Documentation
¶
Index ¶
- Constants
- func Edit(path string, validate validator) error
- func EditProfiles() (err error)
- func EditWith(path, editor string, validate validator) (err error)
- func GetProfilesFolder() (folder *configdir.Config, err error)
- func Install() (err error)
- func ProfilesPath() (string, error)
- func SetConfigDir(cd configdir.ConfigDir)
- func StoreCredentials(cache *CredentialCache) (err error)
- func ValidProfiles(path string) (err error)
- type AdminProfile
- func (p *AdminProfile) Connect() (client admin.DirectoryAdministrationClient, err error)
- func (p *AdminProfile) GenerateTokens(api admin.DirectoryAdministrationClient) (creds *Credentials, err error)
- func (p *AdminProfile) Login(api admin.DirectoryAdministrationClient) (accessToken, refreshToken string, err error)
- func (p *AdminProfile) Logout(api admin.DirectoryAdministrationClient) (err error)
- func (p *AdminProfile) Refresh(api admin.DirectoryAdministrationClient) (accessToken, refreshToken string, err error)
- type CredentialCache
- type Credentials
- type DirectoryProfile
- type MembersProfile
- type Profile
- type Profiles
- type TrtlProfile
Constants ¶
const ( ProfileYAML = "profiles.yaml" ProfileVersion = "v1" )
Variables ¶
This section is empty.
Functions ¶
func EditProfiles ¶ added in v1.3.1
func EditProfiles() (err error)
Edit the profiles YAML at the specified path
func EditWith ¶ added in v1.3.1
Edit the file at the specified path using the specified command line editor.
func GetProfilesFolder ¶
GetProfilesFolder returns a pointer to the folder where the profiles are stored. If no such folder is configured, it creates an empty config file in a suitable folder.
func Install ¶
func Install() (err error)
Install creates default profiles and saves them to disk, overwriting the previous contents.
func ProfilesPath ¶
ProfilesPath returns the location on disk where the profiles are stored. If no profiles are located then an error is returned.
func SetConfigDir ¶
SetConfigDir is a helper utility to modify where the profiles package looks for the profiles.yaml file. This is generally used in tests but can also be used in environments where the default search path doesn't make sense.
func StoreCredentials ¶
func StoreCredentials(cache *CredentialCache) (err error)
StoreCredentials saves and updates the cached access and refresh tokens back to disk.
func ValidProfiles ¶ added in v1.3.1
ValidProfiles loads the edited YAML into a profiles struct to ensure it's valid.
Types ¶
type AdminProfile ¶
type AdminProfile struct {
Endpoint string `yaml:"endpoint"` // the Admin URL to connect to the Admin API, also $TRISA_DIRECTORY_ADMIN_URL
Audience string `yaml:"audience,omitempty"` // the Audience for local token generation auth, usually $GDS_ADMIN_AUDIENCE
TokenKeys map[string]string `yaml:"token_keys,omitempty"` // the token keys identifier and paths for local token generation auth, usually $GDS_ADMIN_TOKEN_KEYS
}
func (*AdminProfile) Connect ¶
func (p *AdminProfile) Connect() (client admin.DirectoryAdministrationClient, err error)
Connect to the GDS Admin API and return an admin client
func (*AdminProfile) GenerateTokens ¶
func (p *AdminProfile) GenerateTokens(api admin.DirectoryAdministrationClient) (creds *Credentials, err error)
GenerateTokens creates a token manager to generate and save credentials
func (*AdminProfile) Login ¶
func (p *AdminProfile) Login(api admin.DirectoryAdministrationClient) (accessToken, refreshToken string, err error)
Login implements admin.Credentials so that the AdminProfile can provide access and refresh tokens to the client.
func (*AdminProfile) Logout ¶
func (p *AdminProfile) Logout(api admin.DirectoryAdministrationClient) (err error)
Logout implements admin.Credentials so that the AdminProfile can remove access and refresh tokens on request from the client.
func (*AdminProfile) Refresh ¶
func (p *AdminProfile) Refresh(api admin.DirectoryAdministrationClient) (accessToken, refreshToken string, err error)
Refresh implements admin.Credentials so that the AdminProfile can reauthenticate access and refresh tokens and provide them to the client.
type CredentialCache ¶
type CredentialCache struct {
Version string `json:"version"`
Credentials map[string]*Credentials `json:"credentials"`
}
func LoadCredentials ¶
func LoadCredentials() (cache *CredentialCache, err error)
Credentials returns the cached access and refresh tokens from disk.
func (*CredentialCache) Get ¶
func (c *CredentialCache) Get(endpoint string) (creds *Credentials, err error)
Get credentials for the specified endpoint. Only returns valid credentials.
type Credentials ¶
type Credentials struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
}
func (*Credentials) Validate ¶
func (c *Credentials) Validate() (err error)
Validate that the have not expired, e.g. that the access token is not expired, or if it is that the refresh token has not expired. Does not check signatures or any other claims for validity.
type DirectoryProfile ¶
type DirectoryProfile struct {
Endpoint string `yaml:"endpoint"` // the GDS endpoint to connect to the gRPC directory service, also $TRISA_DIRECTORY_URL
Insecure bool `yaml:"insecure,omitempty"` // do not connect to the directory endpoint with TLS
}
func (*DirectoryProfile) Connect ¶
func (p *DirectoryProfile) Connect() (_ api.TRISADirectoryClient, err error)
Connect to the TRISA Directory Service and return a gRPC client
type MembersProfile ¶
type MembersProfile struct {
Endpoint string `yaml:"endpoint"` // the members endpoint to connect to the anti-entropy service
Insecure bool `yaml:"insecure,omitempty"` // do not connect to the members endpoint with mTLS
CertPath string `yaml:"cert_path,omitempty"` // path to client certificates for mTLS
PoolPath string `yaml:"pool_path,omitempty"` // path to client trusted certpool for mTLS
}
func (*MembersProfile) Connect ¶
func (p *MembersProfile) Connect() (_ members.TRISAMembersClient, err error)
Connect to the TRISA Members Service and return a gRPC client
type Profile ¶
type Profile struct {
Directory *DirectoryProfile `yaml:"directory"` // directory configuration
Admin *AdminProfile `yaml:"admin"` // admin api configuration
TrtlProfiles []*TrtlProfile `yaml:"trtl"` // replica configurations
Members *MembersProfile `yaml:"members"` // members configuration
DatabaseURL string `yaml:"database_url,omitempty"` // localhost only: the dsn to the leveldb database, usually $GDS_DATABASE_URL
Timeout time.Duration `yaml:"timeout,omitempty"` // default timeout to create contexts for API connections, if not specified defaults to 30 seconds
}
Profile contains the client-side configuration to connect to a specifc GDS instance. Profiles are loaded first from the YAML configuration file and then can be overrided by the CLI context if the user specifies a value via an environment variable or flag.
func LoadActive ¶
LoadActive is a shorthand for Load() then GetActive() and finally Update()
func (*Profile) Context ¶
func (p *Profile) Context() (context.Context, context.CancelFunc)
Context returns a default context with the timeout specified or 30 seconds by default.
func (*Profile) OpenLevelDB ¶
OpenLevelDB opens a leveldb database using the DSN supplied for gdsutil commands.
type Profiles ¶
type Profiles struct {
Version string `yaml:"version"`
Active string `yaml:"active"`
Profiles map[string]*Profile `yaml:"profiles"`
}
Profiles are stored in one of three locations, and are searched for in the following order: 1. Current directory (".") 2. User level directory (~/Library/Application Support/rotational/gds on OS X or ~/.config/rotational/gds on Linux) 3. System level directory (/Library/Application Suport/rotational/gds on OS X or /etc/xdg on Linux) If no profile config is found, one will be created in the first available directory based on the search order: Current directory -> User -> System. This allows the user to easily override the user or system config by creating a profiles.yaml in the CWD.
The profiles make it easy to switch between client configurations to connect to trisatest.net or vaspdirectory.net. The profiles have a user-supplied name for easy configuration and the profiles are populated with reasonable defaults.
At most one profile is considered "active", this profile is treated as the default profile if a specific profile is not used.
func DefaultProfiles ¶
func DefaultProfiles() *Profiles
func (*Profiles) GetActive ¶
GetActive returns the profile with the specified name or the active profile if no name is specified.
type TrtlProfile ¶ added in v1.3.1
type TrtlProfile struct {
Endpoint string `yaml:"endpoint"` // the replica endpoint to connect to the anti-entropy service
Insecure bool `yaml:"insecure,omitempty"` // do not connect to the replica endpoint with TLS
CertPath string `yaml:"cert_path,omitempty"` // the path to the client key-pair for client-side mTLS
PoolPath string `yaml:"pool_path,omitempty"` // the path to the trust chain for client-side mTLS
}
func (*TrtlProfile) Connect ¶ added in v1.3.1
func (p *TrtlProfile) Connect() (conn *grpc.ClientConn, err error)
func (*TrtlProfile) ConnectDB ¶ added in v1.3.1
func (p *TrtlProfile) ConnectDB() (_ pb.TrtlClient, err error)
Connect to the trtl database server and return a gRPC client
func (*TrtlProfile) ConnectPeers ¶ added in v1.3.1
func (p *TrtlProfile) ConnectPeers() (_ peers.PeerManagementClient, err error)
Connect to the trtl database server and return a gRPC client
Source Files