utils

package
v1.19.0-beta1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2024 License: Apache-2.0 Imports: 32 Imported by: 16

Documentation

Index

Constants

View Source
const (
	// ProxyTypeKey is the label key applied to Proxies generated by the Gloo Edge translator
	ProxyTypeKey = "created_by"

	// GlooEdgeProxyValue is the label value for ProxyTypeKey applied to Proxy CRs
	// that have been generated from Gloo Edge Gateway API resources
	GlooEdgeProxyValue = "gloo-gateway"

	// GatewayApiProxyValue is the label value for ProxyTypeKey applied to Proxy CRs
	// that have been generated from Kubernetes Gateway API resources
	GatewayApiProxyValue = "gloo-kube-gateway-api"

	// KnativeProxyValue is the label value applied to Proxies generated by the Gloo Knative translator
	KnativeProxyValue = "gloo-knative"

	// IngressProxyValue is the label value applied to Proxies generated by the Gloo Ingress translator
	IngressProxyValue = "gloo-ingress"

	// GatewayNamespaceKey is the label key applied to a Proxy CR
	// The value represents the namespace of the Gateway resource that generated it
	// This will only exist on Proxy CRs that have been generated from Kubernetes Gateway CRs
	// because those Proxies are always persisted in the writeNamespace, but we need to maintain
	// a reference to where the originating Gateway was defined
	GatewayNamespaceKey = "gateway_namespace"

	// ProxySyncId is an annotation used to associate a proxy translation with the status proxyReport based on the sync count
	ProxySyncId = "proxy_sync_id"
)
View Source
const (
	MetadataPluginName = "envoy.grpc_credentials.file_based_metadata"
)

Variables

View Source
var (
	TlsVersionNotFoundError = func(v ssl.SslParameters_ProtocolVersion) error {
		return eris.Errorf("tls version %v not found", v)
	}

	OcspStaplePolicyNotValidError = func(p ssl.SslConfig_OcspStaplePolicy) error {
		return eris.Errorf("ocsp staple policy %v not a valid policy", p)
	}

	// SslSecretNotFoundError is an exported error that wraps errors produced in validation
	// indicating a missing secret reference. This can be compared against using errors.Is.
	SslSecretNotFoundError = eris.New("SSL secret not found")

	NotTlsSecretError = func(ref *core.ResourceRef) error {
		return eris.Errorf("%v is not a TLS secret", ref)
	}

	InvalidTlsSecretError = func(ref *core.ResourceRef, err error) error {
		if ref == nil {
			return eris.Wrapf(err, "Invalid TLS secret")
		} else {
			errorString := fmt.Sprintf("%v is not a valid TLS secret", ref)
			return eris.Wrapf(err, errorString)
		}
	}

	NoCertificateFoundError = eris.New("no certificate information found")

	MissingValidationContextError = eris.Errorf("must provide validation context name if verifying SAN")

	RootCaMustBeProvidedError = eris.Errorf("a root_ca must be provided if verify_subject_alt_name is not empty")
)
View Source
var (
	InvalidRouteActionError = errors.New("cannot use this plugin on non-Route_Route route actions")
)

Functions

func AnyToMessage added in v1.5.0

func AnyToMessage(a *pany.Any) (proto.Message, error)

func DeleteResources added in v1.9.1

func DeleteResources(existingResources sk_resources.ResourceList, refsToDelete []*core.ResourceRef) sk_resources.ResourceList

Deletes the resources with the given refs from the list, and returns the updated list.

func EnsureRouteAction added in v0.18.22

func EnsureRouteAction(out *envoy_config_route_v3.Route) error

func EnvoyPathAsString added in v1.0.0

func EnvoyPathAsString(matcher *envoy_config_route_v3.RouteMatch) string

func FilterLogLevel added in v0.19.2

func FilterLogLevel(r io.ReadCloser, level LogLevel) strings.Builder

Filter JSON logs with level

func GetCommonTlsContextFromUpstreamOptions added in v1.6.9

func GetCommonTlsContextFromUpstreamOptions(options *v1.UpstreamOptions) (*envoyauth.CommonTlsContext, error)

We support global UpstreamOptions to define SslParameters for all upstreams If an upstream is configure with ssl, it will inherit the defaults here: https://github.com/solo-io/gloo/blob/15da82bdd65ab4bcedbc7fb803ea0bb5f7e926fc/projects/gloo/pkg/translator/clusters.go#L108 However, if an upstream is configured with one-way TLS, we must explicitly apply the defaults, since there is no ssl configuration on the upstream

func GetTcpHostReportsFromListenerReport added in v1.14.12

func GetTcpHostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.TcpHostReport

Given any supported listener type, returns the TcpHost report objects that are used for error/warning reporting

func GetTranslatorSelectorExpression added in v1.17.0

func GetTranslatorSelectorExpression(translators ...string) string

func GetTranslatorValue added in v1.17.0

func GetTranslatorValue(meta *core.Metadata) string

func GetVhostReportsFromListenerReport added in v1.9.25

func GetVhostReportsFromListenerReport(listenerReport *validation.ListenerReport) []*validation.VirtualHostReport

func GetVirtualHostsForListener added in v1.9.25

func GetVirtualHostsForListener(listener *v1.Listener) []*v1.VirtualHost

func MatchedRouteConfigName added in v1.9.25

func MatchedRouteConfigName(listener *v1.Listener, matcher *v1.Matcher) string

MatchedRouteConfigName returns a unique RouteConfiguration name This name is commonly used for 2 purposes:

