wasmv3

package
v1.36.4-20240515202123... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: unknown License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const PluginConfig_VmConfig_case case_PluginConfig_Vm = 3
View Source 
const PluginConfig_Vm_not_set_case case_PluginConfig_Vm = 0

Variables

View Source 
var File_envoy_extensions_wasm_v3_wasm_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type CapabilityRestrictionConfig 

type CapabilityRestrictionConfig struct {

	// The Proxy-Wasm capabilities which will be allowed. Capabilities are mapped by
	// name. The “SanitizationConfig“ which each capability maps to is currently unimplemented and ignored,
	// and so should be left empty.
	//
	// The capability names are given in the
	// `Proxy-Wasm ABI <https://github.com/proxy-wasm/spec/tree/master/abi-versions/vNEXT>`_.
	// Additionally, the following WASI capabilities from
	// `this list <https://github.com/WebAssembly/WASI/blob/master/phases/snapshot/docs.md#modules>`_
	// are implemented and can be allowed:
	// “fd_write“, “fd_read“, “fd_seek“, “fd_close“, “fd_fdstat_get“, “environ_get“, “environ_sizes_get“,
	// “args_get“, “args_sizes_get“, “proc_exit“, “clock_time_get“, “random_get“.
	AllowedCapabilities map[string]*SanitizationConfig `` /* 192-byte string literal not displayed */
	// contains filtered or unexported fields
}

Configuration for restricting Proxy-Wasm capabilities available to modules.

func (*CapabilityRestrictionConfig) GetAllowedCapabilities 

func (x *CapabilityRestrictionConfig) GetAllowedCapabilities() map[string]*SanitizationConfig

func (*CapabilityRestrictionConfig) ProtoMessage 

func (*CapabilityRestrictionConfig) ProtoMessage()

func (*CapabilityRestrictionConfig) ProtoReflect 

func (x *CapabilityRestrictionConfig) ProtoReflect() protoreflect.Message

func (*CapabilityRestrictionConfig) Reset 

func (x *CapabilityRestrictionConfig) Reset()

func (*CapabilityRestrictionConfig) SetAllowedCapabilities 

func (x *CapabilityRestrictionConfig) SetAllowedCapabilities(v map[string]*SanitizationConfig)

func (*CapabilityRestrictionConfig) String 

func (x *CapabilityRestrictionConfig) String() string

type CapabilityRestrictionConfig_builder 

type CapabilityRestrictionConfig_builder struct {

	// The Proxy-Wasm capabilities which will be allowed. Capabilities are mapped by
	// name. The “SanitizationConfig“ which each capability maps to is currently unimplemented and ignored,
	// and so should be left empty.
	//
	// The capability names are given in the
	// `Proxy-Wasm ABI <https://github.com/proxy-wasm/spec/tree/master/abi-versions/vNEXT>`_.
	// Additionally, the following WASI capabilities from
	// `this list <https://github.com/WebAssembly/WASI/blob/master/phases/snapshot/docs.md#modules>`_
	// are implemented and can be allowed:
	// “fd_write“, “fd_read“, “fd_seek“, “fd_close“, “fd_fdstat_get“, “environ_get“, “environ_sizes_get“,
	// “args_get“, “args_sizes_get“, “proc_exit“, “clock_time_get“, “random_get“.
	AllowedCapabilities map[string]*SanitizationConfig
	// contains filtered or unexported fields
}

func (CapabilityRestrictionConfig_builder) Build 

func (b0 CapabilityRestrictionConfig_builder) Build() *CapabilityRestrictionConfig

type EnvironmentVariables 

type EnvironmentVariables struct {

	// The keys of *Envoy's* environment variables exposed to this VM. In other words, if a key exists in Envoy's environment
	// variables, then that key-value pair will be injected. Note that if a key does not exist, it will be ignored.
	HostEnvKeys []string `protobuf:"bytes,1,rep,name=host_env_keys,json=hostEnvKeys,proto3" json:"host_env_keys,omitempty"`
	// Explicitly given key-value pairs to be injected to this VM in the form of "KEY=VALUE".
	KeyValues map[string]string `` /* 162-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*EnvironmentVariables) GetHostEnvKeys 

func (x *EnvironmentVariables) GetHostEnvKeys() []string

func (*EnvironmentVariables) GetKeyValues 

func (x *EnvironmentVariables) GetKeyValues() map[string]string

func (*EnvironmentVariables) ProtoMessage 

func (*EnvironmentVariables) ProtoMessage()

func (*EnvironmentVariables) ProtoReflect 

func (x *EnvironmentVariables) ProtoReflect() protoreflect.Message

func (*EnvironmentVariables) Reset 

func (x *EnvironmentVariables) Reset()

func (*EnvironmentVariables) SetHostEnvKeys 

func (x *EnvironmentVariables) SetHostEnvKeys(v []string)

func (*EnvironmentVariables) SetKeyValues 

func (x *EnvironmentVariables) SetKeyValues(v map[string]string)

func (*EnvironmentVariables) String 

func (x *EnvironmentVariables) String() string

type EnvironmentVariables_builder 

type EnvironmentVariables_builder struct {

	// The keys of *Envoy's* environment variables exposed to this VM. In other words, if a key exists in Envoy's environment
	// variables, then that key-value pair will be injected. Note that if a key does not exist, it will be ignored.
	HostEnvKeys []string
	// Explicitly given key-value pairs to be injected to this VM in the form of "KEY=VALUE".
	KeyValues map[string]string
	// contains filtered or unexported fields
}

func (EnvironmentVariables_builder) Build 

func (b0 EnvironmentVariables_builder) Build() *EnvironmentVariables

type PluginConfig 

type PluginConfig struct {

	// A unique name for a filters/services in a VM for use in identifying the filter/service if
	// multiple filters/services are handled by the same “vm_id“ and “root_id“ and for
	// logging/debugging.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts
	// if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all
	// filters/services with a blank root_id with the same “vm_id“ will share Context(s).
	RootId string `protobuf:"bytes,2,opt,name=root_id,json=rootId,proto3" json:"root_id,omitempty"`
	// Configuration for finding or starting VM.
	//
	// Types that are valid to be assigned to Vm:
	//
	//	*PluginConfig_VmConfig
	Vm isPluginConfig_Vm `protobuf_oneof:"vm"`
	// Filter/service configuration used to configure or reconfigure a plugin
	// (“proxy_on_configure“).
	// “google.protobuf.Struct“ is serialized as JSON before
	// passing it to the plugin. “google.protobuf.BytesValue“ and
	// “google.protobuf.StringValue“ are passed directly without the wrapper.
	Configuration *anypb.Any `protobuf:"bytes,4,opt,name=configuration,proto3" json:"configuration,omitempty"`
	// If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false),
	// then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error,
	// or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false
	// during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial
	// startup the proxy will not start.
	FailOpen bool `protobuf:"varint,5,opt,name=fail_open,json=failOpen,proto3" json:"fail_open,omitempty"`
	// Configuration for restricting Proxy-Wasm capabilities available to modules.
	CapabilityRestrictionConfig *CapabilityRestrictionConfig `` /* 144-byte string literal not displayed */
	// contains filtered or unexported fields
}

Base Configuration for Wasm Plugins e.g. filters and services. [#next-free-field: 7]

func (*PluginConfig) ClearCapabilityRestrictionConfig 

func (x *PluginConfig) ClearCapabilityRestrictionConfig()

func (*PluginConfig) ClearConfiguration 

func (x *PluginConfig) ClearConfiguration()

func (*PluginConfig) ClearVm 

func (x *PluginConfig) ClearVm()

func (*PluginConfig) ClearVmConfig 

func (x *PluginConfig) ClearVmConfig()

func (*PluginConfig) GetCapabilityRestrictionConfig 

func (x *PluginConfig) GetCapabilityRestrictionConfig() *CapabilityRestrictionConfig

func (*PluginConfig) GetConfiguration 

func (x *PluginConfig) GetConfiguration() *anypb.Any

func (*PluginConfig) GetFailOpen 

func (x *PluginConfig) GetFailOpen() bool

func (*PluginConfig) GetName 

func (x *PluginConfig) GetName() string

func (*PluginConfig) GetRootId 

func (x *PluginConfig) GetRootId() string

func (*PluginConfig) GetVm 

func (x *PluginConfig) GetVm() isPluginConfig_Vm

func (*PluginConfig) GetVmConfig 

func (x *PluginConfig) GetVmConfig() *VmConfig

func (*PluginConfig) HasCapabilityRestrictionConfig 

func (x *PluginConfig) HasCapabilityRestrictionConfig() bool

func (*PluginConfig) HasConfiguration 

func (x *PluginConfig) HasConfiguration() bool

func (*PluginConfig) HasVm 

func (x *PluginConfig) HasVm() bool

func (*PluginConfig) HasVmConfig 

func (x *PluginConfig) HasVmConfig() bool

func (*PluginConfig) ProtoMessage 

func (*PluginConfig) ProtoMessage()

func (*PluginConfig) ProtoReflect 

func (x *PluginConfig) ProtoReflect() protoreflect.Message

func (*PluginConfig) Reset 

func (x *PluginConfig) Reset()

func (*PluginConfig) SetCapabilityRestrictionConfig 

func (x *PluginConfig) SetCapabilityRestrictionConfig(v *CapabilityRestrictionConfig)

func (*PluginConfig) SetConfiguration 

func (x *PluginConfig) SetConfiguration(v *anypb.Any)

func (*PluginConfig) SetFailOpen 

func (x *PluginConfig) SetFailOpen(v bool)

func (*PluginConfig) SetName 

func (x *PluginConfig) SetName(v string)

func (*PluginConfig) SetRootId 

func (x *PluginConfig) SetRootId(v string)

func (*PluginConfig) SetVmConfig 

func (x *PluginConfig) SetVmConfig(v *VmConfig)

func (*PluginConfig) String 

func (x *PluginConfig) String() string

func (*PluginConfig) WhichVm 

func (x *PluginConfig) WhichVm() case_PluginConfig_Vm

type PluginConfig_VmConfig 

type PluginConfig_VmConfig struct {
	VmConfig *VmConfig `protobuf:"bytes,3,opt,name=vm_config,json=vmConfig,proto3,oneof"` // TODO: add referential VM configurations.
}

type PluginConfig_builder 

type PluginConfig_builder struct {

	// A unique name for a filters/services in a VM for use in identifying the filter/service if
	// multiple filters/services are handled by the same “vm_id“ and “root_id“ and for
	// logging/debugging.
	Name string
	// A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts
	// if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all
	// filters/services with a blank root_id with the same “vm_id“ will share Context(s).
	RootId string

	// Fields of oneof Vm:
	VmConfig *VmConfig
	// -- end of Vm
	// Filter/service configuration used to configure or reconfigure a plugin
	// (“proxy_on_configure“).
	// “google.protobuf.Struct“ is serialized as JSON before
	// passing it to the plugin. “google.protobuf.BytesValue“ and
	// “google.protobuf.StringValue“ are passed directly without the wrapper.
	Configuration *anypb.Any
	// If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false),
	// then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error,
	// or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false
	// during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial
	// startup the proxy will not start.
	FailOpen bool
	// Configuration for restricting Proxy-Wasm capabilities available to modules.
	CapabilityRestrictionConfig *CapabilityRestrictionConfig
	// contains filtered or unexported fields
}

func (PluginConfig_builder) Build 

func (b0 PluginConfig_builder) Build() *PluginConfig

type SanitizationConfig 

type SanitizationConfig struct {
	// contains filtered or unexported fields
}

Configuration for sanitization of inputs to an allowed capability.

NOTE: This is currently unimplemented.

func (*SanitizationConfig) ProtoMessage 

func (*SanitizationConfig) ProtoMessage()

func (*SanitizationConfig) ProtoReflect 

func (x *SanitizationConfig) ProtoReflect() protoreflect.Message

func (*SanitizationConfig) Reset 

func (x *SanitizationConfig) Reset()

func (*SanitizationConfig) String 

func (x *SanitizationConfig) String() string

type SanitizationConfig_builder 

type SanitizationConfig_builder struct {
	// contains filtered or unexported fields
}

func (SanitizationConfig_builder) Build 

func (b0 SanitizationConfig_builder) Build() *SanitizationConfig

type VmConfig 

type VmConfig struct {

	// An ID which will be used along with a hash of the wasm code (or the name of the registered Null
	// VM plugin) to determine which VM will be used for the plugin. All plugins which use the same
	// “vm_id“ and code will use the same VM. May be left blank. Sharing a VM between plugins can
	// reduce memory utilization and make sharing of data easier which may have security implications.
	// [#comment: TODO: add ref for details.]
	VmId string `protobuf:"bytes,1,opt,name=vm_id,json=vmId,proto3" json:"vm_id,omitempty"`
	// The Wasm runtime type, defaults to the first available Wasm engine used at Envoy build-time.
	// The priority to search for the available engine is: v8 -> wasmtime -> wamr.
	// Available Wasm runtime types are registered as extensions. The following runtimes are included
	// in Envoy code base:
	//
	// .. _extension_envoy.wasm.runtime.null:
	//
	// **envoy.wasm.runtime.null**: Null sandbox, the Wasm module must be compiled and linked into the
	// Envoy binary. The registered name is given in the “code“ field as “inline_string“.
	//
	// .. _extension_envoy.wasm.runtime.v8:
	//
	// **envoy.wasm.runtime.v8**: `V8 <https://v8.dev/>`_-based WebAssembly runtime.
	//
	// .. _extension_envoy.wasm.runtime.wamr:
	//
	// **envoy.wasm.runtime.wamr**: `WAMR <https://github.com/bytecodealliance/wasm-micro-runtime/>`_-based WebAssembly runtime.
	// This runtime is not enabled in the official build.
	//
	// .. _extension_envoy.wasm.runtime.wasmtime:
	//
	// **envoy.wasm.runtime.wasmtime**: `Wasmtime <https://wasmtime.dev/>`_-based WebAssembly runtime.
	// This runtime is not enabled in the official build.
	//
	// [#extension-category: envoy.wasm.runtime]
	Runtime string `protobuf:"bytes,2,opt,name=runtime,proto3" json:"runtime,omitempty"`
	// The Wasm code that Envoy will execute.
	Code *v3.AsyncDataSource `protobuf:"bytes,3,opt,name=code,proto3" json:"code,omitempty"`
	// The Wasm configuration used in initialization of a new VM
	// (proxy_on_start). “google.protobuf.Struct“ is serialized as JSON before
	// passing it to the plugin. “google.protobuf.BytesValue“ and
	// “google.protobuf.StringValue“ are passed directly without the wrapper.
	Configuration *anypb.Any `protobuf:"bytes,4,opt,name=configuration,proto3" json:"configuration,omitempty"`
	// Allow the wasm file to include pre-compiled code on VMs which support it.
	// Warning: this should only be enable for trusted sources as the precompiled code is not
	// verified.
	AllowPrecompiled bool `protobuf:"varint,5,opt,name=allow_precompiled,json=allowPrecompiled,proto3" json:"allow_precompiled,omitempty"`
	// If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration
	// update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter
	// warming state.
	NackOnCodeCacheMiss bool `protobuf:"varint,6,opt,name=nack_on_code_cache_miss,json=nackOnCodeCacheMiss,proto3" json:"nack_on_code_cache_miss,omitempty"`
	// Specifies environment variables to be injected to this VM which will be available through
	// WASI's “environ_get“ and “environ_get_sizes“ system calls. Note that these functions
	// are generally called implicitly by your language's standard library. Therefore, you do not
	// need to call them directly. You can access environment variables in the same way you would
	// on native platforms.
	// Warning: Envoy rejects the configuration if there's conflict of key space.
	EnvironmentVariables *EnvironmentVariables `protobuf:"bytes,7,opt,name=environment_variables,json=environmentVariables,proto3" json:"environment_variables,omitempty"`
	// contains filtered or unexported fields
}

Configuration for a Wasm VM. [#next-free-field: 8]

func (*VmConfig) ClearCode 

func (x *VmConfig) ClearCode()

func (*VmConfig) ClearConfiguration 

func (x *VmConfig) ClearConfiguration()

func (*VmConfig) ClearEnvironmentVariables 

func (x *VmConfig) ClearEnvironmentVariables()

func (*VmConfig) GetAllowPrecompiled 

func (x *VmConfig) GetAllowPrecompiled() bool

func (*VmConfig) GetCode 

func (x *VmConfig) GetCode() *v3.AsyncDataSource

func (*VmConfig) GetConfiguration 

func (x *VmConfig) GetConfiguration() *anypb.Any

func (*VmConfig) GetEnvironmentVariables 

func (x *VmConfig) GetEnvironmentVariables() *EnvironmentVariables

func (*VmConfig) GetNackOnCodeCacheMiss 

func (x *VmConfig) GetNackOnCodeCacheMiss() bool

func (*VmConfig) GetRuntime 

func (x *VmConfig) GetRuntime() string

func (*VmConfig) GetVmId 

func (x *VmConfig) GetVmId() string

func (*VmConfig) HasCode 

func (x *VmConfig) HasCode() bool

func (*VmConfig) HasConfiguration 

func (x *VmConfig) HasConfiguration() bool

func (*VmConfig) HasEnvironmentVariables 

func (x *VmConfig) HasEnvironmentVariables() bool

func (*VmConfig) ProtoMessage 

func (*VmConfig) ProtoMessage()

func (*VmConfig) ProtoReflect 

func (x *VmConfig) ProtoReflect() protoreflect.Message

func (*VmConfig) Reset 

func (x *VmConfig) Reset()

func (*VmConfig) SetAllowPrecompiled 

func (x *VmConfig) SetAllowPrecompiled(v bool)

func (*VmConfig) SetCode 

func (x *VmConfig) SetCode(v *v3.AsyncDataSource)

func (*VmConfig) SetConfiguration 

func (x *VmConfig) SetConfiguration(v *anypb.Any)

func (*VmConfig) SetEnvironmentVariables 

func (x *VmConfig) SetEnvironmentVariables(v *EnvironmentVariables)

func (*VmConfig) SetNackOnCodeCacheMiss 

func (x *VmConfig) SetNackOnCodeCacheMiss(v bool)

func (*VmConfig) SetRuntime 

func (x *VmConfig) SetRuntime(v string)

func (*VmConfig) SetVmId 

func (x *VmConfig) SetVmId(v string)

func (*VmConfig) String 

func (x *VmConfig) String() string

type VmConfig_builder 

type VmConfig_builder struct {

	// An ID which will be used along with a hash of the wasm code (or the name of the registered Null
	// VM plugin) to determine which VM will be used for the plugin. All plugins which use the same
	// “vm_id“ and code will use the same VM. May be left blank. Sharing a VM between plugins can
	// reduce memory utilization and make sharing of data easier which may have security implications.
	// [#comment: TODO: add ref for details.]
	VmId string
	// The Wasm runtime type, defaults to the first available Wasm engine used at Envoy build-time.
	// The priority to search for the available engine is: v8 -> wasmtime -> wamr.
	// Available Wasm runtime types are registered as extensions. The following runtimes are included
	// in Envoy code base:
	//
	// .. _extension_envoy.wasm.runtime.null:
	//
	// **envoy.wasm.runtime.null**: Null sandbox, the Wasm module must be compiled and linked into the
	// Envoy binary. The registered name is given in the “code“ field as “inline_string“.
	//
	// .. _extension_envoy.wasm.runtime.v8:
	//
	// **envoy.wasm.runtime.v8**: `V8 <https://v8.dev/>`_-based WebAssembly runtime.
	//
	// .. _extension_envoy.wasm.runtime.wamr:
	//
	// **envoy.wasm.runtime.wamr**: `WAMR <https://github.com/bytecodealliance/wasm-micro-runtime/>`_-based WebAssembly runtime.
	// This runtime is not enabled in the official build.
	//
	// .. _extension_envoy.wasm.runtime.wasmtime:
	//
	// **envoy.wasm.runtime.wasmtime**: `Wasmtime <https://wasmtime.dev/>`_-based WebAssembly runtime.
	// This runtime is not enabled in the official build.
	//
	// [#extension-category: envoy.wasm.runtime]
	Runtime string
	// The Wasm code that Envoy will execute.
	Code *v3.AsyncDataSource
	// The Wasm configuration used in initialization of a new VM
	// (proxy_on_start). “google.protobuf.Struct“ is serialized as JSON before
	// passing it to the plugin. “google.protobuf.BytesValue“ and
	// “google.protobuf.StringValue“ are passed directly without the wrapper.
	Configuration *anypb.Any
	// Allow the wasm file to include pre-compiled code on VMs which support it.
	// Warning: this should only be enable for trusted sources as the precompiled code is not
	// verified.
	AllowPrecompiled bool
	// If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration
	// update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter
	// warming state.
	NackOnCodeCacheMiss bool
	// Specifies environment variables to be injected to this VM which will be available through
	// WASI's “environ_get“ and “environ_get_sizes“ system calls. Note that these functions
	// are generally called implicitly by your language's standard library. Therefore, you do not
	// need to call them directly. You can access environment variables in the same way you would
	// on native platforms.
	// Warning: Envoy rejects the configuration if there's conflict of key space.
	EnvironmentVariables *EnvironmentVariables
	// contains filtered or unexported fields
}

func (VmConfig_builder) Build 

func (b0 VmConfig_builder) Build() *VmConfig

type WasmService 

type WasmService struct {

	// General plugin configuration.
	Config *PluginConfig `protobuf:"bytes,1,opt,name=config,proto3" json:"config,omitempty"`
	// If true, create a single VM rather than creating one VM per worker. Such a singleton can
	// not be used with filters.
	Singleton bool `protobuf:"varint,2,opt,name=singleton,proto3" json:"singleton,omitempty"`
	// contains filtered or unexported fields
}

WasmService is configured as a built-in “envoy.wasm_service“ :ref:`WasmService <config_wasm_service>` This opaque configuration will be used to create a Wasm Service.

func (*WasmService) ClearConfig 

func (x *WasmService) ClearConfig()

func (*WasmService) GetConfig 

func (x *WasmService) GetConfig() *PluginConfig

func (*WasmService) GetSingleton 

func (x *WasmService) GetSingleton() bool

func (*WasmService) HasConfig 

func (x *WasmService) HasConfig() bool

func (*WasmService) ProtoMessage 

func (*WasmService) ProtoMessage()

func (*WasmService) ProtoReflect 

func (x *WasmService) ProtoReflect() protoreflect.Message

func (*WasmService) Reset 

func (x *WasmService) Reset()

func (*WasmService) SetConfig 

func (x *WasmService) SetConfig(v *PluginConfig)

func (*WasmService) SetSingleton 

func (x *WasmService) SetSingleton(v bool)

func (*WasmService) String 

func (x *WasmService) String() string

type WasmService_builder 

type WasmService_builder struct {

	// General plugin configuration.
	Config *PluginConfig
	// If true, create a single VM rather than creating one VM per worker. Such a singleton can
	// not be used with filters.
	Singleton bool
	// contains filtered or unexported fields
}

func (WasmService_builder) Build 

func (b0 WasmService_builder) Build() *WasmService

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.