Documentation ¶
Index ¶
- Constants
- Variables
- func FormOpenPolicyAgentMetaDataObject(decisionId string) (*pbstruct.Struct, error)
- func WithCleanInterval(interval time.Duration) func(*OpenPolicyAgentRegistry) error
- func WithConfigTemplate(configTemplate []byte) func(*OpenPolicyAgentInstanceConfig) error
- func WithConfigTemplateFile(configTemplateFile string) func(*OpenPolicyAgentInstanceConfig) error
- func WithEnvoyMetadata(metadata *ext_authz_v3_core.Metadata) func(*OpenPolicyAgentInstanceConfig) error
- func WithEnvoyMetadataBytes(content []byte) func(*OpenPolicyAgentInstanceConfig) error
- func WithEnvoyMetadataFile(file string) func(*OpenPolicyAgentInstanceConfig) error
- func WithMaxMemoryBodyParsing(n int64) func(*OpenPolicyAgentRegistry) error
- func WithMaxRequestBodyBytes(n int64) func(*OpenPolicyAgentRegistry) error
- func WithReadBodyBufferSize(n int64) func(*OpenPolicyAgentRegistry) error
- func WithReuseDuration(duration time.Duration) func(*OpenPolicyAgentRegistry) error
- func WithStartupTimeout(timeout time.Duration) func(*OpenPolicyAgentInstanceConfig) error
- func WithTracer(tracer opentracing.Tracer) func(*OpenPolicyAgentRegistry) error
- func WithTracingOptBundleName(bundleName string) func(*transport)
- func WithTracingOptManager(manager *plugins.Manager) func(*transport)
- func WithTracingOptTracer(tracer opentracing.Tracer) func(*transport)
- type OpenPolicyAgentFilter
- type OpenPolicyAgentInstance
- func (opa *OpenPolicyAgentInstance) Close(ctx context.Context)
- func (opa *OpenPolicyAgentInstance) Compiler() *ast.Compiler
- func (opa *OpenPolicyAgentInstance) Config() *config.Config
- func (opa *OpenPolicyAgentInstance) CreatePreparedQueryOnce(opts envoyauth.PrepareQueryOpts) (*rego.PreparedEvalQuery, error)
- func (opa *OpenPolicyAgentInstance) DistributedTracing() opatracing.Options
- func (opa *OpenPolicyAgentInstance) EnvoyPluginConfig() envoy.PluginConfig
- func (opa *OpenPolicyAgentInstance) Eval(ctx context.Context, req *ext_authz_v3.CheckRequest) (*envoyauth.EvalResult, error)
- func (opa *OpenPolicyAgentInstance) ExtractHttpBodyOptionally(req *http.Request) (io.ReadCloser, []byte, func(), error)
- func (opa *OpenPolicyAgentInstance) HandleEvaluationError(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult, ...)
- func (opa *OpenPolicyAgentInstance) HandleInvalidDecisionError(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult, ...)
- func (opa *OpenPolicyAgentInstance) InstanceConfig() *OpenPolicyAgentInstanceConfig
- func (opa *OpenPolicyAgentInstance) InterQueryBuiltinCache() iCache.InterQueryCache
- func (opa *OpenPolicyAgentInstance) Logger() logging.Logger
- func (opa *OpenPolicyAgentInstance) MetricsKey(key string) string
- func (opa *OpenPolicyAgentInstance) ParsedQuery() ast.Body
- func (opa *OpenPolicyAgentInstance) Runtime() *ast.Term
- func (opa *OpenPolicyAgentInstance) ServeInvalidDecisionError(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult, ...)
- func (opa *OpenPolicyAgentInstance) ServeResponse(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult)
- func (opa *OpenPolicyAgentInstance) Start(ctx context.Context, timeout time.Duration) error
- func (opa *OpenPolicyAgentInstance) StartSpanFromContext(ctx context.Context) (opentracing.Span, context.Context)
- func (opa *OpenPolicyAgentInstance) StartSpanFromFilterContext(fc filters.FilterContext) (opentracing.Span, context.Context)
- func (opa *OpenPolicyAgentInstance) Store() storage.Store
- type OpenPolicyAgentInstanceConfig
- type OpenPolicyAgentRegistry
- func (registry *OpenPolicyAgentRegistry) Close()
- func (registry *OpenPolicyAgentRegistry) Do(routes []*routing.Route) []*routing.Route
- func (registry *OpenPolicyAgentRegistry) NewOpenPolicyAgentInstance(bundleName string, config OpenPolicyAgentInstanceConfig, filterName string) (*OpenPolicyAgentInstance, error)
- type QuietLogger
- func (l *QuietLogger) Debug(fmt string, a ...interface{})
- func (l *QuietLogger) Error(fmt string, a ...interface{})
- func (l *QuietLogger) GetLevel() logging.Level
- func (l *QuietLogger) Info(fmt string, a ...interface{})
- func (l *QuietLogger) SetLevel(level logging.Level)
- func (l *QuietLogger) Warn(fmt string, a ...interface{})
- func (l *QuietLogger) WithFields(fields map[string]interface{}) logging.Logger
Constants ¶
const ( DefaultCleanIdlePeriod = 10 * time.Second DefaultOpaStartupTimeout = 30 * time.Second DefaultMaxRequestBodySize = 1 << 20 // 1 MB DefaultMaxMemoryBodyParsing = 100 * DefaultMaxRequestBodySize DefaultRequestBodyBufferSize = 8 * 1024 // 8 KB )
Variables ¶
var ( ErrClosed = errors.New("reader closed") ErrTotalBodyBytesExceeded = errors.New("buffer for in-flight request body authorization in Open Policy Agent exceeded") )
Functions ¶
func FormOpenPolicyAgentMetaDataObject ¶ added in v0.21.166
func WithCleanInterval ¶
func WithCleanInterval(interval time.Duration) func(*OpenPolicyAgentRegistry) error
func WithConfigTemplate ¶
func WithConfigTemplate(configTemplate []byte) func(*OpenPolicyAgentInstanceConfig) error
func WithConfigTemplateFile ¶
func WithConfigTemplateFile(configTemplateFile string) func(*OpenPolicyAgentInstanceConfig) error
func WithEnvoyMetadata ¶
func WithEnvoyMetadata(metadata *ext_authz_v3_core.Metadata) func(*OpenPolicyAgentInstanceConfig) error
func WithEnvoyMetadataBytes ¶
func WithEnvoyMetadataBytes(content []byte) func(*OpenPolicyAgentInstanceConfig) error
func WithEnvoyMetadataFile ¶
func WithEnvoyMetadataFile(file string) func(*OpenPolicyAgentInstanceConfig) error
func WithMaxMemoryBodyParsing ¶ added in v0.20.6
func WithMaxMemoryBodyParsing(n int64) func(*OpenPolicyAgentRegistry) error
func WithMaxRequestBodyBytes ¶ added in v0.20.6
func WithMaxRequestBodyBytes(n int64) func(*OpenPolicyAgentRegistry) error
func WithReadBodyBufferSize ¶ added in v0.20.6
func WithReadBodyBufferSize(n int64) func(*OpenPolicyAgentRegistry) error
func WithReuseDuration ¶
func WithReuseDuration(duration time.Duration) func(*OpenPolicyAgentRegistry) error
func WithStartupTimeout ¶ added in v0.18.25
func WithStartupTimeout(timeout time.Duration) func(*OpenPolicyAgentInstanceConfig) error
func WithTracer ¶ added in v0.21.66
func WithTracer(tracer opentracing.Tracer) func(*OpenPolicyAgentRegistry) error
func WithTracingOptBundleName ¶ added in v0.21.66
func WithTracingOptBundleName(bundleName string) func(*transport)
func WithTracingOptManager ¶ added in v0.21.66
func WithTracingOptTracer ¶ added in v0.21.66
func WithTracingOptTracer(tracer opentracing.Tracer) func(*transport)
Types ¶
type OpenPolicyAgentFilter ¶
type OpenPolicyAgentFilter interface {
OpenPolicyAgent() *OpenPolicyAgentInstance
}
type OpenPolicyAgentInstance ¶
type OpenPolicyAgentInstance struct {
// contains filtered or unexported fields
}
func (*OpenPolicyAgentInstance) Close ¶
func (opa *OpenPolicyAgentInstance) Close(ctx context.Context)
func (*OpenPolicyAgentInstance) Compiler ¶
func (opa *OpenPolicyAgentInstance) Compiler() *ast.Compiler
Compiler is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) Config ¶
func (opa *OpenPolicyAgentInstance) Config() *config.Config
Config is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) CreatePreparedQueryOnce ¶ added in v0.21.252
func (opa *OpenPolicyAgentInstance) CreatePreparedQueryOnce(opts envoyauth.PrepareQueryOpts) (*rego.PreparedEvalQuery, error)
CreatePreparedQueryOnce is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) DistributedTracing ¶
func (opa *OpenPolicyAgentInstance) DistributedTracing() opatracing.Options
DistributedTracing is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) EnvoyPluginConfig ¶
func (opa *OpenPolicyAgentInstance) EnvoyPluginConfig() envoy.PluginConfig
func (*OpenPolicyAgentInstance) Eval ¶
func (opa *OpenPolicyAgentInstance) Eval(ctx context.Context, req *ext_authz_v3.CheckRequest) (*envoyauth.EvalResult, error)
func (*OpenPolicyAgentInstance) ExtractHttpBodyOptionally ¶ added in v0.20.6
func (opa *OpenPolicyAgentInstance) ExtractHttpBodyOptionally(req *http.Request) (io.ReadCloser, []byte, func(), error)
func (*OpenPolicyAgentInstance) HandleEvaluationError ¶ added in v0.20.6
func (opa *OpenPolicyAgentInstance) HandleEvaluationError(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult, err error, serve bool, status int)
func (*OpenPolicyAgentInstance) HandleInvalidDecisionError ¶
func (opa *OpenPolicyAgentInstance) HandleInvalidDecisionError(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult, err error, serve bool)
func (*OpenPolicyAgentInstance) InstanceConfig ¶
func (opa *OpenPolicyAgentInstance) InstanceConfig() *OpenPolicyAgentInstanceConfig
func (*OpenPolicyAgentInstance) InterQueryBuiltinCache ¶
func (opa *OpenPolicyAgentInstance) InterQueryBuiltinCache() iCache.InterQueryCache
InterQueryBuiltinCache is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) Logger ¶
func (opa *OpenPolicyAgentInstance) Logger() logging.Logger
Logger is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) MetricsKey ¶
func (opa *OpenPolicyAgentInstance) MetricsKey(key string) string
func (*OpenPolicyAgentInstance) ParsedQuery ¶
func (opa *OpenPolicyAgentInstance) ParsedQuery() ast.Body
ParsedQuery is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) Runtime ¶
func (opa *OpenPolicyAgentInstance) Runtime() *ast.Term
Runtime is an implementation of the envoyauth.EvalContext interface
func (*OpenPolicyAgentInstance) ServeInvalidDecisionError ¶
func (opa *OpenPolicyAgentInstance) ServeInvalidDecisionError(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult, err error)
func (*OpenPolicyAgentInstance) ServeResponse ¶
func (opa *OpenPolicyAgentInstance) ServeResponse(fc filters.FilterContext, span opentracing.Span, result *envoyauth.EvalResult)
func (*OpenPolicyAgentInstance) Start ¶
Start asynchronously starts the policy engine's plugins that download policies, report status, etc.
func (*OpenPolicyAgentInstance) StartSpanFromContext ¶
func (opa *OpenPolicyAgentInstance) StartSpanFromContext(ctx context.Context) (opentracing.Span, context.Context)
func (*OpenPolicyAgentInstance) StartSpanFromFilterContext ¶
func (opa *OpenPolicyAgentInstance) StartSpanFromFilterContext(fc filters.FilterContext) (opentracing.Span, context.Context)
func (*OpenPolicyAgentInstance) Store ¶
func (opa *OpenPolicyAgentInstance) Store() storage.Store
Store is an implementation of the envoyauth.EvalContext interface
type OpenPolicyAgentInstanceConfig ¶
type OpenPolicyAgentInstanceConfig struct {
// contains filtered or unexported fields
}
func NewOpenPolicyAgentConfig ¶
func NewOpenPolicyAgentConfig(opts ...func(*OpenPolicyAgentInstanceConfig) error) (*OpenPolicyAgentInstanceConfig, error)
func (*OpenPolicyAgentInstanceConfig) GetEnvoyMetadata ¶
func (cfg *OpenPolicyAgentInstanceConfig) GetEnvoyMetadata() *ext_authz_v3_core.Metadata
type OpenPolicyAgentRegistry ¶
type OpenPolicyAgentRegistry struct {
// contains filtered or unexported fields
}
func NewOpenPolicyAgentRegistry ¶
func NewOpenPolicyAgentRegistry(opts ...func(*OpenPolicyAgentRegistry) error) *OpenPolicyAgentRegistry
func (*OpenPolicyAgentRegistry) Close ¶
func (registry *OpenPolicyAgentRegistry) Close()
func (*OpenPolicyAgentRegistry) Do ¶
func (registry *OpenPolicyAgentRegistry) Do(routes []*routing.Route) []*routing.Route
Do implements routing.PostProcessor and cleans unused OPA instances
func (*OpenPolicyAgentRegistry) NewOpenPolicyAgentInstance ¶
func (registry *OpenPolicyAgentRegistry) NewOpenPolicyAgentInstance(bundleName string, config OpenPolicyAgentInstanceConfig, filterName string) (*OpenPolicyAgentInstance, error)
type QuietLogger ¶
type QuietLogger struct {
// contains filtered or unexported fields
}
logging.Logger that does not pollute info with debug logs
func (*QuietLogger) Debug ¶
func (l *QuietLogger) Debug(fmt string, a ...interface{})
func (*QuietLogger) Error ¶
func (l *QuietLogger) Error(fmt string, a ...interface{})
func (*QuietLogger) GetLevel ¶
func (l *QuietLogger) GetLevel() logging.Level
func (*QuietLogger) Info ¶
func (l *QuietLogger) Info(fmt string, a ...interface{})
func (*QuietLogger) SetLevel ¶
func (l *QuietLogger) SetLevel(level logging.Level)
func (*QuietLogger) Warn ¶
func (l *QuietLogger) Warn(fmt string, a ...interface{})
func (*QuietLogger) WithFields ¶
func (l *QuietLogger) WithFields(fields map[string]interface{}) logging.Logger