server

package
v1.24.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 3, 2023 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package server provides functionality so that other uses of sansshell can provide their own main.go without having to cargo-cult everything across for common use cases. i.e. simply adding your own authz hooks but using the standard modules. Or adding additional modules that are locally defined.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Run

func Run(ctx context.Context, opts ...Option)

Run takes the given context and RunState along with any authz hooks and starts up a sansshell proxy server using the flags above to provide credentials. An address hook (based on the remote host) with always be added. As this is intended to be called from main() it doesn't return errors and will instead exit on any errors.

Types

type Option added in v1.6.0

type Option interface {
	// contains filtered or unexported methods
}

func WithAuthzHook added in v1.6.0

func WithAuthzHook(hook rpcauth.RPCAuthzHook) Option

WithAuthzHook adds an additional authz hook to be applied to the server.

func WithClientPolicy added in v1.6.0

func WithClientPolicy(policy string) Option

WithClientPolicy appplies an optional OPA policy for determining outbound decisions.

func WithCredSource added in v1.6.0

func WithCredSource(credSource string) Option

WithCredSource applies a registered credential source with the mtls package.

func WithDebugPort added in v1.18.0

func WithDebugPort(addr string) Option

WithDebugPort opens an additional port for a http debug page.

This is meant for humans. The format of the debug pages may change over time.

func WithHostPort added in v1.6.0

func WithHostPort(hostport string) Option

WithHostport applies the host:port to run the server.

func WithJustification added in v1.6.0

func WithJustification(j bool) Option

WithJustification applies the justification param. Justification if true requires justification to be set in the incoming RPC context Metadata (to the key defined in the telemetry package).

func WithJustificationHook added in v1.6.0

func WithJustificationHook(hook func(string) error) Option

WithJustificationFunc applies a justification function. This function will be called if Justication is true and a justification entry is found. The supplied function can then do any validation it wants in order to ensure it's compliant.

func WithLogger added in v1.6.0

func WithLogger(l logr.Logger) Option

WithLogger applies a logger that is used for all logging. A discard based one is used if none is supplied.

func WithMetricsPort added in v1.19.1

func WithMetricsPort(addr string) Option

WithMetricsPort opens a HTTP endpoint for publishing metrics at the given addr

func WithMetricsRecorder added in v1.19.3

func WithMetricsRecorder(recorder metrics.MetricsRecorder) Option

WithMetricsRecorder enables metric instrumentations by inserting grpc metric interceptors and attaching recorder to the server runstate

func WithOtelTracing added in v1.18.4

func WithOtelTracing(interceptorOpts ...otelgrpc.Option) Option

WithOtelTracing adds the OpenTelemetry gRPC interceptors to all servers and clients. The interceptors collect and export tracing data for gRPC requests and responses

func WithParsedClientPolicy added in v1.19.2

func WithParsedClientPolicy(policy *opa.AuthzPolicy) Option

WithParsedClientPolicy appplies an optional OPA policy for determining outbound decisions.

func WithParsedPolicy added in v1.19.2

func WithParsedPolicy(policy *opa.AuthzPolicy) Option

WithParsedPolicy applies an already-parsed OPA policy used against incoming RPC requests.

func WithPolicy added in v1.6.0

func WithPolicy(policy string) Option

WithPolicy applies an OPA policy used against incoming RPC requests.

func WithRawServerOption added in v1.9.0

func WithRawServerOption(s func(*grpc.Server)) Option

WithRawServerOption allows one access to the RPC Server object. Generally this is done to add additional registration functions for RPC services to be done before starting the server.

func WithStreamClientInterceptor added in v1.6.0

func WithStreamClientInterceptor(i grpc.StreamClientInterceptor) Option

WithStreamClientInterceptor adds an additional stream client interceptor. These become any additional interceptors to be added to outbound streaming RPCs performed from this instance. They will be added after logging and authz checks.

func WithStreamInterceptor added in v1.6.0

func WithStreamInterceptor(i grpc.StreamServerInterceptor) Option

WithStreamInterceptor adds an additional stream server interceptor. These become any additional interceptors to be added to streaming RPCs served from this instance. They will be added after logging and authz checks.

func WithTlsConfig added in v1.14.1

func WithTlsConfig(tlsConfig *tls.Config) Option

WithTlsConfig applies a supplied tls.Config object to the gRPC server.

func WithUnaryClientInterceptor added in v1.6.0

func WithUnaryClientInterceptor(i grpc.UnaryClientInterceptor) Option

WithUnaryClientInterceptor adds an additional unary client interceptor. These become any additional interceptors to be added to outbound unary RPCs performed from this instance. They will be added after logging and authz checks.

func WithUnaryInterceptor added in v1.6.0

func WithUnaryInterceptor(i grpc.UnaryServerInterceptor) Option

WithUnaryInterceptor adds an additional unary server interceptor. These become any additional interceptors to be added to unary RPCs served from this instance. They will be added after logging and authz checks.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL