Documentation
¶
Overview ¶
Database implementation for filesystems.
This package allows walking recursively through a given path, collecting all configurations and profiles and generate certificates accordingly.
To allow this in a convenient way, this package treats some elements of the configuration in a special way:
Explicitly set aliases are ignored.
The alias will be set to the config file base name Example: Reading a config file in foo/bar/baz.yaml will result in the alias baz
For each generated certificate, the certificate and the key will be stored together in one .pem file next to the config file. To use the example above, the certificate/key will be written to foo/bar/baz.pem
This also means, that an alias must be unique, regardless whether it is explicitly set, or inherited from the filename. So either the filenames themselves must be unique or ambiguous config file names must set their alias to a unique one.
This package also provides an in-memory file system abstraction for testing.
Index ¶
- func ImportFiles(backend db.Database, fsys fs.FS) error
- func NewFilesystemDatabase(filesystem Filesystem) db.Database
- type Filesystem
- type FsDb
- func (fsdb *FsDb) AddProfile(profile config.CertificateProfile) error
- func (fsdb *FsDb) Close() error
- func (fsdb *FsDb) GetEntity(alias string) *db.DbEntity
- func (fsdb *FsDb) GetProfile(name string) *config.CertificateProfile
- func (fsdb *FsDb) GetSubscribers(alias string) []string
- func (fsdb *FsDb) NumEntities() int
- func (fsdb *FsDb) Open() error
- func (fsdb *FsDb) PutEntity(entity db.DbEntity) error
- func (fsdb *FsDb) RootEntities() []string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ImportFiles ¶
Open will walk through the filesystem and collect all config files, building the certificate hierarchy. It does not just open a file descriptor, as the name might suggest.
func NewFilesystemDatabase ¶
func NewFilesystemDatabase(filesystem Filesystem) db.Database
Create a new file system database based on the provided implementation. This function pre-allocates about 2K+ KB of arrays to minimize re-allocation, so it should be used consciously.
Types ¶
type Filesystem ¶
type Filesystem interface {
FS() fs.FS
WriteFile(name string, content []byte) error
Stat(name string) (os.FileInfo, error)
}
Wrappers for fs.FS with some write functionality. If go adds this feature to fs.Fs, we can remove this code. It is also a superset of the fs.StatFs interface.
func NewMapFs ¶
func NewMapFs(m fstest.MapFS) Filesystem
Generates a new filesystem.Filesystem based on fstest.MapFS. It always adds a working directory "."
func NewNativeFs ¶
func NewNativeFs(path string) Filesystem
Generates a new filesystem.Filesystem based on os.DirFS, plus some write functionality taken from the os package.
type FsDb ¶
type FsDb struct {
// contains filtered or unexported fields
}
It effectively builds a graph of certificate nodes and issuer-relations as edges. This allows building certificate hierarchies without imposing an explicit structure on the file system, since everything is derived from the configuration files first. Generation can then happen, by going through all root nodes and looking up subscriber aliases for each one until all certificates have been added.
func (*FsDb) AddProfile ¶
func (fsdb *FsDb) AddProfile(profile config.CertificateProfile) error
func (*FsDb) GetProfile ¶
func (fsdb *FsDb) GetProfile(name string) *config.CertificateProfile
func (*FsDb) GetSubscribers ¶
func (*FsDb) NumEntities ¶
func (*FsDb) PutEntity ¶
TODO: Import feels so scattered now TODO: what if the entity is root? We need to add it to the root list?
Source Files