Documentation ¶
Index ¶
- Constants
- Variables
- func AnyToMessage(a *pany.Any) (proto.Message, error)
- func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList
- func EnsureRouteAction(out *envoy_config_route_v3.Route) error
- func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string
- func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder
- func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)
- func GetTcpHostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.TcpHostReport
- func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport
- func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost
- func MatchedRouteConfigName(listener *v1.Listener, matcher *v1.Matcher) string
- func MergeResourceLists(existingResources sk_resources.ResourceList, ...) sk_resources.ResourceList
- func MessageToAny(msg proto.Message) (*pany.Any, error)
- func MustAnyToMessage(a *pany.Any) proto.Messagedeprecated
- func NewSslConfigTranslator() *sslConfigTranslator
- func PathAsString(matcher *matchers.Matcher) string
- func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList
- func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList
- func RouteConfigName(listener *v1.Listener) string
- func SanitizeForEnvoy(ctx context.Context, resourceName, resourceTypeName string) string
- func ShallowMerge(dst, src reflect.Value, overwrite bool)
- func SortGatewayRoutesByPath(routes []*gatewayv1.Route)
- func SortRoutesByPath(routes []*v1.Route)
- func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList
- type CertSource
- type LogLevel
- type SslConfigTranslator
Constants ¶
const (
MetadataPluginName = "envoy.grpc_credentials.file_based_metadata"
)
Variables ¶
var ( TlsVersionNotFoundError = func(v ssl.SslParameters_ProtocolVersion) error { return eris.Errorf("tls version %v not found", v) } OcspStaplePolicyNotValidError = func(p ssl.SslConfig_OcspStaplePolicy) error { return eris.Errorf("ocsp staple policy %v not a valid policy", p) } // SslSecretNotFoundError is an exported error that wraps errors produced in validation // indicating a missing secret reference. This can be compared against using errors.Is. SslSecretNotFoundError = eris.New("SSL secret not found") NotTlsSecretError = func(ref *core.ResourceRef) error { return eris.Errorf("%v is not a TLS secret", ref) } InvalidTlsSecretError = func(ref *core.ResourceRef, err error) error { if ref == nil { return eris.Wrapf(err, "Invalid TLS secret") } else { errorString := fmt.Sprintf("%v is not a valid TLS secret", ref) return eris.Wrapf(err, errorString) } } NoCertificateFoundError = eris.New("no certificate information found") MissingValidationContextError = eris.Errorf("must provide validation context name if verifying SAN") RootCaMustBeProvidedError = eris.Errorf("a root_ca must be provided if verify_subject_alt_name is not empty") )
var (
InvalidRouteActionError = errors.New("cannot use this plugin on non-Route_Route route actions")
)
Functions ¶
func DeleteResources ¶ added in v1.9.1
func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList
Deletes the resources with the given refs from the list, and returns the updated list.
func EnsureRouteAction ¶ added in v0.18.22
func EnsureRouteAction(out *envoy_config_route_v3.Route) error
func EnvoyPathAsString ¶ added in v1.0.0
func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string
func FilterLogLevel ¶ added in v0.19.2
func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder
Filter JSON logs with level
func GetCommonTlsContextFromUpstreamOptions ¶ added in v1.6.9
func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)
We support global UpstreamOptions to define SslParameters for all upstreams If an upstream is configure with ssl, it will inherit the defaults here: https://github.com/solo-io/gloo/blob/15da82bdd65ab4bcedbc7fb803ea0bb5f7e926fc/projects/gloo/pkg/translator/clusters.go#L108 However, if an upstream is configured with one-way TLS, we must explicitly apply the defaults, since there is no ssl configuration on the upstream
func GetTcpHostReportsFromListenerReport ¶ added in v1.14.12
func GetTcpHostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.TcpHostReport
Given any supported listener type, returns the TcpHost report objects that are used for error/warning reporting
func GetVhostReportsFromListenerReport ¶ added in v1.9.25
func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport
func GetVirtualHostsForListener ¶ added in v1.9.25
func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost
func MatchedRouteConfigName ¶ added in v1.9.25
MatchedRouteConfigName returns a unique RouteConfiguration name This name is commonly used for 2 purposes:
- to associate the RouteConfigurationName between RDS and the HttpConnectionManager NetworkFilter
- To provide a consistent key function for a map of ListenerReports
func MergeResourceLists ¶ added in v1.9.1
func MergeResourceLists(existingResources sk_resources.ResourceList, modifiedResources sk_resources.ResourceList) sk_resources.ResourceList
Merges the modified resources into the existing resources, overwriting any existing values, and returns the new list
func MessageToAny ¶ added in v1.5.0
MessageToAny takes any given proto message msg and returns the marshalled bytes of the proto, and a url to the type definition for the proto in the form of a *pany.Any, errors if nil or if the proto type doesnt exist or if there is a marshalling error
func MustAnyToMessage
deprecated
added in
v1.5.0
func NewSslConfigTranslator ¶
func NewSslConfigTranslator() *sslConfigTranslator
func PathAsString ¶
func ResourceListToSecretList ¶ added in v1.9.25
func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList
func ResourceListToUpstreamList ¶ added in v1.9.1
func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList
func RouteConfigName ¶ added in v1.9.25
RouteConfigName cannot always be relied on to get the route config name for any listener because the pattern is different for hybrid listeners (see MatchedRouteConfigName below)
func SanitizeForEnvoy ¶ added in v0.14.0
func ShallowMerge ¶ added in v1.15.0
ShallowMerge sets dst to the value of src, if src is non-zero and dst is zero-valued or overwrite=true.
func SortGatewayRoutesByPath ¶ added in v0.18.32
func SortRoutesByPath ¶
Matchers sort according to the following rules: 1. exact path < regex path < prefix path 2. lexicographically greater path string < lexicographically smaller path string
func UpstreamsToResourceList ¶ added in v1.9.1
func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList
Types ¶
type CertSource ¶
type CertSource interface { GetSecretRef() *core.ResourceRef GetSslFiles() *ssl.SSLFiles GetSds() *ssl.SDSConfig GetVerifySubjectAltName() []string GetParameters() *ssl.SslParameters GetAlpnProtocols() []string }
type LogLevel ¶ added in v0.19.2
type LogLevel int8
A Level is a logging priority. Higher levels are more important.
type SslConfigTranslator ¶
type SslConfigTranslator interface { ResolveUpstreamSslConfig(secrets v1.SecretList, uc *ssl.UpstreamSslConfig) (*envoyauth.UpstreamTlsContext, error) ResolveDownstreamSslConfig(secrets v1.SecretList, dc *ssl.SslConfig) (*envoyauth.DownstreamTlsContext, error) ResolveCommonSslConfig(cs CertSource, secrets v1.SecretList, mustHaveCert bool) (*envoyauth.CommonTlsContext, error) ResolveSslParamsConfig(params *ssl.SslParameters) (*envoyauth.TlsParameters, error) }
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package mock_utils is a generated GoMock package.
|
Package mock_utils is a generated GoMock package. |