  1. to associate the RouteConfigurationName between RDS and the HttpConnectionManager NetworkFilter
  2. To provide a consistent key function for a map of ListenerReports

func MergeResourceLists added in v1.9.1

func MergeResourceLists(existingResources sk_resources.ResourceList, modifiedResources sk_resources.ResourceList) sk_resources.ResourceList

Merges the modified resources into the existing resources, overwriting any existing values, and returns the new list

func MessageToAny added in v1.5.0

func MessageToAny(msg proto.Message) (*pany.Any, error)

MessageToAny takes any given proto message msg and returns the marshalled bytes of the proto, and a url to the type definition for the proto in the form of a *pany.Any, errors if nil or if the proto type doesnt exist or if there is a marshalling error

func MustAnyToMessage deprecated added in v1.5.0

func MustAnyToMessage(a *pany.Any) proto.Message

Deprecated: Use AnyToMessage

func NewSslConfigTranslator

func NewSslConfigTranslator() *sslConfigTranslator

func PathAsString

func PathAsString(matcher *matchers.Matcher) string

func ResourceListToSecretList added in v1.9.25

func ResourceListToSecretList(resourceList sk_resources.ResourceList) gloov1.SecretList

func ResourceListToUpstreamList added in v1.9.1

func ResourceListToUpstreamList(resourceList sk_resources.ResourceList) gloov1.UpstreamList

func RouteConfigName added in v1.9.25

func RouteConfigName(listener *v1.Listener) string

RouteConfigName cannot always be relied on to get the route config name for any listener because the pattern is different for hybrid listeners (see MatchedRouteConfigName below)

func SanitizeForEnvoy added in v0.14.0

func SanitizeForEnvoy(ctx context.Context, resourceName, resourceTypeName string) string

func ShallowMerge added in v1.15.0

func ShallowMerge(dst, src reflect.Value, overwrite bool) bool

ShallowMerge sets dst to the value of src, if src is non-zero and dst is zero-valued or overwrite=true. It returns a boolean indicating whether src overwrote dst.

func ShallowMergeRouteOptions added in v1.17.0

func ShallowMergeRouteOptions(dst, src *v1.RouteOptions) (*v1.RouteOptions, bool)

ShallowMergeRouteOptions merges the top-level fields of src into dst. The fields in dst that have non-zero values will not be overwritten. It performs a shallow merge of top-level fields only. It returns a boolean indicating whether any fields in src overwrote dst.

func ShallowMergeVirtualHostOptions added in v1.17.4

func ShallowMergeVirtualHostOptions(dst, src *v1.VirtualHostOptions) (*v1.VirtualHostOptions, bool)

ShallowMergeVirtualHostOptions merges the top-level fields of src into dst. The fields in dst that have non-zero values will not be overwritten. It performs a shallow merge of top-level fields only. It returns a boolean indicating whether any fields in src overwrote dst.

func SortGatewayRoutesByPath added in v0.18.32

func SortGatewayRoutesByPath(routes []*gatewayv1.Route)

func SortRoutesByPath

func SortRoutesByPath(routes []*v1.Route)

Matchers sort according to the following rules: 1. exact path < regex path < prefix path 2. lexicographically greater path string < lexicographically smaller path string

func UpstreamsToResourceList added in v1.9.1

func UpstreamsToResourceList(upstreams []*gloov1.Upstream) sk_resources.ResourceList

func VerifySanListToMatchSanList added in v1.16.0

func VerifySanListToMatchSanList(sanList []string) []*envoymatcher.StringMatcher

Types

type CertSource

type CertSource interface {
	GetSecretRef() *core.ResourceRef
	GetSslFiles() *ssl.SSLFiles
	GetSds() *ssl.SDSConfig
	GetVerifySubjectAltName() []string
	GetParameters() *ssl.SslParameters
	GetAlpnProtocols() []string
}

type LogLevel added in v0.19.2

type LogLevel int8

A Level is a logging priority. Higher levels are more important.

const (
	LogLevelInfo LogLevel = iota - 1
	LogLevelWarn
	LogLevelError
	LogLevelAll
)

func (LogLevel) String added in v0.19.2

func (l LogLevel) String() string

String returns a lower-case ASCII representation of the log level.

type SslConfigTranslator

type SslConfigTranslator interface {
	ResolveUpstreamSslConfig(secrets v1.SecretList, uc *ssl.UpstreamSslConfig) (*envoyauth.UpstreamTlsContext, error)
	ResolveDownstreamSslConfig(secrets v1.SecretList, dc *ssl.SslConfig) (*envoyauth.DownstreamTlsContext, error)
	ResolveCommonSslConfig(cs CertSource, secrets v1.SecretList, mustHaveCert bool) (*envoyauth.CommonTlsContext, error)
	ResolveSslParamsConfig(params *ssl.SslParameters) (*envoyauth.TlsParameters, error)
}

Directories

Path Synopsis
Package mock_utils is a generated GoMock package.
Package mock_utils is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL