mirror of https://github.com/hashicorp/boundary
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
259 lines
7.3 KiB
259 lines
7.3 KiB
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package base
|
|
|
|
import (
|
|
"github.com/hashicorp/boundary/internal/event"
|
|
"github.com/hashicorp/boundary/internal/iam"
|
|
"github.com/hashicorp/boundary/sdk/pbs/plugin"
|
|
wrapping "github.com/hashicorp/go-kms-wrapping/v2"
|
|
)
|
|
|
|
// GetOpts - iterate the inbound Options and return a struct.
|
|
func GetOpts(opt ...Option) Options {
|
|
opts := getDefaultOptions()
|
|
for _, o := range opt {
|
|
if o != nil {
|
|
o(&opts)
|
|
}
|
|
}
|
|
return opts
|
|
}
|
|
|
|
// Option - how Options are passed as arguments.
|
|
type Option func(*Options)
|
|
|
|
// Options - how Options are represented.
|
|
type Options struct {
|
|
withNoTokenScope bool
|
|
withNoTokenValue bool
|
|
withSkipDefaultRoleCreation bool
|
|
withSkipDatabaseDestruction bool
|
|
withSkipAuthMethodCreation bool
|
|
withSkipOidcAuthMethodCreation bool
|
|
withSkipLdapAuthMethodCreation bool
|
|
withSkipScopesCreation bool
|
|
withSkipHostResourcesCreation bool
|
|
withSkipTargetCreation bool
|
|
withContainerImage string
|
|
withDialect string
|
|
withDatabaseTemplate string
|
|
withEventerConfig *event.EventerConfig
|
|
withEventFlags *EventFlags
|
|
withEventWrapper wrapping.Wrapper
|
|
withAttributeFieldPrefix string
|
|
withStatusCode int
|
|
withHostPlugin func() (string, plugin.HostPluginServiceClient)
|
|
withEventGating bool
|
|
withImplicitId string
|
|
WithSkipScopeIdFlag bool
|
|
WithInterceptedToken *string
|
|
withAuthUserTargetAuthorizeSessionGrant bool
|
|
withIamOptions []iam.Option
|
|
}
|
|
|
|
func getDefaultOptions() Options {
|
|
return Options{
|
|
withContainerImage: "postgres",
|
|
withDialect: "postgres",
|
|
}
|
|
}
|
|
|
|
// WithNoTokenScope tells the client not to set a scope for the client from a
|
|
// saved token's scope, as this can cause confusing behavior at authentication
|
|
// time.
|
|
func WithNoTokenScope() Option {
|
|
return func(o *Options) {
|
|
o.withNoTokenScope = true
|
|
}
|
|
}
|
|
|
|
// WithSkipDatabaseDestruction tells the command not to destroy the database even on error.
|
|
func WithSkipDatabaseDestruction() Option {
|
|
return func(o *Options) {
|
|
o.withSkipDatabaseDestruction = true
|
|
}
|
|
}
|
|
|
|
// WithNoTokenValue tells the client not to set a token for the client from a
|
|
// saved token's value, as this can cause confusing behavior at authentication
|
|
// time.
|
|
func WithNoTokenValue() Option {
|
|
return func(o *Options) {
|
|
o.withNoTokenValue = true
|
|
}
|
|
}
|
|
|
|
// WithSkipDefaultRoleCreation tells the command not to instantiate the default
|
|
// global role
|
|
func WithSkipDefaultRoleCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipDefaultRoleCreation = true
|
|
}
|
|
}
|
|
|
|
// WithSkipAuthMethodCreation tells the command not to instantiate any auth
|
|
// method on first run.
|
|
func WithSkipAuthMethodCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipAuthMethodCreation = true
|
|
}
|
|
}
|
|
|
|
// WithSkipOidcAuthMethodCreation tells the command not to instantiate an OIDC auth
|
|
// method on first run, useful in some tests.
|
|
func WithSkipOidcAuthMethodCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipOidcAuthMethodCreation = true
|
|
}
|
|
}
|
|
|
|
// WithSkipLdapAuthMethodCreation tells the command not to instantiate an LDAP auth
|
|
// method on first run, useful in some tests.
|
|
func WithSkipLdapAuthMethodCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipLdapAuthMethodCreation = true
|
|
}
|
|
}
|
|
|
|
// WithSkipScopesCreation tells the command not to instantiate scopes on first
|
|
// run.
|
|
func WithSkipScopesCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipScopesCreation = true
|
|
}
|
|
}
|
|
|
|
// WithSkipHostResourcesCreation tells the command not to instantiate a host
|
|
// catalog and related resources on first run.
|
|
func WithSkipHostResourcesCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipHostResourcesCreation = true
|
|
}
|
|
}
|
|
|
|
// WithSkipTargetCreation tells the command not to instantiate a target on first
|
|
// run.
|
|
func WithSkipTargetCreation() Option {
|
|
return func(o *Options) {
|
|
o.withSkipTargetCreation = true
|
|
}
|
|
}
|
|
|
|
// WithContainerImage tells the command which container image
|
|
// to start a dev database with
|
|
func WithContainerImage(name string) Option {
|
|
return func(o *Options) {
|
|
o.withContainerImage = name
|
|
}
|
|
}
|
|
|
|
func withDialect(dialect string) Option {
|
|
return func(o *Options) {
|
|
o.withDialect = dialect
|
|
}
|
|
}
|
|
|
|
// WithEventer allows an optional eventer config
|
|
func WithEventerConfig(config *event.EventerConfig) Option {
|
|
return func(o *Options) {
|
|
o.withEventerConfig = config
|
|
}
|
|
}
|
|
|
|
// WithEventer allows an optional event configuration flags which override
|
|
// whatever is in the EventerConfig
|
|
func WithEventFlags(flags *EventFlags) Option {
|
|
return func(o *Options) {
|
|
o.withEventFlags = flags
|
|
}
|
|
}
|
|
|
|
func WithEventAuditWrapper(w wrapping.Wrapper) Option {
|
|
return func(o *Options) {
|
|
o.withEventWrapper = w
|
|
}
|
|
}
|
|
|
|
// WithAttributeFieldPrefix tells the command what prefix
|
|
// to attach to attribute fields when they are returned as errors.
|
|
func WithAttributeFieldPrefix(p string) Option {
|
|
return func(o *Options) {
|
|
o.withAttributeFieldPrefix = p
|
|
}
|
|
}
|
|
|
|
// WithStatusCode allows passing status codes to functions
|
|
func WithStatusCode(statusCode int) Option {
|
|
return func(o *Options) {
|
|
o.withStatusCode = statusCode
|
|
}
|
|
}
|
|
|
|
// WithDatabaseTemplate allows for using an existing database template for
|
|
// initializing the boundary database.
|
|
func WithDatabaseTemplate(template string) Option {
|
|
return func(o *Options) {
|
|
o.withDatabaseTemplate = template
|
|
}
|
|
}
|
|
|
|
// WithHostPlugin allows specifying a plugin ID and implementation to create at
|
|
// startup
|
|
func WithHostPlugin(pluginId string, plg plugin.HostPluginServiceClient) Option {
|
|
return func(o *Options) {
|
|
o.withHostPlugin = func() (string, plugin.HostPluginServiceClient) {
|
|
return pluginId, plg
|
|
}
|
|
}
|
|
}
|
|
|
|
// WithEventGating starts the eventer in gated mode
|
|
func WithEventGating(with bool) Option {
|
|
return func(o *Options) {
|
|
o.withEventGating = with
|
|
}
|
|
}
|
|
|
|
// WithImplicitId is used when creating the command if we are implicitly
|
|
// overriding the ID via a top-level read/update/delete command
|
|
func WithImplicitId(with string) Option {
|
|
return func(o *Options) {
|
|
o.withImplicitId = with
|
|
}
|
|
}
|
|
|
|
// WithSkipScopeIdFlag tells a command to not create a scope ID flag (usually
|
|
// because it's already been defined)
|
|
func WithSkipScopeIdFlag(with bool) Option {
|
|
return func(o *Options) {
|
|
o.WithSkipScopeIdFlag = with
|
|
}
|
|
}
|
|
|
|
// WithInterceptedToken provides a string pointer that will have the token
|
|
// assigned to it when performing an authenticate command.
|
|
func WithInterceptedToken(s *string) Option {
|
|
return func(o *Options) {
|
|
o.WithInterceptedToken = s
|
|
}
|
|
}
|
|
|
|
// WithAuthUserTargetAuthorizeSessionGrant indicates that we should add an
|
|
// authorize-session grant to the global authenticated user role. This is the
|
|
// default for dev mode.
|
|
func WithAuthUserTargetAuthorizeSessionGrant(with bool) Option {
|
|
return func(o *Options) {
|
|
o.withAuthUserTargetAuthorizeSessionGrant = with
|
|
}
|
|
}
|
|
|
|
// WithIamOptions provides options to pass through to the IAM package when
|
|
// creating initial resources
|
|
func WithIamOptions(with ...iam.Option) Option {
|
|
return func(o *Options) {
|
|
o.withIamOptions = with
|
|
}
|
|
}
|