eval

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 1, 2025 License: Apache-2.0 Imports: 24 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var TagDecoder = tagDecoder(0)

The TagDecoder is responsible for decoding YAML tags that represent calls to builtin functions.

No tags are presently supported, but the machinery to support tags is useful to preserve until we are confident that we won't re-introduce.

Functions

func ApplyValuePatches added in v0.12.0 

func ApplyValuePatches(source []byte, patches []*Patch) ([]byte, error)

ApplyValuePatches applies a set of patches values to an environment definition. If patch values contain secret values, they will be wrapped with fn::secret.

func CheckEnvironment 

func CheckEnvironment(
	ctx context.Context,
	name string,
	env *ast.EnvironmentDecl,
	decrypter Decrypter,
	providers ProviderLoader,
	environments EnvironmentLoader,
	execContext *esc.ExecContext,
	showSecrets bool,
) (*esc.Environment, syntax.Diagnostics)

CheckEnvironment symbolically evaluates the given environment. Calls to fn::open are not invoked, and instead evaluate to unknown values with appropriate schemata.

func DecryptSecrets added in v0.6.0 

func DecryptSecrets(ctx context.Context, filename string, source []byte, decrypter Decrypter) ([]byte, error)

DecryptSecrets decrypts any secrets in the given YAML document and returns the rewritten source. Decryption replaces all ciphertext arguments to `fn::secret` with decrypted plaintext.

func EncryptSecrets added in v0.6.0 

func EncryptSecrets(ctx context.Context, filename string, source []byte, encrypter Encrypter) ([]byte, error)

EncryptSecrets encrypts any secrets in the given YAML document and returns the rewritten source. Encryption replaces all plaintext arguments to `fn::secret` with encrypted ciphertext.

func EvalEnvironment 

func EvalEnvironment(
	ctx context.Context,
	name string,
	env *ast.EnvironmentDecl,
	decrypter Decrypter,
	providers ProviderLoader,
	environments EnvironmentLoader,
	execContext *esc.ExecContext,
) (*esc.Environment, syntax.Diagnostics)

EvalEnvironment evaluates the given environment.

func LoadYAML 

func LoadYAML(filename string, r io.Reader) (*ast.EnvironmentDecl, syntax.Diagnostics, error)

LoadYAML decodes a YAML template from an io.Reader.

func LoadYAMLBytes 

func LoadYAMLBytes(filename string, source []byte) (*ast.EnvironmentDecl, syntax.Diagnostics, error)

LoadYAMLBytes decodes a YAML template from a byte array.

Types

type Decrypter added in v0.6.0 

type Decrypter interface {
	// Decrypt decrypts a single ciphertext value.
	Decrypt(ctx context.Context, value []byte) ([]byte, error)
}

A Decrypter decrypts ciphertext into plaintext.

type Encrypter added in v0.6.0 

type Encrypter interface {
	// Encrypt encrypts a single plaintext value.
	Encrypt(ctx context.Context, value []byte) ([]byte, error)
}

An Encrypter encrypts plaintext into ciphertext.

type EnvironmentLoader 

type EnvironmentLoader interface {
	// LoadEnvironment loads the definition for the environment with the given name.
	LoadEnvironment(ctx context.Context, name string) ([]byte, Decrypter, error)
}

An EnvironmentLoader provides the environment evaluator the capability to load imported environment definitions.

type Patch added in v0.12.0 

type Patch struct {
	DocPath     string
	Replacement esc.Value
}

Patch represents a value that should be written back to the environment at the given path.

type ProviderLoader 

type ProviderLoader interface {
	// LoadProvider loads the provider with the given name.
	LoadProvider(ctx context.Context, name string) (esc.Provider, error)
	// LoadRotator loads the rotator with the given name.
	LoadRotator(ctx context.Context, name string) (esc.Rotator, error)
}

A ProviderLoader provides the environment evaluator the capability to load providers.

type Rotation added in v0.12.0 

type Rotation struct {
	Path   string             // document path where the rotation was defined
	Status RotationStatus     // status of the rotation
	Diags  syntax.Diagnostics // diagnostics from the rotation
	Patch  *Patch             // updated rotation state generated during evaluation, to be written back to the environment definition
}

A Rotation stores secret rotation information and diagnostics

type RotationResult added in v0.12.0 

type RotationResult []*Rotation

A RotationResult stores the result of secret rotations

func RotateEnvironment added in v0.12.0 

func RotateEnvironment(
	ctx context.Context,
	name string,
	env *ast.EnvironmentDecl,
	decrypter Decrypter,
	providers ProviderLoader,
	environments EnvironmentLoader,
	execContext *esc.ExecContext,
	paths []resource.PropertyPath,
) (*esc.Environment, *RotationResult, syntax.Diagnostics)

RotateEnvironment evaluates the given environment and invokes provider rotate methods. The updated rotation state is returned with a set of patches to be written back to the environment.

func (*RotationResult) Patches added in v0.12.0 

func (r *RotationResult) Patches() []*Patch

type RotationStatus added in v0.12.0 

type RotationStatus string
const (
	RotationSucceeded    RotationStatus = "succeeded"
	RotationFailed       RotationStatus = "failed"
	RotationNotEvaluated RotationStatus = "not-evaluated"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.