Documentation ¶
Overview ¶
Package server provides helpers for building and running a sansshell server.
Index ¶
- func BuildServer(opts ...Option) (*grpc.Server, error)
- func NewUnixPeerTransportCredentials() credentials.TransportCredentials
- func Serve(hostport string, opts ...Option) error
- func ServeUnix(socketPath string, socketConfigHook func(string) error, opts ...Option) error
- type Option
- func WithAuthzHook(hook rpcauth.RPCAuthzHook) Option
- func WithCredentials(c credentials.TransportCredentials) Option
- func WithInsecure() Option
- func WithLogger(l logr.Logger) Option
- func WithOnStartListener(h func(*grpc.Server)) Option
- func WithParsedPolicy(policy *opa.AuthzPolicy) Option
- func WithPolicy(policy string) Option
- func WithRawServerOption(s func(*grpc.Server)) Option
- func WithStatsHandler(h stats.Handler) Option
- func WithStreamInterceptor(stream grpc.StreamServerInterceptor) Option
- func WithUnaryInterceptor(unary grpc.UnaryServerInterceptor) Option
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildServer ¶
BuildServer creates a gRPC server, attaches the OPA policy interceptor with supplied args and then registers all of the imported SansShell modules. Separating this from Serve primarily facilitates testing.
func NewUnixPeerTransportCredentials ¶ added in v1.38.0
func NewUnixPeerTransportCredentials() credentials.TransportCredentials
NewUnixPeerCredentials returns a new TransportCredentials that disables transport security, but fetches the peer's credentials from the Unix domain socket.
Types ¶
type Option ¶ added in v1.6.0
type Option interface {
// contains filtered or unexported methods
}
func WithAuthzHook ¶ added in v1.6.0
func WithAuthzHook(hook rpcauth.RPCAuthzHook) Option
WithAuthzHook adds an authz hook which is checked by the installed authorizer.
func WithCredentials ¶ added in v1.6.0
func WithCredentials(c credentials.TransportCredentials) Option
WithCredentials applies credentials to be used by the RPC server.
func WithInsecure ¶ added in v1.36.0
func WithInsecure() Option
WithInsecure specifies that transport security should be disabled.
func WithLogger ¶ added in v1.6.0
WithLogger applies a logger that is used for all logging. A discard one is used if none is supplied.
func WithOnStartListener ¶ added in v1.36.0
WithOnStartListener adds a function to be called, in a goroutine, after the server has been created.
This is useful for testing.
func WithParsedPolicy ¶ added in v1.19.2
func WithParsedPolicy(policy *opa.AuthzPolicy) Option
WithParsedPolicy applies an already-parsed OPA policy used against incoming RPC requests.
func WithPolicy ¶ added in v1.6.0
WithPolicy applies an OPA policy used against incoming RPC requests.
func WithRawServerOption ¶ added in v1.9.0
WithRawServerOption allows one access to the RPC Server object. Generally this is done to add additional registration functions for RPC services to be done before starting the server.
func WithStatsHandler ¶ added in v1.27.0
WithStatsHandler adds a stats handler for telemetry.
func WithStreamInterceptor ¶ added in v1.6.0
func WithStreamInterceptor(stream grpc.StreamServerInterceptor) Option
WithStreamInterceptor adds an additional stream interceptor installed after telemetry and authz.
func WithUnaryInterceptor ¶ added in v1.6.0
func WithUnaryInterceptor(unary grpc.UnaryServerInterceptor) Option
WithUnaryInterceptor adds an additional unary interceptor installed after telemetry and authz.