Documentation ¶
Overview ¶
Package server contains the policy engine's server handlers.
Index ¶
- Constants
- type AuthenticationScheme
- type AuthorizationScheme
- type Buffer
- type Info
- type Loop
- type Server
- func (s *Server) Init(ctx context.Context) (*Server, error)
- func (s *Server) Listeners() ([]Loop, error)
- func (s *Server) WithAddresses(addrs []string) *Server
- func (s *Server) WithAuthentication(scheme AuthenticationScheme) *Server
- func (s *Server) WithAuthorization(scheme AuthorizationScheme) *Server
- func (s *Server) WithCertificate(cert *tls.Certificate) *Server
- func (s *Server) WithCompilerErrorLimit(limit int) *Server
- func (s *Server) WithDecisionIDFactory(f func() string) *Server
- func (s *Server) WithDecisionLogger(logger func(context.Context, *Info)) *Server
- func (s *Server) WithDefaultAuthorizationDecision(ref ast.Ref) *Server
- func (s *Server) WithDefaultDecision(ref ast.Ref) *Server
- func (s *Server) WithDiagnosticsBuffer(buf Buffer) *Server
- func (s *Server) WithInsecureAddress(addr string) *Server
- func (s *Server) WithManager(manager *plugins.Manager) *Server
- func (s *Server) WithRouter(router *mux.Router) *Server
- func (s *Server) WithRuntime(term *ast.Term) *Server
- func (s *Server) WithStore(store storage.Store) *Server
Constants ¶
const ( PromHandlerV0Data = "v0/data" PromHandlerV1Data = "v1/data" PromHandlerV1Query = "v1/query" PromHandlerV1Policies = "v1/policies" PromHandlerV1Compile = "v1/compile" PromHandlerIndex = "index" PromHandlerCatch = "catchall" )
Set of handlers for use in the "handler" dimension of the duration metric.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticationScheme ¶ added in v0.4.5
type AuthenticationScheme int
AuthenticationScheme enumerates the supported authentication schemes. The authentication scheme determines how client identities are established.
const ( AuthenticationOff AuthenticationScheme = iota AuthenticationToken = iota )
Set of supported authentication schemes.
type AuthorizationScheme ¶ added in v0.4.5
type AuthorizationScheme int
AuthorizationScheme enumerates the supported authorization schemes. The authorization scheme determines how access to OPA is controlled.
const ( AuthorizationOff AuthorizationScheme = iota AuthorizationBasic = iota )
Set of supported authorization schemes.
type Buffer ¶ added in v0.5.5
type Buffer interface { // Push adds the given Info into the buffer. Push(*Info) // Iter iterates over the buffer, from oldest present Info to newest. It should // call fn on each Info. Iter(fn func(*Info)) }
Buffer defines an interface that the server can call to push diagnostic information about policy decisions. Buffers must be able to handle concurrent calls.
func NewBoundedBuffer ¶ added in v0.5.5
NewBoundedBuffer creates a new Buffer with maximum size n. NewBoundedBuffer will panic if n is not positive.
type Info ¶ added in v0.5.5
type Info struct { Revision string DecisionID string RemoteAddr string Query string Timestamp time.Time Input interface{} Results *interface{} Error error Metrics metrics.Metrics Trace []*topdown.Event }
Info contains information describing a policy decision.
type Loop ¶ added in v0.8.2
type Loop func() error
Loop will contain all the calls from the server that we'll be listening on.
type Server ¶
Server represents an instance of OPA running in server mode.
func (*Server) Init ¶ added in v0.4.5
Init initializes the server. This function MUST be called before Loop.
func (*Server) Listeners ¶ added in v0.4.6
Listeners returns functions that listen and serve connections.
func (*Server) WithAddresses ¶ added in v0.8.2
WithAddresses sets the listening addresses that the server will bind to.
func (*Server) WithAuthentication ¶ added in v0.4.5
func (s *Server) WithAuthentication(scheme AuthenticationScheme) *Server
WithAuthentication sets authentication scheme to use on the server.
func (*Server) WithAuthorization ¶ added in v0.4.5
func (s *Server) WithAuthorization(scheme AuthorizationScheme) *Server
WithAuthorization sets authorization scheme to use on the server.
func (*Server) WithCertificate ¶ added in v0.4.5
func (s *Server) WithCertificate(cert *tls.Certificate) *Server
WithCertificate sets the server-side certificate that the server will use.
func (*Server) WithCompilerErrorLimit ¶ added in v0.5.3
WithCompilerErrorLimit sets the limit on the number of compiler errors the server will allow.
func (*Server) WithDecisionIDFactory ¶ added in v0.5.9
WithDecisionIDFactory sets a function on the server to generate decision IDs.
func (*Server) WithDecisionLogger ¶ added in v0.8.0
WithDecisionLogger sets the decision logger used by the server.
func (*Server) WithDefaultAuthorizationDecision ¶ added in v0.10.0
WithDefaultAuthorizationDecision sets path of the policy decision to query to authorize requests to OPA itself.
func (*Server) WithDefaultDecision ¶ added in v0.10.0
WithDefaultDecision sets path of the policy decision to query to serve requests with an empty URL path.
func (*Server) WithDiagnosticsBuffer ¶ added in v0.5.5
WithDiagnosticsBuffer sets the diagnostics buffer used by the server. DEPRECATED.
func (*Server) WithInsecureAddress ¶ added in v0.4.6
WithInsecureAddress sets the listening address that the server will bind to.
func (*Server) WithManager ¶ added in v0.8.1
WithManager sets the plugins manager used by the server.
func (*Server) WithRouter ¶ added in v0.10.0
WithRouter sets the mux.Router to attach OPA's HTTP API routes onto. If a router is not supplied, the server will create it's own.
func (*Server) WithRuntime ¶ added in v0.10.0
WithRuntime sets the runtime data to provide to the evaluation engine.
Directories ¶
Path | Synopsis |
---|---|
Package authorizer provides authorization handlers to the server.
|
Package authorizer provides authorization handlers to the server. |
Package identifier provides handlers for associating an identity with incoming requests.
|
Package identifier provides handlers for associating an identity with incoming requests. |
Package types contains request/response types and codes for the server.
|
Package types contains request/response types and codes for the server. |
Package writer contains utilities for writing responses in the server.
|
Package writer contains utilities for writing responses in the server. |