eventgate

module
v0.0.23 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 10, 2021 License: Apache-2.0

README

eventgate

A flexible, identity-aware message-queue & immutable event storage service for microservices following the Event Sourcing Pattern

Status: Proof of Concept

GoDoc

Features

  • Headless
  • 3 simple API Methods for interacting with events: Receive, Send, History
  • Native gRPC support
  • Optional Embedded graphQL support /graphql (transcoding)
  • Optional Embedded REST support / (transcoding)
  • Optional Embedded grpcweb support (transcoding)
  • Optional Metrics Server(prometheus/pprof)
  • Authentication - JWT/OAuth with remote JWKS verification
  • Authorization - Rego based Authorization engine
  • Autogenerated Client gRPC SDK's
  • Structured JSON Logs
  • Sample Kubernetes Manifest
  • Pluggable "Channel" Providers
    • Nats
    • Nats Streaming(Stan)
    • Redis
    • Kafka
    • RabbitMQ
    • Google PubSub
    • AWS SQS
    • Azure Queue
  • Pluggable "Storage" Providers
    • MongoDb
    • ElasticSearch
    • Cassandra
    • PostgreSQL
    • MySQL
    • Snowflake

Concepts

Channel Provider

A Channel Provider is a plugin that provides stream/channel functionality for broadcasting & consuming events

A single Channel Provider is required. An in memory provider may be used for testing, but it is not considered to be production ready.

Storage Provider

A storage provider is a plugin that provides storage for persisting a historical record of all events produced

Storage provider's enable the History method- without it, an Unimplemented error will be returned to the client

Goals

  • Create a universal API interface for publishing and subscribing to events using pluggable channel & storage provider
  • Interact with the API interface in gRPC, REST, and/or graphQL.
  • Safe to swap backend providers without changing client-side code
  • Type-safe client's generated in many languages
  • Safe to expose to the public internet due to fine-grained authentication/authorization model.
  • Capture a persistant, immutable historical record of all events using a pluggable storage provider
  • Different combinations of Channel & Storage Providers are interoperable.
  • Audit log of events broadcasted by authorized producers

Command Line

eventgate -h
Usage of eventgate:
      --config string   path to config file (env: EVENTGATE_CONFIG) (default "config.yaml")

Sample Config

# port to serve on. metrics server is started on this port+1 if enabled
port: 8080
# enable graphQL API
graphql: true
# enable rest API
rest: true
# enable metrics server
metrics: true
# enable grpcweb support
grpcweb: true
cors:
  allowed_origins:
    - "*"
  allowed_methods:
    - "POST"
    - "PUT"
    - "GET"
    - "OPTIONS"
  allowed_headers:
    - "*"
#tls:
#  cert_file: "/tmp/server.cert"
#  key_file: "/tmp/server.key"
logging:
  # enable debug logs
  debug: true


backend:
  # pluggable channel providers: [inmem, redis, nats, stan, kafka, google-pubsub, aws-sqs]
  channel_provider:
    name: "nats"
    config:
      addr: "0.0.0.0:4444"
#     client_cert_file: "/tmp/nats.cert"
#     client_key_file: "/tmp/nats.key"
#  channel_provider:
#    name: "redis"
#    config:
#      addr: "0.0.0.0:6379"
#      user: "default"
#      password: "admin1234"
#      client_cert_file: "/tmp/redis.cert"
#      client_key_file: "/tmp/redis.key"

#  channel_provider:
#    name: "stan"
#    config:
#      addr: "0.0.0.0:4444"
#      client_cert_file: "/tmp/stan.cert"
#      client_key_file: "/tmp/stan.key"

# pluggable storage providers: [mongo, elasticsearch]
  
#  storage_provider:
#    name: "mongo"
#    config:
#      addr: "mongodb://localhost:27017/testing"
#      database: "testing"
#      client_cert_file: "/tmp/mongo.cert"
#      client_key_file: "/tmp/mongo.key"
  storage_provider:
    name: "elasticsearch"
    config:
      addr: "http://localhost:9200"
#     user: "default"
#     password: "admin1234"


# authentication options
authentication:
  # json web keys uri for authentication.
  # if empty, inbound jwt's will not be verified.
  jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"

# authorization options
authorization:
  requests: |
    package eventgate.authz

    default allow = false

    allow {
      input.claims.sub = "1234567890"
      input.claims.name = "John Doe"
    }
  responses: |
    package eventgate.authz

    default allow = true

Notes

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL