Documentation
¶
Index ¶
- Constants
- Variables
- func ConvertRawExtensionToStruct(raw runtime.RawExtension, out interface{}) error
- type AccessPolicyRuleMiddleware
- type AccessRuleMiddleware
- type AddPrefixRuleMiddleware
- type BasicRuleMiddleware
- type ForwardAuthRuleMiddleware
- type Gateway
- type GatewayConfig
- type GatewayReconciler
- type JWTRuleMiddleware
- type Key
- type Middleware
- type MiddlewareByName
- type Middlewares
- type OauthEndpoint
- type OauthRulerMiddleware
- type RateLimitRuleMiddleware
- type RedirectSchemeRuleMiddleware
- type Redis
- type RewriteRegexRuleMiddleware
- type Route
- type RouteByName
- type RouteReconciler
- type TLS
Constants ¶
View Source
const ( AppImageName = "jkaninda/goma-gateway" ConfigPath = "/etc/goma" CertsPath = "/etc/goma/certs" BelongsTo = "goma-gateway" GatewayConfigVersion = "1.0" FinalizerName = "gomaproj.github.io/resources.finalizer" ConfigName = "goma.yml" TLSCertFile = "/etc/goma/certs/tls.crt" TLSKeyFile = "/etc/goma/certs/tls.key" )
View Source
const ( AccessMiddleware = "access" // access middlewares BasicAuth = "basic" // basic authentication middlewares JWTAuth = "jwt" // JWT authentication middlewares OAuth = "oauth" // OAuth authentication middlewares RateLimit = "rateLimit" )
Middlewares type
Variables ¶
View Source
var (
ReplicaCount int32 = 1
)
Functions ¶
func ConvertRawExtensionToStruct ¶
func ConvertRawExtensionToStruct(raw runtime.RawExtension, out interface{}) error
Types ¶
type AccessPolicyRuleMiddleware ¶ added in v0.1.3
type AccessPolicyRuleMiddleware struct {
Action string `yaml:"action,omitempty" json:"action,omitempty"` // action, ALLOW or DENY
SourceRanges []string `yaml:"sourceRanges" json:"sourceRanges"` // list of Ips
}
AccessPolicyRuleMiddleware access policy
type AccessRuleMiddleware ¶ added in v0.1.3
type AccessRuleMiddleware struct {
StatusCode int `yaml:"statusCode,omitempty"` // HTTP Response code
}
type AddPrefixRuleMiddleware ¶ added in v0.1.3
type AddPrefixRuleMiddleware struct {
Prefix string `yaml:"prefix" json:"prefix"`
}
type BasicRuleMiddleware ¶
type ForwardAuthRuleMiddleware ¶ added in v0.1.3
type ForwardAuthRuleMiddleware struct {
AuthURL string `yaml:"authUrl" json:"authUrl"`
AuthSignIn string `yaml:"authSignIn,omitempty" json:"authSignIn,omitempty"`
EnableHostForwarding bool `yaml:"enableHostForwarding,omitempty" json:"enableHostForwarding,omitempty"`
SkipInsecureVerify bool `yaml:"skipInsecureVerify,omitempty" json:"skipInsecureVerify,omitempty"`
AuthRequestHeaders []string `yaml:"authRequestHeaders,omitempty" json:"authRequestHeaders,omitempty"`
AddAuthCookiesToResponse []string `yaml:"addAuthCookiesToResponse,omitempty" json:"addAuthCookiesToResponse,omitempty"`
AuthResponseHeaders []string `yaml:"authResponseHeaders,omitempty" json:"authResponseHeaders,omitempty"`
AuthResponseHeadersAsParams []string `yaml:"authResponseHeadersAsParams,omitempty" json:"authResponseHeadersAsParams,omitempty"`
}
type Gateway ¶
type Gateway struct {
// TlsCertFile SSL Certificate file
// Deprecated use TLS
TlsCertFile string `yaml:"tlsCertFile,omitempty"`
// TlsKeyFile SSL Private key file
// Deprecated use TLS
TlsKeyFile string `yaml:"tlsKeyFile,omitempty"`
TLS TLS `yaml:"tls,omitempty"`
// Redis contains redis database details
Redis gomaprojv1beta1.Redis `yaml:"redis,omitempty"`
// WriteTimeout defines proxy write timeout
WriteTimeout int `yaml:"writeTimeout"`
// ReadTimeout defines proxy read timeout
ReadTimeout int `yaml:"readTimeout"`
// IdleTimeout defines proxy idle timeout
IdleTimeout int `yaml:"idleTimeout"`
LogLevel string `yaml:"logLevel"`
Cors gomaprojv1beta1.Cors `yaml:"cors"`
// DisableHealthCheckStatus enable and disable routes health check
DisableHealthCheckStatus bool `yaml:"disableHealthCheckStatus,omitempty"`
// DisableRouteHealthCheckError allows enabling and disabling backend healthcheck errors
DisableRouteHealthCheckError bool `yaml:"disableRouteHealthCheckError,omitempty"`
// Disable allows enabling and disabling displaying routes on start
DisableDisplayRouteOnStart bool `yaml:"disableDisplayRouteOnStart,omitempty"`
// DisableKeepAlive allows enabling and disabling KeepALive server
DisableKeepAlive bool `yaml:"disableKeepAlive,omitempty"`
EnableMetrics bool `yaml:"enableMetrics,omitempty"`
// InterceptErrors holds the status codes to intercept the error from backend
InterceptErrors []int `yaml:"interceptErrors,omitempty"` // Deprecated
EnableStrictSlash bool `json:"enableStrictSlash,omitempty" yaml:"enableStrictSlash,omitempty"`
// ErrorInterceptor handles backend error interceptor
ErrorInterceptor gomaprojv1beta1.RouteErrorInterceptor `yaml:"errorInterceptor,omitempty" json:"errorInterceptor,omitempty"`
Routes []Route `json:"routes,omitempty" yaml:"routes"`
}
Gateway contains Goma Proxy Gateway's configs
type GatewayConfig ¶
type GatewayConfig struct {
Version string `json:"version" yaml:"version"`
Gateway Gateway `json:"gateway" yaml:"gateway"`
Middlewares []Middleware `json:"middlewares,omitempty" yaml:"middlewares,omitempty"`
}
type GatewayReconciler ¶
GatewayReconciler reconciles a Gateway object
func (*GatewayReconciler) Reconcile ¶
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. the Gateway object against the actual cluster state, and then perform operations to make the cluster state reflect the state specified by the user.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.19.1/pkg/reconcile
func (*GatewayReconciler) SetupWithManager ¶
func (r *GatewayReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type JWTRuleMiddleware ¶
type JWTRuleMiddleware struct {
Alg string `yaml:"alg,omitempty" json:"alg,omitempty"`
Secret string `yaml:"secret,omitempty" json:"secret,omitempty"`
PublicKey string `yaml:"publicKey,omitempty" json:"publicKey,omitempty"`
JwksUrl string `yaml:"jwksUrl,omitempty" json:"jwksUrl,omitempty"`
ForwardAuthorization bool `yaml:"forwardAuthorization,omitempty" json:"forwardAuthorization,omitempty"`
}
type Middleware ¶
type Middleware struct {
// Path contains the name of middlewares and must be unique
Name string `json:"name" yaml:"name"`
// Type contains authentication types
//
// basic, jwt, oauth, rateLimit, access
Type string `json:"type" yaml:"type"` // Middleware type [basic, jwt, oauth, rateLimit, access]
Paths []string `json:"paths,omitempty" yaml:"paths,omitempty"` // Protected paths
// Rule contains route middleware rule
Rule interface{} `json:"rule,omitempty" yaml:"rule,omitempty"`
}
type MiddlewareByName ¶ added in v0.1.3
type MiddlewareByName []Middleware
MiddlewareByName implements sort.Interface for []Middleware based on the Name field.
func (MiddlewareByName) Len ¶ added in v0.1.3
func (a MiddlewareByName) Len() int
func (MiddlewareByName) Less ¶ added in v0.1.3
func (a MiddlewareByName) Less(i, j int) bool
func (MiddlewareByName) Swap ¶ added in v0.1.3
func (a MiddlewareByName) Swap(i, j int)
type Middlewares ¶
type Middlewares struct {
Middlewares []Middleware `json:"middlewares,omitempty" yaml:"middlewares,omitempty"`
}
type OauthEndpoint ¶
type OauthRulerMiddleware ¶
type OauthRulerMiddleware struct {
// ClientID is the application's ID.
ClientID string `yaml:"clientId"`
// ClientSecret is the application's secret.
ClientSecret string `yaml:"clientSecret"`
// oauth provider google, gitlab, github, amazon, facebook, custom
Provider string `yaml:"provider"`
// Endpoint contains the resource server's token endpoint
Endpoint OauthEndpoint `yaml:"endpoint"`
// RedirectURL is the URL to redirect users going through
// the OAuth flow, after the resource owner's URLs.
RedirectURL string `yaml:"redirectUrl"`
// RedirectPath is the PATH to redirect users after authentication, e.g: /my-protected-path/dashboard
RedirectPath string `yaml:"redirectPath"`
// CookiePath e.g: /my-protected-path or / || by default is applied on a route path
CookiePath string `yaml:"cookiePath"`
// Scope specifies optional requested permissions.
Scopes []string `yaml:"scopes"`
// contains filtered or unexported fields
State string `yaml:"state"`
JWTSecret string `yaml:"jwtSecret"`
}
type RateLimitRuleMiddleware ¶
type RedirectSchemeRuleMiddleware ¶ added in v0.1.3
type RewriteRegexRuleMiddleware ¶ added in v0.1.3
type Route ¶ added in v0.1.3
type Route struct {
// Path defines route path
Path string `json:"path" yaml:"path"`
// Name defines route name
Name string `json:"name" yaml:"name"`
Disabled bool `json:"disabled,omitempty" yaml:"disabled"`
TLS TLS `yaml:"tls,omitempty"`
// Route order priority
Priority int `yaml:"priority,omitempty" json:"priority,omitempty"`
// Hosts Domains/hosts based request routing
Hosts []string `json:"hosts,omitempty" yaml:"hosts,omitempty"`
// Rewrite rewrites route path to desired path
Rewrite string `json:"rewrite,omitempty" yaml:"rewrite,omitempty"`
// Methods allowed method
Methods []string `json:"methods,omitempty" yaml:"methods,omitempty"`
// Destination Defines backend URL
Destination string `json:"destination,omitempty" yaml:"destination,omitempty"`
// Backends specifies a list of backend URLs for load balancing.
Backends gomaprojv1beta1.Backends `yaml:"backends,omitempty" json:"backends,omitempty"`
InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty"`
// HealthCheck Defines the backend is health
HealthCheck gomaprojv1beta1.RouteHealthCheck `json:"healthCheck,omitempty" yaml:"healthCheck,omitempty"`
// Cors contains the route cors headers
Cors gomaprojv1beta1.Cors `json:"cors,omitempty" yaml:"cors,omitempty"`
DisableHostForwarding bool `json:"disableHostForwarding,omitempty" yaml:"disableHostForwarding,omitempty"`
// ErrorInterceptor handles backend error interceptor
ErrorInterceptor gomaprojv1beta1.RouteErrorInterceptor `yaml:"errorInterceptor,omitempty" json:"errorInterceptor,omitempty"`
// BlockCommonExploits enable, disable block common exploits
BlockCommonExploits bool `json:"blockCommonExploits,omitempty" yaml:"blockCommonExploits,omitempty"`
EnableBotDetection bool `json:"enableBotDetection,omitempty" yaml:"enableBotDetection,omitempty"`
// Middlewares Defines route middleware
Middlewares []string `json:"middlewares,omitempty" yaml:"middlewares"`
}
type RouteByName ¶ added in v0.1.3
type RouteByName []Route
RouteByName implements sort.Interface for []Route based on the Name field.
func (RouteByName) Len ¶ added in v0.1.3
func (a RouteByName) Len() int
func (RouteByName) Less ¶ added in v0.1.3
func (a RouteByName) Less(i, j int) bool
func (RouteByName) Swap ¶ added in v0.1.3
func (a RouteByName) Swap(i, j int)
type RouteReconciler ¶
RouteReconciler reconciles a Route object
func (*RouteReconciler) Reconcile ¶
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. TODO(user): Modify the Reconcile function to compare the state specified by the Route object against the actual cluster state, and then perform operations to make the cluster state reflect the state specified by the user.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.19.1/pkg/reconcile
func (*RouteReconciler) SetupWithManager ¶
func (r *RouteReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
Source Files
Click to show internal directories.
Click to hide internal directories.