The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func BuildPermissionTargetSchema() map[string]*schema.Schema
- func CheckAccessToken(id string, request *resty.Request) (*resty.Response, error)
- func PackPermissionTarget(permissionTarget *PermissionTargetParams, d *schema.ResourceData) diag.Diagnostics
- func PermTargetExists(id string, m interface{}) (bool, error)
- func ResourceArtifactoryAccessToken() *schema.Resource
- func ResourceArtifactoryApiKey() *schema.Resource
- func ResourceArtifactoryCertificate() *schema.Resource
- func ResourceArtifactoryGroup() *schema.Resource
- func ResourceArtifactoryKeyPair() *schema.Resource
- func ResourceArtifactoryPermissionTarget() *schema.Resource
- func ResourceArtifactoryPermissionTargets() *schema.Resource
- func ResourceArtifactoryScopedToken() *schema.Resource
- func TokenOptsToValues(t AccessTokenOptions) (url.Values, error)
- func VerifyKeyPair(id string, request *resty.Request) (*resty.Response, error)
- type AccessTokenOptions
- type AccessTokenPostResponse
- type AccessTokenRevokeOptions
- type Actions
- type ApiKey
- type CertificateDetails
- type Group
- type KeyPairPayLoad
- type PermissionTargetParams
- type PermissionTargetSection
Constants ¶
View Source
const ( PermRead = "read" PermWrite = "write" PermAnnotate = "annotate" PermDelete = "delete" PermManage = "manage" PermManagedXrayMeta = "managedXrayMeta" PermDistribute = "distribute" )
View Source
const ApiKeyEndpoint = "artifactory/api/security/apiKey"
View Source
const CertificateEndpoint = "artifactory/api/system/security/certificates/"
View Source
const GroupsEndpoint = "artifactory/api/security/groups/"
View Source
const KeypairEndPoint = "artifactory/api/security/keypair/"
View Source
const PermissionsEndPoint = "artifactory/api/v2/security/permissions/"
Variables ¶
View Source
var GroupSchema = map[string]*schema.Schema{ "name": { Type: schema.TypeString, Required: true, ForceNew: true, ValidateFunc: validation.StringIsNotEmpty, }, "description": { Type: schema.TypeString, Optional: true, }, "external_id": { Type: schema.TypeString, Optional: true, ValidateDiagFunc: validation.ToDiagFunc(validation.StringIsNotEmpty), Description: "New external group ID used to configure the corresponding group in Azure AD.", }, "auto_join": { Type: schema.TypeBool, Optional: true, Computed: true, }, "admin_privileges": { Type: schema.TypeBool, Optional: true, Computed: true, }, "realm": { Type: schema.TypeString, Optional: true, Computed: true, ValidateDiagFunc: validator.LowerCase, }, "realm_attributes": { Type: schema.TypeString, Optional: true, }, "users_names": { Type: schema.TypeSet, Elem: &schema.Schema{Type: schema.TypeString}, Optional: true, }, "detach_all_users": { Type: schema.TypeBool, Optional: true, }, "watch_manager": { Type: schema.TypeBool, Optional: true, Default: false, Description: `When this override is set, User in the group can manage Xray Watches on any resource type. Default value is 'false'.`, }, "policy_manager": { Type: schema.TypeBool, Optional: true, Default: false, Description: `When this override is set, User in the group can set Xray security and compliance policies. Default value is 'false'.`, }, "reports_manager": { Type: schema.TypeBool, Optional: true, Default: false, Description: `When this override is set, User in the group can manage Xray Reports. Default value is 'false'.`, }, }
Functions ¶
func BuildPermissionTargetSchema ¶ added in v6.25.0
func CheckAccessToken ¶ added in v6.8.0
func PackPermissionTarget ¶ added in v6.25.0
func PackPermissionTarget(permissionTarget *PermissionTargetParams, d *schema.ResourceData) diag.Diagnostics
func PermTargetExists ¶
func ResourceArtifactoryScopedToken ¶ added in v6.8.0
func TokenOptsToValues ¶
func TokenOptsToValues(t AccessTokenOptions) (url.Values, error)
func VerifyKeyPair ¶ added in v6.6.0
Types ¶
type AccessTokenOptions ¶
type AccessTokenOptions struct {
// The grant type used to authenticate the request. In this case, the only value supported is "client_credentials" which is also the default value if this parameter is not specified.
GrantType string `url:"grant_type,omitempty"` // [Optional, default: "client_credentials"]
// The user name for which this token is created. If the user does not exist, a transient user is created. Non-admin users can only create tokens for themselves so they must specify their own username.
// If the user does not exist, the member-of-groups scope token must be provided (e.g. member-of-groups: g1, g2, g3...)
Username string `url:"username,omitempty"`
// The scope to assign to the token provided as a space-separated list of scope tokens. Currently there are three possible scope tokens:
// - "api:*" - indicates that the token grants access to REST API calls. This is always granted by default whether specified in the call or not.
// - member-of-groups:[<group-name>] - indicates the groups that the token is associated with (e.g. member-of-groups: g1, g2, g3...). The token grants access according to the permission targets specified for the groups listed.
// Specify "*" for group-name to indicate that the token should provide the same access privileges that are given to the group of which the logged in user is a member.
// A non-admin user can only provide a scope that is a subset of the groups to which he belongs
// - "jfrt@<instance-id>:admin" - provides admin privileges on the specified Artifactory instance. This is only available for administrators.
// If omitted and the username specified exists, the token is granted the scope of that user.
Scope string `url:"scope,omitempty"` // [Optional if the user specified in username exists]
// The time in seconds for which the token will be valid. To specify a token that never expires, set to zero. Non-admin can only set a value that is equal to or less than the default 3600.
ExpiresIn int `url:"expires_in"` // [Optional, default: 3600]
// If true, this token is refreshable and the refresh token can be used to replace it with a new token once it expires.
Refreshable string `url:"refreshable,omitempty"` // [Optional, default: false]
// A space-separate list of the other Artifactory instances or services that should accept this token identified by their Artifactory Service IDs as obtained from the Get Service ID endpoint.
// In case you want the token to be accepted by all Artifactory instances you may use the following audience parameter "audience=jfrt@*".
Audience string `url:"audience,omitempty"` // [Optional, default: Only the Service ID of the Artifactory instance that created the token]
}
type AccessTokenPostResponse ¶ added in v6.8.0
type AccessTokenPostResponse struct {
TokenId string `json:"token_id"`
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
ExpiresIn int `json:"expires_in"`
Scope string `json:"scope"`
TokenType string `json:"token_type"`
ReferenceToken string `json:"reference_token"`
}
func (AccessTokenPostResponse) Id ¶ added in v6.8.0
func (a AccessTokenPostResponse) Id() string
type AccessTokenRevokeOptions ¶
type AccessTokenRevokeOptions struct {
Token string `url:"token,omitempty"`
}
AccessTokenRevokeOptions jfrog client go has no v1 code and moving to v2 would be a lot of work. To remove the dependency, we copy and past it here
type CertificateDetails ¶
type CertificateDetails struct {
CertificateAlias string `json:"certificateAlias,omitempty"`
IssuedTo string `json:"issuedTo,omitempty"`
IssuedBy string `json:"issuedby,omitempty"`
IssuedOn string `json:"issuedOn,omitempty"`
ValidUntil string `json:"validUntil,omitempty"`
FingerPrint string `json:"fingerPrint,omitempty"`
}
CertificateDetails this type doesn't even exist in the new go client. In fact, the whole API call doesn't
func FindCertificate ¶
func FindCertificate(alias string, m interface{}) (*CertificateDetails, error)
type Group ¶
type Group struct {
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
ExternalId string `json:"externalId"`
AutoJoin bool `json:"autoJoin,omitempty"`
AdminPrivileges bool `json:"adminPrivileges,omitempty"`
Realm string `json:"realm,omitempty"`
RealmAttributes string `json:"realmAttributes,omitempty"`
UsersNames []string `json:"userNames"`
WatchManager bool `json:"watchManager"`
PolicyManager bool `json:"policyManager"`
ReportsManager bool `json:"reportsManager"`
}
Group is a encoding struct to match https://www.jfrog.com/confluence/display/JFROG/Security+Configuration+JSON#SecurityConfigurationJSON-application/vnd.org.jfrog.artifactory.security.Group+json
type KeyPairPayLoad ¶
type KeyPairPayLoad struct {
PairName string `hcl:"pair_name" json:"pairName"`
PairType string `hcl:"pair_type" json:"pairType"`
Alias string `hcl:"alias" json:"alias"`
PrivateKey string `hcl:"private_key" json:"privateKey"`
Passphrase string `hcl:"passphrase" json:"passphrase"`
PublicKey string `hcl:"public_key" json:"publicKey"`
}
func (KeyPairPayLoad) Id ¶
func (kp KeyPairPayLoad) Id() string
type PermissionTargetParams ¶
type PermissionTargetParams struct {
Name string `json:"name"`
Repo *PermissionTargetSection `json:"repo,omitempty"`
Build *PermissionTargetSection `json:"build,omitempty"`
ReleaseBundle *PermissionTargetSection `json:"releaseBundle,omitempty"`
}
PermissionTargetParams Copy from https://github.com/jfrog/jfrog-client-go/blob/master/artifactory/services/permissiontarget.go#L116
Using struct pointers to keep the fields null if they are empty. Artifactory evaluates inner struct typed fields if they are not null, which can lead to failures in the request.
Source Files
Click to show internal directories.
Click to hide internal directories.