Documentation ¶
Index ¶
- Constants
- func NewProxy(targetURL string, headers []Header, config ProxyConfig) (*httputil.ReverseProxy, error)
- type ApplicationGetter
- type BackendConfig
- type ClusterConfig
- type DefaultApplicationGetter
- type DefaultProjectGetter
- type DefaultSettingsGetter
- type DefaultUserGetter
- type ExtensionConfig
- type ExtensionConfigs
- type ExtensionMetricsRegistry
- type ExtensionRegistry
- type Header
- type Manager
- func (m *Manager) AddMetricsRegistry(metricsReg ExtensionMetricsRegistry)
- func (m *Manager) CallExtension() func(http.ResponseWriter, *http.Request)
- func (m *Manager) ProxyRegistry(name string) (ProxyRegistry, bool)
- func (m *Manager) RegisterExtensions() error
- func (m *Manager) UpdateExtensionRegistry(s *settings.ArgoCDSettings) error
- type ProjectGetter
- type ProxyConfig
- type ProxyKey
- type ProxyRegistry
- type RbacEnforcer
- type RequestResources
- type ServiceConfig
- type SettingsGetter
- type UserGetter
Constants ¶
const ( URLPrefix = "/extensions" DefaultConnectionTimeout = 2 * time.Second DefaultKeepAlive = 15 * time.Second DefaultIdleConnectionTimeout = 60 * time.Second DefaultMaxIdleConnections = 30 // HeaderArgoCDNamespace defines the namespace of the // argo control plane to be passed to the extension handler. // Example: // Argocd-Namespace: "namespace" HeaderArgoCDNamespace = "Argocd-Namespace" // HeaderArgoCDApplicationName defines the name of the // expected application header to be passed to the extension // handler. The header value must follow the format: // "<namespace>:<app-name>" // Example: // Argocd-Application-Name: "namespace:app-name" HeaderArgoCDApplicationName = "Argocd-Application-Name" // HeaderArgoCDProjectName defines the name of the expected // project header to be passed to the extension handler. // Example: // Argocd-Project-Name: "default" HeaderArgoCDProjectName = "Argocd-Project-Name" // HeaderArgoCDTargetClusterURL defines the target cluster URL // that the Argo CD application is associated with. This header // will be populated by the extension proxy and passed to the // configured backend service. If this header is passed by // the client, its value will be overridden by the extension // handler. // // Example: // Argocd-Target-Cluster-URL: "https://kubernetes.default.svc.cluster.local" HeaderArgoCDTargetClusterURL = "Argocd-Target-Cluster-URL" // HeaderArgoCDTargetClusterName defines the target cluster name // that the Argo CD application is associated with. This header // will be populated by the extension proxy and passed to the // configured backend service. If this header is passed by // the client, its value will be overridden by the extension // handler. HeaderArgoCDTargetClusterName = "Argocd-Target-Cluster-Name" // HeaderArgoCDUsername is the header name that defines the logged // in user authenticated by Argo CD. HeaderArgoCDUsername = "Argocd-Username" // HeaderArgoCDGroups is the header name that provides the 'groups' // claim from the users authenticated in Argo CD. HeaderArgoCDGroups = "Argocd-User-Groups" )
Variables ¶
This section is empty.
Functions ¶
func NewProxy ¶
func NewProxy(targetURL string, headers []Header, config ProxyConfig) (*httputil.ReverseProxy, error)
NewProxy will instantiate a new reverse proxy based on the provided targetURL and config. It will remove sensitive information from the incoming request such as the Authorization and Cookie headers.
Types ¶
type ApplicationGetter ¶
type ApplicationGetter interface {
Get(ns, name string) (*v1alpha1.Application, error)
}
ApplicationGetter defines the contract to retrieve the application resource.
type BackendConfig ¶
type BackendConfig struct { ProxyConfig Services []ServiceConfig `yaml:"services"` }
BackendConfig defines the backend service configurations that will be used by an specific extension. An extension can have multiple services associated. This is necessary when Argo CD is managing applications in external clusters. In this case, each cluster may have its own backend service.
type ClusterConfig ¶ added in v2.7.0
type ClusterConfig struct { // Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set. Server string `yaml:"server"` // Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set. Name string `yaml:"name"` }
type DefaultApplicationGetter ¶
type DefaultApplicationGetter struct {
// contains filtered or unexported fields
}
DefaultApplicationGetter is the real application getter implementation.
func NewDefaultApplicationGetter ¶
func NewDefaultApplicationGetter(al applisters.ApplicationLister) *DefaultApplicationGetter
NewDefaultApplicationGetter returns the default application getter.
func (*DefaultApplicationGetter) Get ¶
func (a *DefaultApplicationGetter) Get(ns, name string) (*v1alpha1.Application, error)
Get will retrieve the application resource for the given namespace and name.
type DefaultProjectGetter ¶ added in v2.7.0
type DefaultProjectGetter struct {
// contains filtered or unexported fields
}
DefaultProjectGetter is the real ProjectGetter implementation.
func NewDefaultProjectGetter ¶ added in v2.7.0
func NewDefaultProjectGetter(lister applisters.AppProjectNamespaceLister, db db.ArgoDB) *DefaultProjectGetter
NewDefaultProjectGetter returns a new default project getter
func (*DefaultProjectGetter) Get ¶ added in v2.7.0
func (p *DefaultProjectGetter) Get(name string) (*v1alpha1.AppProject, error)
Get will retrieve the live AppProject state.
func (*DefaultProjectGetter) GetClusters ¶ added in v2.7.0
func (p *DefaultProjectGetter) GetClusters(project string) ([]*v1alpha1.Cluster, error)
GetClusters will retrieve the clusters configured by a project.
type DefaultSettingsGetter ¶
type DefaultSettingsGetter struct {
// contains filtered or unexported fields
}
DefaultSettingsGetter is the real settings getter implementation.
func NewDefaultSettingsGetter ¶
func NewDefaultSettingsGetter(mgr *settings.SettingsManager) *DefaultSettingsGetter
NewDefaultSettingsGetter returns a new default settings getter.
func (*DefaultSettingsGetter) Get ¶
func (s *DefaultSettingsGetter) Get() (*settings.ArgoCDSettings, error)
Get will retrieve the Argo CD settings.
type DefaultUserGetter ¶ added in v2.13.0
type DefaultUserGetter struct {
// contains filtered or unexported fields
}
DefaultUserGetter is the main UserGetter implementation.
func NewDefaultUserGetter ¶ added in v2.13.0
func NewDefaultUserGetter(policyEnf *rbacpolicy.RBACPolicyEnforcer) *DefaultUserGetter
NewDefaultUserGetter return a new default UserGetter
type ExtensionConfig ¶
type ExtensionConfig struct { // Name defines the endpoint that will be used to register // the extension route. Mandatory field. Name string `yaml:"name"` Backend BackendConfig `yaml:"backend"` }
ExtensionConfig defines the configuration for one extension.
type ExtensionConfigs ¶
type ExtensionConfigs struct {
Extensions []ExtensionConfig `yaml:"extensions"`
}
ExtensionConfigs defines the configurations for all extensions retrieved from Argo CD configmap (argocd-cm).
type ExtensionMetricsRegistry ¶ added in v2.11.0
type ExtensionMetricsRegistry interface { // IncExtensionRequestCounter will increase the request counter for the given // extension with the given status. IncExtensionRequestCounter(extension string, status int) // ObserveExtensionRequestDuration will register the request roundtrip duration // between Argo CD API Server and the extension backend service for the given // extension. ObserveExtensionRequestDuration(extension string, duration time.Duration) }
ExtensionMetricsRegistry exposes operations to update http metrics in the Argo CD API server.
type ExtensionRegistry ¶ added in v2.9.0
type ExtensionRegistry map[string]ProxyRegistry
ExtensionRegistry is an in memory registry that contains contains all proxies for all extensions. The key is the extension name defined in the Argo CD configmap.
type Header ¶ added in v2.8.0
type Header struct { // Name defines the name of the header. It is a mandatory field if // a header is provided. Name string `yaml:"name"` // Value defines the value of the header. The actual value can be // provided as verbatim or as a reference to an Argo CD secret key. // In order to provide it as a reference, it is necessary to prefix // it with a dollar sign. // Example: // value: '$some.argocd.secret.key' // In the example above, the value will be replaced with the one from // the argocd-secret with key 'some.argocd.secret.key'. Value string `yaml:"value"` }
Header defines the header to be added in the proxy requests.
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager is the object that will be responsible for registering and handling proxy extensions.
func NewManager ¶
func NewManager(log *log.Entry, namespace string, sg SettingsGetter, ag ApplicationGetter, pg ProjectGetter, rbac RbacEnforcer, ug UserGetter) *Manager
NewManager will initialize a new manager.
func (*Manager) AddMetricsRegistry ¶ added in v2.11.0
func (m *Manager) AddMetricsRegistry(metricsReg ExtensionMetricsRegistry)
AddMetricsRegistry will associate the given metricsReg in the Manager.
func (*Manager) CallExtension ¶
func (m *Manager) CallExtension() func(http.ResponseWriter, *http.Request)
CallExtension returns a handler func responsible for forwarding requests to the extension service. The request will be sanitized by removing sensitive headers.
func (*Manager) ProxyRegistry ¶ added in v2.9.0
func (m *Manager) ProxyRegistry(name string) (ProxyRegistry, bool)
ProxyRegistry returns the proxy registry associated for the given extension name.
func (*Manager) RegisterExtensions ¶ added in v2.9.0
RegisterExtensions will retrieve all extensions configurations and update the extension registry.
func (*Manager) UpdateExtensionRegistry ¶ added in v2.9.0
func (m *Manager) UpdateExtensionRegistry(s *settings.ArgoCDSettings) error
UpdateExtensionRegistry will first parse and validate the extensions configurations from the given settings. If no errors are found, it will iterate over the given configurations building a new extension registry. At the end, it will update the manager with the newly created registry.
type ProjectGetter ¶ added in v2.7.0
type ProjectGetter interface { Get(name string) (*v1alpha1.AppProject, error) GetClusters(project string) ([]*v1alpha1.Cluster, error) }
ProjectGetter defines the contract to retrieve Argo CD Project.
type ProxyConfig ¶
type ProxyConfig struct { // ConnectionTimeout is the maximum amount of time a dial to // the extension server will wait for a connect to complete. // Default: 2 seconds ConnectionTimeout time.Duration `yaml:"connectionTimeout"` // KeepAlive specifies the interval between keep-alive probes // for an active network connection between the API server and // the extension server. // Default: 15 seconds KeepAlive time.Duration `yaml:"keepAlive"` // IdleConnectionTimeout is the maximum amount of time an idle // (keep-alive) connection between the API server and the extension // server will remain idle before closing itself. // Default: 60 seconds IdleConnectionTimeout time.Duration `yaml:"idleConnectionTimeout"` // MaxIdleConnections controls the maximum number of idle (keep-alive) // connections between the API server and the extension server. // Default: 30 MaxIdleConnections int `yaml:"maxIdleConnections"` }
ProxyConfig allows configuring connection behaviour between Argo CD API Server and the backend service.
type ProxyKey ¶ added in v2.7.0
type ProxyKey struct {
// contains filtered or unexported fields
}
ProxyKey defines the struct used as a key in the proxy registry map (ProxyRegistry).
type ProxyRegistry ¶ added in v2.7.0
type ProxyRegistry map[ProxyKey]*httputil.ReverseProxy
ProxyRegistry is an in memory registry that contains all proxies for a given extension. Different extensions will have independent proxy registries. This is required to address the use case when one extension is configured with multiple backend services in different clusters.
func NewProxyRegistry ¶ added in v2.7.0
func NewProxyRegistry() ProxyRegistry
NewProxyRegistry will instantiate a new in memory registry for proxies.
type RbacEnforcer ¶ added in v2.7.0
type RbacEnforcer interface {
EnforceErr(rvals ...interface{}) error
}
RbacEnforcer defines the contract to enforce rbac rules
type RequestResources ¶ added in v2.7.0
type RequestResources struct { ApplicationName string ApplicationNamespace string ProjectName string }
RequestResources defines the authorization scope for an incoming request to a given extension. This struct is populated from pre-defined Argo CD headers.
func ValidateHeaders ¶ added in v2.7.0
func ValidateHeaders(r *http.Request) (*RequestResources, error)
ValidateHeaders will validate the pre-defined Argo CD request headers for extensions and extract the resources information populating and returning a RequestResources object. The pre-defined headers are: - Argocd-Application-Name - Argocd-Project-Name
The headers expected format is documented in each of the constant types defined for them.
type ServiceConfig ¶
type ServiceConfig struct { // URL is the address where the extension backend must be available. // Mandatory field. URL string `yaml:"url"` // Cluster if provided, will have to match the application // destination name to have requests properly forwarded to this // service URL. Cluster *ClusterConfig `yaml:"cluster,omitempty"` // Headers if provided, the headers list will be added on all // outgoing requests for this service config. Headers []Header `yaml:"headers"` }
ServiceConfig provides the configuration for a backend service.
type SettingsGetter ¶
type SettingsGetter interface {
Get() (*settings.ArgoCDSettings, error)
}
SettingsGetter defines the contract to retrieve Argo CD Settings.