Documentation ¶
Index ¶
- Constants
- Variables
- type APMSamplingConfig
- type APMTracingConfig
- type ASMDataConfig
- type ASMDataRuleData
- type ASMDataRuleDataEntry
- type ASMDataRulesData
- type ASMFeaturesConfig
- type ASMFeaturesData
- type ApplyState
- type ApplyStatus
- type CachedFile
- type ConfigASM
- type ConfigASMDD
- type ConfigCWSCustom
- type ConfigCWSDD
- type ConfigCWSProfiles
- type ConfigState
- type Metadata
- type Repository
- func (r *Repository) APMConfigs() map[string]APMSamplingConfig
- func (r *Repository) APMTracingConfigs() map[string]APMTracingConfig
- func (r *Repository) ASMConfigs() map[string]ConfigASM
- func (r *Repository) ASMDDConfigs() map[string]ConfigASMDD
- func (r *Repository) ASMDataConfigs() map[string]ASMDataConfig
- func (r *Repository) ASMFeaturesConfigs() map[string]ASMFeaturesConfig
- func (r *Repository) CWSCustomConfigs() map[string]ConfigCWSCustom
- func (r *Repository) CWSDDConfigs() map[string]ConfigCWSDD
- func (r *Repository) CWSProfilesConfigs() map[string]ConfigCWSProfiles
- func (r *Repository) CurrentState() (RepositoryState, error)
- func (r *Repository) Update(update Update) ([]string, error)
- func (r *Repository) UpdateApplyStatus(cfgPath string, status ApplyStatus)
- type RepositoryState
- type Update
Constants ¶
const ( // ProductAPMSampling is the apm sampling product ProductAPMSampling = "APM_SAMPLING" // ProductCWSDD is the cloud workload security product managed by datadog employees ProductCWSDD = "CWS_DD" // ProductCWSCustom is the cloud workload security product managed by datadog customers ProductCWSCustom = "CWS_CUSTOM" // ProductCWSProfile is the cloud workload security profile product ProductCWSProfiles = "CWS_SECURITY_PROFILES" // ProductASM is the ASM product used by customers to issue rules configurations ProductASM = "ASM" // ProductASMFeatures is the ASM product used form ASM activation through remote config ProductASMFeatures = "ASM_FEATURES" // ProductASMDD is the application security monitoring product managed by datadog employees ProductASMDD = "ASM_DD" // ProductASMData is the ASM product used to configure WAF rules data ProductASMData = "ASM_DATA" // ProductAPMTracing is the apm tracing product ProductAPMTracing = "APM_TRACING" )
Variables ¶
var ( // ErrMalformedEmbeddedRoot occurs when the TUF root provided is invalid ErrMalformedEmbeddedRoot = errors.New("malformed embedded TUF root file provided") )
var ErrNoConfigVersion = errors.New("version missing in custom file meta")
ErrNoConfigVersion occurs when a target file's custom meta is missing the config version
Functions ¶
This section is empty.
Types ¶
type APMSamplingConfig ¶
APMSamplingConfig is a deserialized APM Sampling configuration file along with its associated remote config metadata.
type APMTracingConfig ¶ added in v0.43.0
type ASMDataConfig ¶ added in v0.42.0
type ASMDataConfig struct { Config ASMDataRulesData Metadata Metadata }
ASMDataConfig is a deserialized configuration file that holds rules data that can be used by the ASM WAF for specific features (example: ip blocking).
type ASMDataRuleData ¶ added in v0.42.0
type ASMDataRuleData struct { ID string `json:"id"` Type string `json:"type"` Data []ASMDataRuleDataEntry `json:"data"` }
ASMDataRuleData is an entry in the rules data list held by an ASMData configuration
type ASMDataRuleDataEntry ¶ added in v0.42.0
type ASMDataRuleDataEntry struct { Expiration int64 `json:"expiration,omitempty"` Value string `json:"value"` }
ASMDataRuleDataEntry represents a data entry in a rule data file
type ASMDataRulesData ¶ added in v0.42.0
type ASMDataRulesData struct {
RulesData []ASMDataRuleData `json:"rules_data"`
}
ASMDataRulesData is a serializable array of rules data entries
type ASMFeaturesConfig ¶ added in v0.41.0
type ASMFeaturesConfig struct { Config ASMFeaturesData Metadata Metadata }
ASMFeaturesConfig is a deserialized configuration file that indicates whether ASM should be enabled within a tracer, along with its associated remote config metadata.
type ASMFeaturesData ¶ added in v0.41.0
type ASMFeaturesData struct { ASM struct { Enabled bool `json:"enabled"` } `json:"asm"` }
ASMFeaturesData describes the enabled state of ASM features
type ApplyState ¶ added in v0.41.0
type ApplyState uint64
ApplyState represents the status of a configuration application by a remote configuration client Clients need to either ack the correct application of received configurations, or communicate that they haven't applied it yet, or communicate any error that may have happened while doing so
const ( ApplyStateUnknown ApplyState = iota ApplyStateUnacknowledged ApplyStateAcknowledged ApplyStateError )
type ApplyStatus ¶ added in v0.41.0
type ApplyStatus struct { State ApplyState Error string }
ApplyStatus is the processing status for a given configuration. It basically represents whether a config was successfully processed and apply, or if an error occurred
type CachedFile ¶
CachedFile describes a cached file stored by the agent client
Note: You may be wondering why this exists when `ConfigState` exists as well. The API for requesting updates does not mandate that a client cache config files. This implementation just happens to do so.
type ConfigASM ¶ added in v0.45.0
ConfigASM is a deserialized ASM configuration file along with its associated remote config metadata
type ConfigASMDD ¶
ConfigASMDD is a deserialized ASM DD configuration file along with its associated remote config metadata
type ConfigCWSCustom ¶ added in v0.43.0
ConfigCWSCustom is a deserialized CWS Custom configuration file along with its associated remote config metadata
type ConfigCWSDD ¶
ConfigCWSDD is a deserialized CWS DD configuration file along with its associated remote config metadata
type ConfigCWSProfiles ¶ added in v0.46.0
ConfigCWSProfiles is a deserialized CWS Profile configuration file along with its associated remote config metadata
type ConfigState ¶
type ConfigState struct { Product string ID string Version uint64 ApplyStatus ApplyStatus }
ConfigState describes an applied config by the agent client.
type Metadata ¶
type Metadata struct { Product string ID string Name string Version uint64 RawLength uint64 Hashes map[string][]byte ApplyStatus ApplyStatus }
Metadata stores remote config metadata for a given configuration
type Repository ¶
type Repository struct {
// contains filtered or unexported fields
}
Repository is a remote config client used in a downstream process to retrieve remote config updates from an Agent.
func NewRepository ¶
func NewRepository(embeddedRoot []byte) (*Repository, error)
NewRepository creates a new remote config repository that will track both TUF metadata and raw config files for a client.
func NewUnverifiedRepository ¶ added in v0.41.0
func NewUnverifiedRepository() (*Repository, error)
NewUnverifiedRepository creates a new remote config repository that will track config files for a client WITHOUT verifying any TUF related metadata.
When creating this we pretend we have a root version of 1, as the backend expects to not have to send the initial "embedded" root.
func (*Repository) APMConfigs ¶
func (r *Repository) APMConfigs() map[string]APMSamplingConfig
APMConfigs returns the currently active APM configs
func (*Repository) APMTracingConfigs ¶ added in v0.43.0
func (r *Repository) APMTracingConfigs() map[string]APMTracingConfig
APMTracingConfigs returns the currently active APMTracing configs
func (*Repository) ASMConfigs ¶ added in v0.45.0
func (r *Repository) ASMConfigs() map[string]ConfigASM
ASMConfigs returns the currently active ASM configs
func (*Repository) ASMDDConfigs ¶
func (r *Repository) ASMDDConfigs() map[string]ConfigASMDD
ASMDDConfigs returns the currently active ASMDD configs
func (*Repository) ASMDataConfigs ¶ added in v0.42.0
func (r *Repository) ASMDataConfigs() map[string]ASMDataConfig
ASMDataConfigs returns the currently active ASMData configs
func (*Repository) ASMFeaturesConfigs ¶ added in v0.41.0
func (r *Repository) ASMFeaturesConfigs() map[string]ASMFeaturesConfig
ASMFeaturesConfigs returns the currently active ASMFeatures configs
func (*Repository) CWSCustomConfigs ¶ added in v0.43.0
func (r *Repository) CWSCustomConfigs() map[string]ConfigCWSCustom
CWSCustomConfigs returns the currently active CWSCustom config files
func (*Repository) CWSDDConfigs ¶
func (r *Repository) CWSDDConfigs() map[string]ConfigCWSDD
CWSDDConfigs returns the currently active CWSDD config files
func (*Repository) CWSProfilesConfigs ¶ added in v0.46.0
func (r *Repository) CWSProfilesConfigs() map[string]ConfigCWSProfiles
CWSProfilesConfigs returns the currently active CWSProfiles config files
func (*Repository) CurrentState ¶
func (r *Repository) CurrentState() (RepositoryState, error)
CurrentState returns all of the information needed to make an update for new configurations.
func (*Repository) Update ¶
func (r *Repository) Update(update Update) ([]string, error)
Update processes the ClientGetConfigsResponse from the Agent and updates the configuration state
func (*Repository) UpdateApplyStatus ¶ added in v0.41.0
func (r *Repository) UpdateApplyStatus(cfgPath string, status ApplyStatus)
UpdateApplyStatus updates the config's metadata to reflect its processing state Can be used after a call to Update() in order to tell the repository which config was acked, which wasn't and which errors occurred while processing. Note: it is the responsibility of the caller to ensure that no new Update() call was made between the first Update() call and the call to UpdateApplyStatus() so as to keep the repository state accurate.
type RepositoryState ¶
type RepositoryState struct { Configs []ConfigState CachedFiles []CachedFile TargetsVersion int64 RootsVersion int64 OpaqueBackendState []byte }
RepositoryState contains all of the information about the current config files stored by the client to be able to make an update request to an Agent
type Update ¶
type Update struct { // TUFRoots contains, in order, updated roots that this repository needs to keep up with TUF validation TUFRoots [][]byte // TUFTargets is the latest TUF Targets file and is used to validate raw config files TUFTargets []byte // TargetFiles stores the raw config files by their full TUF path TargetFiles map[string][]byte // ClientcConfigs is a list of TUF path's corresponding to config files designated for this repository ClientConfigs []string }
An Update contains all the data needed to update a client's remote config repository state