client

package
v1.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 14, 2025 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// URL for the venafi-cloud backend services
	VenafiCloudProdURL = "https://api.venafi.cloud"
)

Variables

View Source 
var (
	// ClientID is the auth0 client identifier (injected at build time)
	ClientID string

	// ClientSecret is the auth0 client secret (injected at build time)
	ClientSecret string

	// AuthServerDomain is the auth0 domain (injected at build time)
	AuthServerDomain string
)

Functions

This section is empty.

Types

type APITokenClient added in v0.1.33 

type APITokenClient struct {
	// contains filtered or unexported fields
}

The APITokenClient type is a Client implementation used to upload data readings to the Jetstack Secure platform using API tokens as its authentication method.

func NewAPITokenClient added in v0.1.33 

func NewAPITokenClient(agentMetadata *api.AgentMetadata, apiToken, baseURL string) (*APITokenClient, error)

NewAPITokenClient returns a new instance of the APITokenClient type that will perform HTTP requests using the provided API token for authentication.

func (*APITokenClient) Post added in v0.1.33 

func (c *APITokenClient) Post(ctx context.Context, path string, body io.Reader) (*http.Response, error)

Post performs an HTTP POST request.

func (*APITokenClient) PostDataReadings added in v0.1.33 

func (c *APITokenClient) PostDataReadings(ctx context.Context, orgID, clusterID string, readings []*api.DataReading) error

PostDataReadings uploads the slice of api.DataReading to the Jetstack Secure backend to be processed for later viewing in the user-interface.

func (*APITokenClient) PostDataReadingsWithOptions added in v0.1.44 

func (c *APITokenClient) PostDataReadingsWithOptions(ctx context.Context, readings []*api.DataReading, opts Options) error

PostDataReadingsWithOptions uploads the slice of api.DataReading to the Jetstack Secure backend to be processed for later viewing in the user-interface.

type Client added in v0.1.33 

type Client interface {
	PostDataReadings(ctx context.Context, orgID, clusterID string, readings []*api.DataReading) error
	PostDataReadingsWithOptions(ctx context.Context, readings []*api.DataReading, options Options) error
	Post(ctx context.Context, path string, body io.Reader) (*http.Response, error)
}

The Client interface describes types that perform requests against the Jetstack Secure backend.

type Credentials 

type Credentials interface {
	IsClientSet() (ok bool, why string)
	Validate() error
}

The Credentials interface describes methods for credential types to implement for verification.

type OAuthClient added in v0.1.33 

type OAuthClient struct {
	// contains filtered or unexported fields
}

The OAuthClient type is a Client implementation used to upload data readings to the Jetstack Secure platform using OAuth as its authentication method.

func NewOAuthClient added in v0.1.33 

func NewOAuthClient(agentMetadata *api.AgentMetadata, credentials *OAuthCredentials, baseURL string) (*OAuthClient, error)

NewOAuthClient returns a new instance of the OAuthClient type that will perform HTTP requests using OAuth to provide authentication tokens to the backend API.

func (*OAuthClient) Post added in v0.1.33 

func (c *OAuthClient) Post(ctx context.Context, path string, body io.Reader) (*http.Response, error)

Post performs an HTTP POST request.

func (*OAuthClient) PostDataReadings added in v0.1.33 

func (c *OAuthClient) PostDataReadings(ctx context.Context, orgID, clusterID string, readings []*api.DataReading) error

PostDataReadings uploads the slice of api.DataReading to the Jetstack Secure backend to be processed for later viewing in the user-interface.

func (*OAuthClient) PostDataReadingsWithOptions added in v0.1.44 

func (c *OAuthClient) PostDataReadingsWithOptions(ctx context.Context, readings []*api.DataReading, opts Options) error

type OAuthCredentials added in v0.1.40 

type OAuthCredentials struct {
	// UserID is the ID or email for the user or service account.
	UserID string `json:"user_id"`
	// UserSecret is the secret for the user or service account.
	UserSecret string `json:"user_secret"`
	// The following fields are optional as the default behaviour
	// is to use the equivalent variables defined at package level
	// and injected at build time.
	// ClientID is the oauth2 client ID.
	ClientID string `json:"client_id,omitempty"`
	// ClientSecret is the oauth2 client secret.
	ClientSecret string `json:"client_secret,omitempty"`
	// AuthServerDomain is the domain for the auth server.
	AuthServerDomain string `json:"auth_server_domain,omitempty"`
}

OAuthCredentials defines the format of the credentials.json file.

func ParseOAuthCredentials added in v0.1.40 

func ParseOAuthCredentials(data []byte) (*OAuthCredentials, error)

Performs validations. Since it may return a multierror.Error, remember to use multierror.Prefix(err, "context: ") rather than fmt.Errorf("context: %w", err) when wrapping the error.

func (*OAuthCredentials) IsClientSet added in v0.1.40 

func (c *OAuthCredentials) IsClientSet() (ok bool, why string)

IsClientSet returns whether the client credentials are set or not. `why` is only returned when `ok` is false.

func (*OAuthCredentials) Validate added in v0.1.40 

func (c *OAuthCredentials) Validate() error

type Options added in v0.1.44 

type Options struct {
	// Only used with Jetstack Secure.
	OrgID string

	// Only used with Jetstack Secure.
	ClusterID string

	// Only used with Venafi Cloud. The convention is to use the agent
	// config's `cluster_id` as ClusterName.
	ClusterName string

	// Only used with Venafi Cloud.
	ClusterDescription string
}

Options is the struct describing additional information pertinent to an agent that isn't a data reading These fields will then be uploaded together with data readings.

type VenConnClient added in v1.0.0 

type VenConnClient struct {

	// Used to make HTTP requests to Venafi Cloud. This field is public for
	// testing purposes so that we can configure trusted CAs; there should be a
	// way to do that without messing with the client directly (e.g., a flag to
	// pass a custom CA?), but it's not there yet.
	Client *http.Client
	// contains filtered or unexported fields
}

func NewVenConnClient added in v1.0.0 

func NewVenConnClient(restcfg *rest.Config, agentMetadata *api.AgentMetadata, installNS, venConnName, venConnNS string, trustedCAs *x509.CertPool) (*VenConnClient, error)

NewVenConnClient lets you make requests to the Venafi Cloud backend using the given VenafiConnection resource.

You need to call Start to start watching the VenafiConnection resource. If you don't, the client will be unable to find the VenafiConnection that you are referring to as its client-go cache will remain empty.

The http.Client is used for Venafi and Vault, not for Kubernetes. The `installNS` is the namespace in which the agent is running in and cannot be empty. `venConnName` and `venConnNS` must not be empty either. The passed `restcfg` is not mutated. `trustedCAs` is only used for connecting to Venafi Cloud and Vault and can be left nil.

func (*VenConnClient) Post added in v1.0.0 

func (c *VenConnClient) Post(_ context.Context, path string, body io.Reader) (*http.Response, error)

Post isn't implemented for Venafi Cloud because /v1/tlspk/upload/clusterdata requires using the query parameters `name` and `description` which can't be set using Post. Use PostDataReadingsWithOptions instead.

func (*VenConnClient) PostDataReadings added in v1.0.0 

func (c *VenConnClient) PostDataReadings(_ context.Context, _orgID, _clusterID string, readings []*api.DataReading) error

PostDataReadings isn't implemented for Venafi Cloud. This is because Venafi Cloud needs a `clusterName` and `clusterDescription`, but this function can only pass `orgID` and `clusterID` which are both useless in Venafi Cloud. Use PostDataReadingsWithOptions instead.

func (*VenConnClient) PostDataReadingsWithOptions added in v1.0.0 

func (c *VenConnClient) PostDataReadingsWithOptions(ctx context.Context, readings []*api.DataReading, opts Options) error

`opts.ClusterName` and `opts.ClusterDescription` are the only values used from the Options struct. OrgID and ClusterID are not used in Venafi Cloud.

func (*VenConnClient) Start added in v1.0.0 

func (c *VenConnClient) Start(ctx context.Context) error

Start starts watching VenafiConnections. This function will return soon after the context is closed, or if an error occurs.

type VenafiCloudClient added in v0.1.40 

type VenafiCloudClient struct {

	// Made public for testing purposes.
	Client *http.Client
	// contains filtered or unexported fields
}

The VenafiCloudClient type is a Client implementation used to upload data readings to the Venafi Cloud platform using service account authentication as its authentication method.

This form of authentication follows the Private Key JWT standard found at https://oauth.net/private-key-jwt, which is a combination of two RFCs: * RFC 7521 (Assertion Framework) * RFC 7523 (JWT Profile for Client Authentication)

func NewVenafiCloudClient added in v0.1.40 

func NewVenafiCloudClient(agentMetadata *api.AgentMetadata, credentials *VenafiSvcAccountCredentials, baseURL string, uploaderID string, uploadPath string) (*VenafiCloudClient, error)

NewVenafiCloudClient returns a new instance of the VenafiCloudClient type that will perform HTTP requests using a bearer token to authenticate to the backend API.

func (*VenafiCloudClient) Post added in v0.1.40 

func (c *VenafiCloudClient) Post(ctx context.Context, path string, body io.Reader) (*http.Response, error)

Post performs an HTTP POST request.

func (*VenafiCloudClient) PostDataReadings added in v0.1.40 

func (c *VenafiCloudClient) PostDataReadings(ctx context.Context, _ string, _ string, readings []*api.DataReading) error

PostDataReadings uploads the slice of api.DataReading to the Venafi Cloud backend to be processed for later viewing in the user-interface.

func (*VenafiCloudClient) PostDataReadingsWithOptions added in v0.1.44 

func (c *VenafiCloudClient) PostDataReadingsWithOptions(ctx context.Context, readings []*api.DataReading, opts Options) error

PostDataReadingsWithOptions uploads the slice of api.DataReading to the Venafi Cloud backend to be processed. The Options are then passed as URL params in the request

type VenafiSvcAccountCredentials added in v0.1.40 

type VenafiSvcAccountCredentials struct {
	// ClientID is the service account client ID
	ClientID string `json:"client_id,omitempty"`
	// PrivateKeyFile is the path to the private key file paired to
	// the public key in the service account
	PrivateKeyFile string `json:"private_key_file,omitempty"`
}

func ParseVenafiCredentials added in v0.1.40 

func ParseVenafiCredentials(data []byte) (*VenafiSvcAccountCredentials, error)

ParseVenafiCredentials reads credentials into a VenafiSvcAccountCredentials struct. Performs validations.

func (*VenafiSvcAccountCredentials) IsClientSet added in v0.1.40 

func (c *VenafiSvcAccountCredentials) IsClientSet() (ok bool, why string)

IsClientSet returns whether the client credentials are set or not. `why` is only returned when `ok` is false.

func (*VenafiSvcAccountCredentials) Validate added in v0.1.40 

func (c *VenafiSvcAccountCredentials) Validate() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.