Documentation
¶
Index ¶
- Constants
- Variables
- func AnyToMessage(a *pany.Any) (proto.Message, error)
- func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList
- func EnsureRouteAction(out *envoy_config_route_v3.Route) error
- func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string
- func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder
- func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)
- func GetTcpHostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.TcpHostReport
- func GetTranslatorSelectorExpression(translators ...string) string
- func GetTranslatorValue(meta *core.Metadata) string
- func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport
- func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost
- func MatchedRouteConfigName(listener *v1.Listener, matcher *v1.Matcher) string
- func MergeResourceLists(existingResources sk_resources.ResourceList, ...) sk_resources.ResourceList
- func MessageToAny(msg proto.Message) (*pany.Any, error)
- func MustAnyToMessage(a *pany.Any) proto.Messagedeprecated
- func NewSslConfigTranslator() *sslConfigTranslator
- func PathAsString(matcher *matchers.Matcher) string
- func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList
- func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList
- func RouteConfigName(listener *v1.Listener) string
- func SanitizeForEnvoy(ctx context.Context, resourceName, resourceTypeName string) string
- func ShallowMerge(dst, src reflect.Value, overwrite bool) bool
- func ShallowMergeRouteOptions(dst, src *v1.RouteOptions) (*v1.RouteOptions, bool)
- func ShallowMergeVirtualHostOptions(dst, src *v1.VirtualHostOptions) (*v1.VirtualHostOptions, bool)
- func SortGatewayRoutesByPath(routes []*gatewayv1.Route)
- func SortRoutesByPath(routes []*v1.Route)
- func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList
- func VerifySanListToMatchSanList(sanList []string) []*envoymatcher.StringMatcher
- type CertSource
- type LogLevel
- type SslConfigTranslator
Constants ¶
const ( // ProxyTypeKey is the label key applied to Proxies generated by the Gloo Edge translator ProxyTypeKey = "created_by" // GlooEdgeProxyValue is the label value for ProxyTypeKey applied to Proxy CRs // that have been generated from Gloo Edge Gateway API resources GlooEdgeProxyValue = "gloo-gateway" // GatewayApiProxyValue is the label value for ProxyTypeKey applied to Proxy CRs // that have been generated from Kubernetes Gateway API resources GatewayApiProxyValue = "gloo-kube-gateway-api" // KnativeProxyValue is the label value applied to Proxies generated by the Gloo Knative translator KnativeProxyValue = "gloo-knative" // IngressProxyValue is the label value applied to Proxies generated by the Gloo Ingress translator IngressProxyValue = "gloo-ingress" // GatewayNamespaceKey is the label key applied to a Proxy CR // The value represents the namespace of the Gateway resource that generated it // This will only exist on Proxy CRs that have been generated from Kubernetes Gateway CRs // because those Proxies are always persisted in the writeNamespace, but we need to maintain // a reference to where the originating Gateway was defined GatewayNamespaceKey = "gateway_namespace" // ProxySyncId is an annotation used to associate a proxy translation with the status proxyReport based on the sync count ProxySyncId = "proxy_sync_id" )
const (
MetadataPluginName = "envoy.grpc_credentials.file_based_metadata"
)
Variables ¶
var ( TlsVersionNotFoundError = func(v ssl.SslParameters_ProtocolVersion) error { return eris.Errorf("tls version %v not found", v) } OcspStaplePolicyNotValidError = func(p ssl.SslConfig_OcspStaplePolicy) error { return eris.Errorf("ocsp staple policy %v not a valid policy", p) } // SslSecretNotFoundError is an exported error that wraps errors produced in validation // indicating a missing secret reference. This can be compared against using errors.Is. SslSecretNotFoundError = eris.New("SSL secret not found") NotTlsSecretError = func(ref *core.ResourceRef) error { return eris.Errorf("%v is not a TLS secret", ref) } InvalidTlsSecretError = func(ref *core.ResourceRef, err error) error { if ref == nil { return eris.Wrapf(err, "Invalid TLS secret") } else { errorString := fmt.Sprintf("%v is not a valid TLS secret", ref) return eris.Wrapf(err, errorString) } } NoCertificateFoundError = eris.New("no certificate information found") MissingValidationContextError = eris.Errorf("must provide validation context name if verifying SAN") RootCaMustBeProvidedError = eris.Errorf("a root_ca must be provided if verify_subject_alt_name is not empty") )
var (
InvalidRouteActionError = errors.New("cannot use this plugin on non-Route_Route route actions")
)
Functions ¶
func DeleteResources ¶ added in v1.9.1
func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList
Deletes the resources with the given refs from the list, and returns the updated list.
