httpserver

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 23, 2024 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ServerRootURL = "/ratify/gatekeeper/v1"

	DefaultMetricsType = "prometheus"
	DefaultMetricsPort = 8888
	DefaultHealthPort  = ":9099"
)
View Source 
const (
	VerificationResultVersion = "0.1.0"
	ResultVersion0_2_0        = "0.2.0"
	// Starting from this version, the verification result can be
	// evaluated by Ratify embedded OPA engine.
	ResultVersionSupportingRego = "1.0.0"
	ResultVersion1_1_0          = "1.1.0"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type ContextHandler 

type ContextHandler func(ctx context.Context, w http.ResponseWriter, r *http.Request) error

ContextHandler defines a http handler with a context input

type Error 

type Error struct {
	Code    string `json:"code"`
	Message string `json:"message"`
}

type Server 

type Server struct {
	Address           string
	Router            *mux.Router
	GetExecutor       config.GetExecutor
	Context           context.Context
	CertDirectory     string
	CaCertFile        string
	MutationStoreName string
	MetricsEnabled    bool
	MetricsType       string
	MetricsPort       int
	CacheTTL          time.Duration
	LogOption         logger.Option
	// contains filtered or unexported fields
}

func NewServer 

func NewServer(context context.Context,
	address string,
	getExecutor config.GetExecutor,
	certDir string,
	caCertFile string,
	cacheTTL time.Duration,
	metricsEnabled bool,
	metricsType string,
	metricsPort int) (*Server, error)

func (*Server) Run 

func (server *Server) Run(certRotatorReady chan struct{}) error

type ServerAddrNotFoundError 

type ServerAddrNotFoundError struct{}

func (ServerAddrNotFoundError) Error 

func (err ServerAddrNotFoundError) Error() string

type TLSCertWatcher 

type TLSCertWatcher struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

This implementation is based on K8s certwatcher: https://github.com/kubernetes-sigs/controller-runtime/blob/main/pkg/certwatcher/certwatcher.go

func NewTLSCertWatcher 

func NewTLSCertWatcher(ratifyServerCertPath, ratifyServerKeyPath, clientCACertPath string) (*TLSCertWatcher, error)

NewTLSCertWatcher creates a new TLSCertWatcher for ratify tls cert/key paths and client CA cert path

func (*TLSCertWatcher) GetConfigForClient 

func (t *TLSCertWatcher) GetConfigForClient(*tls.ClientHelloInfo) (*tls.Config, error)

GetConfigForClient returns the tls config for the client use in the TLS Config

func (*TLSCertWatcher) ReadCertificates 

func (t *TLSCertWatcher) ReadCertificates() error

ReadCertificates reads the certificates from the cert/key paths

func (*TLSCertWatcher) Start 

func (t *TLSCertWatcher) Start() error

Start adds the files to watcher and starts the certificate watcher routine

func (*TLSCertWatcher) Stop 

func (t *TLSCertWatcher) Stop()

Stop closes the watcher

func (*TLSCertWatcher) Watch 

func (t *TLSCertWatcher) Watch()

Watch watches the certificate files for changes and terminates on error/stop

type VerificationResponse 

type VerificationResponse struct {
	Version         string        `json:"version"`
	IsSuccess       bool          `json:"isSuccess"`
	TraceID         string        `json:"traceID,omitempty"`
	Timestamp       string        `json:"timestamp,omitempty"`
	VerifierReports []interface{} `json:"verifierReports,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.