This section is empty.


This section is empty.


func NewIdentitiesClient

func NewIdentitiesClient(logger hclog.Logger, tokenDeriver TokenDeriverFunc) *identitiesClient


type ConsulServiceAPI

type ConsulServiceAPI interface {
	// RegisterWorkload with Consul. Adds all service entries and checks to Consul.
	RegisterWorkload(*consul.WorkloadServices) error

	// RemoveWorkload from Consul. Removes all service entries and checks.

	// UpdateWorkload in Consul. Does not alter the service if only checks have
	// changed.
	UpdateWorkload(old, newTask *consul.WorkloadServices) error

	// AllocRegistrations returns the registrations for the given allocation.
	AllocRegistrations(allocID string) (*consul.AllocRegistration, error)

	// UpdateTTL is used to update the TTL of a check.
	UpdateTTL(id, output, status string) error

    ConsulServiceAPI is the interface the Nomad Client uses to register and remove services and checks from Consul.

    ACL requirements - service:write

    type MockConsulOp

    type MockConsulOp struct {
    	Op         string // add, remove, or update
    	AllocID    string
    	Name       string // task or group name
    	OccurredAt time.Time

      MockConsulOp represents the register/deregister operations.

      func NewMockConsulOp

      func NewMockConsulOp(op, allocID, name string) MockConsulOp

      type MockConsulServiceClient

      type MockConsulServiceClient struct {
      	// AllocRegistrationsFn allows injecting return values for the
      	// AllocRegistrations function.
      	AllocRegistrationsFn func(allocID string) (*consul.AllocRegistration, error)
      	// contains filtered or unexported fields

        MockConsulServiceClient implements the ConsulServiceAPI interface to record and log task registration/deregistration.

        func NewMockConsulServiceClient

        func NewMockConsulServiceClient(t testing.T, logger log.Logger) *MockConsulServiceClient

        func (*MockConsulServiceClient) AllocRegistrations

        func (m *MockConsulServiceClient) AllocRegistrations(allocID string) (*consul.AllocRegistration, error)

        func (*MockConsulServiceClient) GetOps

        func (m *MockConsulServiceClient) GetOps() []MockConsulOp

        func (*MockConsulServiceClient) RegisterWorkload

        func (m *MockConsulServiceClient) RegisterWorkload(svcs *consul.WorkloadServices) error

        func (*MockConsulServiceClient) RemoveWorkload

        func (m *MockConsulServiceClient) RemoveWorkload(svcs *consul.WorkloadServices)

        func (*MockConsulServiceClient) UpdateTTL

        func (m *MockConsulServiceClient) UpdateTTL(checkID, output, status string) error

        func (*MockConsulServiceClient) UpdateWorkload

        func (m *MockConsulServiceClient) UpdateWorkload(old, newSvcs *consul.WorkloadServices) error

        type MockServiceIdentitiesClient

        type MockServiceIdentitiesClient struct {
        	// DeriveTokenFn allows the caller to control the DeriveToken function. If
        	// not set an error is returned if found in DeriveTokenErrors and otherwise
        	// a token is generated and returned
        	DeriveTokenFn TokenDeriverFunc
        	// contains filtered or unexported fields

          MockServiceIdentitiesClient is used for testing the client for managing consul service identity tokens.

          func NewMockServiceIdentitiesClient

          func NewMockServiceIdentitiesClient() *MockServiceIdentitiesClient

            NewMockServiceIdentitiesClient returns a MockServiceIdentitiesClient for testing.

            func (*MockServiceIdentitiesClient) DeriveSITokens

            func (mtc *MockServiceIdentitiesClient) DeriveSITokens(alloc *structs.Allocation, tasks []string) (map[string]string, error)

            func (*MockServiceIdentitiesClient) DeriveTokenErrors

            func (mtc *MockServiceIdentitiesClient) DeriveTokenErrors() map[string]map[string]error

            func (*MockServiceIdentitiesClient) SetDeriveTokenError

            func (mtc *MockServiceIdentitiesClient) SetDeriveTokenError(allocID string, tasks []string, err error)

            type ServiceIdentityAPI

            type ServiceIdentityAPI interface {
            	// DeriveSITokens contacts the nomad server and requests consul service
            	// identity tokens be generated for tasks in the allocation.
            	DeriveSITokens(alloc *structs.Allocation, tasks []string) (map[string]string, error)

              ServiceIdentityAPI is the interface the Nomad Client uses to request Consul Service Identity tokens through Nomad Server.

              ACL requirements - acl:write (used by Server only)

              type SupportedProxiesAPI

              type SupportedProxiesAPI interface {
              	Proxies() (map[string][]string, error)

                SupportedProxiesAPI is the interface the Nomad Client uses to request from Consul the set of supported proxied to use for Consul Connect.

                No ACL requirements

                type TokenDeriverFunc

                type TokenDeriverFunc func(*structs.Allocation, []string) (map[string]string, error)

                  TokenDeriverFunc takes an allocation and a set of tasks and derives a service identity token for each. Requests go through nomad server.