Documentation
¶
Index ¶
- func ForbidClusterIDHeader(inner http.Handler) http.Handler
- func GenerateTransferToken() string
- func GetDomainReport(cluster *core.Cluster, dbDomain db.Domain, now time.Time, dbi db.Interface, ...) (*limesresources.DomainReport, error)
- func GetGreatestCommonDivisor(a, b uint64) uint64
- func GetProjectRateReport(cluster *core.Cluster, dbDomain db.Domain, dbProject db.Project, ...) (*limesrates.ProjectReport, error)
- func GetProjectResourceReport(cluster *core.Cluster, dbDomain db.Domain, dbProject db.Project, now time.Time, ...) (*limesresources.ProjectReport, error)
- func NewTokenValidator(provider *gophercloud.ProviderClient, eo gophercloud.EndpointOpts) (gopherpolicy.Validator, error)
- func NewV1API(cluster *core.Cluster, dbm *gorp.DbMap, tokenValidator gopherpolicy.Validator, ...) httpapi.API
- func RequireJSON(w http.ResponseWriter, r *http.Request, data any) bool
- type JSONListStream
- type RateLimitRequest
- type RateLimitUpdater
- func (u RateLimitUpdater) CommitAuditTrail(token *gopherpolicy.Token, r *http.Request, requestTime time.Time)
- func (u RateLimitUpdater) IsValid() bool
- func (u *RateLimitUpdater) ValidateInput(input limesrates.RateRequest, dbi db.Interface) error
- func (u RateLimitUpdater) WritePutErrorResponse(w http.ResponseWriter)
- func (u RateLimitUpdater) WriteSimulationReport(w http.ResponseWriter)
- type RateValidationError
- type VersionData
- type VersionLinkData
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ForbidClusterIDHeader ¶
ForbidClusterIDHeader is a global middleware that rejects the X-Limes-Cluster-Id header (which was removed from the API spec).
func GenerateTransferToken ¶
func GenerateTransferToken() string
Generates a token that is used to transfer a commitment from a source to a target project. The token will be attached to the commitment that will be transferred and stored in the database until the transfer is concluded.
func GetDomainReport ¶
func GetDomainReport(cluster *core.Cluster, dbDomain db.Domain, now time.Time, dbi db.Interface, filter reports.Filter) (*limesresources.DomainReport, error)
GetDomainReport is a convenience wrapper around reports.GetDomains() for getting a single domain report.
func GetGreatestCommonDivisor ¶
GetGreatestCommonDivisor is used to calculate the conversion ratios between different commitment resoucetypes.
func GetProjectRateReport ¶
func GetProjectRateReport(cluster *core.Cluster, dbDomain db.Domain, dbProject db.Project, dbi db.Interface, filter reports.Filter) (*limesrates.ProjectReport, error)
GetProjectRateReport is a convenience wrapper around reports.GetProjectRates() for getting a single project rate report.
func GetProjectResourceReport ¶
func GetProjectResourceReport(cluster *core.Cluster, dbDomain db.Domain, dbProject db.Project, now time.Time, dbi db.Interface, filter reports.Filter) (*limesresources.ProjectReport, error)
GetProjectResourceReport is a convenience wrapper around reports.GetProjectResources() for getting a single project resource report.
func NewTokenValidator ¶
func NewTokenValidator(provider *gophercloud.ProviderClient, eo gophercloud.EndpointOpts) (gopherpolicy.Validator, error)
NewTokenValidator constructs a gopherpolicy.TokenValidator instance.
func NewV1API ¶
func NewV1API(cluster *core.Cluster, dbm *gorp.DbMap, tokenValidator gopherpolicy.Validator, auditor audittools.Auditor, timeNow func() time.Time, generateTransferToken func() string) httpapi.API
NewV1API creates an httpapi.API that serves the Limes v1 API. It also returns the VersionData for this API version which is needed for the version advertisement on "GET /".
func RequireJSON ¶
RequireJSON will parse the request body into the given data structure, or write an error response if that fails.
Types ¶
type JSONListStream ¶
type JSONListStream[T any] struct { OuterFieldName string Request *http.Request ResponseWriter http.ResponseWriter // contains filtered or unexported fields }
JSONListStream writes a JSON response containing a single array in the form
{ "things": [ thing1, thing2, ..., thingN ] }
without needing to hold the entire list of things in memory at once. This is especially necessary for large project reports because the JSON can grow to several 100 MiB for large domains and high detail settings, which would lead to OOM on the API process in a cgroup-controlled deployment if we try to hold it all in memory.
We delay the opening `{"things":[` until we receive the first item, so that errors can be logged as a 5xx response if necessary. Upon getting the first report, we commit to the response being 200 and print reports as they come in. If we get to the end, we just need to write the trailing `]}` to complete the response.
func NewJSONListStream ¶
func NewJSONListStream[T any](w http.ResponseWriter, r *http.Request, outerFieldName string) *JSONListStream[T]
func (*JSONListStream[T]) FinalizeDocument ¶
func (s *JSONListStream[T]) FinalizeDocument(err error)
FinalizeDocument must be called once after all items have been written, to properly finalize the JSON document.
func (*JSONListStream[T]) WriteItem ¶
func (s *JSONListStream[T]) WriteItem(item T) error
WriteItem can be called as many times as necessary to append items to the JSON document.
type RateLimitRequest ¶
type RateLimitRequest struct { Unit limes.Unit OldLimit uint64 NewLimit uint64 OldWindow limesrates.Window NewWindow limesrates.Window ValidationError *RateValidationError }
RateLimitRequest describes a single rate limit that a PUT requests wants to change. It appears in type RateLimitUpdater.
type RateLimitUpdater ¶
type RateLimitUpdater struct { // scope (all fields are always set since rate limits can only be updated on // the project level) Cluster *core.Cluster Domain *db.Domain Project *db.Project // AuthZ info CanSetRateLimit func(db.ServiceType) bool Auditor audittools.Auditor // Filled by ValidateInput() with the keys being the service type and the rate name. Requests map[db.ServiceType]map[liquid.RateName]RateLimitRequest }
RateLimitUpdater contains most of the business logic for PUT on rate limits.
func (RateLimitUpdater) CommitAuditTrail ¶
func (u RateLimitUpdater) CommitAuditTrail(token *gopherpolicy.Token, r *http.Request, requestTime time.Time)
CommitAuditTrail prepares an audit.Trail instance for this updater and commits it.
func (RateLimitUpdater) IsValid ¶
func (u RateLimitUpdater) IsValid() bool
IsValid returns true if all u.LimitRequests are valid (i.e. ValidationError == nil).
func (*RateLimitUpdater) ValidateInput ¶
func (u *RateLimitUpdater) ValidateInput(input limesrates.RateRequest, dbi db.Interface) error
ValidateInput reads the given input and validates the quotas contained therein. Results are collected into u.Requests. The return value is only set for unexpected errors, not for validation errors.
func (RateLimitUpdater) WritePutErrorResponse ¶
func (u RateLimitUpdater) WritePutErrorResponse(w http.ResponseWriter)
WritePutErrorResponse produces a negative HTTP response for this PUT request. It may only be used when `u.IsValid()` is false.
func (RateLimitUpdater) WriteSimulationReport ¶
func (u RateLimitUpdater) WriteSimulationReport(w http.ResponseWriter)
WriteSimulationReport produces the HTTP response for the POST /simulate-put endpoints.
type RateValidationError ¶
type RateValidationError struct { Status int `json:"status"` // an HTTP status code, e.g. http.StatusForbidden Message string `json:"message"` }
RateValidationError appears in the Limes API in the POST .../simulate-put responses.
type VersionData ¶
type VersionData struct { Status string `json:"status"` ID string `json:"id"` Links []VersionLinkData `json:"links"` }
VersionData is used by version advertisement handlers.
type VersionLinkData ¶
type VersionLinkData struct { URL string `json:"href"` Relation string `json:"rel"` Type string `json:"type,omitempty"` }
VersionLinkData is used by version advertisement handlers, as part of the VersionData struct.