Documentation ¶
Index ¶
- Constants
- Variables
- func DecodeOnlyString(fromValue reflect.Value, toValue reflect.Value) (interface{}, error)
- func DecodeStrings(fromValue reflect.Value, toValue reflect.Value) (interface{}, error)
- func GetStructKeys(typ reflect.Type, tag, squashValue string) []string
- func MapLoggingFields(value interface{}) logging.Fields
- func ValidateMissingRequiredKeys(value interface{}, tag, squashValue string) []string
- type Config
- func (c *Config) GetActionsEnabled() bool
- func (c *Config) GetAuditLogLevel() string
- func (c *Config) GetAuthAPIEndpoint() string
- func (c *Config) GetAuthAPISupportsInvites() bool
- func (c *Config) GetAuthAPIToken() string
- func (c *Config) GetAuthCacheConfig() authparams.ServiceCache
- func (c *Config) GetAuthEncryptionSecret() []byte
- func (c *Config) GetAuthLogoutRedirectURL() string
- func (c *Config) GetAuthOIDCConfiguration() OIDC
- func (c *Config) GetAwsConfig() *aws.Config
- func (c *Config) GetBlockAdapterAzureParams() (blockparams.Azure, error)
- func (c *Config) GetBlockAdapterGSParams() (blockparams.GS, error)
- func (c *Config) GetBlockAdapterLocalParams() (blockparams.Local, error)
- func (c *Config) GetBlockAdapterS3Params() (blockparams.S3, error)
- func (c *Config) GetBlockstoreDefaultNamespacePrefix() string
- func (c *Config) GetBlockstoreType() string
- func (c *Config) GetCommittedBlockStoragePrefix() string
- func (c *Config) GetCommittedParams() *committed.Params
- func (c *Config) GetCommittedTierFSParams(adapter block.Adapter) (*pyramidparams.ExtParams, error)
- func (c *Config) GetDatabaseType() string
- func (c *Config) GetEmailParams() (email.Params, error)
- func (c *Config) GetFixedInstallationID() string
- func (c *Config) GetKVParams() (kvparams.KV, error)
- func (c *Config) GetLDAPConfiguration() *LDAP
- func (c *Config) GetListenAddress() string
- func (c *Config) GetLoggingTraceRequestHeaders() bool
- func (c *Config) GetLoginDuration() time.Duration
- func (c *Config) GetS3GatewayDomainNames() []string
- func (c *Config) GetS3GatewayFallbackURL() string
- func (c *Config) GetS3GatewayRegion() string
- func (c *Config) GetSecurityAuditCheckInterval() time.Duration
- func (c *Config) GetSecurityAuditCheckURL() string
- func (c *Config) GetStatsAddress() string
- func (c *Config) GetStatsEnabled() bool
- func (c *Config) GetStatsExtended() bool
- func (c *Config) GetStatsFlushInterval() time.Duration
- func (c *Config) GetStatsFlushSize() int
- func (c *Config) GetUIEnabled() bool
- func (c *Config) GetUISnippets() []apiparams.CodeSnippet
- func (c *Config) IsAuthTypeAPI() bool
- func (c *Config) IsEmailSubscriptionEnabled() bool
- func (c *Config) ToLoggerFields() logging.Fields
- func (c *Config) Validate() error
- type LDAP
- type OIDC
- type OnlyString
- type S3AuthInfo
- type SecureString
- type Strings
Constants ¶
const ( DatabaseTypeKey = "database.type" LocalDatabaseType = "local" DatabaseLocalPathKey = "database.local.path" DefaultDatabaseLocalPath = "~/lakefs/metadata" DatabaseLocalPrefetchSizeKey = "database.local.prefetch_size" DefaultDatabaseLocalPrefetchSize = 256 DatabaseDynamodbTableNameKey = "database.dynamodb.table_name" DefaultDatabaseDynamodbTableName = "kvstore" DatabaseDynamodbReadCapacityUnitsKey = "database.dynamodb.read_capacity_units" DefaultDatabaseDynamodbReadCapacityUnits = 1000 DatabaseDynamodbWriteCapacityUnitsKey = "database.dynamodb.write_capacity_units" DefaultDatabaseDynamodbWriteCapacityUnits = 1000 DatabasePostgresMaxOpenConnectionsKey = "database.postgres.max_open_connections" DefaultDatabasePostgresMaxOpenConnections = 25 DatabasePostgresMaxIdleConnectionsKey = "database.postgres.max_idle_connections" DefaultDatabasePostgresMaxIdleConnections = 25 PostgresConnectionMaxLifetimeKey = "database.postgres.connection_max_lifetime" DefaultPostgresConnectionMaxLifetime = "5m" BlockstoreTypeKey = "blockstore.type" LocalBlockstoreType = "local" BlockstoreLocalPathKey = "blockstore.local.path" DefaultBlockstoreLocalPath = "~/lakefs/data/block" BlockstoreS3RegionKey = "blockstore.s3.region" DefaultBlockstoreS3Region = "us-east-1" BlockstoreS3StreamingChunkSizeKey = "blockstore.s3.streaming_chunk_size" DefaultBlockstoreS3StreamingChunkSize = 2 << 19 // 1MiB by default per chunk BlockstoreS3StreamingChunkTimeoutKey = "blockstore.s3.streaming_chunk_timeout" DefaultBlockstoreS3StreamingChunkTimeout = time.Second * 1 // or 1 seconds, whatever comes first BlockstoreS3DiscoverBucketRegionKey = "blockstore.s3.discover_bucket_region" DefaultBlockstoreS3DiscoverBucketRegion = true BlockstoreS3MaxRetriesKey = "blockstore.s3.max_retries" DefaultBlockstoreS3MaxRetries = 5 BlockstoreAzureTryTimeoutKey = "blockstore.azure.try_timeout" DefaultBlockstoreAzureTryTimeout = 10 * time.Minute BlockstoreAzureAuthMethod = "blockstore.azure.auth_method" DefaultBlockstoreAzureAuthMethod = "access-key" BlockstoreGSS3EndpointKey = "blockstore.gs.s3_endpoint" DefaultBlockstoreGSS3Endpoint = "https://storage.googleapis.com" DefaultCommittedLocalCacheRangePercent = 0.9 DefaultCommittedLocalCacheMetaRangePercent = 0.1 DefaultCommittedLocalCacheBytes = 1 * 1024 * 1024 * 1024 DefaultCommittedLocalCacheDir = "~/lakefs/data/cache" DefaultCommittedPebbleSSTableCacheSizeBytes = 400_000_000 DefaultCommittedLocalCacheNumUploaders = 10 DefaultCommittedBlockStoragePrefix = "_lakefs" DefaultCommittedPermanentMinRangeSizeBytes = 0 DefaultCommittedPermanentMaxRangeSizeBytes = 20 * 1024 * 1024 DefaultCommittedPermanentRangeRaggednessEntries = 50_000 DefaultAuthCacheEnabled = true DefaultAuthCacheSize = 1024 DefaultAuthCacheTTL = 20 * time.Second DefaultAuthCacheJitter = 3 * time.Second DefaultAuthOIDCInitialGroupsClaimName = "initial_groups" DefaultAuthLogoutRedirectURL = "/auth/login" DefaultAuthLoginDuration = 7 * 24 * time.Hour DefaultListenAddr = "0.0.0.0:8000" DefaultS3GatewayDomainName = "s3.local.lakefs.io" DefaultS3GatewayRegion = "us-east-1" DefaultActionsEnabled = true DefaultStatsEnabled = true DefaultStatsAddr = "https://stats.treeverse.io" DefaultStatsFlushInterval = time.Second * 30 DefaultStatsFlushSize = 100 DefaultEmailSubscriptionEnabled = true DefaultEmailLimitEveryDuration = time.Minute DefaultEmailBurst = 10 DefaultLakefsEmailBaseURL = "http://localhost:8000" DefaultUIEnabled = true ListenAddressKey = "listen_address" LoggingFormatKey = "logging.format" LoggingLevelKey = "logging.level" LoggingOutputKey = "logging.output" LoggingFileMaxSizeMBKey = "logging.file_max_size_mb" LoggingFilesKeepKey = "logging.files_keep" LoggingAuditLogLevel = "logging.audit_log_level" AuthEncryptSecretKey = "auth.encrypt.secret_key" // #nosec LocalAuthEncryptSecretKey = "THIS_MUST_BE_CHANGED_IN_PRODUCTION" // #nosec ActionsEnabledKey = "actions.enabled" AuthCacheEnabledKey = "auth.cache.enabled" AuthCacheSizeKey = "auth.cache.size" AuthCacheTTLKey = "auth.cache.ttl" AuthCacheJitterKey = "auth.cache.jitter" AuthOIDCInitialGroupsClaimName = "auth.oidc.initial_groups_claim_name" AuthLogoutRedirectURL = "auth.logout_redirect_url" AuthLoginDuration = "auth.login_duration" CommittedLocalCacheSizeBytesKey = "committed.local_cache.size_bytes" CommittedLocalCacheDirKey = "committed.local_cache.dir" CommittedLocalCacheNumUploadersKey = "committed.local_cache.max_uploaders_per_writer" CommittedLocalCacheRangeProportionKey = "committed.local_cache.range_proportion" CommittedLocalCacheMetaRangeProportionKey = "committed.local_cache.metarange_proportion" CommittedBlockStoragePrefixKey = "committed.block_storage_prefix" CommittedPermanentStorageMinRangeSizeKey = "committed.permanent.min_range_size_bytes" CommittedPermanentStorageMaxRangeSizeKey = "committed.permanent.max_range_size_bytes" CommittedPermanentStorageRangeRaggednessKey = "committed.permanent.range_raggedness_entries" CommittedPebbleSSTableCacheSizeBytesKey = "committed.sstable.memory.cache_size_bytes" GatewaysS3DomainNamesKey = "gateways.s3.domain_name" GatewaysS3RegionKey = "gateways.s3.region" StatsEnabledKey = "stats.enabled" StatsAddressKey = "stats.address" StatsFlushIntervalKey = "stats.flush_interval" StatsFlushSizeKey = "stats.flush_size" EmailSubscriptionEnabledKey = "email_subscription.enabled" SecurityAuditCheckIntervalKey = "security.audit_check_interval" DefaultSecurityAuditCheckInterval = 24 * time.Hour SecurityAuditCheckURLKey = "security.audit_check_url" DefaultSecurityAuditCheckURL = "https://audit.lakefs.io/audit" EmailLimitEveryDurationKey = "email.limit_every_duration" EmailBurstKey = "email.burst" LakefsEmailBaseURLKey = "email.lakefs_base_url" UIEnabledKey = "ui.enabled" )
const ( DefaultLoggingFormat = "text" DefaultLoggingLevel = "INFO" DefaultLoggingOutput = "-" DefaultLoggingFilesKeepKey = 100 DefaultAuditLogLevel = "DEBUG" )
const ( FieldMaskedValue = "******" FieldMaskedNoValue = "------" )
const UseLocalConfiguration = "local-settings"
UseLocalConfiguration set to true will add defaults that enable a lakeFS run without any other configuration like DB or blockstore.
Variables ¶
var ( ErrBadConfiguration = errors.New("bad configuration") ErrMissingSecretKey = fmt.Errorf("%w: auth.encrypt.secret_key cannot be empty", ErrBadConfiguration) ErrInvalidProportion = fmt.Errorf("%w: total proportion isn't 1.0", ErrBadConfiguration) ErrBadDomainNames = fmt.Errorf("%w: domain names are prefixes", ErrBadConfiguration) ErrMissingRequiredKeys = fmt.Errorf("%w: missing required keys", ErrBadConfiguration) )
var (
ErrMustBeString = errors.New("must be a string")
)
Functions ¶
func DecodeOnlyString ¶ added in v0.65.0
DecodeOnlyString is a mapstructure.HookFuncType that decodes a string value as an OnlyString, but fails on all other values. It is useful to force parsing of a field that can contain just digits as a string, when the leading digit might be 0.
func DecodeStrings ¶ added in v0.40.0
DecodeStrings is a mapstructure.HookFuncType that decodes a single string value or a slice of strings into Strings.
func GetStructKeys ¶ added in v0.40.0
GetStructKeys returns all keys in a nested struct type, taking the name from the tag name or the field name. It handles an additional suffix squashValue like mapstructure does: if present on an embedded struct, name components for that embedded struct should not be included. It does not handle maps, does chase pointers, but does not check for loops in nesting.
func MapLoggingFields ¶ added in v0.50.0
MapLoggingFields returns all logging.Fields formatted based on our configuration keys 'dot.name.key' with associated values. Supports squash, and secret to skip printing out secrets.
func ValidateMissingRequiredKeys ¶ added in v0.48.0
ValidateMissingRequiredKeys returns all keys of value in GetStructKeys format that have an additional required tag set but are unset.
Types ¶
type Config ¶
type Config struct {
// contains filtered or unexported fields
}
func NewLocalConfig ¶ added in v0.82.0
func (*Config) GetActionsEnabled ¶ added in v0.58.0
func (*Config) GetAuditLogLevel ¶ added in v0.68.0
func (*Config) GetAuthAPIEndpoint ¶ added in v0.63.0
func (*Config) GetAuthAPISupportsInvites ¶ added in v0.70.0
func (*Config) GetAuthAPIToken ¶ added in v0.63.0
func (*Config) GetAuthCacheConfig ¶
func (c *Config) GetAuthCacheConfig() authparams.ServiceCache
func (*Config) GetAuthEncryptionSecret ¶
func (*Config) GetAuthLogoutRedirectURL ¶ added in v0.69.0
func (*Config) GetAuthOIDCConfiguration ¶ added in v0.69.0
func (*Config) GetAwsConfig ¶
func (*Config) GetBlockAdapterAzureParams ¶
func (c *Config) GetBlockAdapterAzureParams() (blockparams.Azure, error)
func (*Config) GetBlockAdapterGSParams ¶
func (c *Config) GetBlockAdapterGSParams() (blockparams.GS, error)
func (*Config) GetBlockAdapterLocalParams ¶
func (c *Config) GetBlockAdapterLocalParams() (blockparams.Local, error)
func (*Config) GetBlockAdapterS3Params ¶
func (c *Config) GetBlockAdapterS3Params() (blockparams.S3, error)
func (*Config) GetBlockstoreDefaultNamespacePrefix ¶ added in v0.60.0
func (*Config) GetBlockstoreType ¶
func (*Config) GetCommittedBlockStoragePrefix ¶ added in v0.43.0
func (*Config) GetCommittedParams ¶
func (*Config) GetCommittedTierFSParams ¶
GetCommittedTierFSParams returns parameters for building a tierFS. Caller must separately build and populate Adapter.
func (*Config) GetDatabaseType ¶ added in v0.84.0
func (*Config) GetEmailParams ¶ added in v0.62.0
func (*Config) GetFixedInstallationID ¶ added in v0.40.0
func (*Config) GetLDAPConfiguration ¶ added in v0.53.0
func (*Config) GetListenAddress ¶
func (*Config) GetLoggingTraceRequestHeaders ¶ added in v0.53.1
func (*Config) GetLoginDuration ¶ added in v0.85.0
func (*Config) GetS3GatewayDomainNames ¶ added in v0.40.0
func (*Config) GetS3GatewayFallbackURL ¶
func (*Config) GetS3GatewayRegion ¶
func (*Config) GetSecurityAuditCheckInterval ¶ added in v0.57.0
func (*Config) GetSecurityAuditCheckURL ¶ added in v0.57.0
func (*Config) GetStatsAddress ¶
func (*Config) GetStatsEnabled ¶
func (*Config) GetStatsExtended ¶ added in v0.83.0
func (*Config) GetStatsFlushInterval ¶
func (*Config) GetStatsFlushSize ¶ added in v0.83.3
func (*Config) GetUIEnabled ¶ added in v0.70.2
func (*Config) GetUISnippets ¶ added in v0.66.0
func (c *Config) GetUISnippets() []apiparams.CodeSnippet
func (*Config) IsAuthTypeAPI ¶ added in v0.63.0
func (*Config) IsEmailSubscriptionEnabled ¶ added in v0.87.0
func (*Config) ToLoggerFields ¶ added in v0.50.0
type LDAP ¶ added in v0.53.0
type LDAP struct { ServerEndpoint string `mapstructure:"server_endpoint"` BindDN string `mapstructure:"bind_dn"` BindPassword string `mapstructure:"bind_password"` DefaultUserGroup string `mapstructure:"default_user_group"` UsernameAttribute string `mapstructure:"username_attribute"` UserBaseDN string `mapstructure:"user_base_dn"` UserFilter string `mapstructure:"user_filter"` }
LDAP holds configuration for authenticating on an LDAP server.
type OIDC ¶ added in v0.69.0
type OIDC struct { Enabled bool `mapstructure:"enabled"` IsDefaultLogin bool `mapstructure:"is_default_login"` // provider details: URL string `mapstructure:"url"` ClientID string `mapstructure:"client_id"` ClientSecret string `mapstructure:"client_secret"` // configure the OIDC authentication flow: CallbackBaseURL string `mapstructure:"callback_base_url"` AuthorizeEndpointQueryParameters map[string]string `mapstructure:"authorize_endpoint_query_parameters"` // configure how users are handled on the lakeFS side: ValidateIDTokenClaims map[string]string `mapstructure:"validate_id_token_claims"` DefaultInitialGroups []string `mapstructure:"default_initial_groups"` InitialGroupsClaimName string `mapstructure:"initial_groups_claim_name"` FriendlyNameClaimName string `mapstructure:"friendly_name_claim_name"` AdditionalScopeClaims []string `mapstructure:"additional_scope_claims"` }
type OnlyString ¶ added in v0.65.0
type OnlyString string
OnlyString is a string that can deserialize only from a string. Use it to prevent YAML configuration reading a number-like string with leading zeros, and then Viper using mapstructure to convert it silently back to a string and losing the leading zeros.
type S3AuthInfo ¶ added in v0.40.0
type S3AuthInfo struct { CredentialsFile string `mapstructure:"credentials_file"` Profile string Credentials *struct { AccessKeyID SecureString `mapstructure:"access_key_id"` // AccessSecretKey is the old name for SecretAccessKey. // // Deprecated: use SecretAccessKey instead. AccessSecretKey SecureString `mapstructure:"access_secret_key"` SecretAccessKey SecureString `mapstructure:"secret_access_key"` SessionToken SecureString `mapstructure:"session_token"` } }
S3AuthInfo holds S3-style authentication.
type SecureString ¶ added in v0.50.0
type SecureString string
func (SecureString) SecureValue ¶ added in v0.62.0
func (s SecureString) SecureValue() string
SecureValue returns the actual value of s as a string.
func (SecureString) String ¶ added in v0.50.0
func (SecureString) String() string
String returns an elided version. It is safe to call for logging.