winch_config

package
v0.1.1-rc.5.debug3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 28, 2018 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package winch_config is a generated protocol buffer package.

It is generated from these files:

winch/config/auth.proto
winch/config/mapper.proto

It has these top-level messages:

AuthConfig
AuthSource
KubernetesAccess
OIDCAccess
GoogleServiceAccountOIDCAccess
DummyAccess
TokenAccess
MapperConfig
Route
DirectRoute
RegexpRoute

Package winch_config is a generated protocol buffer package.

It is generated from these files:

winch/config/auth.proto
winch/config/mapper.proto

It has these top-level messages:

AuthConfig
AuthSource
KubernetesAccess
OIDCAccess
GoogleServiceAccountOIDCAccess
DummyAccess
TokenAccess
MapperConfig
Route
DirectRoute
RegexpRoute

Index

Constants

This section is empty.

Variables

View Source
var Protocol_name = map[int32]string{
	0: "ANY",
	1: "HTTP",
	2: "GRPC",
}
View Source
var Protocol_value = map[string]int32{
	"ANY":  0,
	"HTTP": 1,
	"GRPC": 2,
}

Functions

This section is empty.

Types

type AuthConfig

type AuthConfig struct {
	AuthSources []*AuthSource `protobuf:"bytes,1,rep,name=auth_sources,json=authSources" json:"auth_sources,omitempty"`
}

/ AuthConfig is the top level configuration message for a winch auth.

func (*AuthConfig) Descriptor

func (*AuthConfig) Descriptor() ([]byte, []int)

func (*AuthConfig) GetAuthSources

func (m *AuthConfig) GetAuthSources() []*AuthSource

func (*AuthConfig) ProtoMessage

func (*AuthConfig) ProtoMessage()

func (*AuthConfig) Reset

func (m *AuthConfig) Reset()

func (*AuthConfig) String

func (m *AuthConfig) String() string

func (*AuthConfig) Validate

func (this *AuthConfig) Validate() error

type AuthSource

type AuthSource struct {
	// name is an ID of auth source. It can be referenced inside winch routing.
	Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
	// Types that are valid to be assigned to Type:
	//	*AuthSource_Dummy
	//	*AuthSource_Kube
	//	*AuthSource_Oidc
	//	*AuthSource_Token
	//	*AuthSource_ServiceAccountOidc
	Type isAuthSource_Type `protobuf_oneof:"type"`
}

/ AuthSource specifies the kind of the backend auth we need to inject on winch reqeuest.

func (*AuthSource) Descriptor

func (*AuthSource) Descriptor() ([]byte, []int)

func (*AuthSource) GetDummy

func (m *AuthSource) GetDummy() *DummyAccess

func (*AuthSource) GetKube

func (m *AuthSource) GetKube() *KubernetesAccess

func (*AuthSource) GetName

func (m *AuthSource) GetName() string

func (*AuthSource) GetOidc

func (m *AuthSource) GetOidc() *OIDCAccess

func (*AuthSource) GetServiceAccountOidc

func (m *AuthSource) GetServiceAccountOidc() *GoogleServiceAccountOIDCAccess

func (*AuthSource) GetToken

func (m *AuthSource) GetToken() *TokenAccess

func (*AuthSource) GetType

func (m *AuthSource) GetType() isAuthSource_Type

func (*AuthSource) ProtoMessage

func (*AuthSource) ProtoMessage()

func (*AuthSource) Reset

func (m *AuthSource) Reset()

func (*AuthSource) String

func (m *AuthSource) String() string

func (*AuthSource) Validate

func (this *AuthSource) Validate() error

func (*AuthSource) XXX_OneofFuncs

func (*AuthSource) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type AuthSource_Dummy

type AuthSource_Dummy struct {
	Dummy *DummyAccess `protobuf:"bytes,2,opt,name=dummy,oneof"`
}

type AuthSource_Kube

type AuthSource_Kube struct {
	Kube *KubernetesAccess `protobuf:"bytes,3,opt,name=kube,oneof"`
}

type AuthSource_Oidc

type AuthSource_Oidc struct {
	Oidc *OIDCAccess `protobuf:"bytes,4,opt,name=oidc,oneof"`
}

type AuthSource_ServiceAccountOidc

type AuthSource_ServiceAccountOidc struct {
	ServiceAccountOidc *GoogleServiceAccountOIDCAccess `protobuf:"bytes,6,opt,name=service_account_oidc,json=serviceAccountOidc,oneof"`
}

type AuthSource_Token

type AuthSource_Token struct {
	Token *TokenAccess `protobuf:"bytes,5,opt,name=token,oneof"`
}

type DirectRoute

type DirectRoute struct {
	// Key needs to be in host:port format.
	Key string `protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
	Url string `protobuf:"bytes,2,opt,name=url" json:"url,omitempty"`
}

/ Simplest routing mechanism using just direct mapping between dns and (proxy) kedge target.

func (*DirectRoute) Descriptor

func (*DirectRoute) Descriptor() ([]byte, []int)

func (*DirectRoute) GetKey

func (m *DirectRoute) GetKey() string

func (*DirectRoute) GetUrl

func (m *DirectRoute) GetUrl() string

func (*DirectRoute) ProtoMessage

func (*DirectRoute) ProtoMessage()

func (*DirectRoute) Reset

func (m *DirectRoute) Reset()

func (*DirectRoute) String

func (m *DirectRoute) String() string

func (*DirectRoute) Validate

func (this *DirectRoute) Validate() error

type DummyAccess

type DummyAccess struct {
	Value string `protobuf:"bytes,1,opt,name=value" json:"value,omitempty"`
}

DummyAccess just directly passes specified value into auth header. If value is not specified it will return error.

func (*DummyAccess) Descriptor

func (*DummyAccess) Descriptor() ([]byte, []int)

func (*DummyAccess) GetValue

func (m *DummyAccess) GetValue() string

func (*DummyAccess) ProtoMessage

func (*DummyAccess) ProtoMessage()

func (*DummyAccess) Reset

func (m *DummyAccess) Reset()

func (*DummyAccess) String

func (m *DummyAccess) String() string

func (*DummyAccess) Validate

func (this *DummyAccess) Validate() error

type GoogleServiceAccountOIDCAccess

type GoogleServiceAccountOIDCAccess struct {
	Provider string   `protobuf:"bytes,1,opt,name=provider" json:"provider,omitempty"`
	ClientId string   `protobuf:"bytes,2,opt,name=client_id,json=clientId" json:"client_id,omitempty"`
	Secret   string   `protobuf:"bytes,3,opt,name=secret" json:"secret,omitempty"`
	Scopes   []string `protobuf:"bytes,4,rep,name=scopes" json:"scopes,omitempty"`
	// service_account_json_path specifies path to the JSON credential file that works as Service Account against certain
	// OIDC servers that supports it.
	ServiceAccountJsonPath string `protobuf:"bytes,5,opt,name=service_account_json_path,json=serviceAccountJsonPath" json:"service_account_json_path,omitempty"`
}

GoogleServiceAccountOIDCAccess is an access based on custom OIDC flow that supports Google Service Accounts.

func (*GoogleServiceAccountOIDCAccess) Descriptor

func (*GoogleServiceAccountOIDCAccess) Descriptor() ([]byte, []int)

func (*GoogleServiceAccountOIDCAccess) GetClientId

func (m *GoogleServiceAccountOIDCAccess) GetClientId() string

func (*GoogleServiceAccountOIDCAccess) GetProvider

func (m *GoogleServiceAccountOIDCAccess) GetProvider() string

func (*GoogleServiceAccountOIDCAccess) GetScopes

func (m *GoogleServiceAccountOIDCAccess) GetScopes() []string

func (*GoogleServiceAccountOIDCAccess) GetSecret

func (m *GoogleServiceAccountOIDCAccess) GetSecret() string

func (*GoogleServiceAccountOIDCAccess) GetServiceAccountJsonPath

func (m *GoogleServiceAccountOIDCAccess) GetServiceAccountJsonPath() string

func (*GoogleServiceAccountOIDCAccess) ProtoMessage

func (*GoogleServiceAccountOIDCAccess) ProtoMessage()

func (*GoogleServiceAccountOIDCAccess) Reset

func (m *GoogleServiceAccountOIDCAccess) Reset()

func (*GoogleServiceAccountOIDCAccess) String

func (*GoogleServiceAccountOIDCAccess) Validate

func (this *GoogleServiceAccountOIDCAccess) Validate() error

type KubernetesAccess

type KubernetesAccess struct {
	// User to reference access credentials from.
	User string `protobuf:"bytes,1,opt,name=user" json:"user,omitempty"`
	// By default ~/.kube/config as usual.
	Path string `protobuf:"bytes,2,opt,name=path" json:"path,omitempty"`
}

/ KubernetesAccess is an convenient way of specifying auth for backend. It grabs the data inside already used / ~/.kube/config (or any specified config path) and deducts the auth type based on that. NOTE that only these types are / supported: / - OIDC

func (*KubernetesAccess) Descriptor

func (*KubernetesAccess) Descriptor() ([]byte, []int)

func (*KubernetesAccess) GetPath

func (m *KubernetesAccess) GetPath() string

func (*KubernetesAccess) GetUser

func (m *KubernetesAccess) GetUser() string

func (*KubernetesAccess) ProtoMessage

func (*KubernetesAccess) ProtoMessage()

func (*KubernetesAccess) Reset

func (m *KubernetesAccess) Reset()

func (*KubernetesAccess) String

func (m *KubernetesAccess) String() string

func (*KubernetesAccess) Validate

func (this *KubernetesAccess) Validate() error

type MapperConfig

type MapperConfig struct {
	Routes []*Route `protobuf:"bytes,1,rep,name=routes" json:"routes,omitempty"`
}

/ MapperConfig is the top level configuration message for a winch mapper.

func (*MapperConfig) Descriptor

func (*MapperConfig) Descriptor() ([]byte, []int)

func (*MapperConfig) GetRoutes

func (m *MapperConfig) GetRoutes() []*Route

func (*MapperConfig) ProtoMessage

func (*MapperConfig) ProtoMessage()

func (*MapperConfig) Reset

func (m *MapperConfig) Reset()

func (*MapperConfig) String

func (m *MapperConfig) String() string

func (*MapperConfig) Validate

func (this *MapperConfig) Validate() error

type OIDCAccess

type OIDCAccess struct {
	Provider string   `protobuf:"bytes,1,opt,name=provider" json:"provider,omitempty"`
	ClientId string   `protobuf:"bytes,2,opt,name=client_id,json=clientId" json:"client_id,omitempty"`
	Secret   string   `protobuf:"bytes,3,opt,name=secret" json:"secret,omitempty"`
	Scopes   []string `protobuf:"bytes,4,rep,name=scopes" json:"scopes,omitempty"`
	Path     string   `protobuf:"bytes,5,opt,name=path" json:"path,omitempty"`
	// login_callback_path specifies URL path for redirect URL to specify when doing OIDC login.
	// If empty login will be disabled which means in case of no refresh token or not valid one, error will be returned
	// thus not needing user interaction.
	LoginCallbackPath string `protobuf:"bytes,6,opt,name=login_callback_path,json=loginCallbackPath" json:"login_callback_path,omitempty"`
}

OIDCAccess is an access based on OIDC flow with user login (if refresh token is not in given path).

func (*OIDCAccess) Descriptor

func (*OIDCAccess) Descriptor() ([]byte, []int)

func (*OIDCAccess) GetClientId

func (m *OIDCAccess) GetClientId() string

func (*OIDCAccess) GetLoginCallbackPath

func (m *OIDCAccess) GetLoginCallbackPath() string

func (*OIDCAccess) GetPath

func (m *OIDCAccess) GetPath() string

func (*OIDCAccess) GetProvider

func (m *OIDCAccess) GetProvider() string

func (*OIDCAccess) GetScopes

func (m *OIDCAccess) GetScopes() []string

func (*OIDCAccess) GetSecret

func (m *OIDCAccess) GetSecret() string

func (*OIDCAccess) ProtoMessage

func (*OIDCAccess) ProtoMessage()

func (*OIDCAccess) Reset

func (m *OIDCAccess) Reset()

func (*OIDCAccess) String

func (m *OIDCAccess) String() string

func (*OIDCAccess) Validate

func (this *OIDCAccess) Validate() error

type Protocol

type Protocol int32
const (
	Protocol_ANY  Protocol = 0
	Protocol_HTTP Protocol = 1
	Protocol_GRPC Protocol = 2
)

func (Protocol) EnumDescriptor

func (Protocol) EnumDescriptor() ([]byte, []int)

func (Protocol) String

func (x Protocol) String() string

type RegexpRoute

type RegexpRoute struct {
	// Regexp RE2 expression that will be applied on given domain:port
	Exp string `protobuf:"bytes,1,opt,name=exp" json:"exp,omitempty"`
	// Kedge URL to be used if we have a match. It can be a string including variable from regexp expression in a form
	// of bash-like variable. E.g
	// exp = ([a-z0-9-].*)[.](?P<cluster>[a-z0-9-].*)[.]internal[.]example[.]org
	// in that case you can use following variable:
	// - ${cluster}
	// NOTE: https:// prefix is required here.
	Url string `protobuf:"bytes,2,opt,name=url" json:"url,omitempty"`
}

func (*RegexpRoute) Descriptor

func (*RegexpRoute) Descriptor() ([]byte, []int)

func (*RegexpRoute) GetExp

func (m *RegexpRoute) GetExp() string

func (*RegexpRoute) GetUrl

func (m *RegexpRoute) GetUrl() string

func (*RegexpRoute) ProtoMessage

func (*RegexpRoute) ProtoMessage()

func (*RegexpRoute) Reset

func (m *RegexpRoute) Reset()

func (*RegexpRoute) String

func (m *RegexpRoute) String() string

func (*RegexpRoute) Validate

func (this *RegexpRoute) Validate() error

type Route

type Route struct {
	// Optional auth injection. Reference to AuthSource.
	BackendAuth string `protobuf:"bytes,1,opt,name=backend_auth,json=backendAuth" json:"backend_auth,omitempty"`
	ProxyAuth   string `protobuf:"bytes,2,opt,name=proxy_auth,json=proxyAuth" json:"proxy_auth,omitempty"`
	// Types that are valid to be assigned to Type:
	//	*Route_Direct
	//	*Route_Regexp
	Type     isRoute_Type `protobuf_oneof:"type"`
	Protocol Protocol     `protobuf:"varint,5,opt,name=protocol,enum=winch.config.Protocol" json:"protocol,omitempty"`
}

func (*Route) Descriptor

func (*Route) Descriptor() ([]byte, []int)

func (*Route) GetBackendAuth

func (m *Route) GetBackendAuth() string

func (*Route) GetDirect

func (m *Route) GetDirect() *DirectRoute

func (*Route) GetProtocol

func (m *Route) GetProtocol() Protocol

func (*Route) GetProxyAuth

func (m *Route) GetProxyAuth() string

func (*Route) GetRegexp

func (m *Route) GetRegexp() *RegexpRoute

func (*Route) GetType

func (m *Route) GetType() isRoute_Type

func (*Route) ProtoMessage

func (*Route) ProtoMessage()

func (*Route) Reset

func (m *Route) Reset()

func (*Route) String

func (m *Route) String() string

func (*Route) Validate

func (this *Route) Validate() error

func (*Route) XXX_OneofFuncs

func (*Route) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type Route_Direct

type Route_Direct struct {
	Direct *DirectRoute `protobuf:"bytes,3,opt,name=direct,oneof"`
}

type Route_Regexp

type Route_Regexp struct {
	Regexp *RegexpRoute `protobuf:"bytes,4,opt,name=regexp,oneof"`
}

type TokenAccess

type TokenAccess struct {
	Token string `protobuf:"bytes,1,opt,name=token" json:"token,omitempty"`
}

TokenAccess passes specified token into auth header as a bearer.

func (*TokenAccess) Descriptor

func (*TokenAccess) Descriptor() ([]byte, []int)

func (*TokenAccess) GetToken

func (m *TokenAccess) GetToken() string

func (*TokenAccess) ProtoMessage

func (*TokenAccess) ProtoMessage()

func (*TokenAccess) Reset

func (m *TokenAccess) Reset()

func (*TokenAccess) String

func (m *TokenAccess) String() string

func (*TokenAccess) Validate

func (this *TokenAccess) Validate() error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL