config

package
v1.11.6-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 17, 2023 License: Apache-2.0 Imports: 15 Imported by: 6

Documentation

Index

Constants

View Source
const (
	SingleStageWildcard = "/*"
	MultiStageWildcard  = "/**"
	Separation          = "/"
)
View Source
const (
	AllowAccess        = "allow"
	DenyAccess         = "deny"
	DefaultTrustDomain = "public"
	DefaultNamespace   = "default"
	ActionPolicyApp    = "app"
	ActionPolicyGlobal = "global"
	SpiffeIDPrefix     = "spiffe://"
)

Variables

This section is empty.

Functions

func SetTracingSpecFromEnv added in v1.11.0

func SetTracingSpecFromEnv(conf *Configuration)

Update configuration from Otlp Environment Variables, if they exist.

Types

type APIAccessRule added in v1.2.0

type APIAccessRule struct {
	Name     string                `json:"name"`
	Version  string                `json:"version"`
	Protocol APIAccessRuleProtocol `json:"protocol"`
}

APIAccessRule describes an access rule for allowing a Dapr API to be enabled and accessible by an app.

type APIAccessRuleProtocol added in v1.11.0

type APIAccessRuleProtocol string

APIAccessRuleProtocol is the type for the protocol in APIAccessRules

const (
	APIAccessRuleProtocolHTTP APIAccessRuleProtocol = "http"
	APIAccessRuleProtocolGRPC APIAccessRuleProtocol = "grpc"
)

type APIAccessRules added in v1.11.0

type APIAccessRules []APIAccessRule

APIAccessRules is a list of API access rules (allowlist or denylist).

func (APIAccessRules) GetRulesByProtocol added in v1.11.0

func (r APIAccessRules) GetRulesByProtocol(protocol APIAccessRuleProtocol) []APIAccessRule

GetRulesByProtocol returns a list of APIAccessRule objects filtered by protocol

type APILoggingSpec added in v1.10.0

type APILoggingSpec struct {
	// Default value for enabling API logging. Sidecars can always override this by setting `--enable-api-logging` to true or false explicitly.
	// The default value is false.
	Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	// When enabled, obfuscates the values of URLs in HTTP API logs, logging the route name rather than the full path being invoked, which could contain PII.
	// Default: false.
	// This option has no effect if API logging is disabled.
	ObfuscateURLs bool `json:"obfuscateURLs" yaml:"obfuscateURLs"`
	// If true, health checks are not reported in API logs. Default: false.
	// This option has no effect if API logging is disabled.
	OmitHealthChecks bool `json:"omitHealthChecks,omitempty" yaml:"omitHealthChecks,omitempty"`
}

APILoggingSpec defines the configuration for API logging.

type APISpec added in v1.2.0

type APISpec struct {
	// List of allowed APIs. Can be used in conjunction with denied.
	Allowed APIAccessRules `json:"allowed,omitempty"`
	// List of denied APIs. Can be used in conjunction with allowed.
	Denied APIAccessRules `json:"denied,omitempty"`
}

APISpec describes the configuration for Dapr APIs.

type AccessControlList added in v0.11.0

type AccessControlList struct {
	DefaultAction string
	TrustDomain   string
	PolicySpec    map[string]AccessControlListPolicySpec
}

AccessControlList is an in-memory access control list config for fast lookup.

type AccessControlListOperationAction added in v0.11.0

type AccessControlListOperationAction struct {
	VerbAction      map[string]string
	OperationName   string
	OperationAction string
}

AccessControlListOperationAction is an in-memory access control list config per operation for fast lookup.

type AccessControlListPolicySpec added in v0.11.0

type AccessControlListPolicySpec struct {
	AppName             string
	DefaultAction       string
	TrustDomain         string
	Namespace           string
	AppOperationActions *Trie
}

AccessControlListPolicySpec is an in-memory access control list config per app for fast lookup.

type AccessControlSpec added in v0.11.0

type AccessControlSpec struct {
	DefaultAction string          `json:"defaultAction" yaml:"defaultAction"`
	TrustDomain   string          `json:"trustDomain" yaml:"trustDomain"`
	AppPolicies   []AppPolicySpec `json:"policies" yaml:"policies"`
}

AccessControlSpec is the spec object in ConfigurationSpec.

type AppOperation added in v0.11.0

type AppOperation struct {
	Operation string   `json:"name" yaml:"name"`
	HTTPVerb  []string `json:"httpVerb" yaml:"httpVerb"`
	Action    string   `json:"action" yaml:"action"`
}

AppOperation defines the data structure for each app operation.

type AppPolicySpec added in v0.11.0

type AppPolicySpec struct {
	AppName             string         `json:"appId" yaml:"appId"`
	DefaultAction       string         `json:"defaultAction" yaml:"defaultAction"`
	TrustDomain         string         `json:"trustDomain" yaml:"trustDomain"`
	Namespace           string         `json:"namespace" yaml:"namespace"`
	AppOperationActions []AppOperation `json:"operations" yaml:"operations"`
}

AppPolicySpec defines the policy data structure for each app.

type ApplicationConfig

type ApplicationConfig struct {
	Entities []string `json:"entities"`
	// Duration. example: "1h".
	ActorIdleTimeout string `json:"actorIdleTimeout"`
	// Duration. example: "30s". This value is global.
	ActorScanInterval string `json:"actorScanInterval"`
	// Duration. example: "30s".
	DrainOngoingCallTimeout    string           `json:"drainOngoingCallTimeout"`
	DrainRebalancedActors      bool             `json:"drainRebalancedActors"`
	Reentrancy                 ReentrancyConfig `json:"reentrancy,omitempty"`
	RemindersStoragePartitions int              `json:"remindersStoragePartitions"`

	// Duplicate of the above config so we can assign it to individual entities.
	EntityConfigs []EntityConfig `json:"entitiesConfig,omitempty"`
}

ApplicationConfig is an optional config supplied by user code.

type ComponentsSpec added in v1.9.0

type ComponentsSpec struct {
	// Denylist of component types that cannot be instantiated
	Deny []string `json:"deny,omitempty" yaml:"deny,omitempty"`
}

ComponentsSpec describes the configuration for Dapr components

type Configuration

type Configuration struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	// See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
	metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`
	// See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
	Spec ConfigurationSpec `json:"spec" yaml:"spec"`
	// contains filtered or unexported fields
}

Configuration is an internal (and duplicate) representation of Dapr's Configuration CRD.

func LoadDefaultConfiguration

func LoadDefaultConfiguration() *Configuration

LoadDefaultConfiguration returns the default config.

func LoadKubernetesConfiguration

func LoadKubernetesConfiguration(config, namespace string, podName string, operatorClient operatorv1pb.OperatorClient) (*Configuration, error)

LoadKubernetesConfiguration gets configuration from the Kubernetes operator with a given name.

func LoadStandaloneConfiguration

func LoadStandaloneConfiguration(config string) (*Configuration, string, error)

LoadStandaloneConfiguration gets the path to a config file and loads it into a configuration.

func (Configuration) EnabledFeatures added in v1.10.0

func (c Configuration) EnabledFeatures() []string

EnabledFeatures returns the list of features that have been enabled.

func (Configuration) IsFeatureEnabled added in v1.10.0

func (c Configuration) IsFeatureEnabled(target Feature) (enabled bool)

IsFeatureEnabled returns true if a Feature (such as a preview) is enabled.

func (*Configuration) LoadFeatures added in v1.10.0

func (c *Configuration) LoadFeatures()

LoadFeatures loads the list of enabled features, from the Configuration spec and from the buildinfo.

type ConfigurationSpec

type ConfigurationSpec struct {
	HTTPPipelineSpec    PipelineSpec       `json:"httpPipeline,omitempty" yaml:"httpPipeline,omitempty"`
	AppHTTPPipelineSpec PipelineSpec       `json:"appHttpPipeline,omitempty" yaml:"appHttpPipeline,omitempty"`
	TracingSpec         TracingSpec        `json:"tracing,omitempty" yaml:"tracing,omitempty"`
	MTLSSpec            MTLSSpec           `json:"mtls,omitempty" yaml:"mtls,omitempty"`
	MetricSpec          MetricSpec         `json:"metric,omitempty" yaml:"metric,omitempty"`
	MetricsSpec         MetricSpec         `json:"metrics,omitempty" yaml:"metrics,omitempty"`
	Secrets             SecretsSpec        `json:"secrets,omitempty" yaml:"secrets,omitempty"`
	AccessControlSpec   AccessControlSpec  `json:"accessControl,omitempty" yaml:"accessControl,omitempty"`
	NameResolutionSpec  NameResolutionSpec `json:"nameResolution,omitempty" yaml:"nameResolution,omitempty"`
	Features            []FeatureSpec      `json:"features,omitempty" yaml:"features,omitempty"`
	APISpec             APISpec            `json:"api,omitempty" yaml:"api,omitempty"`
	ComponentsSpec      ComponentsSpec     `json:"components,omitempty" yaml:"components,omitempty"`
	LoggingSpec         LoggingSpec        `json:"logging,omitempty" yaml:"logging,omitempty"`
}

type EntityConfig added in v1.7.0

type EntityConfig struct {
	Entities []string `json:"entities"`
	// Duration. example: "1h".
	ActorIdleTimeout string `json:"actorIdleTimeout"`
	// Duration. example: "30s".
	DrainOngoingCallTimeout    string           `json:"drainOngoingCallTimeout"`
	DrainRebalancedActors      bool             `json:"drainRebalancedActors"`
	Reentrancy                 ReentrancyConfig `json:"reentrancy,omitempty"`
	RemindersStoragePartitions int              `json:"remindersStoragePartitions"`
}

type Feature added in v1.2.0

type Feature string
const (
	// Enable support for streaming in HTTP service invocation
	ServiceInvocationStreaming Feature = "ServiceInvocationStreaming"
	// Disables enforcing minimum TLS version 1.2 in AppChannel, which is insecure.
	// TODO: Remove this feature flag in Dapr 1.13.
	AppChannelAllowInsecureTLS Feature = "AppChannelAllowInsecureTLS"
	// Enables support for setting TTL on Actor state keys. Remove this flag in
	// Dapr 1.12.
	ActorStateTTL Feature = "ActorStateTTL"
)

type FeatureSpec added in v1.2.0

type FeatureSpec struct {
	Name    Feature `json:"name" yaml:"name"`
	Enabled bool    `json:"enabled" yaml:"enabled"`
}

FeatureSpec defines which preview features are enabled.

type HandlerSpec added in v0.4.0

type HandlerSpec struct {
	Name         string       `json:"name" yaml:"name"`
	Type         string       `json:"type" yaml:"type"`
	Version      string       `json:"version" yaml:"version"`
	SelectorSpec SelectorSpec `json:"selector,omitempty" yaml:"selector,omitempty"`
}

func (HandlerSpec) LogName added in v1.10.0

func (h HandlerSpec) LogName() string

LogName returns the name of the handler that can be used in logging.

type LoggingSpec added in v1.10.0

type LoggingSpec struct {
	// Configure API logging.
	APILogging APILoggingSpec `json:"apiLogging,omitempty" yaml:"apiLogging,omitempty"`
}

LoggingSpec defines the configuration for logging.

type MTLSSpec added in v0.4.0

type MTLSSpec struct {
	Enabled          bool   `json:"enabled" yaml:"enabled"`
	WorkloadCertTTL  string `json:"workloadCertTTL" yaml:"workloadCertTTL"`
	AllowedClockSkew string `json:"allowedClockSkew" yaml:"allowedClockSkew"`
}

type MetricLabel added in v1.10.0

type MetricLabel struct {
	Name  string            `json:"name" yaml:"name"`
	Regex map[string]string `json:"regex" yaml:"regex"`
}

MetricsLabel defines an object that allows to set regex expressions for a label.

type MetricSpec added in v0.11.0

type MetricSpec struct {
	Enabled bool          `json:"enabled" yaml:"enabled"`
	Rules   []MetricsRule `json:"rules" yaml:"rules"`
}

MetricSpec configuration for metrics.

type MetricsRule added in v1.10.0

type MetricsRule struct {
	Name   string        `json:"name" yaml:"name"`
	Labels []MetricLabel `json:"labels" yaml:"labels"`
}

MetricsRule defines configuration options for a metric.

type NameResolutionSpec added in v1.2.0

type NameResolutionSpec struct {
	Component     string      `json:"component" yaml:"component"`
	Version       string      `json:"version" yaml:"version"`
	Configuration interface{} `json:"configuration" yaml:"configuration"`
}

type OtelSpec added in v1.9.0

type OtelSpec struct {
	Protocol        string `json:"protocol" yaml:"protocol"`
	EndpointAddress string `json:"endpointAddress" yaml:"endpointAddress"`
	IsSecure        bool   `json:"isSecure" yaml:"isSecure"`
}

OtelSpec defines Otel exporter configurations.

type PipelineSpec added in v0.4.0

type PipelineSpec struct {
	Handlers []HandlerSpec `json:"handlers" yaml:"handlers"`
}

type ReentrancyConfig added in v1.2.0

type ReentrancyConfig struct {
	Enabled       bool `json:"enabled"`
	MaxStackDepth *int `json:"maxStackDepth,omitempty"`
}

type SecretsScope added in v0.11.0

type SecretsScope struct {
	DefaultAccess  string   `json:"defaultAccess,omitempty" yaml:"defaultAccess,omitempty"`
	StoreName      string   `json:"storeName" yaml:"storeName"`
	AllowedSecrets []string `json:"allowedSecrets,omitempty" yaml:"allowedSecrets,omitempty"`
	DeniedSecrets  []string `json:"deniedSecrets,omitempty" yaml:"deniedSecrets,omitempty"`
}

SecretsScope defines the scope for secrets.

func (SecretsScope) IsSecretAllowed added in v0.11.0

func (c SecretsScope) IsSecretAllowed(key string) bool

IsSecretAllowed Check if the secret is allowed to be accessed.

type SecretsSpec added in v0.11.0

type SecretsSpec struct {
	Scopes []SecretsScope `json:"scopes"`
}

type SelectorField added in v0.4.0

type SelectorField struct {
	Field string `json:"field" yaml:"field"`
	Value string `json:"value" yaml:"value"`
}

type SelectorSpec added in v0.4.0

type SelectorSpec struct {
	Fields []SelectorField `json:"fields" yaml:"fields"`
}

type SpiffeID added in v0.11.0

type SpiffeID struct {
	TrustDomain string
	Namespace   string
	AppID       string
}

SpiffeID represents the separated fields in a spiffe id.

type TracingSpec

type TracingSpec struct {
	SamplingRate string     `json:"samplingRate" yaml:"samplingRate"`
	Stdout       bool       `json:"stdout" yaml:"stdout"`
	Zipkin       ZipkinSpec `json:"zipkin" yaml:"zipkin"`
	Otel         OtelSpec   `json:"otel" yaml:"otel"`
}

type Trie added in v1.7.0

type Trie struct {
	// contains filtered or unexported fields
}

func NewTrie added in v1.7.0

func NewTrie() *Trie

func (*Trie) PutOperationAction added in v1.7.0

func (trie *Trie) PutOperationAction(operation string, data *AccessControlListOperationAction)

func (*Trie) Search added in v1.7.0

func (trie *Trie) Search(operation string) *AccessControlListOperationAction

type ZipkinSpec added in v1.0.0

type ZipkinSpec struct {
	EndpointAddress string `json:"endpointAddress" yaml:"endpointAddress"`
}

ZipkinSpec defines Zipkin exporter configurations.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL