Documentation
¶
Overview ¶
Package server implements an environment for running LUCI servers.
It interprets command line flags and initializes the serving environment with following services available via context.Context:
- go.chromium.org/luci/common/logging: Logging.
- go.chromium.org/luci/server/caching: Process cache.
- go.chromium.org/luci/server/secrets: Secrets.
- go.chromium.org/luci/server/settings: Access to app settings.
- go.chromium.org/luci/server/auth: Making authenticated calls.
- go.chromium.org/luci/server/redisconn: Redis connection pool.
- go.chromium.org/gae: Datastore.
Usage example:
func main() {
server.Main(nil, func(srv *server.Server) error {
// Initialize global state, change root context.
if err := initializeGlobalStuff(srv.Context); err != nil {
return err
}
srv.Context = injectGlobalStuff(srv.Context)
// Install regular HTTP routes.
srv.Routes.GET("/", router.MiddlewareChain{}, func(c *router.Context) {
// ...
})
// Install pRPC services.
servicepb.RegisterSomeServer(srv.PRPC, &SomeServer{})
return nil
})
}
Index ¶
Constants ¶
This section is empty.
Variables ¶
var DefaultOAuthScopes = []string{
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/userinfo.email",
}
DefaultOAuthScopes is a list of OAuth scopes we want a local user to grant us when running the server locally.
Functions ¶
Types ¶
type Options ¶
type Options struct {
Prod bool // must be set when running in production
HTTPAddr string // address to bind the main listening socket to
AdminAddr string // address to bind the admin socket to
RootSecretPath string // path to a JSON file with the root secret key
SettingsPath string // path to a JSON file with app settings
ClientAuth clientauth.Options // base settings for client auth options
TokenCacheDir string // where to cache auth tokens (optional)
AuthDBPath string // if set, load AuthDB from a file
AuthServiceHost string // hostname of an Auth Service to use
AuthDBDump string // Google Storage path to fetch AuthDB dumps from
AuthDBSigner string // service account that signs AuthDB dumps
RedisAddr string // Redis server to connect to as "host:port" (optional)
CloudProject string // name of hosting Google Cloud Project
TsMonAccount string // service account to flush metrics as
TsMonServiceName string // service name of tsmon target
TsMonJobName string // job name of tsmon target
// contains filtered or unexported fields
}
Options are exposed as command line flags.
type Server ¶
type Server struct {
// Context is the root context used by all requests and background activities.
//
// Can be replaced (by a derived context) before ListenAndServe call, for
// example to inject values accessible to all request handlers.
Context context.Context
// Routes is HTTP routes exposed via HTTPAddr port.
//
// Should be populated before ListenAndServe call.
Routes *router.Router
// PRPC is pRPC service with APIs exposed via HTTPAddr port.
//
// Should be populated before ListenAndServe call.
PRPC *prpc.Server
// Options is a copy of options passed to New.
Options Options
// contains filtered or unexported fields
}
Server is responsible for initializing and launching the serving environment.
Doesn't do TLS. Should be sitting behind a load balancer that terminates TLS.
func New ¶
New constructs a new server instance.
It hosts one or more HTTP servers and starts and stops them in unison. It is also responsible for preparing contexts for incoming requests.
On errors returns partially initialized server (always non-nil). At least its logging will be configured and can be used to report the error. Trying to use such partially initialized server for anything else is undefined behavior.
func (*Server) Fatal ¶
Fatal logs the error and immediately shuts down the process with exit code 3.
No cleanup is performed. Deferred statements are not run. Not recoverable.
func (*Server) ListenAndServe ¶
ListenAndServe launches the serving loop.
Blocks forever or until the server is stopped via Shutdown (from another goroutine or from a SIGTERM handler). Returns nil if the server was shutdown correctly or an error if it failed to start or unexpectedly died. The error is logged inside.
Should be called only once. Panics otherwise.
func (*Server) RegisterCleanup ¶
func (s *Server) RegisterCleanup(cb func())
RegisterCleanup registers a callback that is run in ListenAndServe after the server has exited the serving loop.
Registering a new cleanup callback from within a cleanup causes a deadlock, don't do that.
func (*Server) RegisterHTTP ¶
RegisterHTTP prepares an additional HTTP server.
Can be used to open more listening HTTP ports (in addition to opts.HTTPAddr and opts.AdminAddr). Returns a router that should be populated with routes exposed through the added server.
Should be called before ListenAndServe (panics otherwise).
func (*Server) RunInBackground ¶
RunInBackground launches the given callback in a separate goroutine right before starting the serving loop.
If the server is already running, launches it right away. If the server fails to start, the goroutines will never be launched.
Should be used for background asynchronous activities like reloading configs.
All logs lines emitted by the callback are annotated with "activity" field which can be arbitrary, but by convention has format "<namespace>.<name>", where "luci" namespace is reserved for internal activities.
The context passed to the callback is canceled when the server is shutting down. It is expected the goroutine will exit soon after the context is canceled.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package analytics provides a standard way to store the Google Analytics tracking ID.
|
Package analytics provides a standard way to store the Google Analytics tracking ID. |
|
Package auth implements authentication and authorization framework for HTTP servers.
|
Package auth implements authentication and authorization framework for HTTP servers. |
|
authdb
Package authdb contains definition of Authentication Database (aka AuthDB).
|
Package authdb contains definition of Authentication Database (aka AuthDB). |
|
authdb/dump
Package dump implements loading AuthDB from dumps in Google Storage.
|
Package dump implements loading AuthDB from dumps in Google Storage. |
|
authdb/internal/certs
Package certs knows how to fetch certificate bundles of trusted services.
|
Package certs knows how to fetch certificate bundles of trusted services. |
|
authdb/internal/globset
Package globset preprocesses []identity.Glob for faster querying.
|
Package globset preprocesses []identity.Glob for faster querying. |
|
authdb/internal/graph
Package graph implements handling of the groups graph.
|
Package graph implements handling of the groups graph. |
|
authdb/internal/ipaddr
Package ipaddr implements IP whitelist check.
|
Package ipaddr implements IP whitelist check. |
|
authdb/internal/legacy
Package legacy contains older implementation of IsMember check.
|
Package legacy contains older implementation of IsMember check. |
|
authdb/internal/oauthid
Package oauthid implements OAuth client ID whitelist check.
|
Package oauthid implements OAuth client ID whitelist check. |
|
authdb/internal/seccfg
Package seccfg interprets SecurityConfig proto message.
|
Package seccfg interprets SecurityConfig proto message. |
|
authtest
Package authtest implements some interfaces used by auth package to simplify unit testing.
|
Package authtest implements some interfaces used by auth package to simplify unit testing. |
|
delegation
Package delegation contains low-level API for working with delegation tokens.
|
Package delegation contains low-level API for working with delegation tokens. |
|
openid
Package openid implements OpenID Connect Login protocol (client side).
|
Package openid implements OpenID Connect Login protocol (client side). |
|
service
Package service implements a wrapper around API exposed by auth_service: https://github.com/luci/luci-py/tree/master/appengine/auth_service
|
Package service implements a wrapper around API exposed by auth_service: https://github.com/luci/luci-py/tree/master/appengine/auth_service |
|
signing
Package signing provides interfaces to sign arbitrary small blobs with RSA-SHA256 signature (PKCS1v15) and verify such signatures.
|
Package signing provides interfaces to sign arbitrary small blobs with RSA-SHA256 signature (PKCS1v15) and verify such signatures. |
|
signing/signingtest
Package signingtest implements signing.Signer interface using small random keys.
|
Package signingtest implements signing.Signer interface using small random keys. |
|
xsrf
Package xsrf provides Cross Site Request Forgery prevention middleware.
|
Package xsrf provides Cross Site Request Forgery prevention middleware. |
|
Package caching implements common server object caches.
|
Package caching implements common server object caches. |
|
cachingtest
Package cachingtest contains helpers for testing code that uses caching package.
|
Package cachingtest contains helpers for testing code that uses caching package. |
|
layered
Package layered provides a two-layer cache for serializable objects.
|
Package layered provides a two-layer cache for serializable objects. |
|
Package internal is supporting code used by server.go.
|
Package internal is supporting code used by server.go. |
|
Package middleware defines base type for context-aware HTTP request handler.
|
Package middleware defines base type for context-aware HTTP request handler. |
|
Package portal implements HTTP routes for portal pages.
|
Package portal implements HTTP routes for portal pages. |
|
internal/assets
Package assets is generated by go.chromium.org/luci/tools/cmd/assets.
|
Package assets is generated by go.chromium.org/luci/tools/cmd/assets. |
|
Package pprof is similar to net/http/pprof, except it supports auth.
|
Package pprof is similar to net/http/pprof, except it supports auth. |
|
Package redisconn is a facade for Redis connection pool.
|
Package redisconn is a facade for Redis connection pool. |
|
Package router provides an HTTP router with support for middleware and subrouters.
|
Package router provides an HTTP router with support for middleware and subrouters. |
|
Package secrets provides an interface for a simple secret store: you ask it for a secret (a byte blob, identifies by some key), and it returns it to you (current version, as well as a bunch of previous versions).
|
Package secrets provides an interface for a simple secret store: you ask it for a secret (a byte blob, identifies by some key), and it returns it to you (current version, as well as a bunch of previous versions). |
|
testsecrets
Package testsecrets provides a dumb in-memory secret store to use in unit tests.
|
Package testsecrets provides a dumb in-memory secret store to use in unit tests. |
|
Package settings implements storage for infrequently changing global settings.
|
Package settings implements storage for infrequently changing global settings. |
|
static
|
|
|
Package templates implements wrapper around html/template to provide lazy loading of templates and better integration with HTTP middleware framework.
|
Package templates implements wrapper around html/template to provide lazy loading of templates and better integration with HTTP middleware framework. |
|
Package tokens provides means to generate and validate base64 encoded tokens compatible with luci-py's components.auth implementation.
|
Package tokens provides means to generate and validate base64 encoded tokens compatible with luci-py's components.auth implementation. |
|
Package tsmon adapts common/tsmon library to a server-side environment.
|
Package tsmon adapts common/tsmon library to a server-side environment. |
|
Package warmup allows to register hooks executed during the server warmup.
|
Package warmup allows to register hooks executed during the server warmup. |