Documentation ¶
Index ¶
- Variables
- func HasCapability(cap Capability) (bool, error)
- func HasProduct(p string) (bool, error)
- func RegisterCallback(f Callback) error
- func RegisterCapability(cap Capability) error
- func RegisterProduct(p string) error
- func Reset()
- func Start(config ClientConfig) error
- func Stop()
- func Subscribe(product string, callback ProductCallback, capabilities ...Capability) error
- func UnregisterCallback(f Callback) error
- func UnregisterCapability(cap Capability) error
- func UnregisterProduct(p string) error
- type Callback
- type Capability
- type Client
- type ClientConfig
- type ProductCallback
- type ProductUpdate
Constants ¶
This section is empty.
Variables ¶
var ErrClientNotStarted = errors.New("remote config client not started")
ErrClientNotStarted is returned when the remote config client is not started.
Functions ¶
func HasCapability ¶
func HasCapability(cap Capability) (bool, error)
HasCapability returns whether a given capability was registered
func HasProduct ¶
HasProduct returns whether a given product was registered
func RegisterCallback ¶
RegisterCallback allows registering a callback that will be invoked when the client receives configuration updates. It is up to that callback to then decide what to do depending on the product related to the configuration update.
func RegisterCapability ¶
func RegisterCapability(cap Capability) error
RegisterCapability adds a capability to the list of capabilities exposed by the client when requesting configuration updates
func RegisterProduct ¶
RegisterProduct adds a product to the list of products listened by the client
func Reset ¶
func Reset()
Reset destroys the client instance. To be used only in tests to reset the state of the client.
func Start ¶
func Start(config ClientConfig) error
Start starts the client's update poll loop in a fresh goroutine. Noop if the client has already started.
func Stop ¶
func Stop()
Stop stops the client's update poll loop. Noop if the client has already been stopped. The remote config client is supposed to have the same lifecycle as the tracer. It can't be restarted after a call to Stop() unless explicitly calling Reset().
func Subscribe ¶
func Subscribe(product string, callback ProductCallback, capabilities ...Capability) error
Subscribe registers a product and its callback to be invoked when the client receives configuration updates. Subscribe should be preferred over RegisterProduct and RegisterCallback if your callback only handles a single product.
func UnregisterCallback ¶
UnregisterCallback removes a previously registered callback from the active callbacks list This remove operation preserves ordering
func UnregisterCapability ¶
func UnregisterCapability(cap Capability) error
UnregisterCapability removes a capability from the list of capabilities exposed by the client when requesting configuration updates
func UnregisterProduct ¶
UnregisterProduct removes a product from the list of products listened by the client
Types ¶
type Callback ¶
type Callback func(updates map[string]ProductUpdate) map[string]rc.ApplyStatus
Callback represents a function that can process a remote config update. A Callback function can be registered to a remote config client to automatically react upon receiving updates. This function returns the configuration processing status for each config file received through the update.
type Capability ¶
type Capability uint
Capability represents a bit index to be set in clientData.Capabilites in order to register a client for a specific capability
const ( // ASMActivation represents the capability to activate ASM through remote configuration ASMActivation Capability // ASMIPBlocking represents the capability for ASM to block requests based on user IP ASMIPBlocking // ASMDDRules represents the capability to update the rules used by the ASM WAF for threat detection ASMDDRules // ASMExclusions represents the capability for ASM to exclude traffic from its protections ASMExclusions // ASMRequestBlocking represents the capability for ASM to block requests based on the HTTP request related WAF addresses ASMRequestBlocking // ASMResponseBlocking represents the capability for ASM to block requests based on the HTTP response related WAF addresses ASMResponseBlocking // ASMUserBlocking represents the capability for ASM to block requests based on user ID ASMUserBlocking // ASMCustomRules represents the capability for ASM to receive and use user-defined security rules ASMCustomRules // ASMCustomBlockingResponse represents the capability for ASM to receive and use user-defined blocking responses ASMCustomBlockingResponse // ASMTrustedIPs represents Trusted IPs through the ASM product ASMTrustedIPs // ASMApiSecuritySampleRate represents API Security sampling rate ASMApiSecuritySampleRate // APMTracingSampleRate represents the rate at which to sample traces from APM client libraries APMTracingSampleRate // APMTracingLogsInjection enables APM client libraries to inject trace ids into log records APMTracingLogsInjection // APMTracingHTTPHeaderTags enables APM client libraries to tag http header values to http server or client spans APMTracingHTTPHeaderTags // APMTracingCustomTags enables APM client to set custom tags on all spans APMTracingCustomTags // ASMProcessorOverrides adds support for processor overrides through the ASM RC Product ASMProcessorOverrides // ASMCustomDataScanners adds support for custom data scanners through the ASM RC Product ASMCustomDataScanners // ASMExclusionData adds support configurable exclusion filter data from the ASM_DATA Product ASMExclusionData // APMTracingEnabled enables APM tracing APMTracingEnabled // APMTracingDataStreamsEnabled enables Data Streams Monitoring APMTracingDataStreamsEnabled // ASMRASPSQLI enables ASM support for runtime protection against SQL Injection attacks ASMRASPSQLI // ASMRASPLFI enables ASM support for runtime protection against Local File Inclusion attacks ASMRASPLFI // ASMRASPSSRF enables ASM support for runtime protection against SSRF attacks ASMRASPSSRF // ASMRASPSHI enables ASM support for runtime protection against XSS attacks ASMRASPSHI // ASMRASPXXE enables ASM support for runtime protection against XXE attacks ASMRASPXXE // ASMRASPRCE enables ASM support for runtime protection against Remote Code Execution ASMRASPRCE // ASMRASPNOSQLI enables ASM support for runtime protection against NoSQL Injection attacks ASMRASPNOSQLI // ASMRASPXSS enables ASM support for runtime protection against Cross Site Scripting attacks ASMRASPXSS // APMTracingSampleRules represents the sampling rate using matching rules from APM client libraries APMTracingSampleRules // CSMActivation represents the capability to activate CSM through remote configuration CSMActivation // ASMAutoUserInstrumMode represents the capability to enable the automatic user instrumentation mode ASMAutoUserInstrumMode // ASMEndpointFingerprinting represents the capability to enable endpoint fingerprinting ASMEndpointFingerprinting // ASMSessionFingerprinting represents the capability to enable session fingerprinting ASMSessionFingerprinting // ASMNetworkFingerprinting represents the capability to enable network fingerprinting ASMNetworkFingerprinting // ASMHeaderFingerprinting represents the capability to enable header fingerprinting ASMHeaderFingerprinting // ASMTruncationRules is the support for truncation payload rules ASMTruncationRules )
type Client ¶
type Client struct { sync.RWMutex ClientConfig // contains filtered or unexported fields }
A Client interacts with an Agent to update and track the state of remote configuration
type ClientConfig ¶
type ClientConfig struct { // The address at which the agent is listening for remoteconfig update requests on AgentURL string // The semantic version of the user's application AppVersion string // The env this tracer is running in Env string // The time interval between two client polls to the agent for updates PollInterval time.Duration // The tracer's runtime id RuntimeID string // The name of the user's application ServiceName string // The semantic version of the tracer TracerVersion string // The base TUF root metadata file TUFRoot string // HTTP is the HTTP client used to receive config updates HTTP *http.Client }
ClientConfig contains the required values to configure a remoteconfig client
func DefaultClientConfig ¶
func DefaultClientConfig() ClientConfig
DefaultClientConfig returns the default remote config client configuration
type ProductCallback ¶
type ProductCallback func(update ProductUpdate) map[string]rc.ApplyStatus
ProductCallback is like Callback but for a specific product.
type ProductUpdate ¶
ProductUpdate represents an update for a specific product. It is a map of file path to raw file content