db

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Generic certificate database package

This provides functionality to read certificate configurations and generated content from any source.

At this point in time it's tailored to one-shot filesystem generation, but this will change, once other sources (like e.g. REST-APIs) are added.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BulkUpdate added in v0.4.0 

func BulkUpdate(backend Database, changes ChangeList) (int, error)

func IsConsistent 

func IsConsistent(backend Database) bool

Types

type BuildArtifact 

type BuildArtifact struct {
	Certificate *cert.Certificate
	PrivateKey  crypto.PrivateKey
	Request     *cert.CertificateRequest
}

func AddAndSign added in v0.4.0 

func AddAndSign(backend Database, config config.CertificateContent, overwrite bool) (*BuildArtifact, error)

func GenerateArtifacts added in v0.4.0 

func GenerateArtifacts(backend Database, alias string) (*BuildArtifact, error)

type Change added in v0.4.0 

type Change struct {
	Alias           string
	EffectiveConfig config.CertificateContent
	Change          ChangeType
}

type ChangeList added in v0.4.0 

type ChangeList []Change

func PlanBulkUpdate added in v0.4.0 

func PlanBulkUpdate(backend Database, strat UpdateStrategy) (ChangeList, error)

type ChangeType added in v0.4.0 

type ChangeType uint8
const (
	ChangeNone ChangeType = iota
	ChangeCreate
	ChangeReplace
	ChangeDelete
)

type Database 

type Database interface {
	// Prepare the database object to be able to run queries on
	Open() error

	// Close all handles and free all resources for this database
	Close() error

	// Return the number of certificate configurations we know of
	// and we know how to build
	NumEntities() int

	// Return all aliases that do not have an issuer different from
	// themselves
	RootEntities() []string

	// Return all aliases that have the given alias as an issuer
	GetSubscribers(string) []string

	// Add a Certificate Profile to the Database.
	// When this command terminates, it is expected to have the profile
	// ready to use.
	AddProfile(config.CertificateProfile) error

	// Return the profile under the given name.
	// If no such profile exists, return nil without returning an error.
	// Only return an error here if an actual error happens inside the
	// database.
	GetProfile(string) (*config.CertificateProfile, error)

	// Add a Certificate Configuration to the Database.
	// When this command terminates, it is expected to have the Configuration
	// ready to use.
	//
	// Important: Writing a Configuration must also update the metadata internally
	// where applicable.
	//
	PutConfig(string, config.CertificateContent) error

	// Return the configuration for the given alias.
	// If the alias is not known to the database, nil shall be returned without an error.
	// Only return an error here if an actual error happens inside the
	// database.
	GetConfig(string) (*config.CertificateContent, error) // if not present, both are nil

	// Add a Certificate Configuration to the Database.
	// When this command terminates, it is expected to have the Configuration
	// ready to use.
	//
	// Important: Writing an Artifact must also update the metadata internally
	// where applicable.
	PutBuildArtifact(string, BuildArtifact) error

	// Return the Artifact for the given alias.
	// If the alias is not known to the database, nil shall be returned without an error.
	// Only return an error here if an actual error happens inside the
	// database.
	//
	// If the Database knows of the entity under the given alias, but it
	// has not Build Artifact, then an empty Build Artifact shall be returned.
	// A nil artifact suggests that the alias is unknown.
	GetBuildArtifact(string) (*BuildArtifact, error)

	// Return the Metadata for the given alias.
	// If the alias is not known to the database, nil shall be returned without an error.
	// Only return an error here if an actual error happens inside the
	// database.
	GetMetadata(string) (*Metadata, error)

	// TODO: If we delete a CA, should we also delete everything below it?
	// Delete all data corresponding to the alias. After this command terminates
	// it is expected that the Database is in a state as if the entity has never
	// existed.
	//
	// This applies especially to Configs, Metadata and Build Artifacts.
	Delete(alias string) error
}

type Metadata added in v0.4.0 

type Metadata struct {
	LastBuild        time.Time
	LastConfigHash   []byte
	LastConfigUpdate time.Time
}

type UpdateStrategy 

type UpdateStrategy uint8
const (
	UpdateNone        UpdateStrategy = 0
	UpdateMissing     UpdateStrategy = 1
	UpdateExpired     UpdateStrategy = 2
	UpdateNewerConfig UpdateStrategy = 4
	UpdateChanged     UpdateStrategy = 8
	UpdateAll         UpdateStrategy = 16
)

Source Files

View all Source files

Directories

Path Synopsis
Database implementation for filesystems.
 Database implementation for filesystems.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.