AttachWorkerIdToState accepts a workerId and creates a struct for use with the Nodeenrollment lib This is intended for use in worker authorization; AuthorizeNode in the lib accepts the option WithState so that the workerId is passed through to storage and associated with a WorkerAuth record.

FilterStorageBucketCredentialByDeleteAccess will return true if the delete state is missing or if the state is in an OK or UNKNOWN state.

FilterStorageBucketCredentialByReadAccess will return true if the read state is missing or if the state is in an OK or UNKNOWN state.

FilterStorageBucketCredentialByWriteAccess will return true if the write state is missing or if the state is in an OK or UNKNOWN state.

FilterWorkersByLocalStorageState filters the workers by their local storage state.

getOpts - iterate the inbound Options and return a struct.

IsManagedWorker indicates whether the given worker is managed.

ListWorkers will return a listing of Workers and honor the WithLimit option.

NewRepository creates a new server Repository.

NewRepositoryStorage creates a new WorkerAuthRepositoryStorage that implements the Storage interface.

NewWorker returns a new Worker.

NewWorkerIdFromScopeAndName generates a predictable public id based on the scope and the worker name.

ParsePermissionState converts the state type value into a string value.

ParseStateType converts the string value of a storage bucket credential state value and converts it into a integer type.

ReinitializeRoots is a domain service function that removes both root certificates and then calls RotateRoots to generate new root certificates.

RotateRoots is a domain service function that initiates a rotation of root certificates via a call to the nodenenrollment RotateRootCertificates function.

SeparateManagedWorkers divides the incoming workers into managed and unmanaged workers, respectively.

StoreNodeInformationTx stores NodeInformation.

TestKmsWorker inserts a worker into the db to satisfy foreign key constraints.

TestPkiWorker inserts a worker into the db to satisfy foreign key constraints.

ToPluginStorageBucket re-formats an storage bucket into the proto used for storage plugin requests.

WithActiveWorkers provides an optional filter to only include active workers.

WithAddress provides an optional address.

WithCreateControllerLedActivationToken provides an optional stop after count.

WithDescription provides an optional description.

WithDirectlyConnected provides an option to limit graph search to only directly connected workers.

WithFeature provides an option to specify a filter.

WithFetchNodeCredentialsRequest allows an optional FetchNodeCredentialsRequest to be specified.

WithLimit provides an option to provide a limit.

WithLiveness indicates how far back we want to search for server entries.

WithLocalStorageState provides an optional local storage state.

WithName provides an optional name.

WithNewIdFunc allows an optional factory function for new worker IDs to be specified (this option is likely only useful for tests).

WithOperationalState provides an optional operational state.

WithPublicId provides an optional public Id used for skipping one db call.

WithRelease version provides an optional release version.

WithRoot provides an optional root node.

WithStopAfter provides an optional stop after count.

WithTestPkiWorkerAuthorizedKeyId should only be used in tests.

WithTestUseInputTagsAsApiTags tells NewWorker to set the set of input tags as the api tags as well.

WithUpdateTags indicates that we should perform tag updates in the DB.

WithWorkerPool provides a slice of worker ids.

WithWorkerTags provides worker tags.

WithWorkerType allows specifying a particular type of worker (kms, pki) during lookup or listing.

The CertificateAuthority id will always be set to "roots".

DefaultLiveness is a default used for various timing parameters, such as grace period for status updates, server liveness, etc.

CertificateAuthority is a versioned entity used to lock the database when rotation RootCertificates.

Repository is the server database repository.

RootCertificate contains fields related to a RootCertificate resource This includes public/ private keys, the PEM encoded certificate, and the certificate validity period.

RootCertificateKeys contains the public and private keys for use in constructing a RootCertificate.

A Tag is a custom key/value pair which can be attached to a Worker.

A Worker is a server that provides an address which can be used to proxy session connections.

WorkerAuth contains all fields related to an authorized Worker resource This includes worker public keys, the controller encryption key, and certificate bundles issued by the Boundary CA.

WorkerAuthRepositoryStorage is the Worker Auth database repository.

WorkerAuthServerLedActivationToken contains an activation token for a worker.

WorkerAuthSet is intended to store a set of WorkerAuth records This set represents the current and previous WorkerAuth records for a worker.

WorkerCertBundle contains all fields related to a WorkerCertBundle resource This includes the serial number of the issuing CA, the worker id, and the certificate bundles issued by the CA.

WorkerKeys contain the signing and encryption keys for a WorkerAuth resource.

CertificateState defines the possible states for a workerauth certificate.

FilterStorageBucketCredentialStateFn is a function definition that is used to filter out workers that are considered to be in a unhealthy state.

Option - how Options are passed as arguments.

WorkerList is a helper type to make the selection of workers clearer and more declarative.