v1alpha1

package
v0.0.0-...-2c1c132 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

deprecated

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidLengthDubboAuthorizationPolicy        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowDubboAuthorizationPolicy          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupDubboAuthorizationPolicy = fmt.Errorf("proto: unexpected end of group")
)
View Source 
var (
	DubboAuthorizationPolicyMarshaler   = &github_com_gogo_protobuf_jsonpb.Marshaler{}
	DubboAuthorizationPolicyUnmarshaler = &github_com_gogo_protobuf_jsonpb.Unmarshaler{AllowUnknownFields: true}
)
View Source 
var DubboAuthorizationPolicy_Action_name = map[int32]string{
	0: "ALLOW",
	1: "DENY",
}
View Source 
var DubboAuthorizationPolicy_Action_value = map[string]int32{
	"ALLOW": 0,
	"DENY":  1,
}

Functions

This section is empty.

Types

type DubboAuthorizationPolicy 

type DubboAuthorizationPolicy struct {
	// Optional. A list of rules to match the request. A match occurs when at least
	// one rule matches the request.
	//
	// If not set, the match will never occur. This is equivalent to setting a
	// default of deny for the target workloads.
	Rules []*Rule `protobuf:"bytes,2,rep,name=rules,proto3" json:"rules,omitempty"`
	// Optional. The action to take if the request is matched with the rules.
	Action               DubboAuthorizationPolicy_Action `` /* 128-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                        `json:"-"`
	XXX_unrecognized     []byte                          `json:"-"`
	XXX_sizecache        int32                           `json:"-"`
}

DubboAuthorizationPolicy enables access control on Dubbo services.

<!-- crd generation tags +cue-gen:DubboAuthorizationPolicy:groupName:dubbo.aeraki.io +cue-gen:DubboAuthorizationPolicy:version:v1alpha1 +cue-gen:DubboAuthorizationPolicy:storageVersion +cue-gen:DubboAuthorizationPolicy:annotations:helm.sh/resource-policy=keep +cue-gen:DubboAuthorizationPolicy:labels:app=aeraki,chart=aeraki,heritage=Tiller,release=aeraki +cue-gen:DubboAuthorizationPolicy:subresource:status +cue-gen:DubboAuthorizationPolicy:scope:Namespaced +cue-gen:DubboAuthorizationPolicy:resource:categories=aeraki-io,dubbo-aeraki-io,plural=dubboauthorizationpolicies,shortNames=dap +cue-gen:DubboAuthorizationPolicy:preserveUnknownFields:false -->

<!-- go code generation tags +kubetype-gen +kubetype-gen:groupVersion=dubbo.aeraki.io/v1alpha1 +genclient +k8s:deepcopy-gen=true -->

func (*DubboAuthorizationPolicy) DeepCopy 

func (in *DubboAuthorizationPolicy) DeepCopy() *DubboAuthorizationPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DubboAuthorizationPolicy. Required by controller-gen.

func (*DubboAuthorizationPolicy) DeepCopyInterface 

func (in *DubboAuthorizationPolicy) DeepCopyInterface() interface{}

DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new DubboAuthorizationPolicy. Required by controller-gen.

func (*DubboAuthorizationPolicy) DeepCopyInto 

func (in *DubboAuthorizationPolicy) DeepCopyInto(out *DubboAuthorizationPolicy)

DeepCopyInto supports using DubboAuthorizationPolicy within kubernetes types, where deepcopy-gen is used.

func (*DubboAuthorizationPolicy) Descriptor 

func (*DubboAuthorizationPolicy) Descriptor() ([]byte, []int)

func (*DubboAuthorizationPolicy) GetAction 

func (m *DubboAuthorizationPolicy) GetAction() DubboAuthorizationPolicy_Action

func (*DubboAuthorizationPolicy) GetRules 

func (m *DubboAuthorizationPolicy) GetRules() []*Rule

func (*DubboAuthorizationPolicy) Marshal 

func (m *DubboAuthorizationPolicy) Marshal() (dAtA []byte, err error)

func (*DubboAuthorizationPolicy) MarshalJSON 

func (this *DubboAuthorizationPolicy) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for DubboAuthorizationPolicy

func (*DubboAuthorizationPolicy) MarshalTo 

func (m *DubboAuthorizationPolicy) MarshalTo(dAtA []byte) (int, error)

func (*DubboAuthorizationPolicy) MarshalToSizedBuffer 

func (m *DubboAuthorizationPolicy) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*DubboAuthorizationPolicy) ProtoMessage 

func (*DubboAuthorizationPolicy) ProtoMessage()

func (*DubboAuthorizationPolicy) Reset 

func (m *DubboAuthorizationPolicy) Reset()

func (*DubboAuthorizationPolicy) Size 

func (m *DubboAuthorizationPolicy) Size() (n int)

func (*DubboAuthorizationPolicy) String 

func (m *DubboAuthorizationPolicy) String() string

func (*DubboAuthorizationPolicy) Unmarshal 

func (m *DubboAuthorizationPolicy) Unmarshal(dAtA []byte) error

func (*DubboAuthorizationPolicy) UnmarshalJSON 

func (this *DubboAuthorizationPolicy) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for DubboAuthorizationPolicy

func (*DubboAuthorizationPolicy) XXX_DiscardUnknown 

func (m *DubboAuthorizationPolicy) XXX_DiscardUnknown()

func (*DubboAuthorizationPolicy) XXX_Marshal 

func (m *DubboAuthorizationPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DubboAuthorizationPolicy) XXX_Merge 

func (m *DubboAuthorizationPolicy) XXX_Merge(src proto.Message)

func (*DubboAuthorizationPolicy) XXX_Size 

func (m *DubboAuthorizationPolicy) XXX_Size() int

func (*DubboAuthorizationPolicy) XXX_Unmarshal 

func (m *DubboAuthorizationPolicy) XXX_Unmarshal(b []byte) error

type DubboAuthorizationPolicy_Action 

type DubboAuthorizationPolicy_Action int32

Action specifies the operation to take. 

const (
	// Allow a request only if it matches the rules. This is the default type.
	DubboAuthorizationPolicy_ALLOW DubboAuthorizationPolicy_Action = 0
	// Deny a request if it matches any of the rules.
	DubboAuthorizationPolicy_DENY DubboAuthorizationPolicy_Action = 1
)

func (DubboAuthorizationPolicy_Action) EnumDescriptor 

func (DubboAuthorizationPolicy_Action) EnumDescriptor() ([]byte, []int)

func (DubboAuthorizationPolicy_Action) String 

func (x DubboAuthorizationPolicy_Action) String() string

type Operation 

type Operation struct {
	// Optional. A list of interfaces, which matches to the Dubbo interface.
	//
	// If not set, any interfaces is allowed.
	Interfaces []string `protobuf:"bytes,1,rep,name=interfaces,proto3" json:"interfaces,omitempty"`
	// Optional. A list of negative match of interfaces.
	NotInterfaces []string `protobuf:"bytes,5,rep,name=not_interfaces,json=notInterfaces,proto3" json:"not_interfaces,omitempty"`
	// Optional. A list of methods, which matches to the Dubbo methods.
	//
	// If not set, any method is allowed.
	Methods []string `protobuf:"bytes,3,rep,name=methods,proto3" json:"methods,omitempty"`
	// Optional. A list of negative match of methods.
	NotMethods           []string `protobuf:"bytes,7,rep,name=not_methods,json=notMethods,proto3" json:"not_methods,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Operation specifies the operations of a request. Fields in the operation are ANDed together.

For example, the following operation matches if the Dubbo interface is "org.apache.dubbo.samples.basic.api.DemoService" and the method is "sayHello".

```yaml interfaces: ["org.apache.dubbo.samples.basic.api.DemoService"] methods: ["sayHello"] ```

func (*Operation) DeepCopy 

func (in *Operation) DeepCopy() *Operation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Operation. Required by controller-gen.

func (*Operation) DeepCopyInterface 

func (in *Operation) DeepCopyInterface() interface{}

DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new Operation. Required by controller-gen.

func (*Operation) DeepCopyInto 

func (in *Operation) DeepCopyInto(out *Operation)

DeepCopyInto supports using Operation within kubernetes types, where deepcopy-gen is used.

func (*Operation) Descriptor 

func (*Operation) Descriptor() ([]byte, []int)

func (*Operation) GetInterfaces 

func (m *Operation) GetInterfaces() []string

func (*Operation) GetMethods 

func (m *Operation) GetMethods() []string

func (*Operation) GetNotInterfaces 

func (m *Operation) GetNotInterfaces() []string

func (*Operation) GetNotMethods 

func (m *Operation) GetNotMethods() []string

func (*Operation) Marshal 

func (m *Operation) Marshal() (dAtA []byte, err error)

func (*Operation) MarshalJSON 

func (this *Operation) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Operation

func (*Operation) MarshalTo 

func (m *Operation) MarshalTo(dAtA []byte) (int, error)

func (*Operation) MarshalToSizedBuffer 

func (m *Operation) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Operation) ProtoMessage 

func (*Operation) ProtoMessage()

func (*Operation) Reset 

func (m *Operation) Reset()

func (*Operation) Size 

func (m *Operation) Size() (n int)

func (*Operation) String 

func (m *Operation) String() string

func (*Operation) Unmarshal 

func (m *Operation) Unmarshal(dAtA []byte) error

func (*Operation) UnmarshalJSON 

func (this *Operation) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Operation

func (*Operation) XXX_DiscardUnknown 

func (m *Operation) XXX_DiscardUnknown()

func (*Operation) XXX_Marshal 

func (m *Operation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Operation) XXX_Merge 

func (m *Operation) XXX_Merge(src proto.Message)

func (*Operation) XXX_Size 

func (m *Operation) XXX_Size() int

func (*Operation) XXX_Unmarshal 

func (m *Operation) XXX_Unmarshal(b []byte) error

type Rule 

type Rule struct {
	// Optional. from specifies the source of a request.
	//
	// If not set, any source is allowed.
	From []*Rule_From `protobuf:"bytes,1,rep,name=from,proto3" json:"from,omitempty"`
	// Optional. to specifies the operation of a request.
	//
	// If not set, any operation is allowed.
	To                   []*Rule_To `protobuf:"bytes,2,rep,name=to,proto3" json:"to,omitempty"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

Rule matches requests from a list of sources that perform a list of operations subject to a list of conditions. A match occurs when at least one source, one operation and all conditions matches the request. An empty rule is always matched.

Any string field in the rule supports Exact, Prefix, Suffix and Presence match:

- Exact match: "abc" will match on value "abc". - Prefix match: "abc*" will match on value "abc" and "abcd". - Suffix match: "*abc" will match on value "abc" and "xabc". - Presence match: "*" will match when value is not empty.

func (*Rule) DeepCopy 

func (in *Rule) DeepCopy() *Rule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule. Required by controller-gen.

func (*Rule) DeepCopyInterface 

func (in *Rule) DeepCopyInterface() interface{}

DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new Rule. Required by controller-gen.

func (*Rule) DeepCopyInto 

func (in *Rule) DeepCopyInto(out *Rule)

DeepCopyInto supports using Rule within kubernetes types, where deepcopy-gen is used.

func (*Rule) Descriptor 

func (*Rule) Descriptor() ([]byte, []int)

func (*Rule) GetFrom 

func (m *Rule) GetFrom() []*Rule_From

func (*Rule) GetTo 

func (m *Rule) GetTo() []*Rule_To

func (*Rule) Marshal 

func (m *Rule) Marshal() (dAtA []byte, err error)

func (*Rule) MarshalJSON 

func (this *Rule) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Rule

func (*Rule) MarshalTo 

func (m *Rule) MarshalTo(dAtA []byte) (int, error)

func (*Rule) MarshalToSizedBuffer 

func (m *Rule) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Rule) ProtoMessage 

func (*Rule) ProtoMessage()

func (*Rule) Reset 

func (m *Rule) Reset()

func (*Rule) Size 

func (m *Rule) Size() (n int)

func (*Rule) String 

func (m *Rule) String() string

func (*Rule) Unmarshal 

func (m *Rule) Unmarshal(dAtA []byte) error

func (*Rule) UnmarshalJSON 

func (this *Rule) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Rule

func (*Rule) XXX_DiscardUnknown 

func (m *Rule) XXX_DiscardUnknown()

func (*Rule) XXX_Marshal 

func (m *Rule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Rule) XXX_Merge 

func (m *Rule) XXX_Merge(src proto.Message)

func (*Rule) XXX_Size 

func (m *Rule) XXX_Size() int

func (*Rule) XXX_Unmarshal 

func (m *Rule) XXX_Unmarshal(b []byte) error

type Rule_From 

type Rule_From struct {
	// Source specifies the source of a request.
	Source               *Source  `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

From includes a list or sources.

func (*Rule_From) DeepCopy 

func (in *Rule_From) DeepCopy() *Rule_From

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule_From. Required by controller-gen.

func (*Rule_From) DeepCopyInterface 

func (in *Rule_From) DeepCopyInterface() interface{}

DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new Rule_From. Required by controller-gen.

func (*Rule_From) DeepCopyInto 

func (in *Rule_From) DeepCopyInto(out *Rule_From)

DeepCopyInto supports using Rule_From within kubernetes types, where deepcopy-gen is used.

func (*Rule_From) Descriptor 

func (*Rule_From) Descriptor() ([]byte, []int)

func (*Rule_From) GetSource 

func (m *Rule_From) GetSource() *Source

func (*Rule_From) Marshal 

func (m *Rule_From) Marshal() (dAtA []byte, err error)

func (*Rule_From) MarshalJSON 

func (this *Rule_From) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Rule_From

func (*Rule_From) MarshalTo 

func (m *Rule_From) MarshalTo(dAtA []byte) (int, error)

func (*Rule_From) MarshalToSizedBuffer 

func (m *Rule_From) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Rule_From) ProtoMessage 

func (*Rule_From) ProtoMessage()

func (*Rule_From) Reset 

func (m *Rule_From) Reset()

func (*Rule_From) Size 

func (m *Rule_From) Size() (n int)

func (*Rule_From) String 

func (m *Rule_From) String() string

func (*Rule_From) Unmarshal 

func (m *Rule_From) Unmarshal(dAtA []byte) error

func (*Rule_From) UnmarshalJSON 

func (this *Rule_From) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Rule_From

func (*Rule_From) XXX_DiscardUnknown 

func (m *Rule_From) XXX_DiscardUnknown()

func (*Rule_From) XXX_Marshal 

func (m *Rule_From) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Rule_From) XXX_Merge 

func (m *Rule_From) XXX_Merge(src proto.Message)

func (*Rule_From) XXX_Size 

func (m *Rule_From) XXX_Size() int

func (*Rule_From) XXX_Unmarshal 

func (m *Rule_From) XXX_Unmarshal(b []byte) error

type Rule_To 

type Rule_To struct {
	// Operation specifies the operation of a request.
	Operation            *Operation `protobuf:"bytes,1,opt,name=operation,proto3" json:"operation,omitempty"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

To includes a list or operations.

func (*Rule_To) DeepCopy 

func (in *Rule_To) DeepCopy() *Rule_To

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule_To. Required by controller-gen.

func (*Rule_To) DeepCopyInterface 

func (in *Rule_To) DeepCopyInterface() interface{}

DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new Rule_To. Required by controller-gen.

func (*Rule_To) DeepCopyInto 

func (in *Rule_To) DeepCopyInto(out *Rule_To)

DeepCopyInto supports using Rule_To within kubernetes types, where deepcopy-gen is used.

func (*Rule_To) Descriptor 

func (*Rule_To) Descriptor() ([]byte, []int)

func (*Rule_To) GetOperation 

func (m *Rule_To) GetOperation() *Operation

func (*Rule_To) Marshal 

func (m *Rule_To) Marshal() (dAtA []byte, err error)

func (*Rule_To) MarshalJSON 

func (this *Rule_To) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Rule_To

func (*Rule_To) MarshalTo 

func (m *Rule_To) MarshalTo(dAtA []byte) (int, error)

func (*Rule_To) MarshalToSizedBuffer 

func (m *Rule_To) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Rule_To) ProtoMessage 

func (*Rule_To) ProtoMessage()

func (*Rule_To) Reset 

func (m *Rule_To) Reset()

func (*Rule_To) Size 

func (m *Rule_To) Size() (n int)

func (*Rule_To) String 

func (m *Rule_To) String() string

func (*Rule_To) Unmarshal 

func (m *Rule_To) Unmarshal(dAtA []byte) error

func (*Rule_To) UnmarshalJSON 

func (this *Rule_To) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Rule_To

func (*Rule_To) XXX_DiscardUnknown 

func (m *Rule_To) XXX_DiscardUnknown()

func (*Rule_To) XXX_Marshal 

func (m *Rule_To) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Rule_To) XXX_Merge 

func (m *Rule_To) XXX_Merge(src proto.Message)

func (*Rule_To) XXX_Size 

func (m *Rule_To) XXX_Size() int

func (*Rule_To) XXX_Unmarshal 

func (m *Rule_To) XXX_Unmarshal(b []byte) error

type Source 

type Source struct {
	// Optional. A list of source peer identities (i.e. service account), which
	// matches to the "source.principal" attribute. This field requires mTLS enabled.
	//
	// If not set, any principal is allowed.
	Principals []string `protobuf:"bytes,1,rep,name=principals,proto3" json:"principals,omitempty"`
	// Optional. A list of negative match of source peer identities.
	NotPrincipals []string `protobuf:"bytes,2,rep,name=not_principals,json=notPrincipals,proto3" json:"not_principals,omitempty"`
	// Optional. A list of namespaces, which matches to the "source.namespace"
	// attribute. This field requires mTLS enabled.
	//
	// If not set, any namespace is allowed.
	Namespaces []string `protobuf:"bytes,3,rep,name=namespaces,proto3" json:"namespaces,omitempty"`
	// Optional. A list of negative match of namespaces.
	NotNamespaces        []string `protobuf:"bytes,4,rep,name=not_namespaces,json=notNamespaces,proto3" json:"not_namespaces,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Source specifies the source identities of a request. Fields in the source are ANDed together.

For example, the following source matches if the principal is "admin" or "dev" and the namespace is "prod" or "test".

```yaml principals: ["admin", "dev"] namespaces: ["prod", "test"] ```

func (*Source) DeepCopy 

func (in *Source) DeepCopy() *Source

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Source. Required by controller-gen.

func (*Source) DeepCopyInterface 

func (in *Source) DeepCopyInterface() interface{}

DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new Source. Required by controller-gen.

func (*Source) DeepCopyInto 

func (in *Source) DeepCopyInto(out *Source)

DeepCopyInto supports using Source within kubernetes types, where deepcopy-gen is used.

func (*Source) Descriptor 

func (*Source) Descriptor() ([]byte, []int)

func (*Source) GetNamespaces 

func (m *Source) GetNamespaces() []string

func (*Source) GetNotNamespaces 

func (m *Source) GetNotNamespaces() []string

func (*Source) GetNotPrincipals 

func (m *Source) GetNotPrincipals() []string

func (*Source) GetPrincipals 

func (m *Source) GetPrincipals() []string

func (*Source) Marshal 

func (m *Source) Marshal() (dAtA []byte, err error)

func (*Source) MarshalJSON 

func (this *Source) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Source

func (*Source) MarshalTo 

func (m *Source) MarshalTo(dAtA []byte) (int, error)

func (*Source) MarshalToSizedBuffer 

func (m *Source) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Source) ProtoMessage 

func (*Source) ProtoMessage()

func (*Source) Reset 

func (m *Source) Reset()

func (*Source) Size 

func (m *Source) Size() (n int)

func (*Source) String 

func (m *Source) String() string

func (*Source) Unmarshal 

func (m *Source) Unmarshal(dAtA []byte) error

func (*Source) UnmarshalJSON 

func (this *Source) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Source

func (*Source) XXX_DiscardUnknown 

func (m *Source) XXX_DiscardUnknown()

func (*Source) XXX_Marshal 

func (m *Source) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Source) XXX_Merge 

func (m *Source) XXX_Merge(src proto.Message)

func (*Source) XXX_Size 

func (m *Source) XXX_Size() int

func (*Source) XXX_Unmarshal 

func (m *Source) XXX_Unmarshal(b []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.