Package agent contains code related to agents.

Package api provides commmon functionality for the OTF API.

Package authenticator is responsible for handling the authentication of users with third party identity providers.

Package cli provides the CLI client, i.e.

Package configversion handles terraform configurations.

Package connections manages connections between VCS repositories and OTF resources, e.g.

Package daemon configures and starts the otfd daemon and its subsystems.

Package disco implements terraform's "remote service discovery protocol": https://developer.hashicorp.com/terraform/internals/v1.3.x/remote-service-discovery.

Package ghapphandler provides a handler for the github app webhook endpoint.

Package github provides github related code.

Package gitlab provides gitlab related code.

Package http provides an HTTP interface allowing HTTP clients to interact with otf.

Package inmem implements a layer of services in memory using purely Go constructs.

Package integration provides inter-service integration tests.

Package json provides helpers for the JSON encoding.

Package loginserver implements a "terraform login protocol" server: https://developer.hashicorp.com/terraform/internals/v1.3.x/login-protocol#client.

Package logr provides a logger that implements the logr interface.

Package logs handles log output from a run.

Package module is reponsible for registry modules.

Package notifications sends notifications for run state transitions and workspace events.

Package organization is responsible for OTF organizations.

Package pubsub provides cluster-wide publishing and subscribing of events.

Package rbac is concerned with authorization.

Package releases manages terraform releases.

Package repohooks manages webhooks for VCS events.

Package resource contains code common to all resources (orgs, workspaces, runs, etc).

Package run is responsible for OTF runs, the primary mechanism for executing terraform.

Package scheduler is responsible for the scheduling of runs.

Package semver wraps golang.org/x/mod/semver, relaxing the requirement for semantic versions to be prefixed with "v".

Package sql implements persistent storage using the postgres database.

Package state manages terraform state.

Package team manages teams, which are groups of users with shared privileges.

Package testbrowser provisions web browsers for tests.

Package testcompose provides interaction with a docker compose stack of services for testing purposes.

Package testutils provides test helpers.

Package tfeapi provides common functionality useful for implementation of the Hashicorp TFE/TFC API, which uses the json:api encoding.

Package tokens manages token authentication.

Package user manages user accounts and their team membership.

Package variable manages terraform workspace variables.

Package vcs handles version control system stuff.

Package vcsprovider is responsible for VCS providers.

Package workspace provides access to terraform workspaces.

AddSkipAuthz adds to the context an instruction to skip authorization.

AddSubjectToContext adds a subject to a context.

ConvertID converts an ID for use with a different resource, e.g.

CredentialEnv returns a host-specific environment variable credential for terraform.

CredentialEnvKey returns the environment variable key for an API token specific to the given hostname.

CurrentTimestamp is *the* way to get a current timestamps in OTF and time.Now() should be avoided.

Decrypt encrypted string using secret key.

DiffStrings returns the elements in `a` that aren't in `b`.

Encrypt plaintext using secret key.

Exists checks whether a file or directory at the given path exists.

FromStringCSV splits a comma-separated string into a slice of type T.

GenerateRandomString generates a random string composed of alphanumeric characters of length size.

GetID retrieves the ID field of a struct contained in s.

GetOutboundIP gets the preferred outbound IP address of this machine.

NewID constructs resource IDs, which are composed of the resource type and a random 16 character string, separated by a hyphen.

NewSafeMap constructs an empty SafeMap, with the given key and value types.

NewSigner constructs a signer for signing and verifying URLs.

NormalizeAddress takes a host:port and converts it into a host:port appropriate for setting as the addressable hostname of otfd, e.g.

Pack a directory into tarball (.tar.gz) and return its contents.

ParseBranchRef parses a git ref expecting it to be a reference to a branch.

ParseRef parses a git ref of the format refs/[tags|heads]/[name],.

ParseTagRef parses the tag from a git reference with the format refs/tags/<tag>.

RemoveBackendBlock is an HCL operation that removes terraform remote backend / cloud configuration.

RewriteHCL performs HCL surgery on a terraform module.

SafeAppend appends strings to a slice whilst ensuring the slice is not modified.

SkipAuthz determines whether the context contains an instruction to skip authorization.

SplitCSV splits a string with a comma delimited (a "comma-separated-value").

SSLCertsDir returns the directory containing CA certificates.

SubjectFromContext retrieves a subject from a context.

Unpack a .tar.gz byte stream to a directory.

ValidStringID checks if the given string pointer is non-nil and contains a typical string identifier.

VerifySignedURL is middleware that verifies signed URLs.

marks the end of logs for a phase.

marks the beginning of logs for a phase.

DefaultCacheTTL is the default TTL for cached objects.

ErrAccessNotPermitted is returned when an authorization check fails.

ErrConflict is returned when a requests attempts to either create a resource with an identifier that already exists, or if an invalid state transition is attempted.

ErrEmptyValue is returned when a value is set to an empty string.

ErrInvalidName is returned when the name option has invalid value.

Resource Errors.

ErrInvalidTerraformVersion is returned when a terraform version string is not a semantic version string (major.minor.patch).

ErrRequiredName is returned when a name option is not present.

ErrRequiredOrg is returned when the organization option is not present.

ErrResourceAlreadyExists is returned when attempting to create a resource that already exists.

ErrResourceNotFound is returned when a receiving a 404.

Resource Errors.

ErrTimeout is returned when a request exceeds a timeout.

ErrUnauthorized is returned when a receiving a 401.

ReStringID is a regular expression used to validate common string ID patterns.

Build-time parameters set -ldflags.

Nobody is a subject with no privileges.

SafeMap is a concurrency-safe map.

SiteAuthorizer authorizes access to site-wide actions.

Superuser is a subject with unlimited privileges.

WorkspacePermission binds a role to a team.

WorkspacePolicy binds workspace permissions to a workspace.

Authorizer is capable of granting or denying access to resources based on the subject contained within the context.

Cache is a key-value cache.

Handlers is an http application with handlers.

Signer cryptographically signs URLs with a limited lifespan.

Subject is an entity that carries out actions on resources.

Verifier verifies signed URLs.