Documentation ¶
Index ¶
- Constants
- func GetAdditionalAdminClientConfigOptions(cfg Config) []grpc.DialOption
- func InitializeAdminClient(ctx context.Context, cfg Config) service.AdminServiceClient
- func InitializeAdminClientFromConfig(ctx context.Context) (service.AdminServiceClient, error)
- func InitializeMockAdminClient() service.AdminServiceClient
- func NewAdminClient(ctx context.Context, conn *grpc.ClientConn) service.AdminServiceClient
- func NewAdminConnection(ctx context.Context, cfg Config) (*grpc.ClientConn, error)
- type Config
- type CustomHeaderTokenSource
Constants ¶
const DefaultAuthorizationHeader = "authorization"
Variables ¶
This section is empty.
Functions ¶
func GetAdditionalAdminClientConfigOptions ¶
func GetAdditionalAdminClientConfigOptions(cfg Config) []grpc.DialOption
func InitializeAdminClient ¶
func InitializeAdminClient(ctx context.Context, cfg Config) service.AdminServiceClient
Create an AdminClient with a shared Admin connection for the process
func InitializeAdminClientFromConfig ¶
func InitializeAdminClientFromConfig(ctx context.Context) (service.AdminServiceClient, error)
func InitializeMockAdminClient ¶
func InitializeMockAdminClient() service.AdminServiceClient
func NewAdminClient ¶
func NewAdminClient(ctx context.Context, conn *grpc.ClientConn) service.AdminServiceClient
func NewAdminConnection ¶
Types ¶
type Config ¶
type Config struct { Endpoint config.URL `json:"endpoint" pflag:",For admin types, specify where the uri of the service is located."` UseInsecureConnection bool `json:"insecure" pflag:",Use insecure connection."` MaxBackoffDelay config.Duration `json:"maxBackoffDelay" pflag:",Max delay for grpc backoff"` PerRetryTimeout config.Duration `json:"perRetryTimeout" pflag:",gRPC per retry timeout"` MaxRetries int `json:"maxRetries" pflag:",Max number of gRPC retries"` // Auth can only be used if also running with a secure connection. If UseInsecureConnection is set to true, none // of the following options will even be referenced. UseAuth bool `json:"useAuth" pflag:",Whether or not to try to authenticate with options below"` ClientId string `json:"clientId" pflag:",Client ID"` ClientSecretLocation string `json:"clientSecretLocation" pflag:",File containing the client secret"` Scopes []string `json:"scopes" pflag:",List of scopes to request"` // There are two ways to get the token URL. If the authorization server url is provided, the client will try to use RFC 8414 to // try to get the token URL. Or it can be specified directly through TokenURL config. AuthorizationServerURL string `json:"authorizationServerUrl" pflag:",This is the URL to your IDP's authorization server'"` TokenURL string `json:"tokenUrl" pflag:",Your IDPs token endpoint"` // See the implementation of the 'grpcAuthorizationHeader' option in Flyte Admin for more information. But // basically we want to be able to use a different string to pass the token from this client to the the Admin service // because things might be running in a service mesh (like Envoy) that already uses the default 'authorization' header AuthorizationHeader string `json:"authorizationHeader" pflag:",Custom metadata header to pass JWT"` }
type CustomHeaderTokenSource ¶ added in v0.4.20
type CustomHeaderTokenSource struct { oauth2.TokenSource // contains filtered or unexported fields }
This class is here because we cannot use the normal "github.com/grpc/grpc-go/credentials/oauth" package to satisfy the credentials.PerRPCCredentials interface. This is because we want to be able to support a different 'header' when passing the token in the gRPC call's metadata. The default is filled in in the constructor if none is supplied.
func NewCustomHeaderTokenSource ¶ added in v0.4.20
func NewCustomHeaderTokenSource(source oauth2.TokenSource, customHeader string) CustomHeaderTokenSource
func (CustomHeaderTokenSource) GetRequestMetadata ¶ added in v0.4.20
func (ts CustomHeaderTokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)
GetRequestMetadata gets the authorization metadata as a map using a TokenSource to generate a token
func (CustomHeaderTokenSource) RequireTransportSecurity ¶ added in v0.4.20
func (ts CustomHeaderTokenSource) RequireTransportSecurity() bool
Even though Admin is capable of serving authentication without SSL, we're going to require it here. That is, this module's canonical Admin client will only do auth over SSL.