backend

package
v0.0.0-...-5c79d48 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 25 Imported by: 0

Documentation

Overview

Package backend provides storage backend abstraction layer

backend package allows for pluggable back-ends for secrets storage. To implement a new storage back-end you have to supply an object which:

  • implements backend.Backend interface
  • implements backend.NewFunc function

Index

Constants

View Source 
const (
	// DefaultBufferCapacity is a default circular buffer size
	// used by backends to fan out events
	DefaultBufferCapacity = 1024
	// DefaultBacklogGracePeriod is the default amount of time that the circular buffer
	// will tolerate an event backlog in one of its watchers. Value was selected to be
	// just under 1m since 1m is typically the highest rate that high volume events
	// (e.g. heartbeats) are be created. If a watcher can't catch up in under a minute,
	// it probably won't catch up.
	DefaultBacklogGracePeriod = time.Second * 59
	// DefaultPollStreamPeriod is a default event poll stream period
	DefaultPollStreamPeriod = time.Second
	// DefaultEventsTTL is a default events TTL period
	DefaultEventsTTL = 10 * time.Minute
	// DefaultRangeLimit is used to specify some very large limit when limit is not specified
	// explicitly to prevent OOM due to infinite loops or other issues along those lines.
	DefaultRangeLimit = 2_000_000
)
View Source 
const (
	Forever time.Duration = 0
)

Forever means that object TTL will not expire unless deleted

View Source 
const (
	// MaxAtomicWriteSize is the maximum number of conditional actions that may
	// be applied via a single atomic write. The exact number is subject to change
	// but must always be less than the minimum value supported across all backends.
	MaxAtomicWriteSize = 64
)
View Source 
const NoLimit = 0

NoLimit specifies no limits

View Source 
const Separator = '/'

Separator is used as a separator between key parts

Variables

View Source 
var BlankRevision = uuid.Nil.String()

BlankRevision is a placeholder revision to be used by backends when the revision of the item in the backend is empty. This can happen to any existing resources that were last written before support for revisions was added.

View Source 
var ErrConditionFailed = &trace.CompareFailedError{Message: "condition failed, one or more resources were concurrently created|modified|deleted; please reload the current state and try again"}

ErrConditionFailed is returned from AtomicWrite when one or more conditions failed to hold.

View Source 
var ErrIncorrectRevision = &trace.CompareFailedError{Message: "resource revision does not match, it may have been concurrently created|modified|deleted; please work from the latest state, or use --force to overwrite"}

ErrIncorrectRevision is returned from conditional operations when revisions do not match the expected value.

Functions

func CreateRevision 

func CreateRevision() string

CreateRevision generates a new identifier to be used as a resource revision. Backend implementations that provide their own mechanism for versioning resources should be preferred.

func EarliestExpiry 

func EarliestExpiry(times ...time.Time) time.Time

EarliestExpiry returns first of the otherwise returns empty

func ExactKey 

func ExactKey(parts ...string) []byte

ExactKey is like Key, except a Separator is appended to the result path of Key. This is to ensure range matching of a path will only math child paths and not other paths that have the resulting path as a prefix.

func Expiry 

func Expiry(clock clockwork.Clock, ttl time.Duration) time.Time

Expiry converts ttl to expiry time, if ttl is 0 returns empty time

func FlagKey 

func FlagKey(parts ...string) []byte

func GetPaginationKey 

func GetPaginationKey(ki KeyedItem) string

GetPaginationKey returns the pagination key given item. For items that implement HostID, the next key will also have the HostID part.

func IterateRange 

func IterateRange(ctx context.Context, bk Backend, startKey []byte, endKey []byte, limit int, fn func([]Item) (stop bool, err error)) error

IterateRange is a helper for stepping over a range

func Key 

func Key(parts ...string) []byte

Key joins parts into path separated by Separator, makes sure path always starts with Separator ("/")

func MaskKeyName 

func MaskKeyName(keyName string) []byte

MaskKeyName masks the given key name. e.g "123456789" -> "******789"

func MustRegister 

func MustRegister(backend string, fn func(context.Context, Params) (Backend, error))

MustRegister registers a Backend implementation, panicking if it has already been registered. Must only be called before any possible call to New.

func NextPaginationKey 

func NextPaginationKey(ki KeyedItem) string

NextPaginationKey returns the next pagination key. For items that implement HostID, the next key will also have the HostID part.

func RangeEnd 

func RangeEnd(key []byte) []byte

RangeEnd returns end of the range for given key.

func RemoveRedundantPrefixes 

func RemoveRedundantPrefixes(prefixes [][]byte) [][]byte

RemoveRedundantPrefixes will remove redundant prefixes from the given prefix list.

func RunWhileLocked 

func RunWhileLocked(ctx context.Context, cfg RunWhileLockedConfig, fn func(context.Context) error) error

RunWhileLocked allows you to run a function while a lock is held.

func StreamRange 

func StreamRange(ctx context.Context, bk Backend, startKey, endKey []byte, pageSize int) stream.Stream[Item]

StreamRange constructs a Stream for the given key range. This helper just uses standard pagination under the hood, lazily loading pages as needed. Streams are currently only used for periodic operations, but if they become more widely used in the future, it may become worthwhile to optimize the streaming of backend items further. Two potential improvements of note:

1. update this helper to concurrently load the next page in the background while items from the current page are being yielded.

2. allow individual backends to expose custom streaming methods s.t. the most performant impl for a given backend may be used.

func TTL 

func TTL(clock clockwork.Clock, expires time.Time) time.Duration

TTL returns TTL in duration units, rounds up to one second

func ValidateAtomicWrite 

func ValidateAtomicWrite(condacts []ConditionalAction) error

ValidateAtomicWrite verifies that the supplied group of conditional actions are a valid input for atomic application. This means both verifying that each individual conditional action is well-formed, and also that no two conditional actions targets the same key.

Types

type Action 

type Action struct {
	// Item is the item to be written (only used when Kind is Put).
	Item Item

	// Kind is the kind of action represented.
	Kind ActionKind
}

Action specifies an action to be taken against a backend item.

func Delete 

func Delete() Action

Delete builds an action that removes the target key.

func Nop 

func Nop() Action

Nop builds an action that does nothing.

func Put 

func Put(item Item) Action

Put builds an action that writes the provided item to the target key.

func (*Action) Check 

func (a *Action) Check() error

Check verifies that the action is well-formed.

func (*Action) IsWrite 

func (a *Action) IsWrite() bool

IsWrite checks if this action performs a write.

func (*Action) IsZero 

func (a *Action) IsZero() bool

IsZero checks if this action appears unspecified.

type ActionKind 

type ActionKind int

ActionKind marks the kind of an action to be taken. 

const (
	// KindNop indicates that no action should be taken.
	KindNop ActionKind = 1 + iota

	// KindPut indicates that the associated item should be written to the target key.
	KindPut

	// KindDelete indicates that any item at the target key should be removed.
	KindDelete
)

type AtomicWriter 

type AtomicWriter interface {
	// AtomicWrite executes a batch of conditional actions atomically s.t. all actions happen if all
	// conditions are met, but no actions happen if any condition fails to hold. If one or more conditions
	// failed to hold, [ErrConditionFailed] is returned. The number of conditional actions must not
	// exceed [MaxAtomicWriteSize] and no two conditional actions may point to the same key. If successful,
	// the returned revision is the new revision associated with all [Put] actions that were part of the
	// operation (the revision value has no meaning outside of the context of puts).
	AtomicWrite(ctx context.Context, condacts []ConditionalAction) (revision string, err error)
}

AtomicWriter is a standalone interface for the AtomicWrite method. This interface will be deprecated once all backends implement AtomicWrite.

type AtomicWriterBackend 

type AtomicWriterBackend interface {
	Backend
	AtomicWriter
}

AtomicWriterBackend joins the AtomicWrite interface with the standard backend interface. This interface will be deprecated once all backends implement AtomicWrite.

type Backend 

type Backend interface {
	// GetName returns the implementation driver name.
	GetName() string

	// Create creates item if it does not exist
	Create(ctx context.Context, i Item) (*Lease, error)

	// Put puts value into backend (creates if it does not
	// exists, updates it otherwise)
	Put(ctx context.Context, i Item) (*Lease, error)

	// CompareAndSwap compares item with existing item
	// and replaces is with replaceWith item
	CompareAndSwap(ctx context.Context, expected Item, replaceWith Item) (*Lease, error)

	// Update updates value in the backend
	Update(ctx context.Context, i Item) (*Lease, error)

	// Get returns a single item or not found error
	Get(ctx context.Context, key []byte) (*Item, error)

	// GetRange returns query range
	GetRange(ctx context.Context, startKey []byte, endKey []byte, limit int) (*GetResult, error)

	// Delete deletes item by key, returns NotFound error
	// if item does not exist
	Delete(ctx context.Context, key []byte) error

	// DeleteRange deletes range of items with keys between startKey and endKey
	DeleteRange(ctx context.Context, startKey, endKey []byte) error

	// KeepAlive keeps object from expiring, updates lease on the existing object,
	// expires contains the new expiry to set on the lease,
	// some backends may ignore expires based on the implementation
	// in case if the lease managed server side
	KeepAlive(ctx context.Context, lease Lease, expires time.Time) error

	// ConditionalUpdate updates the value in the backend if the revision of the [Item] matches
	// the stored revision.
	ConditionalUpdate(ctx context.Context, i Item) (*Lease, error)

	// ConditionalDelete deletes the item by key if the revision matches the stored revision.
	ConditionalDelete(ctx context.Context, key []byte, revision string) error

	// NewWatcher returns a new event watcher
	NewWatcher(ctx context.Context, watch Watch) (Watcher, error)

	// Close closes backend and all associated resources
	Close() error

	// Clock returns clock used by this backend
	Clock() clockwork.Clock

	// CloseWatchers closes all the watchers
	// without closing the backend
	CloseWatchers()
}

Backend implements abstraction over local or remote storage backend. Item keys are assumed to be valid UTF8, which may be enforced by the various Backend implementations.

func New 

func New(ctx context.Context, backend string, params Params) (Backend, error)

New initializes a new Backend implementation based on the service config.

type BufferOption 

type BufferOption func(*bufferConfig)

func BacklogGracePeriod 

func BacklogGracePeriod(d time.Duration) BufferOption

BacklogGracePeriod sets the amount of time a watcher with a backlog will be tolerated.

func BufferCapacity 

func BufferCapacity(c int) BufferOption

BufferCapacity sets the event capacity of the circular buffer.

func BufferClock 

func BufferClock(c clockwork.Clock) BufferOption

BufferClock sets a custom clock for the buffer (used in tests).

type BufferWatcher 

type BufferWatcher struct {
	Watch
	// contains filtered or unexported fields
}

BufferWatcher is a watcher connected to the buffer and receiving fan-out events from the watcher

func (*BufferWatcher) Close 

func (w *BufferWatcher) Close() error

Close closes the watcher, could be called multiple times, removes the watcher from the buffer queue

func (*BufferWatcher) Done 

func (w *BufferWatcher) Done() <-chan struct{}

Done channel is closed when watcher is closed

func (*BufferWatcher) Events 

func (w *BufferWatcher) Events() <-chan Event

Events returns events channel. This method performs internal work and should be re-called after each event is received, rather than having its output cached.

func (*BufferWatcher) String 

func (w *BufferWatcher) String() string

String returns user-friendly representation of the buffer watcher

type CircularBuffer 

type CircularBuffer struct {
	sync.Mutex
	*log.Entry
	// contains filtered or unexported fields
}

CircularBuffer implements in-memory circular buffer of predefined size, that is capable of fan-out of the backend events.

func NewCircularBuffer 

func NewCircularBuffer(opts ...BufferOption) *CircularBuffer

NewCircularBuffer returns a new uninitialized instance of circular buffer.

func (*CircularBuffer) Clear 

func (c *CircularBuffer) Clear()

Clear clears all events from the queue and closes all active watchers, but does not modify init state.

func (*CircularBuffer) Close 

func (c *CircularBuffer) Close() error

Close closes circular buffer and all watchers

func (*CircularBuffer) Emit 

func (c *CircularBuffer) Emit(events ...Event) (ok bool)

Emit emits events to currently registered watchers and stores them to the buffer. Panics if called before SetInit(), and returns false if called after Close().

func (*CircularBuffer) NewWatcher 

func (c *CircularBuffer) NewWatcher(ctx context.Context, watch Watch) (Watcher, error)

NewWatcher adds a new watcher to the events buffer

func (*CircularBuffer) Reset 

func (c *CircularBuffer) Reset()

Reset is equivalent to Clear except that is also sets the buffer into an uninitialized state. This method should only be used when resetting after a broken event stream. If only closure of watchers is desired, use Clear instead.

func (*CircularBuffer) SetInit 

func (c *CircularBuffer) SetInit()

SetInit puts the buffer into an initialized state if it isn't already. Any watchers already queued will be sent init events, and watchers added after this call will have their init events sent immediately. This function must be called *after* establishing a healthy parent event stream in order to preserve correct cache behavior.

type Condition 

type Condition struct {
	// Revision is a specific revision to be asserted (only used when Kind is KindRevision).
	Revision string

	// Kind is the kind of condition represented.
	Kind ConditionKind
}

Condition specifies some requirement that a backend item must meet.

func Exists 

func Exists() Condition

Exists builds a condition that asserts the target key exists.

func NotExists 

func NotExists() Condition

NotExists builds a condition that asserts the target key does not exist.

func Revision 

func Revision(r string) Condition

Revision builds a condition that asserts the target key has the specified revision.

func Whatever 

func Whatever() Condition

Whatever builds a condition that matches any current key state.

func (*Condition) Check 

func (c *Condition) Check() error

Check verifies that a the condition in well-formed.

func (*Condition) IsZero 

func (c *Condition) IsZero() bool

IsZero checks if this condition appears unspecified.

type ConditionKind 

type ConditionKind int

ConditionKind marks the kind of condition to be evaluated. 

const (
	// KindWhatever indicates that no condition should be evaluated.
	KindWhatever ConditionKind = 1 + iota

	// KindExists asserts that an item exists at the target key.
	KindExists

	// KindNotExists asserts that no item exists at the target key.
	KindNotExists

	// KindRevision asserts the exact current revision of the target key.
	KindRevision
)

type ConditionalAction 

type ConditionalAction struct {
	// Key is the key against which the associated condition and action are to
	// be applied.
	Key []byte

	// Condition must be one of Exists|NotExists|Revision(<revision>)|Whatever
	Condition Condition

	// Action must be one of Put(<item>)|Delete|Nop
	Action Action
}

ConditionalAction specifies a condition and an action associated with a given key. The condition must hold for the action to be taken.

func (*ConditionalAction) Check 

func (c *ConditionalAction) Check() error

Check validates the basic correctness of the conditional action.

type Config 

type Config struct {
	// Type can be "bolt" or "etcd" or "dynamodb"
	Type string `yaml:"type,omitempty"`

	// Params is a generic key/value property bag which allows arbitrary
	// values to be passed to backend
	Params Params `yaml:",inline"`
}

Config is used for 'storage' config section. It's a combination of values for various backends: 'boltdb', 'etcd', 'filesystem' and 'dynamodb'

type Event 

type Event struct {
	// Type is operation type
	Type types.OpType
	// Item is event Item
	Item Item
}

Event is a event containing operation with item

func (Event) String 

func (e Event) String() string

type GetResult 

type GetResult struct {
	// Items returns a list of items
	Items []Item
}

GetResult provides the result of GetRange request

type HostID 

type HostID interface {
	KeyedItem
	GetHostID() string
}

HostID is a derivation of a KeyedItem that allows the host id to be included in the key.

type Item 

type Item struct {
	// Key is a key of the key value item
	Key []byte
	// Value is a value of the key value item
	Value []byte
	// Expires is an optional record expiry time
	Expires time.Time
	// ID is a record ID, newer records have newer ids
	// Deprecated: use Revision instead
	ID int64
	// Revision is the last known version of the object.
	Revision string
}

Item is a key value item

type Items 

type Items []Item

Items is a sortable list of backend items

func (Items) Len 

func (it Items) Len() int

Len is part of sort.Interface.

func (Items) Less 

func (it Items) Less(i, j int) bool

Less is part of sort.Interface.

func (Items) Swap 

func (it Items) Swap(i, j int)

Swap is part of sort.Interface.

type KeyedItem 

type KeyedItem interface {
	GetName() string
}

KeyedItem represents an item from which a pagination key can be derived.

type Lease 

type Lease struct {
	// Key is the resource identifier.
	Key []byte
	// ID is a lease ID, could be empty.
	// Deprecated: use Revision instead
	ID int64
	// Revision is the last known version of the object.
	Revision string
}

Lease represents a lease on the item that can be used to extend item's TTL without updating its contents.

Here is an example of renewing object TTL: 

item.Expires = time.Now().Add(10 * time.Second)
lease, err := backend.Create(ctx, item)
expires := time.Now().Add(20 * time.Second)
err = backend.KeepAlive(ctx, lease, expires)

func NewLease 

func NewLease(item Item) *Lease

NewLease creates a lease for the provided Item.

type Lock 

type Lock struct {
	// contains filtered or unexported fields
}

func AcquireLock 

func AcquireLock(ctx context.Context, cfg LockConfiguration) (Lock, error)

AcquireLock grabs a lock that will be released automatically in TTL

func (*Lock) Release 

func (l *Lock) Release(ctx context.Context, backend Backend) error

Release forces lock release

type LockConfiguration 

type LockConfiguration struct {
	Backend  Backend
	LockName string
	// TTL defines when lock will be released automatically
	TTL time.Duration
	// RetryInterval defines interval which is used to retry locking after
	// initial lock failed due to someone else holding lock.
	RetryInterval time.Duration
}

func (*LockConfiguration) CheckAndSetDefaults 

func (l *LockConfiguration) CheckAndSetDefaults() error

type Params 

type Params map[string]interface{}

Params type defines a flexible unified back-end configuration API. It is just a map of key/value pairs which gets populated by `storage` section in Teleport YAML config.

func (Params) GetString 

func (p Params) GetString(key string) string

GetString returns a string value stored in Params map, or an empty string if nothing is found

type Reporter 

type Reporter struct {
	// ReporterConfig contains reporter wrapper configuration
	ReporterConfig
	// contains filtered or unexported fields
}

Reporter wraps a Backend implementation and reports statistics about the backend operations

func NewReporter 

func NewReporter(cfg ReporterConfig) (*Reporter, error)

NewReporter returns a new Reporter.

func (*Reporter) Clock 

func (s *Reporter) Clock() clockwork.Clock

Clock returns clock used by this backend

func (*Reporter) Close 

func (s *Reporter) Close() error

Close releases the resources taken up by this backend

func (*Reporter) CloseWatchers 

func (s *Reporter) CloseWatchers()

CloseWatchers closes all the watchers without closing the backend

func (*Reporter) CompareAndSwap 

func (s *Reporter) CompareAndSwap(ctx context.Context, expected Item, replaceWith Item) (*Lease, error)

CompareAndSwap compares item with existing item and replaces is with replaceWith item

func (*Reporter) ConditionalDelete 

func (s *Reporter) ConditionalDelete(ctx context.Context, key []byte, revision string) error

ConditionalDelete deletes the item by key if the revision matches the stored revision.

func (*Reporter) ConditionalUpdate 

func (s *Reporter) ConditionalUpdate(ctx context.Context, i Item) (*Lease, error)

ConditionalUpdate updates value in the backend if revisions match.

func (*Reporter) Create 

func (s *Reporter) Create(ctx context.Context, i Item) (*Lease, error)

Create creates item if it does not exist

func (*Reporter) Delete 

func (s *Reporter) Delete(ctx context.Context, key []byte) error

Delete deletes item by key

func (*Reporter) DeleteRange 

func (s *Reporter) DeleteRange(ctx context.Context, startKey []byte, endKey []byte) error

DeleteRange deletes range of items

func (*Reporter) Get 

func (s *Reporter) Get(ctx context.Context, key []byte) (*Item, error)

Get returns a single item or not found error

func (*Reporter) GetName 

func (s *Reporter) GetName() string

func (*Reporter) GetRange 

func (s *Reporter) GetRange(ctx context.Context, startKey []byte, endKey []byte, limit int) (*GetResult, error)

GetRange returns query range

func (*Reporter) KeepAlive 

func (s *Reporter) KeepAlive(ctx context.Context, lease Lease, expires time.Time) error

KeepAlive keeps object from expiring, updates lease on the existing object, expires contains the new expiry to set on the lease, some backends may ignore expires based on the implementation in case if the lease managed server side

func (*Reporter) NewWatcher 

func (s *Reporter) NewWatcher(ctx context.Context, watch Watch) (Watcher, error)

NewWatcher returns a new event watcher

func (*Reporter) Put 

func (s *Reporter) Put(ctx context.Context, i Item) (*Lease, error)

Put puts value into backend (creates if it does not exists, updates it otherwise)

func (*Reporter) Update 

func (s *Reporter) Update(ctx context.Context, i Item) (*Lease, error)

Update updates value in the backend

type ReporterConfig 

type ReporterConfig struct {
	// Backend is a backend to wrap
	Backend Backend
	// Component is a component name to report
	Component string
	// Number of the most recent backend requests to preserve for top requests
	// metric. Higher value means higher memory usage but fewer infrequent
	// requests forgotten.
	TopRequestsCount int
	// Tracer is used to create spans
	Tracer oteltrace.Tracer
}

ReporterConfig configures reporter wrapper

func (*ReporterConfig) CheckAndSetDefaults 

func (r *ReporterConfig) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets

type ReporterWatcher 

type ReporterWatcher struct {
	Watcher
	Component string
}

ReporterWatcher is a wrapper around backend watcher that reports events

func NewReporterWatcher 

func NewReporterWatcher(ctx context.Context, component string, w Watcher) *ReporterWatcher

NewReporterWatcher creates new reporter watcher instance

type RunWhileLockedConfig 

type RunWhileLockedConfig struct {
	// LockConfiguration is configuration for acquire lock.
	LockConfiguration

	// ReleaseCtxTimeout defines timeout used for calling lock.Release method (optional).
	ReleaseCtxTimeout time.Duration
	// RefreshLockInterval defines interval at which lock will be refreshed
	// if fn is still running (optional).
	RefreshLockInterval time.Duration
}

RunWhileLockedConfig is configuration for RunWhileLocked function.

func (*RunWhileLockedConfig) CheckAndSetDefaults 

func (c *RunWhileLockedConfig) CheckAndSetDefaults() error

type Sanitizer 

type Sanitizer struct {
	// contains filtered or unexported fields
}

Sanitizer wraps a Backend implementation to make sure all values requested of the backend are whitelisted.

func NewSanitizer 

func NewSanitizer(backend Backend) *Sanitizer

NewSanitizer returns a new Sanitizer.

func (*Sanitizer) Clock 

func (s *Sanitizer) Clock() clockwork.Clock

Clock returns clock used by this backend

func (*Sanitizer) Close 

func (s *Sanitizer) Close() error

Close releases the resources taken up by this backend

func (*Sanitizer) CloseWatchers 

func (s *Sanitizer) CloseWatchers()

CloseWatchers closes all the watchers without closing the backend

func (*Sanitizer) CompareAndSwap 

func (s *Sanitizer) CompareAndSwap(ctx context.Context, expected Item, replaceWith Item) (*Lease, error)

CompareAndSwap compares item with existing item and replaces is with replaceWith item

func (*Sanitizer) ConditionalDelete 

func (s *Sanitizer) ConditionalDelete(ctx context.Context, key []byte, revision string) error

ConditionalDelete deletes the item by key if the revision matches the stored revision.

func (*Sanitizer) ConditionalUpdate 

func (s *Sanitizer) ConditionalUpdate(ctx context.Context, i Item) (*Lease, error)

ConditionalUpdate updates the value in the backend if the revision of the Item matches the stored revision.

func (*Sanitizer) Create 

func (s *Sanitizer) Create(ctx context.Context, i Item) (*Lease, error)

Create creates item if it does not exist

func (*Sanitizer) Delete 

func (s *Sanitizer) Delete(ctx context.Context, key []byte) error

Delete deletes item by key

func (*Sanitizer) DeleteRange 

func (s *Sanitizer) DeleteRange(ctx context.Context, startKey []byte, endKey []byte) error

DeleteRange deletes range of items

func (*Sanitizer) Get 

func (s *Sanitizer) Get(ctx context.Context, key []byte) (*Item, error)

Get returns a single item or not found error

func (*Sanitizer) GetName 

func (s *Sanitizer) GetName() string

func (*Sanitizer) GetRange 

func (s *Sanitizer) GetRange(ctx context.Context, startKey []byte, endKey []byte, limit int) (*GetResult, error)

GetRange returns query range

func (*Sanitizer) KeepAlive 

func (s *Sanitizer) KeepAlive(ctx context.Context, lease Lease, expires time.Time) error

KeepAlive keeps object from expiring, updates lease on the existing object, expires contains the new expiry to set on the lease, some backends may ignore expires based on the implementation in case if the lease managed server side

func (*Sanitizer) NewWatcher 

func (s *Sanitizer) NewWatcher(ctx context.Context, watch Watch) (Watcher, error)

NewWatcher returns a new event watcher

func (*Sanitizer) Put 

func (s *Sanitizer) Put(ctx context.Context, i Item) (*Lease, error)

Put puts value into backend (creates if it does not exists, updates it otherwise)

func (*Sanitizer) Update 

func (s *Sanitizer) Update(ctx context.Context, i Item) (*Lease, error)

Update updates value in the backend

type Watch 

type Watch struct {
	// Name is a watch name set for debugging
	// purposes
	Name string
	// Prefixes specifies prefixes to watch,
	// passed to the backend implementation
	Prefixes [][]byte
	// QueueSize is an optional queue size
	QueueSize int
	// MetricComponent if set will start reporting
	// with a given component metric
	MetricComponent string
}

Watch specifies watcher parameters

func (*Watch) String 

func (w *Watch) String() string

String returns a user-friendly description of the watcher

type Watcher 

type Watcher interface {
	// Events returns channel with events
	Events() <-chan Event

	// Done returns the channel signaling the closure
	Done() <-chan struct{}

	// Close closes the watcher and releases
	// all associated resources
	Close() error
}

Watcher returns watcher

type Wrapper 

type Wrapper struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

Wrapper wraps a Backend implementation that can fail on demand.

func NewWrapper 

func NewWrapper(backend Backend) *Wrapper

NewWrapper returns a new Wrapper.

func (*Wrapper) Clock 

func (s *Wrapper) Clock() clockwork.Clock

Clock returns clock used by this backend

func (*Wrapper) Close 

func (s *Wrapper) Close() error

Close releases the resources taken up by this backend

func (*Wrapper) CloseWatchers 

func (s *Wrapper) CloseWatchers()

CloseWatchers closes all the watchers without closing the backend

func (*Wrapper) CompareAndSwap 

func (s *Wrapper) CompareAndSwap(ctx context.Context, expected Item, replaceWith Item) (*Lease, error)

CompareAndSwap compares item with existing item and replaces is with replaceWith item

func (*Wrapper) ConditionalDelete 

func (s *Wrapper) ConditionalDelete(ctx context.Context, key []byte, revision string) error

ConditionalDelete deletes item by key if revisions match.

func (*Wrapper) ConditionalUpdate 

func (s *Wrapper) ConditionalUpdate(ctx context.Context, i Item) (*Lease, error)

ConditionalUpdate updates value in the backend if revisions match.

func (*Wrapper) Create 

func (s *Wrapper) Create(ctx context.Context, i Item) (*Lease, error)

Create creates item if it does not exist

func (*Wrapper) Delete 

func (s *Wrapper) Delete(ctx context.Context, key []byte) error

Delete deletes item by key

func (*Wrapper) DeleteRange 

func (s *Wrapper) DeleteRange(ctx context.Context, startKey []byte, endKey []byte) error

DeleteRange deletes range of items

func (*Wrapper) Get 

func (s *Wrapper) Get(ctx context.Context, key []byte) (*Item, error)

Get returns a single item or not found error

func (*Wrapper) GetName 

func (s *Wrapper) GetName() string

func (*Wrapper) GetRange 

func (s *Wrapper) GetRange(ctx context.Context, startKey []byte, endKey []byte, limit int) (*GetResult, error)

GetRange returns query range

func (*Wrapper) GetReadError 

func (s *Wrapper) GetReadError() error

GetReadError returns error to be returned by read backend operations

func (*Wrapper) KeepAlive 

func (s *Wrapper) KeepAlive(ctx context.Context, lease Lease, expires time.Time) error

KeepAlive keeps object from expiring, updates lease on the existing object, expires contains the new expiry to set on the lease, some backends may ignore expires based on the implementation in case if the lease managed server side

func (*Wrapper) NewWatcher 

func (s *Wrapper) NewWatcher(ctx context.Context, watch Watch) (Watcher, error)

NewWatcher returns a new event watcher

func (*Wrapper) Put 

func (s *Wrapper) Put(ctx context.Context, i Item) (*Lease, error)

Put puts value into backend (creates if it does not exists, updates it otherwise)

func (*Wrapper) SetReadError 

func (s *Wrapper) SetReadError(err error)

SetReadError sets error to be returned by read backend operations

func (*Wrapper) Update 

func (s *Wrapper) Update(ctx context.Context, i Item) (*Lease, error)

Update updates value in the backend

Source Files

View all Source files

Directories

Path Synopsis
Package dynamo implements DynamoDB storage backend for Teleport auth service, similar to etcd backend.
 Package dynamo implements DynamoDB storage backend for Teleport auth service, similar to etcd backend.
Package etcdbk implements Etcd powered backend
 Package etcdbk implements Etcd powered backend
Package firestoreFirestoreBackend implements Firestore storage backend for Teleport auth service, similar to DynamoDB backend.
 Package firestoreFirestoreBackend implements Firestore storage backend for Teleport auth service, similar to DynamoDB backend.
Package kubernetes implements Kubernetes Secret backend used for persisting identity and state for agent's running in Kubernetes clusters.
 Package kubernetes implements Kubernetes Secret backend used for persisting identity and state for agent's running in Kubernetes clusters.
Package lite implements SQLite backend used for local persistent caches in proxies and nodes and for standalone auth service deployments.
 Package lite implements SQLite backend used for local persistent caches in proxies and nodes and for standalone auth service deployments.
Package memory implements backend interface using a combination of Minheap (to store expiring items) and B-Tree for storing sorted dictionary of items.
 Package memory implements backend interface using a combination of Minheap (to store expiring items) and B-Tree for storing sorted dictionary of items.
common
Package test contains a backend acceptance test suite that is backend implementation independent each backend will use the suite to test itself
 Package test contains a backend acceptance test suite that is backend implementation independent each backend will use the suite to test itself

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.