Documentation
¶
Overview ¶
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. For newer features and behaviours, such as defaulting to the Rego v1 syntax, use the corresponding components in the github.com/open-policy-agent/opa/v1 package instead. See https://www.openpolicyagent.org/docs/latest/v0-compatibility/ for more information.
Package plugins implements plugin management for the policy engine.
Index ¶
- Constants
- func ConsoleLogger(logger logging.Logger) func(*Manager)
- func EnablePrintStatements(yes bool) func(*Manager)
- func GetCompilerOnContext(context *storage.Context) *ast.Compiler
- func GracefulShutdownPeriod(gracefulShutdownPeriod int) func(*Manager)
- func Info(term *ast.Term) func(*Manager)
- func InitBundles(b map[string]*bundle.Bundle) func(*Manager)
- func InitFiles(f loader.Result) func(*Manager)
- func Logger(logger logging.Logger) func(*Manager)
- func MaxErrors(n int) func(*Manager)
- func PrintHook(h print.Hook) func(*Manager)
- func SetCompilerOnContext(context *storage.Context, compiler *ast.Compiler)
- func SetWasmResolversOnContext(context *storage.Context, rs []*wasm.Resolver)
- func WithDistributedTracingOpts(tr tracing.Options) func(*Manager)
- func WithEnableTelemetry(enableTelemetry bool) func(*Manager)
- func WithHooks(hs hooks.Hooks) func(*Manager)
- func WithParserOptions(opts ast.ParserOptions) func(*Manager)
- func WithPrometheusRegister(prometheusRegister prometheus.Registerer) func(*Manager)
- func WithRouter(r *mux.Router) func(*Manager)
- func WithTelemetryGatherers(gs map[string]report.Gatherer) func(*Manager)
- func WithTracerProvider(tracerProvider *trace.TracerProvider) func(*Manager)
- type Factory
- type Manager
- type Plugin
- type State
- type Status
- type StatusListener
- type TriggerMode
- type Triggerable
Constants ¶
const ( // StateNotReady indicates that the Plugin is not in an error state, but isn't // ready for normal operation yet. This should only happen at // initialization time. StateNotReady = v1.StateNotReady // StateOK signifies that the Plugin is operating normally. StateOK = v1.StateOK // StateErr indicates that the Plugin is in an error state and should not // be considered as functional. StateErr = v1.StateErr // StateWarn indicates the Plugin is operating, but in a potentially dangerous or // degraded state. It may be used to indicate manual remediation is needed, or to // alert admins of some other noteworthy state. StateWarn = v1.StateWarn )
const ( // TriggerPeriodic represents periodic polling mechanism TriggerPeriodic = v1.TriggerPeriodic // TriggerManual represents manual triggering mechanism TriggerManual = v1.TriggerManual // DefaultTriggerMode represents default trigger mechanism DefaultTriggerMode = v1.DefaultTriggerMode )
Variables ¶
This section is empty.
Functions ¶
func ConsoleLogger ¶ added in v0.29.0
ConsoleLogger sets the passed logger to be used by plugins that are configured with console logging enabled.
func EnablePrintStatements ¶ added in v0.34.0
func GetCompilerOnContext ¶ added in v0.12.2
GetCompilerOnContext gets the compiler cached on the storage context.
func GracefulShutdownPeriod ¶ added in v0.25.0
GracefulShutdownPeriod passes the configured graceful shutdown period to plugins
func Info ¶ added in v0.10.2
Info sets the runtime information on the manager. The runtime information is propagated to opa.runtime() built-in function calls.
func InitBundles ¶ added in v0.20.0
InitBundles provides the initial set of bundles to load.
func InitFiles ¶ added in v0.20.0
InitFiles provides the initial set of other data/policy files to load.
func Logger ¶ added in v0.28.0
Logger configures the passed logger on the plugin manager (useful to configure default fields)
func SetCompilerOnContext ¶ added in v0.12.2
SetCompilerOnContext puts the compiler into the storage context. Calling this function before committing updated policies to storage allows the manager to skip parsing and compiling of modules. Instead, the manager will use the compiler that was stored on the context.
func SetWasmResolversOnContext ¶ added in v0.25.0
SetWasmResolversOnContext puts a set of Wasm Resolvers into the storage context. Calling this function before committing updated wasm modules to storage allows the manager to skip initializing modules before using them. Instead, the manager will use the compiler that was stored on the context.
func WithDistributedTracingOpts ¶ added in v0.54.0
WithDistributedTracingOpts sets the options to be used by distributed tracing.
func WithEnableTelemetry ¶ added in v0.60.0
WithEnableTelemetry controls whether OPA will send telemetry reports to an external service.
func WithParserOptions ¶ added in v0.61.0
func WithParserOptions(opts ast.ParserOptions) func(*Manager)
WithParserOptions sets the parser options to be used by the plugin manager.
func WithPrometheusRegister ¶ added in v0.38.0
func WithPrometheusRegister(prometheusRegister prometheus.Registerer) func(*Manager)
WithPrometheusRegister sets the passed prometheus.Registerer to be used by plugins
func WithRouter ¶ added in v0.36.0
func WithTelemetryGatherers ¶ added in v0.60.0
WithTelemetryGatherers allows registration of telemetry gatherers which enable injection of additional data in the telemetry report
func WithTracerProvider ¶ added in v0.46.0
func WithTracerProvider(tracerProvider *trace.TracerProvider) func(*Manager)
WithTracerProvider sets the passed *trace.TracerProvider to be used by plugins
Types ¶
type Factory ¶ added in v0.10.3
Factory defines the interface OPA uses to instantiate your plugin.
When OPA processes it's configuration it looks for factories that have been registered by calling runtime.RegisterPlugin. Factories are registered to a name which is used to key into the configuration blob. If your plugin has not been configured, your factory will not be invoked.
plugins:
my_plugin1:
some_key: foo
# my_plugin2:
# some_key2: bar
If OPA was started with the configuration above and received two calls to runtime.RegisterPlugins (one with NAME "my_plugin1" and one with NAME "my_plugin2"), it would only invoke the factory for for my_plugin1.
OPA instantiates and reconfigures plugins in two steps. First, OPA will call Validate to check the configuration. Assuming the configuration is valid, your factory should return a configuration value that can be used to construct your plugin. Second, OPA will call New to instantiate your plugin providing the configuration value returned from the Validate call.
Validate receives a slice of bytes representing plugin configuration and returns a configuration value that can be used to instantiate your plugin. The manager is provided to give access to the OPA's compiler, storage layer, and global configuration. Your Validate function will typically:
- Deserialize the raw config bytes
- Validate the deserialized config for semantic errors
- Inject default values
- Return a deserialized/parsed config
New receives a valid configuration for your plugin and returns a plugin object. Your New function will typically:
- Cast the config value to it's own type
- Instantiate a plugin object
- Return the plugin object
- Update status via `plugins.Manager#UpdatePluginStatus`
After a plugin has been created subsequent status updates can be send anytime the plugin enters a ready or error state.
type Manager ¶
Manager implements lifecycle management of plugins and gives plugins access to engine-wide components like storage.
type Plugin ¶
Plugin defines the interface OPA uses to manage your plugin.
When OPA starts it will start all of the plugins it was configured to instantiate. Each time a new plugin is configured (via discovery), OPA will start it. You can use the Start call to spawn additional goroutines or perform initialization tasks.
Currently OPA will not call Stop on plugins.
When OPA receives new configuration for your plugin via discovery it will first Validate the configuration using your factory and then call Reconfigure.
type State ¶ added in v0.17.0
State defines the state that a Plugin instance is currently in with pre-defined states.
type StatusListener ¶ added in v0.17.0
type StatusListener v1.StatusListener
StatusListener defines a handler to register for status updates.
type TriggerMode ¶ added in v0.32.0
type TriggerMode = v1.TriggerMode
TriggerMode defines the trigger mode utilized by a Plugin for bundle download, log upload etc.
func ValidateAndInjectDefaultsForTriggerMode ¶ added in v0.33.0
func ValidateAndInjectDefaultsForTriggerMode(a, b *TriggerMode) (*TriggerMode, error)
ValidateAndInjectDefaultsForTriggerMode validates the trigger mode and injects default values
type Triggerable ¶ added in v0.32.0
type Triggerable = v1.Triggerable
Triggerable defines the interface plugins use for manual plugin triggers.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
Package discovery implements configuration discovery.
|
Package discovery implements configuration discovery. |
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
status
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
decoding
Package decoding implements the configuration side of the upgraded gzip decompression framework.
|
Package decoding implements the configuration side of the upgraded gzip decompression framework. |
|
encoding
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
metrics
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended.
|
Deprecated: This package is intended for older projects transitioning from OPA v0.x and will remain for the lifetime of OPA v1.x, but its use is not recommended. |