Documentation
¶
Index ¶
Constants ¶
const ( // ProdDiscoveryAPIBaseURL is the base URL for the production CyberArk Service Discovery API ProdDiscoveryAPIBaseURL = "https://platform-discovery.cyberark.cloud/" // IdentityServiceName is the name of the identity service we're looking for in responses from the Service Discovery API // We were told to use the identity_administration field, not the identity_user_portal field. IdentityServiceName = "identity_administration" // DiscoveryContextServiceName is the name of the discovery and context API // in responses from the Service Discovery API. DiscoveryContextServiceName = "discoverycontext" )
const (
// MockDiscoverySubdomain is the subdomain for which the MockDiscoveryServer will return a success response
MockDiscoverySubdomain = "tlskp-test"
)
Variables ¶
This section is empty.
Functions ¶
func MockDiscoveryServer ¶
MockDiscoveryServer starts a mocked CyberArk service discovery server and returns an HTTP client with the CA certs needed to connect to it.
The URL of the mock server is set in the `ARK_DISCOVERY_API` environment variable, so any code using the `servicediscovery.Client` will use this mock server.
The mock server will return a successful response when the subdomain is `MockDiscoverySubdomain`, and the API URLs in the response will match those supplied in `services`. Other subdomains, can be used to trigger various failure responses.
The returned HTTP client has a transport which logs requests and responses depending on log level of the logger supplied in the context.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a Golang client for interacting with the CyberArk Discovery Service. It allows users to fetch URLs for various APIs available in CyberArk. This client is specialised to fetch only API endpoints, since only API endpoints are required by the Venafi Kubernetes Agent currently.
type DiscoveryResponse ¶
type DiscoveryResponse struct {
Region string `json:"region"`
DRRegion string `json:"dr_region"`
Subdomain string `json:"subdomain"`
TenantID string `json:"tenant_id"`
PlatformID string `json:"platform_id"`
IdentityID string `json:"identity_id"`
DefaultURL string `json:"default_url"`
TenantFlags map[string]interface{} `json:"tenant_flags"`
Services []Service `json:"services"`
}
DiscoveryResponse represents the full JSON response returned by the CyberArk api/tenant-discovery/public API The API is documented here https://ca-il-confluence.il.cyber-ark.com/spaces/EV/pages/575618345/Updated+PD+APIs+doc
type Service ¶
type Service struct {
ServiceName string `json:"service_name"`
ServiceSubdomains []string `json:"service_subdomains"`
Region string `json:"region"`
Endpoints []ServiceEndpoint `json:"endpoints"`
}
type ServiceEndpoint ¶
type ServiceEndpoint struct {
IsActive bool `json:"is_active"`
Type string `json:"type"`
UI string `json:"ui"`
API string `json:"api"`
}
ServiceEndpoint represents a single service endpoint returned by the CyberArk Service Discovery API. The JSON field names here must match the field names returned by the Service Discovery API.
type Services ¶
type Services struct {
Identity ServiceEndpoint
DiscoveryContext ServiceEndpoint
}
This is a convenience struct to hold the two ServiceEndpoints we care about. Currently, we only care about the Identity API and the Discovery Context API.
Source Files