func EnsureRouteAction ¶ added in v0.18.22
func EnsureRouteAction(out *envoy_config_route_v3.Route) error
func EnvoyPathAsString ¶ added in v1.0.0
func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string
func FilterLogLevel ¶ added in v0.19.2
func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder
Filter JSON logs with level
func GetCommonTlsContextFromUpstreamOptions ¶ added in v1.6.9
func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)
We support global UpstreamOptions to define SslParameters for all upstreams If an upstream is configure with ssl, it will inherit the defaults here: https://github.com/solo-io/gloo/blob/15da82bdd65ab4bcedbc7fb803ea0bb5f7e926fc/projects/gloo/pkg/translator/clusters.go#L108 However, if an upstream is configured with one-way TLS, we must explicitly apply the defaults, since there is no ssl configuration on the upstream
func GetTcpHostReportsFromListenerReport ¶ added in v1.14.12
func GetTcpHostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.TcpHostReport
Given any supported listener type, returns the TcpHost report objects that are used for error/warning reporting
func GetTranslatorSelectorExpression ¶ added in v1.17.0
func GetTranslatorValue ¶ added in v1.17.0
func GetVhostReportsFromListenerReport ¶ added in v1.9.25
func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport
func GetVirtualHostsForListener ¶ added in v1.9.25
func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost
func MatchedRouteConfigName ¶ added in v1.9.25
MatchedRouteConfigName returns a unique RouteConfiguration name This name is commonly used for 2 purposes:
- to associate the RouteConfigurationName between RDS and the HttpConnectionManager NetworkFilter
- To provide a consistent key function for a map of ListenerReports
func MergeResourceLists ¶ added in v1.9.1
func MergeResourceLists(existingResources sk_resources.ResourceList, modifiedResources sk_resources.ResourceList) sk_resources.ResourceList
Merges the modified resources into the existing resources, overwriting any existing values, and returns the new list
func MessageToAny ¶ added in v1.5.0
MessageToAny takes any given proto message msg and returns the marshalled bytes of the proto, and a url to the type definition for the proto in the form of a *pany.Any, errors if nil or if the proto type doesnt exist or if there is a marshalling error
func MustAnyToMessage
deprecated
added in
v1.5.0
func NewSslConfigTranslator ¶
func NewSslConfigTranslator() *sslConfigTranslator
func PathAsString ¶
func ResourceListToSecretList ¶ added in v1.9.25
func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList
func ResourceListToUpstreamList ¶ added in v1.9.1
func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList
func RouteConfigName ¶ added in v1.9.25
RouteConfigName cannot always be relied on to get the route config name for any listener because the pattern is different for hybrid listeners (see MatchedRouteConfigName below)
func SanitizeForEnvoy ¶ added in v0.14.0
func ShallowMerge ¶ added in v1.15.0
ShallowMerge sets dst to the value of src, if src is non-zero and dst is zero-valued or overwrite=true. It returns a boolean indicating whether src overwrote dst.
func ShallowMergeRouteOptions ¶ added in v1.17.0
func ShallowMergeRouteOptions(dst, src *v1.RouteOptions) (*v1.RouteOptions, bool)
ShallowMergeRouteOptions merges the top-level fields of src into dst. The fields in dst that have non-zero values will not be overwritten. It performs a shallow merge of top-level fields only. It returns a boolean indicating whether any fields in src overwrote dst.
func ShallowMergeVirtualHostOptions ¶ added in v1.17.4
func ShallowMergeVirtualHostOptions(dst, src *v1.VirtualHostOptions) (*v1.VirtualHostOptions, bool)
ShallowMergeVirtualHostOptions merges the top-level fields of src into dst. The fields in dst that have non-zero values will not be overwritten. It performs a shallow merge of top-level fields only. It returns a boolean indicating whether any fields in src overwrote dst.
func SortGatewayRoutesByPath ¶ added in v0.18.32
func SortRoutesByPath ¶
Matchers sort according to the following rules: 1. exact path < regex path < prefix path 2. lexicographically greater path string < lexicographically smaller path string
func UpstreamsToResourceList ¶ added in v1.9.1
func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList
func VerifySanListToMatchSanList ¶ added in v1.16.0
func VerifySanListToMatchSanList(sanList []string) []*envoymatcher.StringMatcher
Types ¶
type CertSource ¶
type CertSource interface {
GetSecretRef() *core.ResourceRef
GetSslFiles() *ssl.SSLFiles
GetSds() *ssl.SDSConfig
GetVerifySubjectAltName() []string
GetParameters() *ssl.SslParameters
GetAlpnProtocols() []string
}
type LogLevel ¶ added in v0.19.2
type LogLevel int8
A Level is a logging priority. Higher levels are more important.
type SslConfigTranslator ¶
type SslConfigTranslator interface {
ResolveUpstreamSslConfig(secrets v1.SecretList, uc *ssl.UpstreamSslConfig) (*envoyauth.UpstreamTlsContext, error)
ResolveDownstreamSslConfig(secrets v1.SecretList, dc *ssl.SslConfig) (*envoyauth.DownstreamTlsContext, error)
ResolveCommonSslConfig(cs CertSource, secrets v1.SecretList, mustHaveCert bool) (*envoyauth.CommonTlsContext, error)
ResolveSslParamsConfig(params *ssl.SslParameters) (*envoyauth.TlsParameters, error)
}
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package mock_utils is a generated GoMock package.
|
Package mock_utils is a generated GoMock package. |