policy

package

v6.4.2 Latest Latest Go to latest Published: Aug 17, 2020 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chenbh/concourse

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func RecordTeamAndPipeline(ctx context.Context, teamName, pipelineName string) context.Context
func RegisterAgent(factory AgentFactory)
func TeamAndPipelineFromContext(ctx context.Context) (string, string)
func WireCheckers(group *flags.Group)
type Agent
type AgentFactory
type Checker
- func Initialize(logger lager.Logger, cluster string, version string, filter Filter) (*Checker, error)
type Filter
type PolicyCheckInput
type PolicyCheckNotPass
- func (e PolicyCheckNotPass) Error() string

Constants ¶

View Source

const ActionUseImage = "UseImage"

Variables ¶

This section is empty.

Functions ¶

func RecordTeamAndPipeline ¶

func RecordTeamAndPipeline(ctx context.Context, teamName, pipelineName string) context.Context

func RegisterAgent ¶

func RegisterAgent(factory AgentFactory)

func TeamAndPipelineFromContext ¶

func TeamAndPipelineFromContext(ctx context.Context) (string, string)

func WireCheckers ¶

func WireCheckers(group *flags.Group)

Types ¶

type Agent ¶

type Agent interface {
	// Check returns true if passes policy check. If not goes through policy
	// check, just return true.
	Check(PolicyCheckInput) (bool, error)
}

Agent should be implemented by policy agents.

type AgentFactory ¶

type AgentFactory interface {
	Description() string
	IsConfigured() bool
	NewAgent(lager.Logger) (Agent, error)
}

type Checker ¶

type Checker struct {
	// contains filtered or unexported fields
}

func Initialize ¶

func Initialize(logger lager.Logger, cluster string, version string, filter Filter) (*Checker, error)

func (*Checker) Check ¶

func (c *Checker) Check(input PolicyCheckInput) (bool, error)

func (*Checker) ShouldCheckAction ¶

func (c *Checker) ShouldCheckAction(action string) bool

func (*Checker) ShouldCheckHttpMethod ¶

func (c *Checker) ShouldCheckHttpMethod(method string) bool

func (*Checker) ShouldSkipAction ¶

func (c *Checker) ShouldSkipAction(action string) bool

type Filter ¶

type Filter struct {
	HttpMethods   []string `long:"policy-check-filter-http-method" description:"API http method to go through policy check"`
	Actions       []string `long:"policy-check-filter-action" description:"Actions in the list will go through policy check"`
	ActionsToSkip []string `long:"policy-check-filter-action-skip" description:"Actions the list will not go through policy check"`
}

type PolicyCheckInput ¶

type PolicyCheckInput struct {
	Service        string      `json:"service"`
	ClusterName    string      `json:"cluster_name"`
	ClusterVersion string      `json:"cluster_version"`
	HttpMethod     string      `json:"http_method,omitempty"`
	Action         string      `json:"action"`
	User           string      `json:"user,omitempty"`
	Team           string      `json:"team,omitempty"`
	Pipeline       string      `json:"pipeline,omitempty"`
	Data           interface{} `json:"data,omitempty"`
}

type PolicyCheckNotPass ¶

type PolicyCheckNotPass struct{}

func (PolicyCheckNotPass) Error ¶

func (e PolicyCheckNotPass) Error() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
opa
policyfakes Code generated by counterfeiter.	Code generated by counterfeiter.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL