builders

package

v0.0.0-...-cd07ea3 Latest Latest Go to latest Published: Apr 8, 2024 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/diranged/oz

Links

Open Source Insights

Documentation ¶

Overview ¶

Package builders provides "Builders" for Access Requests

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrRequestDurationInvalid = errors.New("access request duration invalid")

ErrRequestDurationInvalid indicates that the requested access duration is an invalid time string.

View Source

var ErrRequestDurationTooLong = errors.New(
	"access request duration longer than template maximum duration",
)

ErrRequestDurationTooLong indicates that the Access Request's "duration" field is longer than the target templates "maxDuration" field.

View Source

var ErrRequestExpired = errors.New("access expired")

ErrRequestExpired indicates that the Access Request has expired

View Source

var ErrTemplateDoesNotExist = errors.New("template does not exist")

ErrTemplateDoesNotExist indicates that the TargetTemplate for the Access Request does not exist and therefore the Access Request cannot be satisified.

Functions ¶

This section is empty.

Types ¶

type IBuilder ¶

type IBuilder interface {
	// GetTemplate checks whether or not the TargetTemplate actually exists
	GetTemplate(
		ctx context.Context,
		client client.Client,
		req v1alpha1.IRequestResource,
	) (v1alpha1.ITemplateResource, error)

	// GetAccessDuration checks the durations of the Access Request against the Template.
	GetAccessDuration(
		req v1alpha1.IRequestResource,
		tmpl v1alpha1.ITemplateResource,
	) (duration time.Duration, decision string, err error)

	// SetRequestOwnerReference ensures that if the TargetTemplate is ever deleted,
	// that all of the Access Requests pointing to it are also automatically
	// deleted, which automatically cascades down to delete all of the access
	// resources.
	//
	// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/owners-dependents/
	SetRequestOwnerReference(
		ctx context.Context,
		client client.Client,
		req v1alpha1.IRequestResource,
		tmpl v1alpha1.ITemplateResource,
	) error

	// CreateAccessResources is the heavy lifter in an Access Builder - it is
	// responsible for creating any access resources required to satisfy the
	// access request. All resources created by this function must have an
	// OwnerReference set to the Access Request to ensure proper cleanup.
	CreateAccessResources(
		ctx context.Context,
		client client.Client,
		req v1alpha1.IRequestResource,
		tmpl v1alpha1.ITemplateResource,
	) (string, error)

	// AccessResourcesAreReady returns an indication of whether the resources
	// are fully ready. For some this function may just return True right away
	// (in the case of creating only a Role/RoleBinding). In other cases there
	// may be work to check if the status of a resource is completed (eg,
	// waiting for a Pod to become Ready).
	AccessResourcesAreReady(
		ctx context.Context,
		client client.Client,
		req v1alpha1.IRequestResource,
		tmpl v1alpha1.ITemplateResource,
	) (bool, error)
}

IBuilder defines an interface that our RequestController can use to manage Access Request resources

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
execaccessbuilder Package execaccessbuilder implements the IBuilder interface for ExecAccessRequest resources	Package execaccessbuilder implements the IBuilder interface for ExecAccessRequest resources
internal Package internal separates out some of the internal builder logic from the top level execaccessbuilder package to make it easier to see the interface-implementing methods as separate from the backend business logic.	Package internal separates out some of the internal builder logic from the top level execaccessbuilder package to make it easier to see the interface-implementing methods as separate from the backend business logic.
podaccessbuilder Package podaccessbuilder implements the IBuilder interface for PodAccessRequest resources	Package podaccessbuilder implements the IBuilder interface for PodAccessRequest resources
internal Package internal separates out some of the internal builder logic from the top level podaccessbuilder package to make it easier to see the interface-implementing methods as separate from the backend business logic.	Package internal separates out some of the internal builder logic from the top level podaccessbuilder package to make it easier to see the interface-implementing methods as separate from the backend business logic.
utils Package utils provides a set of utility functions that make implementing the IBuilder interface easier.	Package utils provides a set of utility functions that make implementing the IBuilder interface easier.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL