config

package
v1.12.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 13, 2023 License: Apache-2.0 Imports: 18 Imported by: 6

Documentation

Index

Constants

View Source
const (
	SingleStageWildcard = "/*"
	MultiStageWildcard  = "/**"
	Separation          = "/"
)
View Source
const (
	// AppHealthConfigDefaultProbeInterval is the default interval for app health probes.
	AppHealthConfigDefaultProbeInterval = 5 * time.Second
	// AppHealthConfigDefaultProbeTimeout is the default value for probe timeouts.
	AppHealthConfigDefaultProbeTimeout = 500 * time.Millisecond
	// AppHealthConfigDefaultThreshold is the default threshold for determining failures in app health checks.
	AppHealthConfigDefaultThreshold = int32(3)
)
View Source
const (
	AllowAccess        = "allow"
	DenyAccess         = "deny"
	DefaultTrustDomain = "public"
	DefaultNamespace   = "default"
	ActionPolicyApp    = "app"
	ActionPolicyGlobal = "global"
)

Variables

This section is empty.

Functions

func SetTracingSpecFromEnv added in v1.11.0

func SetTracingSpecFromEnv(conf *Configuration)

Update configuration from Otlp Environment Variables, if they exist.

Types

type APIAccessRule added in v1.2.0

type APIAccessRule struct {
	Name     string                `json:"name"`
	Version  string                `json:"version"`
	Protocol APIAccessRuleProtocol `json:"protocol"`
}

APIAccessRule describes an access rule for allowing a Dapr API to be enabled and accessible by an app.

type APIAccessRuleProtocol added in v1.11.0

type APIAccessRuleProtocol string

APIAccessRuleProtocol is the type for the protocol in APIAccessRules

const (
	APIAccessRuleProtocolHTTP APIAccessRuleProtocol = "http"
	APIAccessRuleProtocolGRPC APIAccessRuleProtocol = "grpc"
)

type APIAccessRules added in v1.11.0

type APIAccessRules []APIAccessRule

APIAccessRules is a list of API access rules (allowlist or denylist).

func (APIAccessRules) GetRulesByProtocol added in v1.11.0

func (r APIAccessRules) GetRulesByProtocol(protocol APIAccessRuleProtocol) []APIAccessRule

GetRulesByProtocol returns a list of APIAccessRule objects filtered by protocol

type APILoggingSpec added in v1.10.0

type APILoggingSpec struct {
	// Default value for enabling API logging. Sidecars can always override this by setting `--enable-api-logging` to true or false explicitly.
	// The default value is false.
	Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	// When enabled, obfuscates the values of URLs in HTTP API logs, logging the route name rather than the full path being invoked, which could contain PII.
	// Default: false.
	// This option has no effect if API logging is disabled.
	ObfuscateURLs bool `json:"obfuscateURLs,omitempty" yaml:"obfuscateURLs,omitempty"`
	// If true, health checks are not reported in API logs. Default: false.
	// This option has no effect if API logging is disabled.
	OmitHealthChecks bool `json:"omitHealthChecks,omitempty" yaml:"omitHealthChecks,omitempty"`
}

APILoggingSpec defines the configuration for API logging.

type APISpec added in v1.2.0

type APISpec struct {
	// List of allowed APIs. Can be used in conjunction with denied.
	Allowed APIAccessRules `json:"allowed,omitempty"`
	// List of denied APIs. Can be used in conjunction with allowed.
	Denied APIAccessRules `json:"denied,omitempty"`
}

APISpec describes the configuration for Dapr APIs.

type AccessControlList added in v0.11.0

type AccessControlList struct {
	DefaultAction string
	TrustDomain   string
	PolicySpec    map[string]AccessControlListPolicySpec
}

AccessControlList is an in-memory access control list config for fast lookup.

type AccessControlListOperationAction added in v0.11.0

type AccessControlListOperationAction struct {
	VerbAction      map[string]string
	OperationName   string
	OperationAction string
}

AccessControlListOperationAction is an in-memory access control list config per operation for fast lookup.

type AccessControlListPolicySpec added in v0.11.0

type AccessControlListPolicySpec struct {
	AppName             string
	DefaultAction       string
	TrustDomain         string
	Namespace           string
	AppOperationActions *Trie
}

AccessControlListPolicySpec is an in-memory access control list config per app for fast lookup.

type AccessControlSpec added in v0.11.0

type AccessControlSpec struct {
	DefaultAction string          `json:"defaultAction,omitempty" yaml:"defaultAction,omitempty"`
	TrustDomain   string          `json:"trustDomain,omitempty" yaml:"trustDomain,omitempty"`
	AppPolicies   []AppPolicySpec `json:"policies,omitempty" yaml:"policies,omitempty"`
}

AccessControlSpec is the spec object in ConfigurationSpec.

type AppConnectionConfig added in v1.12.0

type AppConnectionConfig struct {
	ChannelAddress      string
	HealthCheck         *AppHealthConfig
	HealthCheckHTTPPath string
	MaxConcurrency      int
	Port                int
	Protocol            protocol.Protocol
}

AppConnectionConfig holds the configuration for the app connection.

type AppHealthConfig added in v1.12.0

type AppHealthConfig struct {
	ProbeInterval time.Duration
	ProbeTimeout  time.Duration
	ProbeOnly     bool
	Threshold     int32
}

AppHealthConfig is the configuration object for the app health probes.

type AppOperation added in v0.11.0

type AppOperation struct {
	Operation string   `json:"name,omitempty" yaml:"name,omitempty"`
	HTTPVerb  []string `json:"httpVerb,omitempty" yaml:"httpVerb,omitempty"`
	Action    string   `json:"action,omitempty" yaml:"action,omitempty"`
}

AppOperation defines the data structure for each app operation.

type AppPolicySpec added in v0.11.0

type AppPolicySpec struct {
	AppName             string         `json:"appId,omitempty" yaml:"appId,omitempty"`
	DefaultAction       string         `json:"defaultAction,omitempty" yaml:"defaultAction,omitempty"`
	TrustDomain         string         `json:"trustDomain,omitempty" yaml:"trustDomain,omitempty"`
	Namespace           string         `json:"namespace,omitempty" yaml:"namespace,omitempty"`
	AppOperationActions []AppOperation `json:"operations,omitempty" yaml:"operations,omitempty"`
}

AppPolicySpec defines the policy data structure for each app.

type ApplicationConfig

type ApplicationConfig struct {
	Entities []string `json:"entities"`
	// Duration. example: "1h".
	ActorIdleTimeout string `json:"actorIdleTimeout"`
	// Duration. example: "30s". This value is global.
	ActorScanInterval string `json:"actorScanInterval"`
	// Duration. example: "30s".
	DrainOngoingCallTimeout    string           `json:"drainOngoingCallTimeout"`
	DrainRebalancedActors      bool             `json:"drainRebalancedActors"`
	Reentrancy                 ReentrancyConfig `json:"reentrancy,omitempty"`
	RemindersStoragePartitions int              `json:"remindersStoragePartitions"`

	// Duplicate of the above config so we can assign it to individual entities.
	EntityConfigs []EntityConfig `json:"entitiesConfig,omitempty"`
}

ApplicationConfig is an optional config supplied by user code.

type ComponentsSpec added in v1.9.0

type ComponentsSpec struct {
	// Denylist of component types that cannot be instantiated
	Deny []string `json:"deny,omitempty" yaml:"deny,omitempty"`
}

ComponentsSpec describes the configuration for Dapr components

type Configuration

type Configuration struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	// See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
	metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`
	// See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
	Spec ConfigurationSpec `json:"spec" yaml:"spec"`
	// contains filtered or unexported fields
}

Configuration is an internal (and duplicate) representation of Dapr's Configuration CRD.

func LoadDefaultConfiguration

func LoadDefaultConfiguration() *Configuration

LoadDefaultConfiguration returns the default config.

func LoadKubernetesConfiguration

func LoadKubernetesConfiguration(config string, namespace string, podName string, operatorClient operatorv1pb.OperatorClient) (*Configuration, error)

LoadKubernetesConfiguration gets configuration from the Kubernetes operator with a given name.

func LoadStandaloneConfiguration

func LoadStandaloneConfiguration(configs ...string) (*Configuration, error)

LoadStandaloneConfiguration gets the path to a config file and loads it into a configuration.

func (Configuration) EnabledFeatures added in v1.10.0

func (c Configuration) EnabledFeatures() []string

EnabledFeatures returns the list of features that have been enabled.

func (Configuration) GetAPILoggingSpec added in v1.12.0

func (c Configuration) GetAPILoggingSpec() APILoggingSpec

GetLoggingSpec returns the Logging.APILogging spec. It's a short-hand that includes nil-checks for safety.

func (Configuration) GetAPISpec added in v1.12.0

func (c Configuration) GetAPISpec() APISpec

GetAPISpec returns the API spec. It's a short-hand that includes nil-checks for safety.

func (Configuration) GetLoggingSpec added in v1.12.0

func (c Configuration) GetLoggingSpec() LoggingSpec

GetLoggingSpec returns the Logging spec. It's a short-hand that includes nil-checks for safety.

func (Configuration) GetMTLSSpec added in v1.12.0

func (c Configuration) GetMTLSSpec() MTLSSpec

GetMTLSSpec returns the mTLS spec. It's a short-hand that includes nil-checks for safety.

func (Configuration) GetMetricsSpec added in v1.12.0

func (c Configuration) GetMetricsSpec() MetricSpec

GetMetricsSpec returns the metrics spec. It's a short-hand that includes nil-checks for safety.

func (Configuration) GetTracingSpec added in v1.12.0

func (c Configuration) GetTracingSpec() TracingSpec

GetTracingSpec returns the tracing spec. It's a short-hand that includes nil-checks for safety.

func (Configuration) IsFeatureEnabled added in v1.10.0

func (c Configuration) IsFeatureEnabled(target Feature) (enabled bool)

IsFeatureEnabled returns true if a Feature (such as a preview) is enabled.

func (*Configuration) LoadFeatures added in v1.10.0

func (c *Configuration) LoadFeatures()

LoadFeatures loads the list of enabled features, from the Configuration spec and from the buildinfo.

func (*Configuration) String added in v1.12.0

func (c *Configuration) String() string

String implements fmt.Stringer and is used for debugging. It returns the Configuration object encoded as YAML.

func (*Configuration) ToYAML added in v1.12.0

func (c *Configuration) ToYAML() (string, error)

ToYAML returns the Configuration represented as YAML.

type ConfigurationSpec

type ConfigurationSpec struct {
	HTTPPipelineSpec    *PipelineSpec       `json:"httpPipeline,omitempty" yaml:"httpPipeline,omitempty"`
	AppHTTPPipelineSpec *PipelineSpec       `json:"appHttpPipeline,omitempty" yaml:"appHttpPipeline,omitempty"`
	TracingSpec         *TracingSpec        `json:"tracing,omitempty" yaml:"tracing,omitempty"`
	MTLSSpec            *MTLSSpec           `json:"mtls,omitempty" yaml:"mtls,omitempty"`
	MetricSpec          *MetricSpec         `json:"metric,omitempty" yaml:"metric,omitempty"`
	MetricsSpec         *MetricSpec         `json:"metrics,omitempty" yaml:"metrics,omitempty"`
	Secrets             *SecretsSpec        `json:"secrets,omitempty" yaml:"secrets,omitempty"`
	AccessControlSpec   *AccessControlSpec  `json:"accessControl,omitempty" yaml:"accessControl,omitempty"`
	NameResolutionSpec  *NameResolutionSpec `json:"nameResolution,omitempty" yaml:"nameResolution,omitempty"`
	Features            []FeatureSpec       `json:"features,omitempty" yaml:"features,omitempty"`
	APISpec             *APISpec            `json:"api,omitempty" yaml:"api,omitempty"`
	ComponentsSpec      *ComponentsSpec     `json:"components,omitempty" yaml:"components,omitempty"`
	LoggingSpec         *LoggingSpec        `json:"logging,omitempty" yaml:"logging,omitempty"`
	WasmSpec            *WasmSpec           `json:"wasm,omitempty" yaml:"wasm,omitempty"`
}

func (ConfigurationSpec) String added in v1.12.0

func (c ConfigurationSpec) String() string

String implements fmt.Stringer and is used for debugging. It returns the Configuration object encoded as YAML.

func (ConfigurationSpec) ToYAML added in v1.12.0

func (c ConfigurationSpec) ToYAML() (string, error)

ToYAML returns the ConfigurationSpec represented as YAML.

type EntityConfig added in v1.7.0

type EntityConfig struct {
	Entities []string `json:"entities"`
	// Duration. example: "1h".
	ActorIdleTimeout string `json:"actorIdleTimeout"`
	// Duration. example: "30s".
	DrainOngoingCallTimeout    string           `json:"drainOngoingCallTimeout"`
	DrainRebalancedActors      bool             `json:"drainRebalancedActors"`
	Reentrancy                 ReentrancyConfig `json:"reentrancy,omitempty"`
	RemindersStoragePartitions int              `json:"remindersStoragePartitions"`
}

type Feature added in v1.2.0

type Feature string
const (
	// Disables enforcing minimum TLS version 1.2 in AppChannel, which is insecure.
	// TODO: Remove this feature flag in Dapr 1.13.
	AppChannelAllowInsecureTLS Feature = "AppChannelAllowInsecureTLS"
	// Enables support for setting TTL on Actor state keys. Remove this flag in
	// Dapr 1.12.
	ActorStateTTL Feature = "ActorStateTTL"
)

type FeatureSpec added in v1.2.0

type FeatureSpec struct {
	Name    Feature `json:"name" yaml:"name"`
	Enabled bool    `json:"enabled" yaml:"enabled"`
}

FeatureSpec defines which preview features are enabled.

type HandlerSpec added in v0.4.0

type HandlerSpec struct {
	Name         string       `json:"name,omitempty" yaml:"name,omitempty"`
	Type         string       `json:"type,omitempty" yaml:"type,omitempty"`
	Version      string       `json:"version,omitempty" yaml:"version,omitempty"`
	SelectorSpec SelectorSpec `json:"selector,omitempty" yaml:"selector,omitempty"`
}

func (HandlerSpec) LogName added in v1.10.0

func (h HandlerSpec) LogName() string

LogName returns the name of the handler that can be used in logging.

type LoggingSpec added in v1.10.0

type LoggingSpec struct {
	// Configure API logging.
	APILogging *APILoggingSpec `json:"apiLogging,omitempty" yaml:"apiLogging,omitempty"`
}

LoggingSpec defines the configuration for logging.

type MTLSSpec added in v0.4.0

type MTLSSpec struct {
	Enabled                 bool   `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	WorkloadCertTTL         string `json:"workloadCertTTL,omitempty" yaml:"workloadCertTTL,omitempty"`
	AllowedClockSkew        string `json:"allowedClockSkew,omitempty" yaml:"allowedClockSkew,omitempty"`
	SentryAddress           string `json:"sentryAddress,omitempty" yaml:"sentryAddress,omitempty"`
	ControlPlaneTrustDomain string `json:"controlPlaneTrustDomain,omitempty" yaml:"controlPlaneTrustDomain,omitempty"`
	// Additional token validators to use.
	// When Dapr is running in Kubernetes mode, this is in addition to the built-in "kubernetes" validator.
	// In self-hosted mode, enabling a custom validator will disable the built-in "insecure" validator.
	TokenValidators []ValidatorSpec `json:"tokenValidators,omitempty" yaml:"tokenValidators,omitempty"`
}

MTLSSpec defines mTLS configuration.

type MetricLabel added in v1.10.0

type MetricLabel struct {
	Name  string            `json:"name,omitempty" yaml:"name,omitempty"`
	Regex map[string]string `json:"regex,omitempty" yaml:"regex,omitempty"`
}

MetricsLabel defines an object that allows to set regex expressions for a label.

type MetricSpec added in v0.11.0

type MetricSpec struct {
	// Defaults to true
	Enabled *bool         `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	Rules   []MetricsRule `json:"rules,omitempty" yaml:"rules,omitempty"`
}

MetricSpec configuration for metrics.

func (MetricSpec) GetEnabled added in v1.12.0

func (m MetricSpec) GetEnabled() bool

GetEnabled returns true if metrics are enabled.

type MetricsRule added in v1.10.0

type MetricsRule struct {
	Name   string        `json:"name,omitempty" yaml:"name,omitempty"`
	Labels []MetricLabel `json:"labels,omitempty" yaml:"labels,omitempty"`
}

MetricsRule defines configuration options for a metric.

type NameResolutionSpec added in v1.2.0

type NameResolutionSpec struct {
	Component     string `json:"component,omitempty" yaml:"component,omitempty"`
	Version       string `json:"version,omitempty" yaml:"version,omitempty"`
	Configuration any    `json:"configuration,omitempty" yaml:"configuration,omitempty"`
}

type OtelSpec added in v1.9.0

type OtelSpec struct {
	Protocol        string `json:"protocol,omitempty" yaml:"protocol,omitempty"`
	EndpointAddress string `json:"endpointAddress,omitempty" yaml:"endpointAddress,omitempty"`
	// Defaults to true
	IsSecure *bool `json:"isSecure,omitempty" yaml:"isSecure,omitempty"`
}

OtelSpec defines Otel exporter configurations.

func (OtelSpec) GetIsSecure added in v1.12.0

func (o OtelSpec) GetIsSecure() bool

GetIsSecure returns true if the connection should be secured.

type PipelineSpec added in v0.4.0

type PipelineSpec struct {
	Handlers []HandlerSpec `json:"handlers,omitempty" yaml:"handlers,omitempty"`
}

type ReentrancyConfig added in v1.2.0

type ReentrancyConfig struct {
	Enabled       bool `json:"enabled"`
	MaxStackDepth *int `json:"maxStackDepth,omitempty"`
}

type SecretsScope added in v0.11.0

type SecretsScope struct {
	DefaultAccess  string   `json:"defaultAccess,omitempty" yaml:"defaultAccess,omitempty"`
	StoreName      string   `json:"storeName,omitempty" yaml:"storeName,omitempty"`
	AllowedSecrets []string `json:"allowedSecrets,omitempty" yaml:"allowedSecrets,omitempty"`
	DeniedSecrets  []string `json:"deniedSecrets,omitempty" yaml:"deniedSecrets,omitempty"`
}

SecretsScope defines the scope for secrets.

func (SecretsScope) IsSecretAllowed added in v0.11.0

func (c SecretsScope) IsSecretAllowed(key string) bool

IsSecretAllowed Check if the secret is allowed to be accessed.

type SecretsSpec added in v0.11.0

type SecretsSpec struct {
	Scopes []SecretsScope `json:"scopes,omitempty"`
}

type SelectorField added in v0.4.0

type SelectorField struct {
	Field string `json:"field" yaml:"field"`
	Value string `json:"value" yaml:"value"`
}

type SelectorSpec added in v0.4.0

type SelectorSpec struct {
	Fields []SelectorField `json:"fields,omitempty" yaml:"fields,omitempty"`
}

type TracingSpec

type TracingSpec struct {
	SamplingRate string      `json:"samplingRate,omitempty" yaml:"samplingRate,omitempty"`
	Stdout       bool        `json:"stdout,omitempty" yaml:"stdout,omitempty"`
	Zipkin       *ZipkinSpec `json:"zipkin,omitempty" yaml:"zipkin,omitempty"`
	Otel         *OtelSpec   `json:"otel,omitempty" yaml:"otel,omitempty"`
}

type Trie added in v1.7.0

type Trie struct {
	// contains filtered or unexported fields
}

func NewTrie added in v1.7.0

func NewTrie() *Trie

func (*Trie) PutOperationAction added in v1.7.0

func (trie *Trie) PutOperationAction(operation string, data *AccessControlListOperationAction)

func (*Trie) Search added in v1.7.0

func (trie *Trie) Search(operation string) *AccessControlListOperationAction

type ValidatorSpec added in v1.12.0

type ValidatorSpec struct {
	// Name of the validator
	Name string `json:"name"`
	// Options for the validator, if any
	Options any `json:"options,omitempty"`
}

ValidatorSpec contains additional token validators to use.

func (ValidatorSpec) OptionsMap added in v1.12.0

func (v ValidatorSpec) OptionsMap() map[string]string

OptionsMap returns the validator options as a map[string]string. If the options are empty, or if the conversion fails, returns nil.

type WasmSpec added in v1.12.0

type WasmSpec struct {
	// Force enabling strict sandbox mode for all WASM components.
	// When this is enabled, WASM components always run in strict mode regardless of their configuration.
	// Strict mode enhances security of the WASM sandbox by limiting access to certain capabilities such as real-time clocks and random number generators.
	StrictSandbox bool `json:"strictSandbox,omitempty" yaml:"strictSandbox,omitempty"`
}

WasmSpec describes the security profile for all Dapr Wasm components.

func (*WasmSpec) GetStrictSandbox added in v1.12.0

func (w *WasmSpec) GetStrictSandbox() bool

GetStrictSandbox returns the value of StrictSandbox, with nil-checks.

type ZipkinSpec added in v1.0.0

type ZipkinSpec struct {
	EndpointAddress string `json:"endpointAddress,omitempty" yaml:"endpointAddress,omitempty"`
}

ZipkinSpec defines Zipkin exporter configurations.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL