Documentation ¶
Index ¶
- Constants
- Variables
- func AnyToMessage(a *pany.Any) (proto.Message, error)
- func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList
- func EnsureRouteAction(out *envoy_config_route_v3.Route) error
- func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string
- func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder
- func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)
- func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport
- func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost
- func MatchedRouteConfigName(listener *v1.Listener, matcher *v1.Matcher) string
- func MergeResourceLists(existingResources sk_resources.ResourceList, ...) sk_resources.ResourceList
- func MessageToAny(msg proto.Message) (*pany.Any, error)
- func MustAnyToMessage(a *pany.Any) proto.Message
- func MustMessageToAny(msg proto.Message) *pany.Any
- func NewSslConfigTranslator() *sslConfigTranslator
- func PathAsString(matcher *matchers.Matcher) string
- func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList
- func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList
- func RouteConfigName(listener *v1.Listener) string
- func SanitizeForEnvoy(ctx context.Context, resourceName, resourceTypeName string) string
- func SortGatewayRoutesByPath(routes []*gatewayv1.Route)
- func SortRoutesByPath(routes []*v1.Route)
- func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList
- type CertSource
- type LogLevel
- type SslConfigTranslator
Constants ¶
const (
MetadataPluginName = "envoy.grpc_credentials.file_based_metadata"
)
Variables ¶
var ( TlsVersionNotFoundError = func(v v1.SslParameters_ProtocolVersion) error { return eris.Errorf("tls version %v not found", v) } SslSecretNotFoundError = func(err error) error { return eris.Wrapf(err, "SSL secret not found") } NotTlsSecretError = func(ref *core.ResourceRef) error { return eris.Errorf("%v is not a TLS secret", ref) } InvalidTlsSecretError = func(ref *core.ResourceRef, err error) error { if ref == nil { return eris.Wrapf(err, "Invalid TLS secret") } else { errorString := fmt.Sprintf("%v is not a valid TLS secret", ref) return eris.Wrapf(err, errorString) } } NoCertificateFoundError = eris.New("no certificate information found") MissingValidationContextError = eris.Errorf("must provide validation context name if verifying SAN") RootCaMustBeProvidedError = eris.Errorf("a root_ca must be provided if verify_subject_alt_name is not empty") )
var (
InvalidRouteActionError = errors.New("cannot use this plugin on non-Route_Route route actions")
)
Functions ¶
func DeleteResources ¶ added in v1.9.1
func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList
Deletes the resources with the given refs from the list, and returns the updated list.
func EnsureRouteAction ¶ added in v0.18.22
func EnsureRouteAction(out *envoy_config_route_v3.Route) error
func EnvoyPathAsString ¶ added in v1.0.0
func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string
func FilterLogLevel ¶ added in v0.19.2
func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder
Filter JSON logs with level
func GetCommonTlsContextFromUpstreamOptions ¶ added in v1.6.9
func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)
We support global UpstreamOptions to define SslParameters for all upstreams If an upstream is configure with ssl, it will inherit the defaults here: https://github.com/solo-io/gloo/blob/15da82bdd65ab4bcedbc7fb803ea0bb5f7e926fc/projects/gloo/pkg/translator/clusters.go#L108 However, if an upstream is configured with one-way TLS, we must explicitly apply the defaults, since there is no ssl configuration on the upstream
func GetVhostReportsFromListenerReport ¶ added in v1.9.25
func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport
func GetVirtualHostsForListener ¶ added in v1.9.25
func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost
func MatchedRouteConfigName ¶ added in v1.9.25
MatchedRouteConfigName returns a unique RouteConfiguration name This name is commonly used for 2 purposes:
- to associate the RouteConfigurationName between RDS and the HttpConnectionManager NetworkFilter
- To provide a consistent key function for a map of ListenerReports
func MergeResourceLists ¶ added in v1.9.1
func MergeResourceLists(existingResources sk_resources.ResourceList, modifiedResources sk_resources.ResourceList) sk_resources.ResourceList
Merges the modified resources into the existing resources, overwriting any existing values, and returns the new list
func NewSslConfigTranslator ¶
func NewSslConfigTranslator() *sslConfigTranslator
func PathAsString ¶
func ResourceListToSecretList ¶ added in v1.9.25
func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList
func ResourceListToUpstreamList ¶ added in v1.9.1
func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList
func RouteConfigName ¶ added in v1.9.25
RouteConfigName cannot always be relied on to get the route config name for any listener because the pattern is different for hybrid listeners (see MatchedRouteConfigName below)
func SanitizeForEnvoy ¶ added in v0.14.0
func SortGatewayRoutesByPath ¶ added in v0.18.32
func SortRoutesByPath ¶
Matchers sort according to the following rules: 1. exact path < regex path < prefix path 2. lexicographically greater path string < lexicographically smaller path string
func UpstreamsToResourceList ¶ added in v1.9.1
func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList
Types ¶
type CertSource ¶
type CertSource interface { GetSecretRef() *core.ResourceRef GetSslFiles() *v1.SSLFiles GetSds() *v1.SDSConfig GetVerifySubjectAltName() []string GetParameters() *v1.SslParameters GetAlpnProtocols() []string }
type LogLevel ¶ added in v0.19.2
type LogLevel int8
A Level is a logging priority. Higher levels are more important.
type SslConfigTranslator ¶
type SslConfigTranslator interface { ResolveUpstreamSslConfig(secrets v1.SecretList, uc *v1.UpstreamSslConfig) (*envoyauth.UpstreamTlsContext, error) ResolveDownstreamSslConfig(secrets v1.SecretList, dc *v1.SslConfig) (*envoyauth.DownstreamTlsContext, error) ResolveCommonSslConfig(cs CertSource, secrets v1.SecretList, mustHaveCert bool) (*envoyauth.CommonTlsContext, error) ResolveSslParamsConfig(params *v1.SslParameters) (*envoyauth.TlsParameters, error) }
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package mock_utils is a generated GoMock package.
|
Package mock_utils is a generated GoMock package. |