internal

package

v0.35.1 Latest Latest Go to latest Published: Apr 9, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cerbos/cerbos

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ConcatWithSepFunc(dialect string) func(string, ...any) exp.Expression
func ConnectWithRetries(driverName, connStr string, retryConf *ConnRetryConf) (*sqlx.DB, error)
type ConnPoolConf
- func (cc *ConnPoolConf) Configure(db *sqlx.DB)
type ConnRetryConf
- func (rc *ConnRetryConf) BackoffConf() backoff.BackOff
- func (rc *ConnRetryConf) Validate() (outErr error)
type DBOpt
type DBStorage
- func NewDBStorage(ctx context.Context, db *goqu.Database, dbOpts ...DBOpt) (DBStorage, error)
type Policy
type PolicyAncestor
type PolicyCount
type PolicyDefWrapper
- func (pdw *PolicyDefWrapper) Scan(src any) error
- func (pdw PolicyDefWrapper) Value() (driver.Value, error)
type PolicyDependency
type PolicyRevision
type Schema

Constants ¶

View Source

const (
	PolicyTbl              = "policy"
	PolicyTblIDCol         = "id"
	PolicyTblKindCol       = "kind"
	PolicyTblNameCol       = "name"
	PolicyTblVerCol        = "version"
	PolicyTblScopeCol      = "scope"
	PolicyTblDescCol       = "description"
	PolicyTblDefinitionCol = "definition"
	PolicyTblDisabledCol   = "disabled"

	PolicyDepTbl            = "policy_dependency"
	PolicyDepTblPolicyIDCol = "policy_id"
	PolicyDepTblDepIDCol    = "dependency_id"

	PolicyAncestorTbl              = "policy_ancestor"
	PolicyAncestorTblPolicyIDCol   = "policy_id"
	PolicyAncestorTblAncestorIDCol = "ancestor_id"

	PolicyRevisionTbl = "policy_revision"

	SchemaTbl              = "attr_schema_defs"
	SchemaTblIDCol         = "id"
	SchemaTblDefinitionCol = "definition"
)

Variables ¶

This section is empty.

Functions ¶

func ConcatWithSepFunc ¶ added in v0.12.0

func ConcatWithSepFunc(dialect string) func(string, ...any) exp.Expression

func ConnectWithRetries ¶ added in v0.24.0

func ConnectWithRetries(driverName, connStr string, retryConf *ConnRetryConf) (*sqlx.DB, error)

Types ¶

type ConnPoolConf ¶

type ConnPoolConf struct {
	MaxLifetime time.Duration `yaml:"maxLifeTime"`
	MaxIdleTime time.Duration `yaml:"maxIdleTime"`
	MaxOpen     uint          `yaml:"maxOpen"`
	MaxIdle     uint          `yaml:"maxIdle"`
}

ConnPoolConf holds common SQL connection pool settings.

func (*ConnPoolConf) Configure ¶

func (cc *ConnPoolConf) Configure(db *sqlx.DB)

type ConnRetryConf ¶ added in v0.33.0

type ConnRetryConf struct {
	// MaxAttempts is the maximum number of retries to attempt before giving up.
	MaxAttempts uint64 `yaml:"maxAttempts"`
	// InitialInterval is the initial wait period between retry attempts. Subsequent attempts will be longer depending on the attempt number.
	InitialInterval time.Duration `yaml:"initialInterval"`
	// MaxInterval is the maximum amount of time to wait between retry attempts.
	MaxInterval time.Duration `yaml:"maxInterval"`
}

ConnRetryConf holds common retry settings for establishing a database connection.

func (*ConnRetryConf) BackoffConf ¶ added in v0.33.0

func (rc *ConnRetryConf) BackoffConf() backoff.BackOff

func (*ConnRetryConf) Validate ¶ added in v0.33.0

func (rc *ConnRetryConf) Validate() (outErr error)

type DBOpt ¶ added in v0.13.0

type DBOpt func(*dbOpt)

DBOpt defines database driver options.

func WithRegexpCacheOverride ¶ added in v0.29.0

func WithRegexpCacheOverride(c *util.RegexpCache) DBOpt

WithRegexpCacheOverride overrides the default regexp cache for DB queries requiring compiled expressions. This is only required for DB drivers that require access to the cache (e.g. The SQLite driver retrieves the compiled expressions for the application-defined function).

func WithSourceAttributes ¶ added in v0.33.0

func WithSourceAttributes(attr ...policy.SourceAttribute) DBOpt

WithSourceAttributes sets the policy source attributes.

func WithUpsertPolicy ¶ added in v0.13.0

func WithUpsertPolicy(f upsertPolicyFunc) DBOpt

WithUpsertPolicy sets custom upsert policy function.

func WithUpsertSchema ¶ added in v0.13.0

func WithUpsertSchema(f upsertSchemaFunc) DBOpt

WithUpsertSchema sets custom upsert schema function.

type DBStorage ¶

type DBStorage interface {
	storage.Subscribable
	storage.Instrumented
	storage.Reloadable
	storage.Verifiable
	AddOrUpdate(ctx context.Context, policies ...policy.Wrapper) error
	GetFirstMatch(ctx context.Context, candidates []namer.ModuleID) (*policy.CompilationUnit, error)
	GetCompilationUnits(ctx context.Context, ids ...namer.ModuleID) (map[namer.ModuleID]*policy.CompilationUnit, error)
	GetDependents(ctx context.Context, ids ...namer.ModuleID) (map[namer.ModuleID][]namer.ModuleID, error)
	HasDescendants(ctx context.Context, ids ...namer.ModuleID) (map[namer.ModuleID]bool, error)
	Delete(ctx context.Context, ids ...namer.ModuleID) error
	InspectPolicies(ctx context.Context, params storage.ListPolicyIDsParams) (map[string]*responsev1.InspectPoliciesResponse_Result, error)
	ListPolicyIDs(ctx context.Context, params storage.ListPolicyIDsParams) ([]string, error)
	ListSchemaIDs(ctx context.Context) ([]string, error)
	AddOrUpdateSchema(ctx context.Context, schemas ...*schemav1.Schema) error
	Disable(ctx context.Context, policyKey ...string) (uint32, error)
	Enable(ctx context.Context, policyKey ...string) (uint32, error)
	DeleteSchema(ctx context.Context, ids ...string) (uint32, error)
	LoadSchema(ctx context.Context, url string) (io.ReadCloser, error)
	LoadPolicy(ctx context.Context, policyKey ...string) ([]*policy.Wrapper, error)
}

func NewDBStorage ¶

func NewDBStorage(ctx context.Context, db *goqu.Database, dbOpts ...DBOpt) (DBStorage, error)

type Policy ¶

type Policy struct {
	Definition  PolicyDefWrapper
	Kind        string
	Name        string
	Version     string
	Scope       string
	Description string
	ID          namer.ModuleID
	Disabled    bool
}

type PolicyAncestor ¶ added in v0.13.0

type PolicyAncestor struct {
	PolicyID   namer.ModuleID `db:"policy_id"`
	AncestorID namer.ModuleID `db:"ancestor_id"`
}

type PolicyCount ¶ added in v0.15.0

type PolicyCount struct {
	Kind  string
	Count int
}

type PolicyDefWrapper ¶

type PolicyDefWrapper struct {
	*policyv1.Policy
}

func (*PolicyDefWrapper) Scan ¶

func (pdw *PolicyDefWrapper) Scan(src any) error

func (PolicyDefWrapper) Value ¶

func (pdw PolicyDefWrapper) Value() (driver.Value, error)

type PolicyDependency ¶

type PolicyDependency struct {
	PolicyID     namer.ModuleID `db:"policy_id"`
	DependencyID namer.ModuleID `db:"dependency_id"`
}

type PolicyRevision ¶ added in v0.7.0

type PolicyRevision struct {
	Timestamp   time.Time `db:"update_timestamp"`
	Definition  PolicyDefWrapper
	Action      string
	Version     string
	Scope       string
	Description string
	Kind        string
	Name        string
	ID          namer.ModuleID
	RevisionID  int64 `db:"revision_id"`
	Disabled    bool
}

type Schema ¶ added in v0.11.0

type Schema struct {
	Definition *pgtype.JSON
	ID         string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL