Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Conf ¶
type Conf struct { // Credentials holds Cerbos Hub client credentials. Credentials CredentialsConf `yaml:"credentials"` // Connection holds advanced connection settings for Cerbos Hub. Connection ConnectionConf `yaml:"connection" conf:",ignore"` }
func (*Conf) SetDefaults ¶
func (conf *Conf) SetDefaults()
type ConnectionConf ¶
type ConnectionConf struct { // TLS defines settings for TLS connections. TLS TLSConf `yaml:"tls"` // APIEndpoint is the address of the API server. APIEndpoint string `yaml:"apiEndpoint" conf:"required,example=https://api.cerbos.cloud"` // BootstrapEndpoint is the addresses of the server serving the bootstrap configuration. BootstrapEndpoint string `yaml:"bootstrapEndpoint" conf:"required,example=https://cdn.cerbos.cloud"` // MinRetryWait is the minimum amount of time to wait between retries. MinRetryWait time.Duration `yaml:"minRetryWait" conf:",example=1s"` // MaxRetryWait is the maximum amount of time to wait between retries. MaxRetryWait time.Duration `yaml:"maxRetryWait" conf:",example=120s"` // NumRetries is the number of times to retry before giving up. NumRetries uint `yaml:"numRetries" conf:",example=5"` // HeartbeatInterval is the interval for sending regular heartbeats. HeartbeatInterval time.Duration `yaml:"heartbeatInterval" conf:",example=2m"` }
ConnectionConf holds configuration for the remote connection.
func (ConnectionConf) IsUnset ¶
func (cc ConnectionConf) IsUnset() bool
func (*ConnectionConf) Validate ¶
func (cc *ConnectionConf) Validate() error
type CredentialsConf ¶
type CredentialsConf struct { // PDPID is the unique identifier for this Cerbos instance. Defaults to the value of the CERBOS_HUB_PDP_ID environment variable. PDPID string `yaml:"pdpID" conf:",example=crb-004"` // ClientID of the Cerbos Hub credential. Defaults to the value of the CERBOS_HUB_CLIENT_ID environment variable. ClientID string `yaml:"clientID" conf:",example=92B0K05B6HOF"` // ClientSecret of the Cerbos Hub credential. Defaults to the value of the CERBOS_HUB_CLIENT_SECRET environment variable. ClientSecret string `yaml:"clientSecret" conf:",example=${CERBOS_HUB_CLIENT_SECRET}"` // WorkspaceSecret used to decrypt the bundles. Defaults to the value of the CERBOS_HUB_WORKSPACE_SECRET environment variable. WorkspaceSecret string `yaml:"workspaceSecret" conf:",example=${CERBOS_HUB_WORKSPACE_SECRET}"` // Deprecated: Use PDPID InstanceID string `yaml:"instanceID" conf:",ignore"` // Deprecated: Use WorkspaceSecret SecretKey string `yaml:"secretKey" conf:",ignore"` }
CredentialsConf holds credentials for accessing Cerbos Hub.
func (*CredentialsConf) LoadFromEnv ¶
func (cc *CredentialsConf) LoadFromEnv()
func (CredentialsConf) ToCredentials ¶
func (cc CredentialsConf) ToCredentials() (*credentials.Credentials, error)
func (*CredentialsConf) Validate ¶
func (cc *CredentialsConf) Validate() (outErr error)
type TLSConf ¶
type TLSConf struct { // Authority overrides the Cerbos Hub server authority if it is different from what is provided in the API and bootstrap endpoints. Authority string `yaml:"authority" conf:",example=domain.tld"` // CACert is the path to the CA certificate chain to use for certificate verification. CACert string `yaml:"caCert" conf:",example=/path/to/CA_certificate"` }
TLSConf holds TLS configuration for the remote connection.
Click to show internal directories.
Click to hide internal directories.