Documentation
¶
Overview ¶
Package v1 for providers provides the public interfaces for the providers implemented by minder. The providers are the sources of the data that is used by the rules.
Package v1 for providers provides the public interfaces for the providers implemented by minder. The providers are the sources of the data that is used by the rules.
Index ¶
- Constants
- Variables
- func As[T Provider](provider Provider) (T, error)
- func ParseAndValidate(rawConfig json.RawMessage, to any) error
- type ArtifactProvider
- type Credential
- type GetArtifactVersionsFilter
- type Git
- type GitCredential
- type GitHub
- type GitHubCredential
- type GitLabCredential
- type ImageLister
- type OAuth2TokenCredential
- type OCI
- type Provider
- type REST
- type RepoLister
- type RestCredential
Constants ¶
View Source
const ( // CredentialStateSet is the state of a credential when it is set CredentialStateSet = "set" // CredentialStateUnset is the state of a credential when it is unset CredentialStateUnset = "unset" // CredentialStateNotApplicable is the state of a credential when it is not applicable CredentialStateNotApplicable = "not_applicable" )
View Source
const (
V1 = "v1"
)
V1 is the version of the providers interface
Variables ¶
View Source
var ( // ErrProviderGitBranchNotFound is returned when the branch is not found ErrProviderGitBranchNotFound = errors.New("branch not found") // ErrRepositoryEmpty is returned when the repository is empty ErrRepositoryEmpty = errors.New("repository is empty") // ErrRepositoryTooLarge is returned when the configured size limit is exceeded ErrRepositoryTooLarge = errors.New("repository is too large to clone") )
View Source
var ( // ArtifactTypeContainerRetentionPeriod represents the retention period for container artifacts ArtifactTypeContainerRetentionPeriod = time.Now().AddDate(0, -6, 0) )
View Source
var ErrEntityNotFound = errors.New("entity not found")
ErrEntityNotFound is the error returned when an entity is not found
Functions ¶
func ParseAndValidate ¶
func ParseAndValidate(rawConfig json.RawMessage, to any) error
ParseAndValidate parses the given provider configuration and validates it.
Types ¶
type ArtifactProvider ¶
type ArtifactProvider interface {
// GetArtifactVersions returns the versions of the given artifact.
GetArtifactVersions(ctx context.Context, artifact *minderv1.Artifact,
filter GetArtifactVersionsFilter) ([]*minderv1.ArtifactVersion, error)
}
ArtifactProvider is the interface for artifact providers. This will contain methods for interacting with artifacts.
type Credential ¶
type Credential interface {
}
Credential is the general interface for all credentials
type GetArtifactVersionsFilter ¶
type GetArtifactVersionsFilter interface {
// IsSkippable determines if an artifact should be skipped
IsSkippable(createdAt time.Time, tags []string) error
}
GetArtifactVersionsFilter is the options to filter GetArtifactVersions
type Git ¶
type Git interface {
Provider
// Clone clones a git repository
Clone(ctx context.Context, url string, branch string) (*git.Repository, error)
}
Git is the interface for git providers
type GitCredential ¶
type GitCredential interface {
AddToPushOptions(options *git.PushOptions, owner string)
AddToCloneOptions(options *git.CloneOptions)
}
GitCredential is the interface for credentials used when performing git operations
type GitHub ¶
type GitHub interface {
Provider
RepoLister
REST
Git
ImageLister
ArtifactProvider
GetCredential() GitHubCredential
GetRepository(context.Context, string, string) (*github.Repository, error)
GetBranchProtection(context.Context, string, string, string) (*github.Protection, error)
UpdateBranchProtection(context.Context, string, string, string, *github.ProtectionRequest) error
ListPackagesByRepository(context.Context, string, string, int64, int, int) ([]*github.Package, error)
GetPackageByName(context.Context, string, string, string) (*github.Package, error)
GetPackageVersionById(context.Context, string, string, string, int64) (*github.PackageVersion, error)
GetPullRequest(context.Context, string, string, int) (*github.PullRequest, error)
CreateReview(context.Context, string, string, int, *github.PullRequestReviewRequest) (*github.PullRequestReview, error)
UpdateReview(context.Context, string, string, int, int64, string) (*github.PullRequestReview, error)
ListReviews(context.Context, string, string, int, *github.ListOptions) ([]*github.PullRequestReview, error)
DismissReview(context.Context, string, string, int, int64,
*github.PullRequestReviewDismissalRequest) (*github.PullRequestReview, error)
SetCommitStatus(context.Context, string, string, string, *github.RepoStatus) (*github.RepoStatus, error)
ListFiles(ctx context.Context, owner string, repo string, prNumber int,
perPage int, pageNumber int) ([]*github.CommitFile, *github.Response, error)
IsOrg() bool
ListHooks(ctx context.Context, owner, repo string) ([]*github.Hook, error)
DeleteHook(ctx context.Context, owner, repo string, id int64) error
EditHook(ctx context.Context, owner, repo string, id int64, hook *github.Hook) (*github.Hook, error)
CreateHook(ctx context.Context, owner, repo string, hook *github.Hook) (*github.Hook, error)
CreateSecurityAdvisory(ctx context.Context, owner, repo, severity, summary, description string,
v []*github.AdvisoryVulnerability) (string, error)
CloseSecurityAdvisory(ctx context.Context, owner, repo, id string) error
CreatePullRequest(ctx context.Context, owner, repo, title, body, head, base string) (*github.PullRequest, error)
ClosePullRequest(ctx context.Context, owner, repo string, number int) (*github.PullRequest, error)
ListPullRequests(ctx context.Context, owner, repo string, opt *github.PullRequestListOptions) ([]*github.PullRequest, error)
GetUserId(ctx context.Context) (int64, error)
GetName(ctx context.Context) (string, error)
GetLogin(ctx context.Context) (string, error)
GetPrimaryEmail(ctx context.Context) (string, error)
CreateIssueComment(ctx context.Context, owner, repo string, number int, comment string) (*github.IssueComment, error)
ListIssueComments(ctx context.Context, owner, repo string, number int,
opts *github.IssueListCommentsOptions,
) ([]*github.IssueComment, error)
UpdateIssueComment(ctx context.Context, owner, repo string, number int64, comment string) error
AddAuthToPushOptions(ctx context.Context, options *git.PushOptions) error
StartCheckRun(context.Context, string, string, *github.CreateCheckRunOptions) (*github.CheckRun, error)
UpdateCheckRun(context.Context, string, string, int64, *github.UpdateCheckRunOptions) (*github.CheckRun, error)
}
GitHub is the interface for interacting with the GitHub REST API Add methods here for interacting with the GitHub Rest API
type GitHubCredential ¶
type GitHubCredential interface {
RestCredential
GitCredential
OAuth2TokenCredential
GetCacheKey() string
// as we add new OCI providers this will change to a procedure / mutator, right now it's GitHub specific
GetAsContainerAuthenticator(owner string) authn.Authenticator
}
GitHubCredential is the interface for credentials used when interacting with GitHub
type GitLabCredential ¶
type GitLabCredential interface {
RestCredential
GitCredential
OAuth2TokenCredential
}
GitLabCredential is the interface for credentials used when interacting with GitLab
type ImageLister ¶
type ImageLister interface {
Provider
// ListImages lists the images available for the provider
ListImages(ctx context.Context) ([]string, error)
// GetNamespaceURL returns the repository URL
GetNamespaceURL() string
}
ImageLister is the interface for listing images
type OAuth2TokenCredential ¶
type OAuth2TokenCredential interface {
GetAsOAuth2TokenSource() oauth2.TokenSource
}
OAuth2TokenCredential is the interface for credentials that are OAuth2 tokens
type OCI ¶
type OCI interface {
Provider
ArtifactProvider
// ListTags lists the tags available for the given container in the given namespace
// for the OCI provider.
ListTags(ctx context.Context, name string) ([]string, error)
// GetDigest returns the digest for the given tag of the given container in the given namespace
// for the OCI provider.
GetDigest(ctx context.Context, name, tag string) (string, error)
// GetReferrer returns the referrer for the given tag of the given container in the given namespace
// for the OCI provider. It returns the referrer as a golang struct given the OCI spec.
// TODO - Define the referrer struct
GetReferrer(ctx context.Context, name, tag, artifactType string) (any, error)
// GetManifest returns the manifest for the given tag of the given container in the given namespace
// for the OCI provider. It returns the manifest as a golang struct given the OCI spec.
// TODO - Define the manifest struct
GetManifest(ctx context.Context, name, tag string) (*v1.Manifest, error)
// GetRegistry returns the registry name
GetRegistry() string
// GetAuthenticator returns the authenticator for the OCI provider
GetAuthenticator() (authn.Authenticator, error)
}
OCI is the interface for interacting with OCI registries
type Provider ¶
type Provider interface {
// CanImplement returns true/false depending on whether the Provider
// can implement the specified trait
CanImplement(trait minderv1.ProviderType) bool
// FetchAllProperties fetches all properties for the given entity
FetchAllProperties(
ctx context.Context, getByProps *properties.Properties, entType minderv1.Entity, cachedProps *properties.Properties,
) (*properties.Properties, error)
// FetchProperty fetches a single property for the given entity
FetchProperty(
ctx context.Context, getByProps *properties.Properties, entType minderv1.Entity, key string) (*properties.Property, error)
// GetEntityName forms an entity name from the given properties
// The name is used to identify the entity within minder and is how
// it will be stored in the database.
GetEntityName(entType minderv1.Entity, props *properties.Properties) (string, error)
// SupportsEntity returns true if the provider supports the given entity type
SupportsEntity(entType minderv1.Entity) bool
// RegisterEntity ensures that the service provider has the necessary information
// to know that the entity is handled by Minder. This could be creating a webhook
// for a particular repository or artifact.
// Note that the provider might choose to update the properties of the entity
// adding the information about the registration. e.g. The webhook ID and URL.
RegisterEntity(ctx context.Context, entType minderv1.Entity, props *properties.Properties) (*properties.Properties, error)
// DeregisterEntity rolls back the registration of the entity. This could be deleting
// a webhook for a particular repository or artifact. Note that this assumes a pre-registered
// entity and thus requires the entity to have been registered before. Therefore, you should
// either call this after RegisterEntity or after a FetchAllProperties call on an already
// registered entity.
//
// When implementing, try to make this idempotent. That is, if the entity is already deregistered,
// (e.g. a webhook is already deleted), then this should not return an error.
DeregisterEntity(ctx context.Context, entType minderv1.Entity, props *properties.Properties) error
// ReregisterEntity runs the necessary updates to the entity registration. This could be
// updating the webhook URL or secret for a particular repository or artifact. This is useful
// for secret rotation.
ReregisterEntity(ctx context.Context, entType minderv1.Entity, props *properties.Properties) error
// PropertiesToProtoMessage is the interface for converting properties to a proto message
// this is temporary until we can get rid of the typed proto messages in EntityInfoWrapper
// and the engine. That's also why we just didn't add the method to the generic Provider
// interface.
PropertiesToProtoMessage(entType minderv1.Entity, props *properties.Properties) (protoreflect.ProtoMessage, error)
}
Provider is the general interface for all providers
type REST ¶
type REST interface {
Provider
// GetBaseURL returns the base URL for the REST API.
GetBaseURL() string
// NewRequest creates an HTTP request.
NewRequest(method, url string, body any) (*http.Request, error)
// Do executes an HTTP request.
Do(ctx context.Context, req *http.Request) (*http.Response, error)
}
REST is the trait interface for interacting with an REST API.
type RepoLister ¶
type RepoLister interface {
Provider
ListAllRepositories(context.Context) ([]*minderv1.Repository, error)
}
RepoLister is the interface for listing repositories
type RestCredential ¶
RestCredential is the interface for credentials used in REST requests
Source Files
Click to show internal directories.
Click to hide internal directories.