Documentation ¶
Index ¶
- Constants
- func SetTracingSpecFromEnv(conf *Configuration)
- type APIAccessRule
- type APIAccessRuleProtocol
- type APIAccessRules
- type APILoggingSpec
- type APISpec
- type AccessControlList
- type AccessControlListOperationAction
- type AccessControlListPolicySpec
- type AccessControlSpec
- type AppConnectionConfig
- type AppHealthConfig
- type AppOperation
- type AppPolicySpec
- type ApplicationConfig
- type ComponentsSpec
- type Configuration
- func (c Configuration) EnabledFeatures() []string
- func (c Configuration) GetAPILoggingSpec() APILoggingSpec
- func (c Configuration) GetAPISpec() APISpec
- func (c Configuration) GetLoggingSpec() LoggingSpec
- func (c Configuration) GetMTLSSpec() MTLSSpec
- func (c Configuration) GetMetricsSpec() MetricSpec
- func (c Configuration) GetTracingSpec() TracingSpec
- func (c Configuration) IsFeatureEnabled(target Feature) (enabled bool)
- func (c *Configuration) LoadFeatures()
- func (c *Configuration) String() string
- func (c *Configuration) ToYAML() (string, error)
- type ConfigurationSpec
- type EntityConfig
- type Feature
- type FeatureSpec
- type HandlerSpec
- type LoggingSpec
- type MTLSSpec
- type MetricLabel
- type MetricSpec
- type MetricsRule
- type NameResolutionSpec
- type OtelSpec
- type PipelineSpec
- type ReentrancyConfig
- type SecretsScope
- type SecretsSpec
- type SelectorField
- type SelectorSpec
- type TracingSpec
- type Trie
- type ValidatorSpec
- type WasmSpec
- type ZipkinSpec
Constants ¶
const ( SingleStageWildcard = "/*" MultiStageWildcard = "/**" Separation = "/" )
const ( // AppHealthConfigDefaultProbeInterval is the default interval for app health probes. AppHealthConfigDefaultProbeInterval = 5 * time.Second // AppHealthConfigDefaultProbeTimeout is the default value for probe timeouts. AppHealthConfigDefaultProbeTimeout = 500 * time.Millisecond // AppHealthConfigDefaultThreshold is the default threshold for determining failures in app health checks. AppHealthConfigDefaultThreshold = int32(3) )
const ( AllowAccess = "allow" DenyAccess = "deny" DefaultTrustDomain = "public" DefaultNamespace = "default" ActionPolicyApp = "app" ActionPolicyGlobal = "global" )
Variables ¶
This section is empty.
Functions ¶
func SetTracingSpecFromEnv ¶ added in v1.11.0
func SetTracingSpecFromEnv(conf *Configuration)
Update configuration from Otlp Environment Variables, if they exist.
Types ¶
type APIAccessRule ¶ added in v1.2.0
type APIAccessRule struct { Name string `json:"name"` Version string `json:"version"` Protocol APIAccessRuleProtocol `json:"protocol"` }
APIAccessRule describes an access rule for allowing a Dapr API to be enabled and accessible by an app.
type APIAccessRuleProtocol ¶ added in v1.11.0
type APIAccessRuleProtocol string
APIAccessRuleProtocol is the type for the protocol in APIAccessRules
const ( APIAccessRuleProtocolHTTP APIAccessRuleProtocol = "http" APIAccessRuleProtocolGRPC APIAccessRuleProtocol = "grpc" )
type APIAccessRules ¶ added in v1.11.0
type APIAccessRules []APIAccessRule
APIAccessRules is a list of API access rules (allowlist or denylist).
func (APIAccessRules) GetRulesByProtocol ¶ added in v1.11.0
func (r APIAccessRules) GetRulesByProtocol(protocol APIAccessRuleProtocol) []APIAccessRule
GetRulesByProtocol returns a list of APIAccessRule objects filtered by protocol
type APILoggingSpec ¶ added in v1.10.0
type APILoggingSpec struct { // Default value for enabling API logging. Sidecars can always override this by setting `--enable-api-logging` to true or false explicitly. // The default value is false. Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"` // When enabled, obfuscates the values of URLs in HTTP API logs, logging the route name rather than the full path being invoked, which could contain PII. // Default: false. // This option has no effect if API logging is disabled. ObfuscateURLs bool `json:"obfuscateURLs,omitempty" yaml:"obfuscateURLs,omitempty"` // If true, health checks are not reported in API logs. Default: false. // This option has no effect if API logging is disabled. OmitHealthChecks bool `json:"omitHealthChecks,omitempty" yaml:"omitHealthChecks,omitempty"` }
APILoggingSpec defines the configuration for API logging.
type APISpec ¶ added in v1.2.0
type APISpec struct { // List of allowed APIs. Can be used in conjunction with denied. Allowed APIAccessRules `json:"allowed,omitempty"` // List of denied APIs. Can be used in conjunction with allowed. Denied APIAccessRules `json:"denied,omitempty"` }
APISpec describes the configuration for Dapr APIs.
type AccessControlList ¶ added in v0.11.0
type AccessControlList struct { DefaultAction string TrustDomain string PolicySpec map[string]AccessControlListPolicySpec }
AccessControlList is an in-memory access control list config for fast lookup.
type AccessControlListOperationAction ¶ added in v0.11.0
type AccessControlListOperationAction struct { VerbAction map[string]string OperationName string OperationAction string }
AccessControlListOperationAction is an in-memory access control list config per operation for fast lookup.
type AccessControlListPolicySpec ¶ added in v0.11.0
type AccessControlListPolicySpec struct { AppName string DefaultAction string TrustDomain string Namespace string AppOperationActions *Trie }
AccessControlListPolicySpec is an in-memory access control list config per app for fast lookup.
type AccessControlSpec ¶ added in v0.11.0
type AccessControlSpec struct { DefaultAction string `json:"defaultAction,omitempty" yaml:"defaultAction,omitempty"` TrustDomain string `json:"trustDomain,omitempty" yaml:"trustDomain,omitempty"` AppPolicies []AppPolicySpec `json:"policies,omitempty" yaml:"policies,omitempty"` }
AccessControlSpec is the spec object in ConfigurationSpec.
type AppConnectionConfig ¶ added in v1.12.0
type AppConnectionConfig struct { ChannelAddress string HealthCheck *AppHealthConfig HealthCheckHTTPPath string MaxConcurrency int Port int Protocol protocol.Protocol }
AppConnectionConfig holds the configuration for the app connection.
type AppHealthConfig ¶ added in v1.12.0
type AppHealthConfig struct { ProbeInterval time.Duration ProbeTimeout time.Duration ProbeOnly bool Threshold int32 }
AppHealthConfig is the configuration object for the app health probes.
type AppOperation ¶ added in v0.11.0
type AppOperation struct { Operation string `json:"name,omitempty" yaml:"name,omitempty"` HTTPVerb []string `json:"httpVerb,omitempty" yaml:"httpVerb,omitempty"` Action string `json:"action,omitempty" yaml:"action,omitempty"` }
AppOperation defines the data structure for each app operation.
type AppPolicySpec ¶ added in v0.11.0
type AppPolicySpec struct { AppName string `json:"appId,omitempty" yaml:"appId,omitempty"` DefaultAction string `json:"defaultAction,omitempty" yaml:"defaultAction,omitempty"` TrustDomain string `json:"trustDomain,omitempty" yaml:"trustDomain,omitempty"` Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` AppOperationActions []AppOperation `json:"operations,omitempty" yaml:"operations,omitempty"` }
AppPolicySpec defines the policy data structure for each app.
type ApplicationConfig ¶
type ApplicationConfig struct { Entities []string `json:"entities"` // Duration. example: "1h". ActorIdleTimeout string `json:"actorIdleTimeout"` // Duration. example: "30s". This value is global. ActorScanInterval string `json:"actorScanInterval"` // Duration. example: "30s". DrainOngoingCallTimeout string `json:"drainOngoingCallTimeout"` DrainRebalancedActors bool `json:"drainRebalancedActors"` Reentrancy ReentrancyConfig `json:"reentrancy,omitempty"` RemindersStoragePartitions int `json:"remindersStoragePartitions"` // Duplicate of the above config so we can assign it to individual entities. EntityConfigs []EntityConfig `json:"entitiesConfig,omitempty"` }
ApplicationConfig is an optional config supplied by user code.
type ComponentsSpec ¶ added in v1.9.0
type ComponentsSpec struct { // Denylist of component types that cannot be instantiated Deny []string `json:"deny,omitempty" yaml:"deny,omitempty"` }
ComponentsSpec describes the configuration for Dapr components
type Configuration ¶
type Configuration struct { metav1.TypeMeta `json:",inline" yaml:",inline"` // See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"` // See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status Spec ConfigurationSpec `json:"spec" yaml:"spec"` // contains filtered or unexported fields }
Configuration is an internal (and duplicate) representation of Dapr's Configuration CRD.
func LoadDefaultConfiguration ¶
func LoadDefaultConfiguration() *Configuration
LoadDefaultConfiguration returns the default config.
func LoadKubernetesConfiguration ¶
func LoadKubernetesConfiguration(config string, namespace string, podName string, operatorClient operatorv1pb.OperatorClient) (*Configuration, error)
LoadKubernetesConfiguration gets configuration from the Kubernetes operator with a given name.
func LoadStandaloneConfiguration ¶
func LoadStandaloneConfiguration(configs ...string) (*Configuration, error)
LoadStandaloneConfiguration gets the path to a config file and loads it into a configuration.
func (Configuration) EnabledFeatures ¶ added in v1.10.0
func (c Configuration) EnabledFeatures() []string
EnabledFeatures returns the list of features that have been enabled.
func (Configuration) GetAPILoggingSpec ¶ added in v1.12.0
func (c Configuration) GetAPILoggingSpec() APILoggingSpec
GetLoggingSpec returns the Logging.APILogging spec. It's a short-hand that includes nil-checks for safety.
func (Configuration) GetAPISpec ¶ added in v1.12.0
func (c Configuration) GetAPISpec() APISpec
GetAPISpec returns the API spec. It's a short-hand that includes nil-checks for safety.
func (Configuration) GetLoggingSpec ¶ added in v1.12.0
func (c Configuration) GetLoggingSpec() LoggingSpec
GetLoggingSpec returns the Logging spec. It's a short-hand that includes nil-checks for safety.
func (Configuration) GetMTLSSpec ¶ added in v1.12.0
func (c Configuration) GetMTLSSpec() MTLSSpec
GetMTLSSpec returns the mTLS spec. It's a short-hand that includes nil-checks for safety.
func (Configuration) GetMetricsSpec ¶ added in v1.12.0
func (c Configuration) GetMetricsSpec() MetricSpec
GetMetricsSpec returns the metrics spec. It's a short-hand that includes nil-checks for safety.
func (Configuration) GetTracingSpec ¶ added in v1.12.0
func (c Configuration) GetTracingSpec() TracingSpec
GetTracingSpec returns the tracing spec. It's a short-hand that includes nil-checks for safety.
func (Configuration) IsFeatureEnabled ¶ added in v1.10.0
func (c Configuration) IsFeatureEnabled(target Feature) (enabled bool)
IsFeatureEnabled returns true if a Feature (such as a preview) is enabled.
func (*Configuration) LoadFeatures ¶ added in v1.10.0
func (c *Configuration) LoadFeatures()
LoadFeatures loads the list of enabled features, from the Configuration spec and from the buildinfo.
func (*Configuration) String ¶ added in v1.12.0
func (c *Configuration) String() string
String implements fmt.Stringer and is used for debugging. It returns the Configuration object encoded as YAML.
func (*Configuration) ToYAML ¶ added in v1.12.0
func (c *Configuration) ToYAML() (string, error)
ToYAML returns the Configuration represented as YAML.
type ConfigurationSpec ¶
type ConfigurationSpec struct { HTTPPipelineSpec *PipelineSpec `json:"httpPipeline,omitempty" yaml:"httpPipeline,omitempty"` AppHTTPPipelineSpec *PipelineSpec `json:"appHttpPipeline,omitempty" yaml:"appHttpPipeline,omitempty"` TracingSpec *TracingSpec `json:"tracing,omitempty" yaml:"tracing,omitempty"` MTLSSpec *MTLSSpec `json:"mtls,omitempty" yaml:"mtls,omitempty"` MetricSpec *MetricSpec `json:"metric,omitempty" yaml:"metric,omitempty"` MetricsSpec *MetricSpec `json:"metrics,omitempty" yaml:"metrics,omitempty"` Secrets *SecretsSpec `json:"secrets,omitempty" yaml:"secrets,omitempty"` AccessControlSpec *AccessControlSpec `json:"accessControl,omitempty" yaml:"accessControl,omitempty"` NameResolutionSpec *NameResolutionSpec `json:"nameResolution,omitempty" yaml:"nameResolution,omitempty"` Features []FeatureSpec `json:"features,omitempty" yaml:"features,omitempty"` APISpec *APISpec `json:"api,omitempty" yaml:"api,omitempty"` ComponentsSpec *ComponentsSpec `json:"components,omitempty" yaml:"components,omitempty"` LoggingSpec *LoggingSpec `json:"logging,omitempty" yaml:"logging,omitempty"` WasmSpec *WasmSpec `json:"wasm,omitempty" yaml:"wasm,omitempty"` }
func (ConfigurationSpec) String ¶ added in v1.12.0
func (c ConfigurationSpec) String() string
String implements fmt.Stringer and is used for debugging. It returns the Configuration object encoded as YAML.
func (ConfigurationSpec) ToYAML ¶ added in v1.12.0
func (c ConfigurationSpec) ToYAML() (string, error)
ToYAML returns the ConfigurationSpec represented as YAML.
type EntityConfig ¶ added in v1.7.0
type EntityConfig struct { Entities []string `json:"entities"` // Duration. example: "1h". ActorIdleTimeout string `json:"actorIdleTimeout"` // Duration. example: "30s". DrainOngoingCallTimeout string `json:"drainOngoingCallTimeout"` DrainRebalancedActors bool `json:"drainRebalancedActors"` Reentrancy ReentrancyConfig `json:"reentrancy,omitempty"` RemindersStoragePartitions int `json:"remindersStoragePartitions"` }
type Feature ¶ added in v1.2.0
type Feature string
const ( // Disables enforcing minimum TLS version 1.2 in AppChannel, which is insecure. // TODO: Remove this feature flag in Dapr 1.13. AppChannelAllowInsecureTLS Feature = "AppChannelAllowInsecureTLS" // Enables support for setting TTL on Actor state keys. Remove this flag in // Dapr 1.12. ActorStateTTL Feature = "ActorStateTTL" )
type FeatureSpec ¶ added in v1.2.0
type FeatureSpec struct { Name Feature `json:"name" yaml:"name"` Enabled bool `json:"enabled" yaml:"enabled"` }
FeatureSpec defines which preview features are enabled.
type HandlerSpec ¶ added in v0.4.0
type HandlerSpec struct { Name string `json:"name,omitempty" yaml:"name,omitempty"` Type string `json:"type,omitempty" yaml:"type,omitempty"` Version string `json:"version,omitempty" yaml:"version,omitempty"` SelectorSpec SelectorSpec `json:"selector,omitempty" yaml:"selector,omitempty"` }
func (HandlerSpec) LogName ¶ added in v1.10.0
func (h HandlerSpec) LogName() string
LogName returns the name of the handler that can be used in logging.
type LoggingSpec ¶ added in v1.10.0
type LoggingSpec struct { // Configure API logging. APILogging *APILoggingSpec `json:"apiLogging,omitempty" yaml:"apiLogging,omitempty"` }
LoggingSpec defines the configuration for logging.
type MTLSSpec ¶ added in v0.4.0
type MTLSSpec struct { Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"` WorkloadCertTTL string `json:"workloadCertTTL,omitempty" yaml:"workloadCertTTL,omitempty"` AllowedClockSkew string `json:"allowedClockSkew,omitempty" yaml:"allowedClockSkew,omitempty"` SentryAddress string `json:"sentryAddress,omitempty" yaml:"sentryAddress,omitempty"` ControlPlaneTrustDomain string `json:"controlPlaneTrustDomain,omitempty" yaml:"controlPlaneTrustDomain,omitempty"` // Additional token validators to use. // When Dapr is running in Kubernetes mode, this is in addition to the built-in "kubernetes" validator. // In self-hosted mode, enabling a custom validator will disable the built-in "insecure" validator. TokenValidators []ValidatorSpec `json:"tokenValidators,omitempty" yaml:"tokenValidators,omitempty"` }
MTLSSpec defines mTLS configuration.
type MetricLabel ¶ added in v1.10.0
type MetricLabel struct { Name string `json:"name,omitempty" yaml:"name,omitempty"` Regex map[string]string `json:"regex,omitempty" yaml:"regex,omitempty"` }
MetricsLabel defines an object that allows to set regex expressions for a label.
type MetricSpec ¶ added in v0.11.0
type MetricSpec struct { // Defaults to true Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty"` Rules []MetricsRule `json:"rules,omitempty" yaml:"rules,omitempty"` }
MetricSpec configuration for metrics.
func (MetricSpec) GetEnabled ¶ added in v1.12.0
func (m MetricSpec) GetEnabled() bool
GetEnabled returns true if metrics are enabled.
type MetricsRule ¶ added in v1.10.0
type MetricsRule struct { Name string `json:"name,omitempty" yaml:"name,omitempty"` Labels []MetricLabel `json:"labels,omitempty" yaml:"labels,omitempty"` }
MetricsRule defines configuration options for a metric.
type NameResolutionSpec ¶ added in v1.2.0
type OtelSpec ¶ added in v1.9.0
type OtelSpec struct { Protocol string `json:"protocol,omitempty" yaml:"protocol,omitempty"` EndpointAddress string `json:"endpointAddress,omitempty" yaml:"endpointAddress,omitempty"` // Defaults to true IsSecure *bool `json:"isSecure,omitempty" yaml:"isSecure,omitempty"` }
OtelSpec defines Otel exporter configurations.
func (OtelSpec) GetIsSecure ¶ added in v1.12.0
GetIsSecure returns true if the connection should be secured.
type PipelineSpec ¶ added in v0.4.0
type PipelineSpec struct {
Handlers []HandlerSpec `json:"handlers,omitempty" yaml:"handlers,omitempty"`
}
type ReentrancyConfig ¶ added in v1.2.0
type SecretsScope ¶ added in v0.11.0
type SecretsScope struct { DefaultAccess string `json:"defaultAccess,omitempty" yaml:"defaultAccess,omitempty"` StoreName string `json:"storeName,omitempty" yaml:"storeName,omitempty"` AllowedSecrets []string `json:"allowedSecrets,omitempty" yaml:"allowedSecrets,omitempty"` DeniedSecrets []string `json:"deniedSecrets,omitempty" yaml:"deniedSecrets,omitempty"` }
SecretsScope defines the scope for secrets.
func (SecretsScope) IsSecretAllowed ¶ added in v0.11.0
func (c SecretsScope) IsSecretAllowed(key string) bool
IsSecretAllowed Check if the secret is allowed to be accessed.
type SecretsSpec ¶ added in v0.11.0
type SecretsSpec struct {
Scopes []SecretsScope `json:"scopes,omitempty"`
}
type SelectorField ¶ added in v0.4.0
type SelectorSpec ¶ added in v0.4.0
type SelectorSpec struct {
Fields []SelectorField `json:"fields,omitempty" yaml:"fields,omitempty"`
}
type TracingSpec ¶
type TracingSpec struct { SamplingRate string `json:"samplingRate,omitempty" yaml:"samplingRate,omitempty"` Stdout bool `json:"stdout,omitempty" yaml:"stdout,omitempty"` Zipkin *ZipkinSpec `json:"zipkin,omitempty" yaml:"zipkin,omitempty"` Otel *OtelSpec `json:"otel,omitempty" yaml:"otel,omitempty"` }
type Trie ¶ added in v1.7.0
type Trie struct {
// contains filtered or unexported fields
}
func (*Trie) PutOperationAction ¶ added in v1.7.0
func (trie *Trie) PutOperationAction(operation string, data *AccessControlListOperationAction)
func (*Trie) Search ¶ added in v1.7.0
func (trie *Trie) Search(operation string) *AccessControlListOperationAction
type ValidatorSpec ¶ added in v1.12.0
type ValidatorSpec struct { // Name of the validator Name string `json:"name"` // Options for the validator, if any Options any `json:"options,omitempty"` }
ValidatorSpec contains additional token validators to use.
func (ValidatorSpec) OptionsMap ¶ added in v1.12.0
func (v ValidatorSpec) OptionsMap() map[string]string
OptionsMap returns the validator options as a map[string]string. If the options are empty, or if the conversion fails, returns nil.
type WasmSpec ¶ added in v1.12.0
type WasmSpec struct { // Force enabling strict sandbox mode for all WASM components. // When this is enabled, WASM components always run in strict mode regardless of their configuration. // Strict mode enhances security of the WASM sandbox by limiting access to certain capabilities such as real-time clocks and random number generators. StrictSandbox bool `json:"strictSandbox,omitempty" yaml:"strictSandbox,omitempty"` }
WasmSpec describes the security profile for all Dapr Wasm components.
func (*WasmSpec) GetStrictSandbox ¶ added in v1.12.0
GetStrictSandbox returns the value of StrictSandbox, with nil-checks.
type ZipkinSpec ¶ added in v1.0.0
type ZipkinSpec struct {
EndpointAddress string `json:"endpointAddress,omitempty" yaml:"endpointAddress,omitempty"`
}
ZipkinSpec defines Zipkin exporter configurations.