sdk

package
v0.28.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 11, 2023 License: MPL-2.0 Imports: 25 Imported by: 1

Documentation

Overview

Package sdk provide an abstraction for communication with API.

Index

Constants

View Source
const (
	HeaderOrganization      = "organization"
	HeaderProject           = "project"
	HeaderAuthorization     = "Authorization"
	HeaderUserAgent         = "User-Agent"
	HeaderTruncatedLimitMax = "Truncated-Limit-Max"
	HeaderTraceID           = "trace-id"
)

HTTP headers keys used across app

View Source
const (
	QueryKeyName              = "name"
	QueryKeyTime              = "t"
	QueryKeyFrom              = "from"
	QueryKeyTo                = "to"
	QueryKeySeries            = "series"
	QueryKeySteps             = "steps"
	QueryKeySlo               = "slo"
	QueryKeyTimeWindow        = "window"
	QueryKeyPercentiles       = "q"
	QueryKeyPermissionFilter  = "pf"
	QueryKeyLabelsFilter      = "labels"
	QueryKeyServiceName       = "service_name"
	QueryKeyDryRun            = "dry_run"
	QueryKeyTextSearch        = "text_search"
	QueryKeySystemAnnotations = "system_annotations"
	QueryKeyUserAnnotations   = "user_annotations"
	QueryKeyAlertPolicy       = "alert_policy"
	QueryKeyObjective         = "objective"
	QueryKeyObjectiveValue    = "objective_value"
	QueryKeyResolved          = "resolved"
	QueryKeyTriggered         = "triggered"
)

HTTP GET query keys used across app

View Source
const DefaultProject = "default"

DefaultProject is a value of the default project.

View Source
const ProjectsWildcard = "*"

ProjectsWildcard is used in HeaderProject when requesting for all projects.

View Source
const (
	Timeout = 10 * time.Second
)

Timeout use for every request

Variables

View Source
var ErrClientBuilderMissingCredentials = errors.New(
	"at the very least sdk.ClientBuilder assembly chain must contain" +
		" sdk.ClientBuilder.WithDefaultCredentials call in order to build an sdk.Client")
View Source
var ErrConcurrencyIssue = errors.New("operation failed due to concurrency issue but can be retried")

Functions

func DefaultOktaAuthServerURL added in v0.16.0

func DefaultOktaAuthServerURL() (*url.URL, error)

func OktaAuthServerURL added in v0.16.0

func OktaAuthServerURL(oktaOrgURL, oktaAuthServer string) (*url.URL, error)

func OktaKeysEndpoint added in v0.8.2

func OktaKeysEndpoint(authServerURL *url.URL) *url.URL

func OktaTokenEndpoint added in v0.8.2

func OktaTokenEndpoint(authServerURL *url.URL) *url.URL

Types

type AccessTokenParser added in v0.8.2

type AccessTokenParser interface {
	Parse(token, clientID string) (jwt.MapClaims, error)
}

AccessTokenParser parses and verifies fetched access token.

type AccessTokenPostRequestHook added in v0.8.2

type AccessTokenPostRequestHook = func(token string) error

AccessTokenPostRequestHook is run whenever a new token request finishes successfully. It can be used, for example, to update persistent access token storage.

type AccessTokenProvider added in v0.8.2

type AccessTokenProvider interface {
	RequestAccessToken(ctx context.Context, clientID, clientSecret string) (token string, err error)
}

AccessTokenProvider fetches the access token based on client it and client secret.

type Client

type Client struct {
	HTTP        *http.Client
	Credentials *Credentials
	UserAgent   string
	// contains filtered or unexported fields
}

Client represents API high level client.

func DefaultClient added in v0.8.2

func DefaultClient(clientID, clientSecret, userAgent string) (*Client, error)

DefaultClient returns fully configured instance of API Client with default auth chain and HTTP client.

func (*Client) ApplyObjects

func (c *Client) ApplyObjects(ctx context.Context, objects []manifest.Object, dryRun bool) error

ApplyObjects applies (create or update) list of objects passed as argument via API.

func (*Client) DeleteObjects

func (c *Client) DeleteObjects(ctx context.Context, objects []manifest.Object, dryRun bool) error

DeleteObjects deletes list of objects passed as argument via API.

func (*Client) DeleteObjectsByName

func (c *Client) DeleteObjectsByName(
	ctx context.Context,
	project string,
	kind manifest.Kind,
	dryRun bool,
	names ...string,
) error

DeleteObjectsByName makes a call to endpoint for deleting objects with passed names and object types.

func (*Client) GetAWSExternalID

func (c *Client) GetAWSExternalID(ctx context.Context, project string) (string, error)

func (*Client) GetAgentCredentials added in v0.2.0

func (c *Client) GetAgentCredentials(
	ctx context.Context,
	project, agentsName string,
) (creds M2MAppCredentials, err error)

GetAgentCredentials gets agent credentials from Okta.

func (*Client) GetApiURL added in v0.8.2

func (c *Client) GetApiURL() url.URL

GetApiURL retrieves the API URL of the configured Client instance.

func (*Client) GetObjects added in v0.8.2

func (c *Client) GetObjects(
	ctx context.Context,
	project string,
	kind manifest.Kind,
	filterLabel map[string][]string,
	names ...string,
) ([]manifest.Object, error)

GetObjects returns array of supported type of Objects, when names are passed - query for these names otherwise returns list of all available objects.

func (*Client) GetObjectsWithParams added in v0.8.2

func (c *Client) GetObjectsWithParams(
	ctx context.Context,
	project string,
	kind manifest.Kind,
	q url.Values,
) (response Response, err error)

func (*Client) SetAccessToken added in v0.8.2

func (c *Client) SetAccessToken(token string) error

SetAccessToken provisions an initial token for the Client to use. It should be used before executing the first request with the Client, as the Client, before executing request, will fetch a new token if none was provided.

func (*Client) SetApiURL added in v0.8.2

func (c *Client) SetApiURL(u string) error

SetApiURL allows to override the API URL otherwise inferred from access token.

type ClientBuilder added in v0.8.2

type ClientBuilder struct {
	// contains filtered or unexported fields
}

ClientBuilder allows constructing Client using builder pattern (https://refactoring.guru/design-patterns/builder).

func NewClientBuilder added in v0.8.2

func NewClientBuilder(userAgent string) *ClientBuilder

NewClientBuilder creates a new ClientBuilder instance. To fully configure the Client you must also supply ClientBuilder with Credentials instance, either by running ClientBuilder.WithDefaultCredentials or ClientBuilder.WithCredentials. Recommended usage:

NewClientBuilder().WithDefaultCredentials().Build()

func (*ClientBuilder) Build added in v0.8.2

func (b *ClientBuilder) Build() (*Client, error)

Build figures out which parts were supplied for ClientBuilder and sets the defaults for the Client it constructs.

func (*ClientBuilder) WithApiURL added in v0.8.2

func (b *ClientBuilder) WithApiURL(apiURL string) *ClientBuilder

WithApiURL should only be used for development workflows as the URL is constructed from JWT claims.

func (*ClientBuilder) WithCredentials added in v0.8.2

func (b *ClientBuilder) WithCredentials(credentials *Credentials) *ClientBuilder

WithCredentials allows setting an initialized Credentials instance.

func (*ClientBuilder) WithDefaultCredentials added in v0.8.2

func (b *ClientBuilder) WithDefaultCredentials(clientID, clientSecret string) *ClientBuilder

WithDefaultCredentials instructs the ClientBuilder to supply a default Credentials instance. It is recommended for most use cases over WithCredentials.

func (*ClientBuilder) WithHTTPClient added in v0.8.2

func (b *ClientBuilder) WithHTTPClient(client *http.Client) *ClientBuilder

WithHTTPClient allows supplying a custom http.Client for the client to use. Note that the access token life cycle management is done by Credentials, which become part of default http.Client request middleware chain, making sure the token is up to date before each request.

func (*ClientBuilder) WithOfflineMode added in v0.8.2

func (b *ClientBuilder) WithOfflineMode() *ClientBuilder

WithOfflineMode if used will turn the Client.Credentials into a noop. If used in conjunction with WithCredentials or WithDefaultCredentials will render them useless.

func (*ClientBuilder) WithOktaAuthServerURL added in v0.16.0

func (b *ClientBuilder) WithOktaAuthServerURL(u *url.URL) *ClientBuilder

WithOktaAuthServerURL instructs the ClientBuilder to supply OktaClient instance configured with the provided URL. If not supplied the default URL will be used.

func (*ClientBuilder) WithTimeout added in v0.8.2

func (b *ClientBuilder) WithTimeout(timeout time.Duration) *ClientBuilder

WithTimeout will only work for default HTTP client, it won't affect the client supplied with WithHTTPClient.

type Credentials added in v0.8.2

type Credentials struct {
	// Required to fetch the token.
	ClientID     string
	ClientSecret string

	// Set after the token is fetched.
	AccessToken string
	// Extracted from claims.
	// Organization and Environment, if accessed before the first request
	// is executed, will be empty as the token was not yet fetched.
	// To force them to be set earlier you could provide the access token
	// to Credentials or call Credentials.RefreshAccessToken manually.
	Organization string
	Environment  string

	HTTP *http.Client
	// TokenParser is used to verify the token and its claims.
	TokenParser AccessTokenParser
	// TokenProvider is used to provide an access token.
	TokenProvider AccessTokenProvider
	// PostRequestHook is not run in offline mode.
	PostRequestHook AccessTokenPostRequestHook
	// contains filtered or unexported fields
}

Credentials stores and manages IDP app credentials and claims. It governs access token life cycle, providing means of refreshing it and exposing claims delivered with the token. Currently, the only supported IDP is Okta.

func DefaultCredentials added in v0.8.2

func DefaultCredentials(clientID, clientSecret string, authServerURL *url.URL) (*Credentials, error)

func (*Credentials) RefreshAccessToken added in v0.8.2

func (creds *Credentials) RefreshAccessToken(ctx context.Context) (updated bool, err error)

RefreshAccessToken checks the AccessToken expiry with an offset to detect if the token is soon to be expired. If so, it wll request a new token and update the Credentials state. If the token was not yet set, it will request a new one all the same.

func (*Credentials) RoundTrip added in v0.8.2

func (creds *Credentials) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip is responsible for making sure the access token is set and also update it if the expiry is imminent. It also sets the HeaderOrganization. It will wrap any errors returned from RefreshAccessToken in retryhttp.NonRetryableError to ensure the request is not retried by the wrapping client.

func (*Credentials) SetAccessToken added in v0.8.2

func (creds *Credentials) SetAccessToken(token string) error

SetAccessToken allows setting new access token without using TokenProvider. The provided token will be still parsed using setNewToken function. In offline mode this is a noop.

func (*Credentials) SetAuthorizationHeader added in v0.8.2

func (creds *Credentials) SetAuthorizationHeader(r *http.Request)

SetAuthorizationHeader sets an authorization header which should be included if access token was set in request to the resource server.

func (*Credentials) SetOfflineMode added in v0.8.2

func (creds *Credentials) SetOfflineMode()

SetOfflineMode turns RefreshAccessToken into a noop.

type JWTParser added in v0.8.2

type JWTParser struct {
	HTTP *http.Client
	// contains filtered or unexported fields
}

func NewJWTParser added in v0.8.2

func NewJWTParser(issuer string, jwkFetchURL *url.URL) (*JWTParser, error)

func (*JWTParser) Parse added in v0.8.2

func (a *JWTParser) Parse(token, clientID string) (jwt.MapClaims, error)

Parse parses provided JWT and performs basic token signature and expiration claim validation.

type M2MAppCredentials added in v0.2.0

type M2MAppCredentials struct {
	ClientID     string `json:"client_id"`
	ClientSecret string `json:"client_secret"`
}

M2MAppCredentials is used for storing client_id and client_secret.

type OktaClient added in v0.8.2

type OktaClient struct {
	HTTP *http.Client
	// contains filtered or unexported fields
}

func NewOktaClient added in v0.8.2

func NewOktaClient(authServerURL *url.URL) *OktaClient

func (*OktaClient) RequestAccessToken added in v0.8.2

func (okta *OktaClient) RequestAccessToken(
	ctx context.Context,
	clientID, clientSecret string,
) (token string, err error)

type Response added in v0.8.0

type Response struct {
	Objects      []manifest.Object
	TruncatedMax int
}

Directories

Path Synopsis
Package definitions provides functions for reading, parsing and converting object's definitions.
Package definitions provides functions for reading, parsing and converting object's definitions.
Package retryhttp configures retryablehttp.Client with sane defaults and defines its retry policy.
Package retryhttp configures retryablehttp.Client with sane defaults and defines its retry policy.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL