cloud

package
v0.0.0-...-298751d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 19, 2024 License: AGPL-3.0 Imports: 16 Imported by: 143

Documentation

Overview

Package cloud provides functionality to parse information describing clouds, including regions, supported auth types etc.

Index

Constants

View Source 
const (
	// AccessKeyAuthType is an authentication type using a key and secret.
	AccessKeyAuthType AuthType = "access-key"

	// InstanceRoleAuthType is an authentication type used by sourcing
	// credentials from within the machine's context in a given cloud provider.
	// You only get these credentials by running within that machine.
	InstanceRoleAuthType AuthType = "instance-role"

	// UserPassAuthType is an authentication type using a username and password.
	UserPassAuthType AuthType = "userpass"

	// OAuth1AuthType is an authentication type using oauth1.
	OAuth1AuthType AuthType = "oauth1"

	// OAuth2AuthType is an authentication type using oauth2.
	OAuth2AuthType AuthType = "oauth2"

	// JSONFileAuthType is an authentication type that takes a path to
	// a JSON file.
	JSONFileAuthType AuthType = "jsonfile"

	// ClientCertificateAuthType is an authentication type using client
	// certificates.
	ClientCertificateAuthType AuthType = "clientcertificate"

	// HTTPSigAuthType is an authentication type that uses HTTP signatures:
	// https://tools.ietf.org/html/draft-cavage-http-signatures-06
	HTTPSigAuthType AuthType = "httpsig"

	// InteractiveAuthType is a credential auth-type provided as an option to
	// "juju add-credential", which takes the user through the process of
	// adding credentials.  e.g. for lxd: generating a certificate credential.
	// This authType should used in a CredentialSchema, not a CloudSchema.
	InteractiveAuthType = "interactive"

	// EmptyAuthType is the authentication type used for providers
	// that require no credentials, e.g. "lxd", and "manual".
	EmptyAuthType AuthType = "empty"

	// AuthTypesKey is the name of the key in a cloud config or cloud schema
	// that holds the cloud's auth types.
	AuthTypesKey = "auth-types"

	// EndpointKey is the name of the key in a cloud config or cloud schema
	// that holds the cloud's endpoint url.
	EndpointKey = "endpoint"

	// RegionsKey is the name of the key in a cloud schema that holds the list
	// of regions a cloud supports.
	RegionsKey = "regions"

	// CertFilenameKey is the name of the key in a cloud schema that holds
	// the filename of a CA Certificate to be used to access the cloud, in conjunction
	// with an auth type.
	CertFilenameKey = "certfilename"
)
View Source 
const (
	// CloudTypeKubernetes is the kubernetes cloud type.
	CloudTypeKubernetes = "kubernetes"
)
View Source 
const DefaultCloudRegion = "default"

DefaultCloudRegion is the name of the default region that Juju creates for clouds that do not define a region.

Variables

This section is empty.

Functions

func BuildHostCloudRegion 

func BuildHostCloudRegion(cloudType, region string) string

BuildHostCloudRegion combines cloudType with region to host cloud region.

func CloudIsCAAS 

func CloudIsCAAS(cloud Cloud) bool

CloudIsCAAS checks if cloud is a CAAS cloud.

func CloudTypeIsCAAS 

func CloudTypeIsCAAS(cloudType string) bool

CloudTypeIsCAAS checks if a given cloud type is a CAAS cloud

func DefaultCloudDescription 

func DefaultCloudDescription(cloudType string) string

DefaultCloudDescription returns the description for the specified cloud type, or an empty string if the cloud type is unknown.

func IsSameCloudMetadata 

func IsSameCloudMetadata(meta1, meta2 map[string]Cloud) (bool, error)

IsSameCloudMetadata returns true if both meta and meta2 contain the same cloud metadata.

func JujuPersonalCloudsPath 

func JujuPersonalCloudsPath() string

JujuPersonalCloudsPath is the location where personal cloud information is expected to be found. Requires JUJU_HOME to be set.

func JujuPublicCloudsPath 

func JujuPublicCloudsPath() string

JujuPublicCloudsPath is the location where public cloud information is expected to be found. Requires JUJU_HOME to be set.

func MarshalCloud 

func MarshalCloud(cloud Cloud) ([]byte, error)

MarshalCloud marshals a Cloud to an opaque byte array.

func ParseCloudMetadata 

func ParseCloudMetadata(data []byte) (map[string]Cloud, error)

ParseCloudMetadata parses the given yaml bytes into Clouds metadata.

The expected regular yaml formal is:

clouds: 

garage-maas:
  type: maas
  auth-types: [oauth1]
  endpoint: "http://garagemaas"
  skip-tls-verify: true`
...

It also accepts a yaml format without the 'clouds' key at the top, e.g.

garage-maas: 

type: maas
auth-types: [oauth1]
endpoint: "http://garagemaas"
skip-tls-verify: true`

...

func ParseCloudMetadataFile 

func ParseCloudMetadataFile(file string) (map[string]Cloud, error)

ParseCloudMetadataFile loads any cloud metadata defined in the specified file.

func ParseCredentials 

func ParseCredentials(data []byte) (map[string]CloudCredential, error)

ParseCredentials parses the given yaml bytes into Credentials, but does not validate the credential attributes.

func PersonalCloudMetadata 

func PersonalCloudMetadata() (map[string]Cloud, error)

PersonalCloudMetadata loads any personal cloud metadata defined in the Juju Home directory. If not cloud metadata is found, that is not an error; nil is returned.

func PublicCloudMetadata 

func PublicCloudMetadata(searchPath ...string) (result map[string]Cloud, fallbackUsed bool, err error)

PublicCloudMetadata looks in searchPath for cloud metadata files and if none are found, returns the fallback public cloud metadata.

func RegionNames 

func RegionNames(regions []Region) []string

RegionNames returns a sorted list of the names of the given regions.

func RegisterStructTags 

func RegisterStructTags(vals ...interface{})

RegisterStructTags ensures the yaml tags for the given structs are able to be used when parsing cloud metadata.

func SplitHostCloudRegion 

func SplitHostCloudRegion(hostCloudRegion string) (string, string, error)

SplitHostCloudRegion splits host cloud region to cloudType and region.

func ValidateCloudSet 

func ValidateCloudSet(data []byte) error

ValidateCloudSet reports any erroneous properties found in cloud metadata YAML. If there are no erroneous properties, then ValidateCloudSet returns nil otherwise it return an error listing all erroneous properties and possible suggestion.

func ValidateFileAttrValue 

func ValidateFileAttrValue(path string) (string, error)

ValidateFileAttrValue returns the normalised file path, so long as the specified path is valid and not a directory.

func ValidateOneCloud 

func ValidateOneCloud(data []byte) error

ValidateOneCloud is like ValidateCloudSet but validates the metadata for only one cloud and not multiple.

func WritePersonalCloudMetadata 

func WritePersonalCloudMetadata(cloudsMap map[string]Cloud) error

WritePersonalCloudMetadata marshals to YAML and writes the cloud metadata to the personal cloud file.

func WritePublicCloudMetadata 

func WritePublicCloudMetadata(cloudsMap map[string]Cloud) error

WritePublicCloudMetadata marshals to YAML and writes the cloud metadata to the public cloud file.

Types

type Attrs 

type Attrs map[string]interface{}

Attrs serves as a map to hold regions specific configuration attributes. This serves to reduce confusion over having a nested map, i.e. map[string]map[string]interface{}

type AuthType 

type AuthType string

AuthType is the type of authentication used by the cloud. 

const (
	// CertificateAuthType is an authentication type using certificates.
	// NOTE: This type should never be used in practice as it doesn't exist. We
	// maintain it here to maintain backwards functionality for Juju in a pre
	// 2.9 world. Consider using ClientCertificateAuthType instead. This note
	// applies to Kubernetes.
	// TODO: tlm update lxd to stop using this auth type
	CertificateAuthType AuthType = "certificate"

	// OAuth2WithCertAuthType is an authentication type using oauth2 and a client certificate
	// NOTE: This type should never be used in practice as it doesn't exist. We
	// maintain it here to maintain backwards functionality for Juju in a pre
	// 2.9 world. Consider using OAuth2AuthType instead.
	OAuth2WithCertAuthType AuthType = "oauth2withcert"
)

Const legacy auth types. Their should be no reason to use these anymore in Juju. They are kept to maintain backwards compatibility.

type AuthTypes 

type AuthTypes []AuthType

AuthTypes is defined to allow sorting AuthType slices.

func (AuthTypes) Contains 

func (a AuthTypes) Contains(t AuthType) bool

Contains checks if AuthType t is in a AuthTypes.

func (AuthTypes) Len 

func (a AuthTypes) Len() int

func (AuthTypes) Less 

func (a AuthTypes) Less(i, j int) bool

func (AuthTypes) Swap 

func (a AuthTypes) Swap(i, j int)

type Cloud 

type Cloud struct {
	// Name of the cloud.
	Name string

	// Type is the type of cloud, eg ec2, openstack etc.
	// This is one of the provider names registered with
	// environs.RegisterProvider.
	Type string

	// HostCloudRegion represents the k8s host cloud. The format is <cloudType>/<region>.
	HostCloudRegion string

	// Description describes the type of cloud.
	Description string

	// AuthTypes are the authentication modes supported by the cloud.
	AuthTypes AuthTypes

	// Endpoint is the default endpoint for the cloud regions, may be
	// overridden by a region.
	Endpoint string

	// IdentityEndpoint is the default identity endpoint for the cloud
	// regions, may be overridden by a region.
	IdentityEndpoint string

	// StorageEndpoint is the default storage endpoint for the cloud
	// regions, may be overridden by a region.
	StorageEndpoint string

	// Regions are the regions available in the cloud.
	//
	// Regions is a slice, and not a map, because order is important.
	// The first region in the slice is the default region for the
	// cloud.
	Regions []Region

	// Config contains optional cloud-specific configuration to use
	// when bootstrapping Juju in this cloud. The cloud configuration
	// will be combined with Juju-generated, and user-supplied values;
	// user-supplied values taking precedence.
	Config map[string]interface{}

	// RegionConfig contains optional region specific configuration.
	// Like Config above, this will be combined with Juju-generated and user
	// supplied values; with user supplied values taking precedence.
	RegionConfig RegionConfig

	// CACertificates contains an optional list of Certificate
	// Authority certificates to be used to validate certificates
	// of cloud infrastructure components
	// The contents are Base64 encoded x.509 certs.
	CACertificates []string

	// SkipTLSVerify is true if the client should be asked not to
	// validate certificates. It is not recommended for production clouds.
	// It is secure (false) by default.
	SkipTLSVerify bool

	// IsControllerCloud is true when this is the cloud used by the controller.
	IsControllerCloud bool
}

Cloud is a cloud definition.

func CloudByName 

func CloudByName(name string) (*Cloud, error)

CloudByName returns the cloud with the specified name. If there exists no cloud with the specified name, an error satisfying errors.IsNotFound will be returned.

TODO(axw) write unit tests for this.

func ParseOneCloud 

func ParseOneCloud(data []byte) (Cloud, error)

ParseOneCloud parses the given yaml bytes into a single Cloud metadata.

func UnmarshalCloud 

func UnmarshalCloud(in []byte) (Cloud, error)

UnmarshalCloud unmarshals a Cloud from a byte array produced by MarshalCloud.

type CloudCredential 

type CloudCredential struct {
	// DefaultCredential is the named credential to use by default.
	DefaultCredential string `yaml:"default-credential,omitempty"`

	// DefaultRegion is the cloud region to use by default.
	DefaultRegion string `yaml:"default-region,omitempty"`

	// AuthCredentials is the credentials for a cloud, keyed on name.
	AuthCredentials map[string]Credential `yaml:",omitempty,inline"`
}

CloudCredential contains attributes used to define credentials for a cloud.

func NewEmptyCloudCredential 

func NewEmptyCloudCredential() *CloudCredential

NewEmptyCloudCredential returns a new CloudCredential with an empty default credential.

type Credential 

type Credential struct {

	// Revoked is true if the credential has been revoked.
	Revoked bool

	// Label is optionally set to describe the credentials to a user.
	Label string

	// Invalid is true if the credential is invalid.
	Invalid bool

	// InvalidReason contains the reason why a credential was flagged as invalid.
	// It is expected that this string will be empty when a credential is valid.
	InvalidReason string
	// contains filtered or unexported fields
}

Credential instances represent cloud credentials.

func ExpandFilePathsOfCredential 

func ExpandFilePathsOfCredential(
	cred Credential,
	schemas map[AuthType]CredentialSchema,
) (Credential, error)

ExpandFilePathsOfCredential iterates over the credential schema attributes and checks if the credential attribute has the ExpandFilePath flag set. If so the value of the credential attribute will be interrupted as a file with it's contents replaced with that of the file.

func FinalizeCredential 

func FinalizeCredential(
	credential Credential,
	schemas map[AuthType]CredentialSchema,
	readFile func(string) ([]byte, error),
) (*Credential, error)

FinalizeCredential finalizes a credential by matching it with one of the provided credential schemas, and reading any file attributes into their corresponding non-file attributes. This will also validate the credential.

If there is no schema with the matching auth-type, an error satisfying errors.IsNotSupported will be returned.

func NewCredential 

func NewCredential(authType AuthType, attributes map[string]string) Credential

NewCredential returns a new, immutable, Credential with the supplied auth-type and attributes.

func NewEmptyCredential 

func NewEmptyCredential() Credential

NewEmptyCredential returns a new Credential with the EmptyAuthType auth-type.

func NewNamedCredential 

func NewNamedCredential(name string, authType AuthType, attributes map[string]string, revoked bool) Credential

NewNamedCredential returns an immutable Credential with the supplied properties.

func RemoveSecrets 

func RemoveSecrets(
	credential Credential,
	schemas map[AuthType]CredentialSchema,
) (*Credential, error)

RemoveSecrets returns a copy of the given credential with secret fields removed.

func (Credential) Attributes 

func (c Credential) Attributes() map[string]string

Attributes returns the credential attributes.

func (Credential) AuthType 

func (c Credential) AuthType() AuthType

AuthType returns the authentication type.

func (Credential) MarshalJSON 

func (c Credential) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (Credential) MarshalYAML 

func (c Credential) MarshalYAML() (interface{}, error)

MarshalYAML implements the yaml.Marshaler interface.

func (*Credential) UnmarshalJSON 

func (c *Credential) UnmarshalJSON(b []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

func (*Credential) UnmarshalYAML 

func (c *Credential) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML implements the yaml.Marshaler interface.

type CredentialAttr 

type CredentialAttr struct {
	// Description is a human-readable description of the credential
	// attribute.
	Description string

	// Hidden controls whether or not the attribute value will be hidden
	// when being entered interactively. Regardless of this, all credential
	// attributes are provided only to the Juju controllers.
	Hidden bool

	// FileAttr is the name of an attribute that may be specified instead
	// of this one, which points to a file that will be read in and its
	// value used for this attribute.
	FileAttr string

	// FilePath is true if the value of this attribute is a file path. If
	// this is true, then the attribute value will be set to the contents
	// of the file when the credential is "finalized".
	FilePath bool

	// ExpandFilePath reads in the FilePath, validating the file path correctly.
	// If the file path is correct, it will then read and replace the path,
	// with the associated content. The contents of the file in "finalized" will
	// be the file contents, not the filepath.
	ExpandFilePath bool

	// Optional controls whether the attribute is required to have a non-empty
	// value or not. Attributes default to mandatory.
	Optional bool

	// Options, if set, define the allowed values for this field.
	Options []interface{}
}

CredentialAttr describes the properties of a credential attribute.

type CredentialCollection 

type CredentialCollection struct {
	Credentials map[string]interface{} `yaml:"credentials"`
}

CredentialCollection holds CloudCredential(s) that are lazily validated.

func ParseCredentialCollection 

func ParseCredentialCollection(data []byte) (*CredentialCollection, error)

ParseCredentialCollection parses YAML bytes for the credential

func (*CredentialCollection) CloudCredential 

func (c *CredentialCollection) CloudCredential(cloudName string) (*CloudCredential, error)

CloudCredential returns a copy of the CloudCredential for the specified cloud or an error when the CloudCredential was not found or failed to pass validation.

func (*CredentialCollection) CloudNames 

func (c *CredentialCollection) CloudNames() []string

CloudNames returns the cloud names to which credentials inside the CredentialCollection belong.

func (*CredentialCollection) UpdateCloudCredential 

func (c *CredentialCollection) UpdateCloudCredential(cloudName string, details CloudCredential)

UpdateCloudCredential stores a CloudCredential for a specific cloud.

type CredentialSchema 

type CredentialSchema []NamedCredentialAttr

CredentialSchema describes the schema of a credential. Credential schemas are specific to cloud providers.

func (CredentialSchema) Attribute 

func (s CredentialSchema) Attribute(name string) (*CredentialAttr, bool)

Attribute returns the named CredentialAttr value.

func (CredentialSchema) Finalize 

func (s CredentialSchema) Finalize(
	attrs map[string]string,
	readFile func(string) ([]byte, error),
) (map[string]string, error)

Finalize finalizes the given credential attributes against the credential schema. If the attributes are invalid, Finalize will return an error.

An updated attribute map will be returned, having any file attributes deleted, and replaced by their non-file counterparts with the values set to the contents of the files.

type NamedCredentialAttr 

type NamedCredentialAttr struct {
	// Name is the name of the credential value.
	Name string

	// CredentialAttr holds the properties of the credential value.
	CredentialAttr
}

NamedCredentialAttr describes the properties of a named credential attribute.

type Region 

type Region struct {
	// Name is the name of the region.
	Name string

	// Endpoint is the region's primary endpoint URL.
	Endpoint string

	// IdentityEndpoint is the region's identity endpoint URL.
	// If the cloud/region does not have an identity-specific
	// endpoint URL, this will be empty.
	IdentityEndpoint string

	// StorageEndpoint is the region's storage endpoint URL.
	// If the cloud/region does not have a storage-specific
	// endpoint URL, this will be empty.
	StorageEndpoint string
}

Region is a cloud region.

func RegionByName 

func RegionByName(regions []Region, name string) (*Region, error)

RegionByName finds the region in the given slice with the specified name, with case folding.

func (Region) IsEmpty 

func (r Region) IsEmpty() bool

IsEmpty indicates if it's an empty region.

type RegionConfig 

type RegionConfig map[string]Attrs

RegionConfig holds a map of regions and the attributes that serve as the region specific configuration options. This allows model inheritance to function, providing a place to store configuration for a specific region which is passed down to other models under the same controller.

type ValidationWarning 

type ValidationWarning struct {
	Messages []string
}

ValidationWarning are JSON schema validation errors used to warn users about potential schema violations

func (*ValidationWarning) Error 

func (e *ValidationWarning) Error() string

type WhiteList 

type WhiteList struct {
	// contains filtered or unexported fields
}

WhiteList contains a cloud compatibility matrix: if controller was bootstrapped on a particular cloud type, what other cloud types can be added to it.

func CurrentWhiteList 

func CurrentWhiteList() *WhiteList

CurrentWhiteList returns current clouds whitelist supported by Juju.

func (*WhiteList) Check 

func (w *WhiteList) Check(existing, new string) error

Check will err out if 'existing' controller cloud type is not compatible with a 'new' cloud type according to this white list.

func (*WhiteList) String 

func (w *WhiteList) String() string

String constructs user friendly white list representation.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.