grafeas-rds

module

v0.0.2 Latest Latest Go to latest Published: Dec 29, 2022 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/theparanoids/grafeas-rds

Links

Open Source Insights

README ¶

grafeas-rds

AWS RDS backend for Grafeas. This library can periodically refresh the IAM authentication token which is used as the password to connect to an AWS RDS service.

Background

Grafeas supports pluggable storage backends, and AWS RDS can be one of the options. Furthermore, AWS RDS supports IAM-based authentication, which eliminates the needs to maintain a password, including storing it, fetching it from the application, and rotating it periodically, etc. However, the official documentation also states the following:

Each token has a lifetime of 15 minutes.

As a result, we need a mechanism to refresh the token, hence this project.

Install

This project is intended to be used as a library.

Import github.com/theparanoids/grafeas-rds/rds to use it.

Note that the Go version has to be >= 1.18 (see go.mod).

Usage

If the underlying database were PostgreSQL, the code would look like this:

import (
    "log"

    "github.com/theparanoids/grafeas-rds/go/v1beta1/storage"
    "github.com/grafeas/grafeas/go/v1beta1/storage"
    "github.com/lib/pq"
)

func main() {
    provider := rds.NewGrafeasStorageProvider(
        &pq.Driver{},
        YourCredentialsCreator{},
        YourStorageCreator{},
    )
    if err := storage.RegisterStorageTypeProvider("rds_postgres", provider.Provide); err != nil {
        log.Fatalf("Error registering rds pgsql provider, %s", err)
    }
    // Set up and start the Grafeas server...
}

Usage Notes

Currently the configuration passed to CredentialsCreator.Create contains only Athenz-related fields; we welcome contributions to add support for any other mechanism.
Regarding StorageCreator, we have an internal implementation to create a grafeas-pqsql storage given a custom driver.Connector, and are actively working on upstreaming it.

Configuration

A valid configuration file can be found here; it can be directly plugged into a configuration file for Grafeas server.

Some default values are also provided in config.go.

Contribute

Please refer to Contributing.md for information about how to get involved. We welcome issues, questions, and pull requests.

License

This project is licensed under the terms of the Apache 2.0 open source license. Please refer to LICENSE for the full terms.

Directories ¶

Path	Synopsis
go
config
v1beta1/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
v1beta1/storage

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

README ¶

grafeas-rds

Table of Contents

Background

Install

Usage

Usage Notes

Configuration

Contribute

License

Directories ¶