core

command module
v0.1.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 14, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

README

Go Report Card Build status Go Reference

openlane

This repository houses the core server and orchestration elements which are at the heart of the openlane cloud service.

Features

At it's core, this repo is a collection of services built on top of an entity framework which allows us to:

  • Model database schemas as graph structures
  • Define schemas as programmatic go code
  • Execute complex database queries and graph traversals easily
  • Extend and customize using templates and code generation utilities
  • Type-safe resolvers and GraphQL schema stitching
  • Code generated audit / history tables for defined schemas

On top of this powerful core we also have an incredible amount of pluggable, extensible services:

  • Authentication: we today support password, OAuth2 / Social login providers (Github, Google), Passkeys as well as standard OIDC Discovery flows
  • Multi-factor: built-in 2FA mechanisms, TOTP
  • Authorization: extensible and flexible permissions constructs via openFGA based on Google Zanzibar
  • Session Management: built-in session management with JWKS key validation, encrypted cookies and sessions
  • Robust Middleware: cache control, CORS, Rate Limiting, transaction rollbacks, and more
  • Queuing and Scheduling: Task management and scheduling with Marionette
  • External Storage Providers: store data in AWS S3, Google GCS, or locally
  • External Database Providers: Leverage Turso, or other PostgreSQL / SQLite compatible vendors and libraries
  • Data Isolation and Management: Hierarchal organizations and granular permissions controls

Development

Developing against this repo involves a few mandatory tools; please read up on these and familiarize yourself if you're interested in making additions or changes!

  1. ent - insane entity mapping tool, definitely not an ORM but kind of an ORM (handles our relational data storage, mappings, codegen processes)
  2. atlas - Schema generation and migrations (can be disabled in lieu of migrations on disk)
  3. goose - Secondary database migration utility we also use for seeding data
  4. gqlgen - Code generation + GraphQL server building from from ent schema definitions
  5. gqlgenc - Client building utilities with GraphQL
  6. openfga - Flexible authorization/permission engine inspired by Google Zanzibar
  7. echo - High performance, extensible, minimalist Go web framework
  8. koanf - Configuration management library which parses command line arguments, Go structs + creates our main configuration files

We also leverage many secondary technologies in use, including (but not limited to!):

  1. taskfile - So much better than Make zomg
  2. redis - in-memory datastore used for sessions, caching
  3. databases:
  4. golangci-lint - an annoyingly opinionated linter
  5. buildkite - our CI system of choice (with github actions providing some intermediary support)

All of these components are bundled into our respective Docker images; for additional information / instructions, see the contributing guide in this repository. We're constantly adding and changing things, but have tried to list all the great open source tools and projects we rely on; if you see your project (or one you use) in here and wish to list it, feel free to open a PR!

Dependencies

The vast majority of behaviors of the system can be turned on or off by updating the configuration parameters found in config; in some instances, we've made features or integrations with third party systems which are "always on", but we're happy to receive PR's wrapping those dependencies if you are interested in running the software without them!

Installing Dependencies

Setup Taskfile by following the instructions and using one of the various convenient package managers or installation scripts. After installation, you can then simply run task install to load the associated dependencies. Nearly everything in this repository assumes you already have a local golang environment setup so this is not included. Please see the associated documentation.

Updating Configuration Settings

See the README in the config directory.

Deploying

The only "supported" method of deploying today is locally, but we have a WIP Helm chart which can be found here

Contributing

Please read the contributing guide as well as the Developer Certificate of Origin. You will be required to sign all commits to the theopenlane organization, so if you're unfamiliar with how to set that up, see github's documentation.

Licensing

This repository contains core which is open source software under Apache 2.0. Openlane is a product produced from this open source software exclusively by The Open Lane, Inc. This product is produced under our published commercial terms (which are subject to change), and any logos or trademarks in this repository or the broader theopenlane organization are not covered under the Apache License.

Others are allowed to make their own distribution of this software or include this software in other commercial offerings, but cannot use any of the Openlane logos, trademarks, cloud services, etc.

Security

We take the security of our software products and services seriously, including all of the open source code repositories managed through our Github Organizations, such as theopenlane. If you believe you have found a security vulnerability in any of our repositories, please report it to us through coordinated disclosure.

Please do NOT report security vulnerabilities through public github issues, discussions, or pull requests!

Instead, please send an email to security@theopenlane.io with as much information as possible to best help us understand and resolve the issues. See the security policy attached to this repository for more details.

Questions?

You can email us at info@theopenlane.io, open a github issue in this repository, or reach out to matoszz directly.

Documentation

Overview

package main is the entry point

Directories

Path Synopsis
cmd
Package cmd is our cobra cli implementation
Package cmd is our cobra cli implementation
cli
cli/cmd
Package cmd is the cobra cli implementation for the core server
Package cmd is the cobra cli implementation for the core server
cli/cmd/apitokens
Package apitokens is our cobra cli for api token endpoints
Package apitokens is our cobra cli for api token endpoints
cli/cmd/contact
Package contact is our cobra cli for contact endpoints
Package contact is our cobra cli for contact endpoints
cli/cmd/contacthistory
Package contacthistory is our cobra cli for contactHistory endpoints
Package contacthistory is our cobra cli for contactHistory endpoints
cli/cmd/documentdatahistory
Package documentdatahistory is our cobra cli for documentDataHistory endpoints
Package documentdatahistory is our cobra cli for documentDataHistory endpoints
cli/cmd/entitlementhistory
Package entitlementhistory is our cobra cli for entitlementHistory endpoints
Package entitlementhistory is our cobra cli for entitlementHistory endpoints
cli/cmd/entitlementplan
Package entitlementplan is our cobra cli for entitlement plan endpoints
Package entitlementplan is our cobra cli for entitlement plan endpoints
cli/cmd/entitlementplanfeaturehistory
Package entitlementplanfeaturehistory is our cobra cli for entitlementPlanFeatureHistory endpoints
Package entitlementplanfeaturehistory is our cobra cli for entitlementPlanFeatureHistory endpoints
cli/cmd/entitlementplanfeatures
Package entitlementplanfeatures is our cobra cli for plan feature endpoints
Package entitlementplanfeatures is our cobra cli for plan feature endpoints
cli/cmd/entitlementplanhistory
Package entitlementplanhistory is our cobra cli for entitlementPlanHistory endpoints
Package entitlementplanhistory is our cobra cli for entitlementPlanHistory endpoints
cli/cmd/entitlements
Package entitlement is our cobra cli for entitlement endpoints
Package entitlement is our cobra cli for entitlement endpoints
cli/cmd/entity
Package entity is our cobra cli for entity endpoints
Package entity is our cobra cli for entity endpoints
cli/cmd/entityhistory
Package entityhistory is our cobra cli for entityHistory endpoints
Package entityhistory is our cobra cli for entityHistory endpoints
cli/cmd/entitytype
Package entitytype is our cobra cli for entity type endpoints
Package entitytype is our cobra cli for entity type endpoints
cli/cmd/entitytypehistory
Package entitytypehistory is our cobra cli for entityTypeHistory endpoints
Package entitytypehistory is our cobra cli for entityTypeHistory endpoints
cli/cmd/eventhistory
Package eventhistory is our cobra cli for eventHistory endpoints
Package eventhistory is our cobra cli for eventHistory endpoints
cli/cmd/featurehistory
Package featurehistory is our cobra cli for featureHistory endpoints
Package featurehistory is our cobra cli for featureHistory endpoints
cli/cmd/features
Package feature is our cobra cli for feature endpoints
Package feature is our cobra cli for feature endpoints
cli/cmd/filehistory
Package filehistory is our cobra cli for fileHistory endpoints
Package filehistory is our cobra cli for fileHistory endpoints
cli/cmd/group
Package group is our cobra cli for group endpoints
Package group is our cobra cli for group endpoints
cli/cmd/grouphistory
Package grouphistory is our cobra cli for groupHistory endpoints
Package grouphistory is our cobra cli for groupHistory endpoints
cli/cmd/groupmembers
Package groupmembers is our cobra cli for group member endpoints
Package groupmembers is our cobra cli for group member endpoints
cli/cmd/groupmembershiphistory
Package groupmembershiphistory is our cobra cli for groupMembershipHistory endpoints
Package groupmembershiphistory is our cobra cli for groupMembershipHistory endpoints
cli/cmd/groupsetting
Package groupsetting provides commands for managing group settings
Package groupsetting provides commands for managing group settings
cli/cmd/groupsettinghistory
Package groupsettinghistory is our cobra cli for groupSettingHistory endpoints
Package groupsettinghistory is our cobra cli for groupSettingHistory endpoints
cli/cmd/hushhistory
Package hushhistory is our cobra cli for hushHistory endpoints
Package hushhistory is our cobra cli for hushHistory endpoints
cli/cmd/integrationhistory
Package integrationhistory is our cobra cli for integrationHistory endpoints
Package integrationhistory is our cobra cli for integrationHistory endpoints
cli/cmd/invite
Package invite creates invitation emails + tokens for external users to join an organization
Package invite creates invitation emails + tokens for external users to join an organization
cli/cmd/login
Package login is our cobra cli for authentication endpoints
Package login is our cobra cli for authentication endpoints
cli/cmd/oauthproviderhistory
Package oauthproviderhistory is our cobra cli for oauthProviderHistory endpoints
Package oauthproviderhistory is our cobra cli for oauthProviderHistory endpoints
cli/cmd/organization
Package org is our cobra cli for organization endpoints
Package org is our cobra cli for organization endpoints
cli/cmd/organizationhistory
Package organizationhistory is our cobra cli for organizationHistory endpoints
Package organizationhistory is our cobra cli for organizationHistory endpoints
cli/cmd/organizationsetting
Package orgsetting provides commands for managing organization settings
Package orgsetting provides commands for managing organization settings
cli/cmd/organizationsettinghistory
Package organizationsettinghistory is our cobra cli for organizationSettingHistory endpoints
Package organizationsettinghistory is our cobra cli for organizationSettingHistory endpoints
cli/cmd/orgmembers
Package orgmembers is our cobra cli for org member endpoints
Package orgmembers is our cobra cli for org member endpoints
cli/cmd/orgmembershiphistory
Package orgmembershiphistory is our cobra cli for orgMembershipHistory endpoints
Package orgmembershiphistory is our cobra cli for orgMembershipHistory endpoints
cli/cmd/personalaccesstokens
Package tokens is our cobra cli for token endpoints
Package tokens is our cobra cli for token endpoints
cli/cmd/register
Package register allows user registration
Package register allows user registration
cli/cmd/reset
Package reset allows user password reset
Package reset allows user password reset
cli/cmd/search
Package search is our cobra cli for search endpoint
Package search is our cobra cli for search endpoint
cli/cmd/subscriber
Package subscribers is our cobra cli for subscriber endpoints
Package subscribers is our cobra cli for subscriber endpoints
cli/cmd/switchcontext
Package switchcontext provides a basic interface to switch between organization contexts
Package switchcontext provides a basic interface to switch between organization contexts
cli/cmd/templatehistory
Package templatehistory is our cobra cli for templateHistory endpoints
Package templatehistory is our cobra cli for templateHistory endpoints
cli/cmd/user
Package user is our cobra cli for user endpoints
Package user is our cobra cli for user endpoints
cli/cmd/userhistory
Package userhistory is our cobra cli for userHistory endpoints
Package userhistory is our cobra cli for userHistory endpoints
cli/cmd/usersetting
Package usersetting is our cobra cli for user setting endpoints
Package usersetting is our cobra cli for user setting endpoints
cli/cmd/usersettinghistory
Package usersettinghistory is our cobra cli for userSettingHistory endpoints
Package usersettinghistory is our cobra cli for userSettingHistory endpoints
cli/cmd/version
Package version contains the version information for the CLI
Package version contains the version information for the CLI
cli/cmd/webhookhistory
Package webhookhistory is our cobra cli for webhookHistory endpoints
Package webhookhistory is our cobra cli for webhookHistory endpoints
Package config holds configuration stuff to configure the things
Package config holds configuration stuff to configure the things
Package db provides an embedded filesystem containing all the database migrations
Package db provides an embedded filesystem containing all the database migrations
internal
constants
Package constants contains constants used throughout the application
Package constants contains constants used throughout the application
ent/customtypes
Package customtypes is a custom type definition for ent and the associated interfaces
Package customtypes is a custom type definition for ent and the associated interfaces
ent/entconfig
Package entconfig holds configuration stuff for the ent server
Package entconfig holds configuration stuff for the ent server
ent/generated
Code generated by entfga, DO NOT EDIT.
Code generated by entfga, DO NOT EDIT.
ent/hooks
Package hooks is middleware to alter the graphql mutation
Package hooks is middleware to alter the graphql mutation
ent/interceptors
Package interceptors is middleware to alter the graphql query
Package interceptors is middleware to alter the graphql query
ent/mixin
Package mixin contains the mixin package
Package mixin contains the mixin package
ent/privacy/rule
Package rule contains policy rules
Package rule contains policy rules
ent/privacy/token
Package token provides policy wrappers / getters for queries and mutations during password reset, sign-up
Package token provides policy wrappers / getters for queries and mutations during password reset, sign-up
ent/privacy/utils
Package utils is a helper for working with ent policies
Package utils is a helper for working with ent policies
ent/schema
Code generated by entx.history, DO NOT EDIT.
Code generated by entx.history, DO NOT EDIT.
entdb
Package entdb extends the ent db library and satisfies matt's needs for consistency
Package entdb extends the ent db library and satisfies matt's needs for consistency
graphapi
Package graphapi is the graph api package
Package graphapi is the graph api package
httpserve/authmanager
Package authmanager provides the authentication manager for the server
Package authmanager provides the authentication manager for the server
httpserve/config
Package config holds the echo server configuration utilities
Package config holds the echo server configuration utilities
httpserve/handlers
Package handlers contains custom handler functions
Package handlers contains custom handler functions
httpserve/route
Package route will hold the routes and route groups
Package route will hold the routes and route groups
httpserve/server
Package server contains the server functions
Package server contains the server functions
httpserve/serveropts
Package serveropts contains an echo server options wrapper
Package serveropts contains an echo server options wrapper
envparse
Package envparse provides a way to parse environment variables from a struct
Package envparse provides a way to parse environment variables from a struct
pkg
analytics
Package analytics offers system analytics
Package analytics offers system analytics
analytics/machine
Package machine provides a basic wrapper for getting machine ID
Package machine provides a basic wrapper for getting machine ID
analytics/posthog
Package posthog contains posthog helper functions and utilities
Package posthog contains posthog helper functions and utilities
enums
Package enums has enums
Package enums has enums
events
Package events does event stuff
Package events does event stuff
events/kafka/config
Package config provides configuration for the Kafka event source
Package config provides configuration for the Kafka event source
events/kafka/kafkaconfig
Package kafkaconfig provides configuration for the Kafka event source
Package kafkaconfig provides configuration for the Kafka event source
events/kafka/publisher
Package publisher provides a basic kafka event publisher
Package publisher provides a basic kafka event publisher
events/soiree
Package soiree provides a simple event emitter that allows you to emit events and listen for them
Package soiree provides a simple event emitter that allows you to emit events and listen for them
middleware
Package middleware provides middleware for http Handlers.
Package middleware provides middleware for http Handlers.
middleware/auth
Package auth handles auth
Package auth handles auth
middleware/authtest
Package authtest is a mini server and token generator with a mock test to confirm keygen works correctly; not intended to test the whole api but rather just the token issuance and authentication
Package authtest is a mini server and token generator with a mock test to confirm keygen works correctly; not intended to test the whole api but rather just the token issuance and authentication
middleware/cachecontrol
Package cachecontrol creates a cache control echo middleware
Package cachecontrol creates a cache control echo middleware
middleware/cors
Package cors does cors stuff
Package cors does cors stuff
middleware/debug
Package debug contains utility helper functions for debugging when working with echo server
Package debug contains utility helper functions for debugging when working with echo server
middleware/mime
Package mime does mime stuff
Package mime does mime stuff
middleware/ratelimit
Package ratelimit implements a rate limiting middleware
Package ratelimit implements a rate limiting middleware
middleware/ratelimiter
Package ratelimiter is a ratelimiter based on cloudflare's approach
Package ratelimiter is a ratelimiter based on cloudflare's approach
middleware/redirect
Package redirect does redirect stuff
Package redirect does redirect stuff
middleware/secure
Package secure is middleware that provides protection against cross-site scripting (XSS) attack, content type sniffing, clickjacking, insecure connection and other code injection attacks
Package secure is middleware that provides protection against cross-site scripting (XSS) attack, content type sniffing, clickjacking, insecure connection and other code injection attacks
middleware/transaction
Package transaction implements a transaction middleware for REST endpoints using the ent db client
Package transaction implements a transaction middleware for REST endpoints using the ent db client
models
Package models provides http request and response structs
Package models provides http request and response structs
openlaneclient
Package openlaneclient contains the client to interact with the openlane server
Package openlaneclient contains the client to interact with the openlane server
testutils
Package testutils provides utilities for use in tests
Package testutils provides utilities for use in tests
transaction
Package transaction implements a transaction middleware for REST endpoints using the ent db client
Package transaction implements a transaction middleware for REST endpoints using the ent db client

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL