Documentation
¶
Index ¶
- Constants
- Variables
- func FileExists(path string) (bool, error)
- func GetConfig(configFilePath string) *currentConfig
- func NewLoggerConfig(configPath Path, overrides Overrider) (*logger.Config, error)
- func PortFromAddress(address string) (string, error)
- func SetEnvVars(fileContents string) (string, error)
- type APIKey
- type AuthnConfig
- type CallOptions
- type CommandMode
- type Common
- type Config
- type DecisionLogConfig
- type Generator
- func (g *Generator) CreateCertsDir() (string, error)
- func (g *Generator) CreateConfigDir() (string, error)
- func (g *Generator) CreateDataDir() (string, error)
- func (g *Generator) GenerateConfig(w io.Writer, templateData string) error
- func (g *Generator) WithController(url, clientCertPath, clientKeyPath string) *Generator
- func (g *Generator) WithDiscovery(url, key string) *Generator
- func (g *Generator) WithEdgeDirectory(enabled bool) *Generator
- func (g *Generator) WithEnableDirectoryV2(enabled bool) *Generator
- func (g *Generator) WithLocalPolicy(local bool) *Generator
- func (g *Generator) WithPolicyName(policyName string) *Generator
- func (g *Generator) WithResource(resource string) *Generator
- func (g *Generator) WithSelfDecisionLogger(emsURL, clientCertPath, clientKeyPath, storePath string) *Generator
- func (g *Generator) WithTenantID(tenantID string) *Generator
- func (g *Generator) WithVersion(version int) *Generator
- type Loader
- type LoggerConfig
- type OptionOverrides
- type Options
- type Overrider
- type Path
- type ServicesConfig
Constants ¶
View Source
const ConfigFileVersion = 2
View Source
const EdgeTemplate = templatePreamble + `
opa:
instance_id: {{ .TenantID }}
graceful_shutdown_period_seconds: 2
local_bundles:
paths: []
skip_verification: true
config:
services:
aserto-discovery:
url: {{ .DiscoveryURL }}
credentials:
bearer:
token: {{ .TenantKey }}
scheme: "basic"
headers:
Aserto-Tenant-Id: {{ .TenantID }}
discovery:
service: aserto-discovery
resource: {{ .PolicyName }}/{{ .PolicyName }}/opa
{{ if .ControlPlane.Enabled }}
controller:
enabled: true
server:
address: {{ .ControlPlane.Address }}
client_cert_path: '{{ .ControlPlane.ClientCertPath }}'
client_key_path: '{{ .ControlPlane.ClientKeyPath }}'
{{ else }}
controller:
enabled: false
{{ end }}
{{ if .DecisionLogging }}
decision_logger:
type: self
config:
store_directory: {{ .DecisionLogger.StorePath }}
scribe:
address: {{ .DecisionLogger.EMSAddress }}
client_cert_path: '{{ .DecisionLogger.ClientCertPath }}'
client_key_path: '{{ .DecisionLogger.ClientKeyPath }}'
ack_wait_seconds: 30
headers:
Aserto-Tenant-Id: {{ .TenantID }}
shipper:
publish_timeout_seconds: 2
{{ end }}
`
View Source
const LocalImageTemplate = templatePreamble + `
opa:
instance_id: "-"
graceful_shutdown_period_seconds: 2
# max_plugin_wait_time_seconds: 30 set as default
local_bundles:
local_policy_image: {{ .Resource }}
watch: true
skip_verification: true
`
View Source
const Template = templatePreamble + `
opa:
instance_id: "-"
graceful_shutdown_period_seconds: 2
# max_plugin_wait_time_seconds: 30 set as default
local_bundles:
paths: []
skip_verification: true
config:
services:
ghcr:
url: https://ghcr.io
type: "oci"
response_header_timeout_seconds: 5
bundles:
{{ .PolicyName }}:
service: ghcr
resource: "{{ .Resource }}"
persist: false
config:
polling:
min_delay_seconds: 60
max_delay_seconds: 120
`
Variables ¶
View Source
var CertificateSets = []string{"grpc", "gateway"}
Functions ¶
func FileExists ¶ added in v0.30.25
func NewLoggerConfig ¶
NewLoggerConfig creates a new LoggerConfig.
func PortFromAddress ¶ added in v0.32.52
func SetEnvVars ¶ added in v0.30.29
Types ¶
type AuthnConfig ¶
type AuthnConfig struct {
APIKeys map[string]string `json:"api_keys"`
Options CallOptions `json:"options"`
Keys []string `json:"keys"`
}
type CallOptions ¶
type CallOptions struct {
Default Options `json:"default"`
Overrides []OptionOverrides `json:"overrides"`
}
func (*CallOptions) ForPath ¶
func (co *CallOptions) ForPath(path string) *Options
type CommandMode ¶
type CommandMode int
CommandMode -- enum type.
const ( CommandModeUnknown CommandMode = 0 + iota CommandModeRun CommandModeBuild )
CommandMode -- enum constants.
type Common ¶
type Common struct {
Version int `json:"version"`
Logging logger.Config `json:"logging"`
DebugService debug.Config `json:"debug_service"`
Command struct {
Mode CommandMode
} `json:"-"`
APIConfig ServicesConfig `json:"api"`
JWT struct {
// Specifies the duration in which exp (Expiry) and nbf (Not Before)
// claims may differ by. This value should be positive.
AcceptableTimeSkewSeconds int `json:"acceptable_time_skew_seconds"`
} `json:"jwt"`
// Directory configuration
Edge directory.Config `json:"directory"`
// Authorizer directory resolver configuration
DirectoryResolver client.Config `json:"remote_directory"`
// Default OPA configuration
OPA runtime.Config `json:"opa"`
}
Config holds the configuration for the app.
type Config ¶
type Config struct {
Common `json:",squash"` // nolint:staticcheck // squash is used by mapstructure
Auth AuthnConfig `json:"auth"`
DecisionLogger DecisionLogConfig `json:"decision_logger"`
ControllerConfig *controller.Config `json:"controller"`
}
type DecisionLogConfig ¶ added in v0.25.6
type Generator ¶ added in v0.30.29
type Generator struct {
ConfigName string
// contains filtered or unexported fields
}
func NewGenerator ¶ added in v0.30.29
func (*Generator) CreateCertsDir ¶ added in v0.30.29
func (*Generator) CreateConfigDir ¶ added in v0.30.29
func (*Generator) CreateDataDir ¶ added in v0.30.29
func (*Generator) GenerateConfig ¶ added in v0.30.29
func (*Generator) WithController ¶ added in v0.32.0
func (*Generator) WithDiscovery ¶ added in v0.32.0
func (*Generator) WithEdgeDirectory ¶ added in v0.30.29
func (*Generator) WithEnableDirectoryV2 ¶ added in v0.30.29
func (*Generator) WithLocalPolicy ¶ added in v0.32.26
func (*Generator) WithPolicyName ¶ added in v0.30.29
func (*Generator) WithResource ¶ added in v0.30.29
func (*Generator) WithSelfDecisionLogger ¶ added in v0.32.0
func (*Generator) WithTenantID ¶ added in v0.32.0
func (*Generator) WithVersion ¶ added in v0.30.29
type Loader ¶ added in v0.30.29
func LoadConfiguration ¶ added in v0.30.29
type LoggerConfig ¶
type LoggerConfig Config
LoggerConfig is a basic Config copy that gets loaded before everything else, so we can log during resolving configuration.
type OptionOverrides ¶
type ServicesConfig ¶ added in v0.30.0
type ServicesConfig struct {
Health struct {
ListenAddress string `json:"listen_address"`
Certificates *client.TLSConfig `json:"certs"`
} `json:"health"`
Metrics struct {
ListenAddress string `json:"listen_address"`
Certificates *client.TLSConfig `json:"certs"`
ZPages bool `json:"zpages"`
} `json:"metrics"`
Services map[string]*builder.API `json:"services"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.