integrity

package module

v0.0.0-...-f2d902d Latest Latest Go to latest Published: Feb 20, 2024 License: BSD-2-Clause Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tarantool/tt

Documentation ¶

Index ¶

Constants
Variables
func RegisterIntegrityCheckFlag(flagset *pflag.FlagSet, dst *string)
func RegisterIntegrityCheckPeriodFlag(flagset *pflag.FlagSet, dst *int)
func RegisterWithIntegrityFlag(flagset *pflag.FlagSet, dst *string)
type Data
type DataCollector
type DataCollectorFactory
- func NewDataCollectorFactory(ctx IntegrityCtx) (DataCollectorFactory, error)
type DataPublisher
type DataPublisherFactory
- func NewDataPublisherFactory(path string) (DataPublisherFactory, error)
type IntegrityCtx
- func InitializeIntegrityCheck(publicKeyPath string, configDir string) (IntegrityCtx, error)
type Repository
type Signer
- func NewSigner(path string) (Signer, error)

Constants ¶

View Source

const HashesFileName = ""

HashesFileName is a name of a file containing file hashes that require checking.

Variables ¶

View Source

var (
	// ErrNotConfigured is reported when integrity check is not configured
	// in the command context.
	ErrNotConfigured = errors.New("integrity check is not configured")
)

Functions ¶

func RegisterIntegrityCheckFlag ¶

func RegisterIntegrityCheckFlag(flagset *pflag.FlagSet, dst *string)

RegisterIntegrityCheckFlag is a noop function that is intended to add root flag enabling integrity checks.

func RegisterIntegrityCheckPeriodFlag ¶

func RegisterIntegrityCheckPeriodFlag(flagset *pflag.FlagSet, dst *int)

RegisterIntegrityCheckPeriodFlag is a noop function that is intended to add flag specifying how often should integrity checks run in watchdog.

func RegisterWithIntegrityFlag ¶

func RegisterWithIntegrityFlag(flagset *pflag.FlagSet, dst *string)

RegisterWithIntegrityFlag is a noop function that is intended to add flags to `tt pack` command.

Types ¶

type Data ¶

type Data struct {
	// Source is the origin of data, i.e. key in case of etcd or tarantool-based collectors.
	Source string
	// Value is data collected.
	Value []byte
	// Revision is data revision.
	Revision int64
}

Data represents collected data with its source.

type DataCollector ¶

type DataCollector interface {
	// Collect collects data from a source.
	Collect() ([]Data, error)
}

DataCollector interface must be implemented by a source collector.

type DataCollectorFactory ¶

type DataCollectorFactory interface {
	// NewFile creates a new data collector to collect configuration from a file.
	NewFile(path string) (DataCollector, error)
	// NewEtcd creates a new data collector to collect configuration from etcd.
	NewEtcd(etcdcli *clientv3.Client,
		prefix, key string, timeout time.Duration) (DataCollector, error)
	// NewTarantool creates a new data collector to collect configuration from
	// tarantool config storage.
	NewTarantool(conn tarantool.Connector,
		prefix, key string, timeout time.Duration) (DataCollector, error)
}

DataCollectorFactory creates new data collectors.

func NewDataCollectorFactory ¶

func NewDataCollectorFactory(ctx IntegrityCtx) (DataCollectorFactory, error)

NewDataCollectorFactory creates a new CollectorFactory with integrity checks in collectors. In the CE implementation it always returns ErrNotConfigured.

type DataPublisher ¶

type DataPublisher interface {
	// Publish publishes the interface or returns an error.
	Publish(revision int64, data []byte) error
}

DataPublisher interface must be implemented by a raw data publisher.

type DataPublisherFactory ¶

type DataPublisherFactory interface {
	// NewFile creates a new DataPublisher to publish data into a file.
	NewFile(path string) (DataPublisher, error)
	// NewEtcd creates a new DataPublisher to publish data into etcd.
	NewEtcd(etcdcli *clientv3.Client,
		prefix, key string, timeout time.Duration) (DataPublisher, error)
	// NewTarantool creates a new DataPublisher to publish data into tarantool
	// config storage.
	NewTarantool(conn tarantool.Connector,
		prefix, key string, timeout time.Duration) (DataPublisher, error)
}

Data publisher factory creates new data publishers.

func NewDataPublisherFactory ¶

func NewDataPublisherFactory(path string) (DataPublisherFactory, error)

NewDataPublisherFactory create a new DataPublisherFactory with integrity algorithms in publishers. Should be never be called in the CE.

type IntegrityCtx ¶

type IntegrityCtx struct {
	// Repository is a repository used to check integrity of files.
	Repository Repository
}

IntegrityCtx is context required for integrity checks.

func InitializeIntegrityCheck ¶

func InitializeIntegrityCheck(publicKeyPath string, configDir string) (IntegrityCtx, error)

InitializeIntegrityCheck is a noop setup of integrity checking.

type Repository ¶

type Repository interface {
	// Read makes sure the file is not modified and reads it.
	Read(path string) (io.ReadCloser, error)
	// ValidateAll checks that all the files stored in the repository
	// were not modified.
	ValidateAll() error
}

Repository provides utilities for working with files and ensuring that they were not compomised.

type Signer ¶

type Signer interface {
	// Sign generates data to sign a package.
	Sign(basePath string, appNames []string) error
}

Signer implements high-level API for package signing.

func NewSigner ¶

func NewSigner(path string) (Signer, error)

NewSigner constructs a noop Signer.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL