectAuthorizationInterceptor ¶
func ProjectAuthorizationInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error)
ProjectAuthorizationInterceptor is a server interceptor that checks if a user is authorized on the requested project
func RegisterGRPCServices ¶
func RegisterGRPCServices(s *Server)
RegisterGRPCServices registers the GRPC services
func RegisterGatewayHTTPHandlers ¶
func RegisterGatewayHTTPHandlers(ctx context.Context, gwmux *runtime.ServeMux, grpcAddress string, opts []grpc.DialOption)
RegisterGatewayHTTPHandlers registers the gateway HTTP handlers
func SubscribeToAdminEvents ¶
func SubscribeToAdminEvents( ctx context.Context, store db.Store, authzClient authz.Client, cfg *serverconfig.Config, projectDeleter projects.ProjectDeleter, ) error
SubscribeToAdminEvents starts a cron job that periodicalyl fetches admin events from Keycloak. Users who are deleted through the Keycloak API show up as admin events, not normal identity events.
func SubscribeToIdentityEvents ¶
func SubscribeToIdentityEvents( ctx context.Context, store db.Store, authzClient authz.Client, cfg *serverconfig.Config, projectDeleter projects.ProjectDeleter, ) error
SubscribeToIdentityEvents starts a cron job that periodically fetches events from the identity provider
func TokenValidationInterceptor ¶
func TokenValidationInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error)
TokenValidationInterceptor is a server interceptor that validates the bearer token
Types ¶
type AccountEvent ¶
type AccountEvent struct { Time int64 `json:"time"` Type string `json:"type"` RealmId string `json:"realmId"` ClientId string `json:"clientId"` UserId string `json:"userId"` }
AccountEvent is an event returned by Keycloak for user events
type AdminEvent ¶
type AdminEvent struct { Time int64 `json:"time"` RealmId string `json:"realmId"` OperationType string `json:"operationType"` ResourceType string `json:"resourceType"` ResourcePath string `json:"resourcePath"` }
AdminEvent is an event returned by Keycloak for admin events -- note the completely different structure
type HasProtoContext ¶
HasProtoContext is an interface that can be implemented by a request
type HasProtoContextV2 ¶
HasProtoContextV2 is an interface that can be implemented by a request
type HasProtoContextV2Compat ¶
type HasProtoContextV2Compat interface { HasProtoContext GetContextV2() *pb.ContextV2 }
HasProtoContextV2Compat is an interface that can be implemented by a request. It implements the GetContext V1 and V2 methods for backwards compatibility.
type ProviderGetter ¶
type ProviderGetter interface {
GetProvider() string
}
ProviderGetter is an interface that can be implemented by a context, since both the context V1 and V2 have a provider field
type Server ¶
type Server struct { // Implementations for service registration pb.UnimplementedHealthServiceServer pb.UnimplementedOAuthServiceServer pb.UnimplementedUserServiceServer pb.UnimplementedRepositoryServiceServer pb.UnimplementedProjectsServiceServer pb.UnimplementedProfileServiceServer pb.UnimplementedRuleTypeServiceServer pb.UnimplementedArtifactServiceServer pb.UnimplementedPermissionsServiceServer pb.UnimplementedProvidersServiceServer pb.UnimplementedEvalResultsServiceServer pb.UnimplementedInviteServiceServer // contains filtered or unexported fields }
Server represents the controlplane server
func NewServer ¶
func NewServer( store db.Store, evt events.Publisher, cfg *serverconfig.Config, serverMetrics metrics.Metrics, jwtValidator jwt.Validator, cryptoEngine crypto.Engine, authzClient authz.Client, idClient auth.Resolver, inviteService invites.InviteService, repoService reposvc.RepositoryService, propertyService propSvc.PropertiesService, roleService roles.RoleService, profileService profiles.ProfileService, historyService history.EvaluationHistoryService, ruleService ruletypes.RuleTypeService, ghProviders service.GitHubProviderService, providerManager manager.ProviderManager, providerAuthManager manager.AuthManager, providerStore providers.ProviderStore, sessionService session.ProviderSessionService, projectDeleter projects.ProjectDeleter, projectCreator projects.ProjectCreator, featureFlagClient *openfeature.Client, ) *Server
NewServer creates a new server instance
func (*Server) AssignRole ¶
func (s *Server) AssignRole(ctx context.Context, req *minder.AssignRoleRequest) (*minder.AssignRoleResponse, error)
AssignRole assigns a role to a user on a project. Note that this assumes that the request has already been authorized.
func (*Server) CheckHealth ¶
func (s *Server) CheckHealth(ctx context.Context, _ *pb.CheckHealthRequest) (*pb.CheckHealthResponse, error)
CheckHealth is a simple health check for monitoring
func (*Server) CreateEntityReconciliationTask ¶
func (s *Server) CreateEntityReconciliationTask(ctx context.Context, in *pb.CreateEntityReconciliationTaskRequest) ( *pb.CreateEntityReconciliationTaskResponse, error, )
CreateEntityReconciliationTask creates a task to reconcile the state of an entity
func (*Server) CreateProfile ¶
func (s *Server) CreateProfile(ctx context.Context, cpr *minderv1.CreateProfileRequest) (*minderv1.CreateProfileResponse, error)
CreateProfile creates a profile for a project
func (*Server) CreateProject ¶
func (s *Server) CreateProject( ctx context.Context, req *minderv1.CreateProjectRequest, ) (*minderv1.CreateProjectResponse, error)
CreateProject creates a new subproject
func (*Server) CreateProvider ¶
func (s *Server) CreateProvider( ctx context.Context, req *minderv1.CreateProviderRequest, ) (*minderv1.CreateProviderResponse, error)
CreateProvider implements the CreateProvider RPC method.
func (*Server) CreateRuleType ¶
func (s *Server) CreateRuleType( ctx context.Context, crt *minderv1.CreateRuleTypeRequest, ) (*minderv1.CreateRuleTypeResponse, error)
CreateRuleType is a method to create a rule type
func (*Server) CreateUser ¶
func (s *Server) CreateUser(ctx context.Context, _ *pb.CreateUserRequest) (*pb.CreateUserResponse, error)
CreateUser is a service for user self registration
func (*Server) DeleteProfile ¶
func (s *Server) DeleteProfile(ctx context.Context, in *minderv1.DeleteProfileRequest) (*minderv1.DeleteProfileResponse, error)
DeleteProfile is a method to delete a profile
func (*Server) DeleteProject ¶
func (s *Server) DeleteProject( ctx context.Context, _ *minderv1.DeleteProjectRequest, ) (*minderv1.DeleteProjectResponse, error)
DeleteProject deletes a subproject
func (*Server) DeleteProvider ¶
func (s *Server) DeleteProvider( ctx context.Context, _ *minderv1.DeleteProviderRequest, ) (*minderv1.DeleteProviderResponse, error)
DeleteProvider deletes a provider by name from a specific project.
func (*Server) DeleteProviderByID ¶
func (s *Server) DeleteProviderByID( ctx context.Context, in *minderv1.DeleteProviderByIDRequest, ) (*minderv1.DeleteProviderByIDResponse, error)
DeleteProviderByID deletes a provider by ID from a specific project.
func (*Server) DeleteRepositoryById ¶
func (s *Server) DeleteRepositoryById( ctx context.Context, in *pb.DeleteRepositoryByIdRequest, ) (*pb.DeleteRepositoryByIdResponse, error)
DeleteRepositoryById deletes a repository by its UUID
func (*Server) DeleteRepositoryByName ¶
func (s *Server) DeleteRepositoryByName( ctx context.Context, in *pb.DeleteRepositoryByNameRequest, ) (*pb.DeleteRepositoryByNameResponse, error)
DeleteRepositoryByName deletes a repository by name
func (*Server) DeleteRuleType ¶
func (s *Server) DeleteRuleType( ctx context.Context, in *minderv1.DeleteRuleTypeRequest, ) (*minderv1.DeleteRuleTypeResponse, error)
DeleteRuleType is a method to delete a rule type
func (*Server) DeleteUser ¶
func (s *Server) DeleteUser(ctx context.Context, _ *pb.DeleteUserRequest) (*pb.DeleteUserResponse, error)
DeleteUser is a service for user self deletion
func (*Server) GetArtifactById ¶
func (s *Server) GetArtifactById(ctx context.Context, in *pb.GetArtifactByIdRequest) (*pb.GetArtifactByIdResponse, error)
GetArtifactById gets an artifact by id nolint:gocyclo
func (*Server) GetArtifactByName ¶
func (s *Server) GetArtifactByName(ctx context.Context, in *pb.GetArtifactByNameRequest) (*pb.GetArtifactByNameResponse, error)
GetArtifactByName gets an artifact by name nolint:gocyclo
func (*Server) GetAuthorizationURL ¶
func (s *Server) GetAuthorizationURL(ctx context.Context, req *pb.GetAuthorizationURLRequest) (*pb.GetAuthorizationURLResponse, error)
GetAuthorizationURL returns the URL to redirect the user to for authorization and the state to be used for the callback. It accepts a provider string and a boolean indicating whether the client is a CLI or web client nolint:gocyclo
func (*Server) GetEvaluationHistory ¶
func (s *Server) GetEvaluationHistory( ctx context.Context, in *minderv1.GetEvaluationHistoryRequest, ) (*minderv1.GetEvaluationHistoryResponse, error)
GetEvaluationHistory returns a single evaluation history record by ID
func (*Server) GetInviteDetails ¶
func (s *Server) GetInviteDetails(ctx context.Context, req *pb.GetInviteDetailsRequest) (*pb.GetInviteDetailsResponse, error)
GetInviteDetails returns the details of an invitation
func (*Server) GetProfileById ¶
func (s *Server) GetProfileById(ctx context.Context, in *minderv1.GetProfileByIdRequest) (*minderv1.GetProfileByIdResponse, error)
GetProfileById is a method to get a profile by id
func (*Server) GetProfileByName ¶
func (s *Server) GetProfileByName(ctx context.Context, in *minderv1.GetProfileByNameRequest) (*minderv1.GetProfileByNameResponse, error)
GetProfileByName implements the RPC method for getting a profile by name
func (*Server) GetProfileStatusByName ¶
func (s *Server) GetProfileStatusByName(ctx context.Context, in *minderv1.GetProfileStatusByNameRequest) (*minderv1.GetProfileStatusByNameResponse, error)
GetProfileStatusByName is a method to get profile status nolint:gocyclo // TODO: Refactor this to be more readable
func (*Server) GetProfileStatusByProject ¶
func (s *Server) GetProfileStatusByProject(ctx context.Context, _ *minderv1.GetProfileStatusByProjectRequest) (*minderv1.GetProfileStatusByProjectResponse, error)
GetProfileStatusByProject is a method to get profile status for a project
func (*Server) GetProvider ¶
func (s *Server) GetProvider(ctx context.Context, req *minderv1.GetProviderRequest) (*minderv1.GetProviderResponse, error)
GetProvider gets a given provider available in a specific project.
func (*Server) GetRepositoryById ¶
func (s *Server) GetRepositoryById(ctx context.Context, in *pb.GetRepositoryByIdRequest) (*pb.GetRepositoryByIdResponse, error)
GetRepositoryById returns a repository for a given repository id
func (*Server) GetRepositoryByName ¶
func (s *Server) GetRepositoryByName(ctx context.Context, in *pb.GetRepositoryByNameRequest) (*pb.GetRepositoryByNameResponse, error)
GetRepositoryByName returns information about a repository. This function will typically be called by the client to get a repository which is already registered and present in the minder database The API is called with a project id
func (*Server) GetRuleTypeById ¶
func (s *Server) GetRuleTypeById( ctx context.Context, in *minderv1.GetRuleTypeByIdRequest, ) (*minderv1.GetRuleTypeByIdResponse, error)
GetRuleTypeById is a method to get a rule type by id
func (*Server) GetRuleTypeByName ¶
func (s *Server) GetRuleTypeByName( ctx context.Context, in *minderv1.GetRuleTypeByNameRequest, ) (*minderv1.GetRuleTypeByNameResponse, error)
GetRuleTypeByName is a method to get a rule type by name
func (*Server) GetUser ¶
func (s *Server) GetUser(ctx context.Context, _ *pb.GetUserRequest) (*pb.GetUserResponse, error)
GetUser is a service for getting personal user details
func (*Server) HandleGitHubAppCallback ¶
func (s *Server) HandleGitHubAppCallback() runtime.HandlerFunc
HandleGitHubAppCallback handles the authorization callback from the GitHub App. This function validates the GitHub user has access to the installation. It also gathers the state from the database and compares it to the state passed in, if present. If they match a new GitHub App provider is created with the installation ID. note: this is an HTTP only (not RPC) handler
func (*Server) HandleOAuthCallback ¶
func (s *Server) HandleOAuthCallback() runtime.HandlerFunc
HandleOAuthCallback handles the OAuth 2.0 authorization code callback from the enrolled provider. This function gathers the state from the database and compares it to the state passed in. If they match, the provider code is exchanged for a provider token. note: this is an HTTP only (not RPC) handler
func (*Server) ListArtifacts ¶
func (s *Server) ListArtifacts(ctx context.Context, in *pb.ListArtifactsRequest) (*pb.ListArtifactsResponse, error)
ListArtifacts lists all artifacts for a given project and provider nolint:gocyclo
func (*Server) ListChildProjects ¶
func (s *Server) ListChildProjects( ctx context.Context, req *minderv1.ListChildProjectsRequest, ) (*minderv1.ListChildProjectsResponse, error)
ListChildProjects returns the list of subprojects for the current project
func (*Server) ListEvaluationHistory ¶
func (s *Server) ListEvaluationHistory( ctx context.Context, in *minderv1.ListEvaluationHistoryRequest, ) (*minderv1.ListEvaluationHistoryResponse, error)
ListEvaluationHistory lists current and past evaluation results for entities.
func (*Server) ListEvaluationResults ¶
func (s *Server) ListEvaluationResults( ctx context.Context, in *minderv1.ListEvaluationResultsRequest, ) (*minderv1.ListEvaluationResultsResponse, error)
ListEvaluationResults lists the latest evaluation results for entities filtered by entity type, labels, profiles, and rule types.
func (*Server) ListInvitations ¶
func (s *Server) ListInvitations(ctx context.Context, _ *pb.ListInvitationsRequest) (*pb.ListInvitationsResponse, error)
ListInvitations is a service for listing invitations.
func (*Server) ListProfiles ¶
func (s *Server) ListProfiles(ctx context.Context, req *minderv1.ListProfilesRequest) (*minderv1.ListProfilesResponse, error)
ListProfiles is a method to get all profiles for a project
func (*Server) ListProjects ¶
func (s *Server) ListProjects( ctx context.Context, _ *minderv1.ListProjectsRequest, ) (*minderv1.ListProjectsResponse, error)
ListProjects returns the list of projects for the current user
func (*Server) ListProviderClasses ¶
func (_ *Server) ListProviderClasses( _ context.Context, _ *minderv1.ListProviderClassesRequest, ) (*minderv1.ListProviderClassesResponse, error)
ListProviderClasses lists the provider classes available in the system.
func (*Server) ListProviders ¶
func (s *Server) ListProviders(ctx context.Context, req *minderv1.ListProvidersRequest) (*minderv1.ListProvidersResponse, error)
ListProviders lists the providers available in a specific project.
func (*Server) ListRemoteRepositoriesFromProvider ¶
func (s *Server) ListRemoteRepositoriesFromProvider( ctx context.Context, in *pb.ListRemoteRepositoriesFromProviderRequest, ) (*pb.ListRemoteRepositoriesFromProviderResponse, error)
ListRemoteRepositoriesFromProvider returns a list of repositories from a provider
func (*Server) ListRepositories ¶
func (s *Server) ListRepositories(ctx context.Context, in *pb.ListRepositoriesRequest) (*pb.ListRepositoriesResponse, error)
ListRepositories returns a list of repositories for a given project This function will typically be called by the client to get a list of repositories that are registered present in the minder database
func (*Server) ListRoleAssignments ¶
func (s *Server) ListRoleAssignments( ctx context.Context, _ *minder.ListRoleAssignmentsRequest, ) (*minder.ListRoleAssignmentsResponse, error)
ListRoleAssignments returns the list of role assignments for the given project
func (*Server) ListRoles ¶
func (*Server) ListRoles(_ context.Context, _ *minder.ListRolesRequest) (*minder.ListRolesResponse, error)
ListRoles returns the list of available roles for the minder instance
func (*Server) ListRuleTypes ¶
func (s *Server) ListRuleTypes( ctx context.Context, _ *minderv1.ListRuleTypesRequest, ) (*minderv1.ListRuleTypesResponse, error)
ListRuleTypes is a method to list all rule types for a given context
func (*Server) PatchProfile ¶
func (s *Server) PatchProfile(ctx context.Context, ppr *minderv1.PatchProfileRequest) (*minderv1.PatchProfileResponse, error)
PatchProfile updates a profile for a project with a partial request
func (*Server) PatchProject ¶
func (s *Server) PatchProject( ctx context.Context, req *minderv1.PatchProjectRequest, ) (*minderv1.PatchProjectResponse, error)
PatchProject patches a project. Note that this does not reparent nor touches the project's metadata directly. There is only a subset of fields that can be updated.
func (*Server) PatchProvider ¶
func (s *Server) PatchProvider( ctx context.Context, req *minderv1.PatchProviderRequest, ) (*minderv1.PatchProviderResponse, error)
PatchProvider patches a provider by name from a specific project.
func (*Server) ReconcileEntityRegistration ¶
func (s *Server) ReconcileEntityRegistration( ctx context.Context, in *pb.ReconcileEntityRegistrationRequest, ) (*pb.ReconcileEntityRegistrationResponse, error)
ReconcileEntityRegistration reconciles the registration of an entity.
Currently, this method only supports repositories but is intended to be generic and handle all types of entities. Todo: Utilise for other entities when such are supported.
func (*Server) RegisterRepository ¶
func (s *Server) RegisterRepository( ctx context.Context, in *pb.RegisterRepositoryRequest, ) (*pb.RegisterRepositoryResponse, error)
RegisterRepository adds repositories to the database and registers a webhook Once a user had enrolled in a project (they have a valid token), they can register repositories to be monitored by the minder by provisioning a webhook on the repository(ies).
func (*Server) RemoveRole ¶
func (s *Server) RemoveRole(ctx context.Context, req *minder.RemoveRoleRequest) (*minder.RemoveRoleResponse, error)
RemoveRole removes a role from a user on a project Note that this assumes that the request has already been authorized.
func (*Server) ResolveInvitation ¶
func (s *Server) ResolveInvitation(ctx context.Context, req *pb.ResolveInvitationRequest) (*pb.ResolveInvitationResponse, error)
ResolveInvitation is a service for resolving an invitation.
func (*Server) StartGRPCServer ¶
StartGRPCServer starts a gRPC server and blocks while serving.
func (*Server) StartHTTPServer ¶
StartHTTPServer starts a HTTP server and registers the gRPC handler mux to it set store as a blank identifier for now as we will use it in the future
func (*Server) StoreProviderToken ¶
func (s *Server) StoreProviderToken(ctx context.Context, in *pb.StoreProviderTokenRequest) (*pb.StoreProviderTokenResponse, error)
StoreProviderToken stores the provider token for a project
func (*Server) UpdateProfile ¶
func (s *Server) UpdateProfile(ctx context.Context, cpr *minderv1.UpdateProfileRequest) (*minderv1.UpdateProfileResponse, error)
UpdateProfile updates a profile for a project
func (*Server) UpdateProject ¶
func (s *Server) UpdateProject( ctx context.Context, req *minderv1.UpdateProjectRequest, ) (*minderv1.UpdateProjectResponse, error)
UpdateProject updates a project. Note that this does not reparent nor touches the project's metadata directly. There is only a subset of fields that can be updated.
func (*Server) UpdateRole ¶
func (s *Server) UpdateRole(ctx context.Context, req *minder.UpdateRoleRequest) (*minder.UpdateRoleResponse, error)
UpdateRole updates a role for a user on a project
func (*Server) UpdateRuleType ¶
func (s *Server) UpdateRuleType( ctx context.Context, urt *minderv1.UpdateRuleTypeRequest, ) (*minderv1.UpdateRuleTypeResponse, error)
UpdateRuleType is a method to update a rule type
func (*Server) VerifyProviderCredential ¶
func (s *Server) VerifyProviderCredential(ctx context.Context, in *pb.VerifyProviderCredentialRequest) (*pb.VerifyProviderCredentialResponse, error)
VerifyProviderCredential verifies the provider credential has been created for the matching enrollment nonce
func (*Server) VerifyProviderTokenFrom ¶
func (s *Server) VerifyProviderTokenFrom(ctx context.Context, in *pb.VerifyProviderTokenFromRequest) (*pb.VerifyProviderTokenFromResponse, error)
VerifyProviderTokenFrom verifies the provider token since a timestamp Deprecated: Use VerifyProviderCredential instead
type UpstreamRepoAndEntityRef ¶
type UpstreamRepoAndEntityRef struct { Repo *pb.UpstreamRepositoryRef Entity *pb.RegistrableUpstreamEntityRef }
UpstreamRepoAndEntityRef is a pair of upstream repository and entity references
Source Files ¶
- common.go
- handlers.go
- handlers_artifacts.go
- handlers_authz.go
- handlers_entities.go
- handlers_evalstatus.go
- handlers_invites.go
- handlers_oauth.go
- handlers_profile.go
- handlers_projects.go
- handlers_providers.go
- handlers_reconciliationtasks.go
- handlers_repositories.go
- handlers_ruletype.go
- handlers_token.go
- handlers_user.go
- identity_events.go
- register_handlers.go
- server.go