envoy_extensions_wasm_v3

package
v0.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 15, 2021 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_envoy_extensions_wasm_v3_wasm_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type CapabilityRestrictionConfig

type CapabilityRestrictionConfig struct {

	// The Proxy-Wasm capabilities which will be allowed. Capabilities are mapped by
	// name. The *SanitizationConfig* which each capability maps to is currently unimplemented and ignored,
	// and so should be left empty.
	//
	// The capability names are given in the
	// `Proxy-Wasm ABI <https://github.com/proxy-wasm/spec/tree/master/abi-versions/vNEXT>`_.
	// Additionally, the following WASI capabilities from
	// `this list <https://github.com/WebAssembly/WASI/blob/master/phases/snapshot/docs.md#modules>`_
	// are implemented and can be allowed:
	// *fd_write*, *fd_read*, *fd_seek*, *fd_close*, *fd_fdstat_get*, *environ_get*, *environ_sizes_get*,
	// *args_get*, *args_sizes_get*, *proc_exit*, *clock_time_get*, *random_get*.
	AllowedCapabilities map[string]*SanitizationConfig `` /* 206-byte string literal not displayed */
	// contains filtered or unexported fields
}

Configuration for restricting Proxy-Wasm capabilities available to modules.

func (*CapabilityRestrictionConfig) Descriptor deprecated

func (*CapabilityRestrictionConfig) Descriptor() ([]byte, []int)

Deprecated: Use CapabilityRestrictionConfig.ProtoReflect.Descriptor instead.

func (*CapabilityRestrictionConfig) GetAllowedCapabilities

func (x *CapabilityRestrictionConfig) GetAllowedCapabilities() map[string]*SanitizationConfig

func (*CapabilityRestrictionConfig) ProtoMessage

func (*CapabilityRestrictionConfig) ProtoMessage()

func (*CapabilityRestrictionConfig) ProtoReflect

func (*CapabilityRestrictionConfig) Reset

func (x *CapabilityRestrictionConfig) Reset()

func (*CapabilityRestrictionConfig) String

func (x *CapabilityRestrictionConfig) String() string

func (*CapabilityRestrictionConfig) Validate

func (m *CapabilityRestrictionConfig) Validate() error

Validate checks the field values on CapabilityRestrictionConfig with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type CapabilityRestrictionConfigValidationError

type CapabilityRestrictionConfigValidationError struct {
	// contains filtered or unexported fields
}

CapabilityRestrictionConfigValidationError is the validation error returned by CapabilityRestrictionConfig.Validate if the designated constraints aren't met.

func (CapabilityRestrictionConfigValidationError) Cause

Cause function returns cause value.

func (CapabilityRestrictionConfigValidationError) Error

Error satisfies the builtin error interface

func (CapabilityRestrictionConfigValidationError) ErrorName

ErrorName returns error name.

func (CapabilityRestrictionConfigValidationError) Field

Field function returns field value.

func (CapabilityRestrictionConfigValidationError) Key

Key function returns key value.

func (CapabilityRestrictionConfigValidationError) Reason

Reason function returns reason value.

type EnvironmentVariables

type EnvironmentVariables struct {

	// The keys of *Envoy's* environment variables exposed to this VM. In other words, if a key exists in Envoy's environment
	// variables, then that key-value pair will be injected. Note that if a key does not exist, it will be ignored.
	HostEnvKeys []string `protobuf:"bytes,1,rep,name=host_env_keys,json=hostEnvKeys,proto3" json:"host_env_keys,omitempty"`
	// Explicitly given key-value pairs to be injected to this VM in the form of "KEY=VALUE".
	KeyValues map[string]string `` /* 176-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*EnvironmentVariables) Descriptor deprecated

func (*EnvironmentVariables) Descriptor() ([]byte, []int)

Deprecated: Use EnvironmentVariables.ProtoReflect.Descriptor instead.

func (*EnvironmentVariables) GetHostEnvKeys

func (x *EnvironmentVariables) GetHostEnvKeys() []string

func (*EnvironmentVariables) GetKeyValues

func (x *EnvironmentVariables) GetKeyValues() map[string]string

func (*EnvironmentVariables) ProtoMessage

func (*EnvironmentVariables) ProtoMessage()

func (*EnvironmentVariables) ProtoReflect

func (x *EnvironmentVariables) ProtoReflect() protoreflect.Message

func (*EnvironmentVariables) Reset

func (x *EnvironmentVariables) Reset()

func (*EnvironmentVariables) String

func (x *EnvironmentVariables) String() string

func (*EnvironmentVariables) Validate

func (m *EnvironmentVariables) Validate() error

Validate checks the field values on EnvironmentVariables with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type EnvironmentVariablesValidationError

type EnvironmentVariablesValidationError struct {
	// contains filtered or unexported fields
}

EnvironmentVariablesValidationError is the validation error returned by EnvironmentVariables.Validate if the designated constraints aren't met.

func (EnvironmentVariablesValidationError) Cause

Cause function returns cause value.

func (EnvironmentVariablesValidationError) Error

Error satisfies the builtin error interface

func (EnvironmentVariablesValidationError) ErrorName

ErrorName returns error name.

func (EnvironmentVariablesValidationError) Field

Field function returns field value.

func (EnvironmentVariablesValidationError) Key

Key function returns key value.

func (EnvironmentVariablesValidationError) Reason

Reason function returns reason value.

type PluginConfig

type PluginConfig struct {

	// A unique name for a filters/services in a VM for use in identifying the filter/service if
	// multiple filters/services are handled by the same *vm_id* and *root_id* and for
	// logging/debugging.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts
	// if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all
	// filters/services with a blank root_id with the same *vm_id* will share Context(s).
	RootId string `protobuf:"bytes,2,opt,name=root_id,json=rootId,proto3" json:"root_id,omitempty"`
	// Configuration for finding or starting VM.
	//
	// Types that are assignable to Vm:
	//	*PluginConfig_VmConfig
	Vm isPluginConfig_Vm `protobuf_oneof:"vm"`
	// Filter/service configuration used to configure or reconfigure a plugin
	// (proxy_on_configuration).
	// `google.protobuf.Struct` is serialized as JSON before
	// passing it to the plugin. `google.protobuf.BytesValue` and
	// `google.protobuf.StringValue` are passed directly without the wrapper.
	Configuration *any.Any `protobuf:"bytes,4,opt,name=configuration,proto3" json:"configuration,omitempty"`
	// If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false),
	// then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error,
	// or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false
	// during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial
	// startup the proxy will not start.
	FailOpen bool `protobuf:"varint,5,opt,name=fail_open,json=failOpen,proto3" json:"fail_open,omitempty"`
	// Configuration for restricting Proxy-Wasm capabilities available to modules.
	CapabilityRestrictionConfig *CapabilityRestrictionConfig `` /* 144-byte string literal not displayed */
	// contains filtered or unexported fields
}

Base Configuration for Wasm Plugins e.g. filters and services. [#next-free-field: 7]

func (*PluginConfig) Descriptor deprecated

func (*PluginConfig) Descriptor() ([]byte, []int)

Deprecated: Use PluginConfig.ProtoReflect.Descriptor instead.

func (*PluginConfig) GetCapabilityRestrictionConfig

func (x *PluginConfig) GetCapabilityRestrictionConfig() *CapabilityRestrictionConfig

func (*PluginConfig) GetConfiguration

func (x *PluginConfig) GetConfiguration() *any.Any

func (*PluginConfig) GetFailOpen

func (x *PluginConfig) GetFailOpen() bool

func (*PluginConfig) GetName

func (x *PluginConfig) GetName() string

func (*PluginConfig) GetRootId

func (x *PluginConfig) GetRootId() string

func (*PluginConfig) GetVm

func (m *PluginConfig) GetVm() isPluginConfig_Vm

func (*PluginConfig) GetVmConfig

func (x *PluginConfig) GetVmConfig() *VmConfig

func (*PluginConfig) ProtoMessage

func (*PluginConfig) ProtoMessage()

func (*PluginConfig) ProtoReflect

func (x *PluginConfig) ProtoReflect() protoreflect.Message

func (*PluginConfig) Reset

func (x *PluginConfig) Reset()

func (*PluginConfig) String

func (x *PluginConfig) String() string

func (*PluginConfig) Validate

func (m *PluginConfig) Validate() error

Validate checks the field values on PluginConfig with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type PluginConfigValidationError

type PluginConfigValidationError struct {
	// contains filtered or unexported fields
}

PluginConfigValidationError is the validation error returned by PluginConfig.Validate if the designated constraints aren't met.

func (PluginConfigValidationError) Cause

Cause function returns cause value.

func (PluginConfigValidationError) Error

Error satisfies the builtin error interface

func (PluginConfigValidationError) ErrorName

func (e PluginConfigValidationError) ErrorName() string

ErrorName returns error name.

func (PluginConfigValidationError) Field

Field function returns field value.

func (PluginConfigValidationError) Key

Key function returns key value.

func (PluginConfigValidationError) Reason

Reason function returns reason value.

type PluginConfig_VmConfig

type PluginConfig_VmConfig struct {
	VmConfig *VmConfig `protobuf:"bytes,3,opt,name=vm_config,json=vmConfig,proto3,oneof"` // TODO: add referential VM configurations.
}

type SanitizationConfig

type SanitizationConfig struct {
	// contains filtered or unexported fields
}

Configuration for sanitization of inputs to an allowed capability.

NOTE: This is currently unimplemented.

func (*SanitizationConfig) Descriptor deprecated

func (*SanitizationConfig) Descriptor() ([]byte, []int)

Deprecated: Use SanitizationConfig.ProtoReflect.Descriptor instead.

func (*SanitizationConfig) ProtoMessage

func (*SanitizationConfig) ProtoMessage()

func (*SanitizationConfig) ProtoReflect

func (x *SanitizationConfig) ProtoReflect() protoreflect.Message

func (*SanitizationConfig) Reset

func (x *SanitizationConfig) Reset()

func (*SanitizationConfig) String

func (x *SanitizationConfig) String() string

func (*SanitizationConfig) Validate

func (m *SanitizationConfig) Validate() error

Validate checks the field values on SanitizationConfig with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type SanitizationConfigValidationError

type SanitizationConfigValidationError struct {
	// contains filtered or unexported fields
}

SanitizationConfigValidationError is the validation error returned by SanitizationConfig.Validate if the designated constraints aren't met.

func (SanitizationConfigValidationError) Cause

Cause function returns cause value.

func (SanitizationConfigValidationError) Error

Error satisfies the builtin error interface

func (SanitizationConfigValidationError) ErrorName

ErrorName returns error name.

func (SanitizationConfigValidationError) Field

Field function returns field value.

func (SanitizationConfigValidationError) Key

Key function returns key value.

func (SanitizationConfigValidationError) Reason

Reason function returns reason value.

type VmConfig

type VmConfig struct {

	// An ID which will be used along with a hash of the wasm code (or the name of the registered Null
	// VM plugin) to determine which VM will be used for the plugin. All plugins which use the same
	// *vm_id* and code will use the same VM. May be left blank. Sharing a VM between plugins can
	// reduce memory utilization and make sharing of data easier which may have security implications.
	// [#comment: TODO: add ref for details.]
	VmId string `protobuf:"bytes,1,opt,name=vm_id,json=vmId,proto3" json:"vm_id,omitempty"`
	// The Wasm runtime type.
	// Available Wasm runtime types are registered as extensions. The following runtimes are included
	// in Envoy code base:
	//
	// .. _extension_envoy.wasm.runtime.null:
	//
	// **envoy.wasm.runtime.null**: Null sandbox, the Wasm module must be compiled and linked into the
	// Envoy binary. The registered name is given in the *code* field as *inline_string*.
	//
	// .. _extension_envoy.wasm.runtime.v8:
	//
	// **envoy.wasm.runtime.v8**: `V8 <https://v8.dev/>`_-based WebAssembly runtime.
	//
	// .. _extension_envoy.wasm.runtime.wavm:
	//
	// **envoy.wasm.runtime.wavm**: `WAVM <https://wavm.github.io/>`_-based WebAssembly runtime.
	// This runtime is not enabled in the official build.
	//
	// .. _extension_envoy.wasm.runtime.wasmtime:
	//
	// **envoy.wasm.runtime.wasmtime**: `Wasmtime <https://wasmtime.dev/>`_-based WebAssembly runtime.
	// This runtime is not enabled in the official build.
	//
	Runtime string `protobuf:"bytes,2,opt,name=runtime,proto3" json:"runtime,omitempty"`
	// The Wasm code that Envoy will execute.
	Code *v3.AsyncDataSource `protobuf:"bytes,3,opt,name=code,proto3" json:"code,omitempty"`
	// The Wasm configuration used in initialization of a new VM
	// (proxy_on_start). `google.protobuf.Struct` is serialized as JSON before
	// passing it to the plugin. `google.protobuf.BytesValue` and
	// `google.protobuf.StringValue` are passed directly without the wrapper.
	// [#extension-category: envoy.wasm.runtime]
	Configuration *any.Any `protobuf:"bytes,4,opt,name=configuration,proto3" json:"configuration,omitempty"`
	// Allow the wasm file to include pre-compiled code on VMs which support it.
	// Warning: this should only be enable for trusted sources as the precompiled code is not
	// verified.
	AllowPrecompiled bool `protobuf:"varint,5,opt,name=allow_precompiled,json=allowPrecompiled,proto3" json:"allow_precompiled,omitempty"`
	// If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration
	// update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter
	// warming state.
	NackOnCodeCacheMiss bool `protobuf:"varint,6,opt,name=nack_on_code_cache_miss,json=nackOnCodeCacheMiss,proto3" json:"nack_on_code_cache_miss,omitempty"`
	// Specifies environment variables to be injected to this VM which will be available through
	// WASI's “environ_get“ and “environ_get_sizes“ system calls. Note that these functions are mostly implicitly
	// called in your language's standard library, so you do not need to call them directly and you can access to env
	// vars just like when you do on native platforms.
	// Warning: Envoy rejects the configuration if there's conflict of key space.
	EnvironmentVariables *EnvironmentVariables `protobuf:"bytes,7,opt,name=environment_variables,json=environmentVariables,proto3" json:"environment_variables,omitempty"`
	// contains filtered or unexported fields
}

Configuration for a Wasm VM. [#next-free-field: 8]

func (*VmConfig) Descriptor deprecated

func (*VmConfig) Descriptor() ([]byte, []int)

Deprecated: Use VmConfig.ProtoReflect.Descriptor instead.

func (*VmConfig) GetAllowPrecompiled

func (x *VmConfig) GetAllowPrecompiled() bool

func (*VmConfig) GetCode

func (x *VmConfig) GetCode() *v3.AsyncDataSource

func (*VmConfig) GetConfiguration

func (x *VmConfig) GetConfiguration() *any.Any

func (*VmConfig) GetEnvironmentVariables

func (x *VmConfig) GetEnvironmentVariables() *EnvironmentVariables

func (*VmConfig) GetNackOnCodeCacheMiss

func (x *VmConfig) GetNackOnCodeCacheMiss() bool

func (*VmConfig) GetRuntime

func (x *VmConfig) GetRuntime() string

func (*VmConfig) GetVmId

func (x *VmConfig) GetVmId() string

func (*VmConfig) ProtoMessage

func (*VmConfig) ProtoMessage()

func (*VmConfig) ProtoReflect

func (x *VmConfig) ProtoReflect() protoreflect.Message

func (*VmConfig) Reset

func (x *VmConfig) Reset()

func (*VmConfig) String

func (x *VmConfig) String() string

func (*VmConfig) Validate

func (m *VmConfig) Validate() error

Validate checks the field values on VmConfig with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type VmConfigValidationError

type VmConfigValidationError struct {
	// contains filtered or unexported fields
}

VmConfigValidationError is the validation error returned by VmConfig.Validate if the designated constraints aren't met.

func (VmConfigValidationError) Cause

func (e VmConfigValidationError) Cause() error

Cause function returns cause value.

func (VmConfigValidationError) Error

func (e VmConfigValidationError) Error() string

Error satisfies the builtin error interface

func (VmConfigValidationError) ErrorName

func (e VmConfigValidationError) ErrorName() string

ErrorName returns error name.

func (VmConfigValidationError) Field

func (e VmConfigValidationError) Field() string

Field function returns field value.

func (VmConfigValidationError) Key

func (e VmConfigValidationError) Key() bool

Key function returns key value.

func (VmConfigValidationError) Reason

func (e VmConfigValidationError) Reason() string

Reason function returns reason value.

type WasmService

type WasmService struct {

	// General plugin configuration.
	Config *PluginConfig `protobuf:"bytes,1,opt,name=config,proto3" json:"config,omitempty"`
	// If true, create a single VM rather than creating one VM per worker. Such a singleton can
	// not be used with filters.
	Singleton bool `protobuf:"varint,2,opt,name=singleton,proto3" json:"singleton,omitempty"`
	// contains filtered or unexported fields
}

WasmService is configured as a built-in *envoy.wasm_service* :ref:`WasmService <config_wasm_service>` This opaque configuration will be used to create a Wasm Service.

func (*WasmService) Descriptor deprecated

func (*WasmService) Descriptor() ([]byte, []int)

Deprecated: Use WasmService.ProtoReflect.Descriptor instead.

func (*WasmService) GetConfig

func (x *WasmService) GetConfig() *PluginConfig

func (*WasmService) GetSingleton

func (x *WasmService) GetSingleton() bool

func (*WasmService) ProtoMessage

func (*WasmService) ProtoMessage()

func (*WasmService) ProtoReflect

func (x *WasmService) ProtoReflect() protoreflect.Message

func (*WasmService) Reset

func (x *WasmService) Reset()

func (*WasmService) String

func (x *WasmService) String() string

func (*WasmService) Validate

func (m *WasmService) Validate() error

Validate checks the field values on WasmService with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type WasmServiceValidationError

type WasmServiceValidationError struct {
	// contains filtered or unexported fields
}

WasmServiceValidationError is the validation error returned by WasmService.Validate if the designated constraints aren't met.

func (WasmServiceValidationError) Cause

Cause function returns cause value.

func (WasmServiceValidationError) Error

Error satisfies the builtin error interface

func (WasmServiceValidationError) ErrorName

func (e WasmServiceValidationError) ErrorName() string

ErrorName returns error name.

func (WasmServiceValidationError) Field

Field function returns field value.

func (WasmServiceValidationError) Key

Key function returns key value.

func (WasmServiceValidationError) Reason

Reason function returns reason value.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL