extension

package
v2.13.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2024 License: Apache-2.0 Imports: 21 Imported by: 1

Documentation

Index

Constants

View Source
const (
	URLPrefix                    = "/extensions"
	DefaultConnectionTimeout     = 2 * time.Second
	DefaultKeepAlive             = 15 * time.Second
	DefaultIdleConnectionTimeout = 60 * time.Second
	DefaultMaxIdleConnections    = 30

	// HeaderArgoCDNamespace defines the namespace of the
	// argo control plane to be passed to the extension handler.
	// Example:
	//     Argocd-Namespace: "namespace"
	HeaderArgoCDNamespace = "Argocd-Namespace"

	// HeaderArgoCDApplicationName defines the name of the
	// expected application header to be passed to the extension
	// handler. The header value must follow the format:
	//     "<namespace>:<app-name>"
	// Example:
	//     Argocd-Application-Name: "namespace:app-name"
	HeaderArgoCDApplicationName = "Argocd-Application-Name"

	// HeaderArgoCDProjectName defines the name of the expected
	// project header to be passed to the extension handler.
	// Example:
	//     Argocd-Project-Name: "default"
	HeaderArgoCDProjectName = "Argocd-Project-Name"

	// HeaderArgoCDTargetClusterURL defines the target cluster URL
	// that the Argo CD application is associated with. This header
	// will be populated by the extension proxy and passed to the
	// configured backend service. If this header is passed by
	// the client, its value will be overridden by the extension
	// handler.
	//
	// Example:
	//     Argocd-Target-Cluster-URL: "https://kubernetes.default.svc.cluster.local"
	HeaderArgoCDTargetClusterURL = "Argocd-Target-Cluster-URL"

	// HeaderArgoCDTargetClusterName defines the target cluster name
	// that the Argo CD application is associated with. This header
	// will be populated by the extension proxy and passed to the
	// configured backend service. If this header is passed by
	// the client, its value will be overridden by the extension
	// handler.
	HeaderArgoCDTargetClusterName = "Argocd-Target-Cluster-Name"

	// HeaderArgoCDUsername is the header name that defines the logged
	// in user authenticated by Argo CD.
	HeaderArgoCDUsername = "Argocd-Username"

	// HeaderArgoCDGroups is the header name that provides the 'groups'
	// claim from the users authenticated in Argo CD.
	HeaderArgoCDGroups = "Argocd-User-Groups"
)

Variables

This section is empty.

Functions

func NewProxy

func NewProxy(targetURL string, headers []Header, config ProxyConfig) (*httputil.ReverseProxy, error)

NewProxy will instantiate a new reverse proxy based on the provided targetURL and config. It will remove sensitive information from the incoming request such as the Authorization and Cookie headers.

Types

type ApplicationGetter

type ApplicationGetter interface {
	Get(ns, name string) (*v1alpha1.Application, error)
}

ApplicationGetter defines the contract to retrieve the application resource.

type BackendConfig

type BackendConfig struct {
	ProxyConfig
	Services []ServiceConfig `yaml:"services"`
}

BackendConfig defines the backend service configurations that will be used by an specific extension. An extension can have multiple services associated. This is necessary when Argo CD is managing applications in external clusters. In this case, each cluster may have its own backend service.

type ClusterConfig added in v2.7.0

type ClusterConfig struct {
	// Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set.
	Server string `yaml:"server"`

	// Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set.
	Name string `yaml:"name"`
}

type DefaultApplicationGetter

type DefaultApplicationGetter struct {
	// contains filtered or unexported fields
}

DefaultApplicationGetter is the real application getter implementation.

func NewDefaultApplicationGetter

func NewDefaultApplicationGetter(al applisters.ApplicationLister) *DefaultApplicationGetter

NewDefaultApplicationGetter returns the default application getter.

func (*DefaultApplicationGetter) Get

Get will retrieve the application resource for the given namespace and name.

type DefaultProjectGetter added in v2.7.0

type DefaultProjectGetter struct {
	// contains filtered or unexported fields
}

DefaultProjectGetter is the real ProjectGetter implementation.

func NewDefaultProjectGetter added in v2.7.0

func NewDefaultProjectGetter(lister applisters.AppProjectNamespaceLister, db db.ArgoDB) *DefaultProjectGetter

NewDefaultProjectGetter returns a new default project getter

func (*DefaultProjectGetter) Get added in v2.7.0

Get will retrieve the live AppProject state.

func (*DefaultProjectGetter) GetClusters added in v2.7.0

func (p *DefaultProjectGetter) GetClusters(project string) ([]*v1alpha1.Cluster, error)

GetClusters will retrieve the clusters configured by a project.

type DefaultSettingsGetter

type DefaultSettingsGetter struct {
	// contains filtered or unexported fields
}

DefaultSettingsGetter is the real settings getter implementation.

func NewDefaultSettingsGetter

func NewDefaultSettingsGetter(mgr *settings.SettingsManager) *DefaultSettingsGetter

NewDefaultSettingsGetter returns a new default settings getter.

func (*DefaultSettingsGetter) Get

Get will retrieve the Argo CD settings.

type DefaultUserGetter added in v2.13.0

type DefaultUserGetter struct {
	// contains filtered or unexported fields
}

DefaultUserGetter is the main UserGetter implementation.

func NewDefaultUserGetter added in v2.13.0

func NewDefaultUserGetter(policyEnf *rbacpolicy.RBACPolicyEnforcer) *DefaultUserGetter

NewDefaultUserGetter return a new default UserGetter

func (*DefaultUserGetter) GetGroups added in v2.13.0

func (u *DefaultUserGetter) GetGroups(ctx context.Context) []string

GetGroups will return the groups associated with the logged in user.

func (*DefaultUserGetter) GetUser added in v2.13.0

func (u *DefaultUserGetter) GetUser(ctx context.Context) string

GetUser will return the current logged in user

type ExtensionConfig

type ExtensionConfig struct {
	// Name defines the endpoint that will be used to register
	// the extension route. Mandatory field.
	Name    string        `yaml:"name"`
	Backend BackendConfig `yaml:"backend"`
}

ExtensionConfig defines the configuration for one extension.

type ExtensionConfigs

type ExtensionConfigs struct {
	Extensions []ExtensionConfig `yaml:"extensions"`
}

ExtensionConfigs defines the configurations for all extensions retrieved from Argo CD configmap (argocd-cm).

type ExtensionMetricsRegistry added in v2.11.0

type ExtensionMetricsRegistry interface {
	// IncExtensionRequestCounter will increase the request counter for the given
	// extension with the given status.
	IncExtensionRequestCounter(extension string, status int)
	// ObserveExtensionRequestDuration will register the request roundtrip duration
	// between Argo CD API Server and the extension backend service for the given
	// extension.
	ObserveExtensionRequestDuration(extension string, duration time.Duration)
}

ExtensionMetricsRegistry exposes operations to update http metrics in the Argo CD API server.

type ExtensionRegistry added in v2.9.0

type ExtensionRegistry map[string]ProxyRegistry

ExtensionRegistry is an in memory registry that contains contains all proxies for all extensions. The key is the extension name defined in the Argo CD configmap.

type Header struct {
	// Name defines the name of the header. It is a mandatory field if
	// a header is provided.
	Name string `yaml:"name"`
	// Value defines the value of the header. The actual value can be
	// provided as verbatim or as a reference to an Argo CD secret key.
	// In order to provide it as a reference, it is necessary to prefix
	// it with a dollar sign.
	// Example:
	//   value: '$some.argocd.secret.key'
	// In the example above, the value will be replaced with the one from
	// the argocd-secret with key 'some.argocd.secret.key'.
	Value string `yaml:"value"`
}

Header defines the header to be added in the proxy requests.

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

Manager is the object that will be responsible for registering and handling proxy extensions.

func NewManager

func NewManager(log *log.Entry, namespace string, sg SettingsGetter, ag ApplicationGetter, pg ProjectGetter, rbac RbacEnforcer, ug UserGetter) *Manager

NewManager will initialize a new manager.

func (*Manager) AddMetricsRegistry added in v2.11.0

func (m *Manager) AddMetricsRegistry(metricsReg ExtensionMetricsRegistry)

AddMetricsRegistry will associate the given metricsReg in the Manager.

func (*Manager) CallExtension

func (m *Manager) CallExtension() func(http.ResponseWriter, *http.Request)

CallExtension returns a handler func responsible for forwarding requests to the extension service. The request will be sanitized by removing sensitive headers.

func (*Manager) ProxyRegistry added in v2.9.0

func (m *Manager) ProxyRegistry(name string) (ProxyRegistry, bool)

ProxyRegistry returns the proxy registry associated for the given extension name.

func (*Manager) RegisterExtensions added in v2.9.0

func (m *Manager) RegisterExtensions() error

RegisterExtensions will retrieve all extensions configurations and update the extension registry.

func (*Manager) UpdateExtensionRegistry added in v2.9.0

func (m *Manager) UpdateExtensionRegistry(s *settings.ArgoCDSettings) error

UpdateExtensionRegistry will first parse and validate the extensions configurations from the given settings. If no errors are found, it will iterate over the given configurations building a new extension registry. At the end, it will update the manager with the newly created registry.

type ProjectGetter added in v2.7.0

type ProjectGetter interface {
	Get(name string) (*v1alpha1.AppProject, error)
	GetClusters(project string) ([]*v1alpha1.Cluster, error)
}

ProjectGetter defines the contract to retrieve Argo CD Project.

type ProxyConfig

type ProxyConfig struct {
	// ConnectionTimeout is the maximum amount of time a dial to
	// the extension server will wait for a connect to complete.
	// Default: 2 seconds
	ConnectionTimeout time.Duration `yaml:"connectionTimeout"`

	// KeepAlive specifies the interval between keep-alive probes
	// for an active network connection between the API server and
	// the extension server.
	// Default: 15 seconds
	KeepAlive time.Duration `yaml:"keepAlive"`

	// IdleConnectionTimeout is the maximum amount of time an idle
	// (keep-alive) connection between the API server and the extension
	// server will remain idle before closing itself.
	// Default: 60 seconds
	IdleConnectionTimeout time.Duration `yaml:"idleConnectionTimeout"`

	// MaxIdleConnections controls the maximum number of idle (keep-alive)
	// connections between the API server and the extension server.
	// Default: 30
	MaxIdleConnections int `yaml:"maxIdleConnections"`
}

ProxyConfig allows configuring connection behaviour between Argo CD API Server and the backend service.

type ProxyKey added in v2.7.0

type ProxyKey struct {
	// contains filtered or unexported fields
}

ProxyKey defines the struct used as a key in the proxy registry map (ProxyRegistry).

type ProxyRegistry added in v2.7.0

type ProxyRegistry map[ProxyKey]*httputil.ReverseProxy

ProxyRegistry is an in memory registry that contains all proxies for a given extension. Different extensions will have independent proxy registries. This is required to address the use case when one extension is configured with multiple backend services in different clusters.

func NewProxyRegistry added in v2.7.0

func NewProxyRegistry() ProxyRegistry

NewProxyRegistry will instantiate a new in memory registry for proxies.

type RbacEnforcer added in v2.7.0

type RbacEnforcer interface {
	EnforceErr(rvals ...interface{}) error
}

RbacEnforcer defines the contract to enforce rbac rules

type RequestResources added in v2.7.0

type RequestResources struct {
	ApplicationName      string
	ApplicationNamespace string
	ProjectName          string
}

RequestResources defines the authorization scope for an incoming request to a given extension. This struct is populated from pre-defined Argo CD headers.

func ValidateHeaders added in v2.7.0

func ValidateHeaders(r *http.Request) (*RequestResources, error)

ValidateHeaders will validate the pre-defined Argo CD request headers for extensions and extract the resources information populating and returning a RequestResources object. The pre-defined headers are: - Argocd-Application-Name - Argocd-Project-Name

The headers expected format is documented in each of the constant types defined for them.

type ServiceConfig

type ServiceConfig struct {
	// URL is the address where the extension backend must be available.
	// Mandatory field.
	URL string `yaml:"url"`

	// Cluster if provided, will have to match the application
	// destination name to have requests properly forwarded to this
	// service URL.
	Cluster *ClusterConfig `yaml:"cluster,omitempty"`

	// Headers if provided, the headers list will be added on all
	// outgoing requests for this service config.
	Headers []Header `yaml:"headers"`
}

ServiceConfig provides the configuration for a backend service.

type SettingsGetter

type SettingsGetter interface {
	Get() (*settings.ArgoCDSettings, error)
}

SettingsGetter defines the contract to retrieve Argo CD Settings.

type UserGetter added in v2.13.0

type UserGetter interface {
	GetUser(ctx context.Context) string
	GetGroups(ctx context.Context) []string
}

UserGetter defines the contract to retrieve info from the logged in user.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL