Documentation
¶
Index ¶
- type AuthenticationCleanupSchedule
- type AuthenticationConfig
- type AuthenticationMethod
- type AuthenticationMethodInfo
- type AuthenticationMethodInfoProvider
- type AuthenticationMethodKubernetesConfig
- type AuthenticationMethodOIDCConfig
- type AuthenticationMethodOIDCProvider
- type AuthenticationMethodTokenBootstrapConfig
- type AuthenticationMethodTokenConfig
- type AuthenticationMethods
- type AuthenticationSession
- type AuthenticationSessionCSRF
- type CacheBackend
- type CacheConfig
- type Config
- type CorsConfig
- type DatabaseConfig
- type DatabaseProtocol
- type JaegerTracingConfig
- type LogConfig
- type LogEncoding
- type LogKeys
- type MemoryCacheConfig
- type MetaConfig
- type OTLPTracingConfig
- type RedisCacheConfig
- type Result
- type Scheme
- type ServerConfig
- type StaticAuthenticationMethodInfo
- type TracingConfig
- type TracingExporter
- type UIConfig
- type ZipkinTracingConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticationCleanupSchedule ¶ added in v1.16.0
type AuthenticationCleanupSchedule struct {
Interval time.Duration `json:"interval,omitempty" mapstructure:"interval"`
GracePeriod time.Duration `json:"gracePeriod,omitempty" mapstructure:"grace_period"`
}
AuthenticationCleanupSchedule is used to configure a cleanup goroutine.
type AuthenticationConfig ¶ added in v1.15.0
type AuthenticationConfig struct {
// Required designates whether authentication credentials are validated.
// If required == true, then authentication is required for all API endpoints.
// Else, authentication is not required and Flipt's APIs are not secured.
Required bool `json:"required,omitempty" mapstructure:"required"`
Session AuthenticationSession `json:"session,omitempty" mapstructure:"session"`
Methods AuthenticationMethods `json:"methods,omitempty" mapstructure:"methods"`
}
AuthenticationConfig configures Flipts authentication mechanisms
func (AuthenticationConfig) ShouldRunCleanup ¶ added in v1.16.0
func (c AuthenticationConfig) ShouldRunCleanup() (shouldCleanup bool)
ShouldRunCleanup returns true if the cleanup background process should be started. It returns true given at-least 1 method is enabled and it's associated schedule has been configured (non-nil).
type AuthenticationMethod ¶ added in v1.17.0
type AuthenticationMethod[C AuthenticationMethodInfoProvider] struct { Method C `mapstructure:",squash"` Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` Cleanup *AuthenticationCleanupSchedule `json:"cleanup,omitempty" mapstructure:"cleanup"` }
AuthenticationMethod is a container for authentication methods. It describes the common properties of all authentication methods. Along with leaving a generic slot for the particular method to declare its own structural fields. This generic field (Method) must implement the AuthenticationMethodInfoProvider to be valid at compile time. nolint:musttag
type AuthenticationMethodInfo ¶ added in v1.17.0
type AuthenticationMethodInfo struct {
Method auth.Method
SessionCompatible bool
Metadata *structpb.Struct
}
AuthenticationMethodInfo is a structure which describes properties of a particular authentication method. i.e. the name and whether or not the method is session compatible.
func (AuthenticationMethodInfo) Name ¶ added in v1.17.0
func (a AuthenticationMethodInfo) Name() string
Name returns the friendly lower-case name for the authentication method.
type AuthenticationMethodInfoProvider ¶ added in v1.17.0
type AuthenticationMethodInfoProvider interface {
// contains filtered or unexported methods
}
AuthenticationMethodInfoProvider is a type with a single method Info which returns an AuthenticationMethodInfo describing the underlying methods properties.
type AuthenticationMethodKubernetesConfig ¶ added in v1.19.0
type AuthenticationMethodKubernetesConfig struct {
// DiscoveryURL is the URL to the local Kubernetes cluster serving the "well-known" OIDC discovery endpoint.
// https://openid.net/specs/openid-connect-discovery-1_0.html
// The URL is used to fetch the OIDC configuration and subsequently the JWKS certificates.
DiscoveryURL string `json:"discoveryURL,omitempty" mapstructure:"discovery_url"`
// CAPath is the path on disk to the trusted certificate authority certificate for validating
// HTTPS requests to the issuer.
CAPath string `json:"caPath,omitempty" mapstructure:"ca_path"`
// ServiceAccountTokenPath is the location on disk to the Flipt instances service account token.
// This should be the token issued for the service account associated with Flipt in the environment.
ServiceAccountTokenPath string `json:"serviceAccountTokenPath,omitempty" mapstructure:"service_account_token_path"`
}
AuthenticationMethodKubernetesConfig contains the fields necessary for the Kubernetes authentication method to be performed. This method supports Flipt being deployed in a Kubernetes environment and allowing it to exchange client tokens for valid service account tokens presented via this method.
type AuthenticationMethodOIDCConfig ¶ added in v1.17.0
type AuthenticationMethodOIDCConfig struct {
Providers map[string]AuthenticationMethodOIDCProvider `json:"providers,omitempty" mapstructure:"providers"`
}
AuthenticationMethodOIDCConfig configures the OIDC authentication method. This method can be used to establish browser based sessions.
type AuthenticationMethodOIDCProvider ¶ added in v1.17.0
type AuthenticationMethodOIDCProvider struct {
IssuerURL string `json:"issuerURL,omitempty" mapstructure:"issuer_url"`
ClientID string `json:"clientID,omitempty" mapstructure:"client_id"`
ClientSecret string `json:"clientSecret,omitempty" mapstructure:"client_secret"`
RedirectAddress string `json:"redirectAddress,omitempty" mapstructure:"redirect_address"`
Scopes []string `json:"scopes,omitempty" mapstructure:"scopes"`
}
AuthenticationOIDCProvider configures provider credentials
type AuthenticationMethodTokenBootstrapConfig ¶ added in v1.19.0
type AuthenticationMethodTokenBootstrapConfig struct {
Token string `json:"-" mapstructure:"token"`
Expiration time.Duration `json:"expiration,omitempty" mapstructure:"expiration"`
}
AuthenticationMethodTokenBootstrapConfig contains fields used to configure the bootstrap process for the authentication method "token".
type AuthenticationMethodTokenConfig ¶ added in v1.15.0
type AuthenticationMethodTokenConfig struct {
Bootstrap AuthenticationMethodTokenBootstrapConfig `json:"bootstrap" mapstructure:"bootstrap"`
}
AuthenticationMethodTokenConfig contains fields used to configure the authentication method "token". This authentication method supports the ability to create static tokens via the /auth/v1/method/token prefix of endpoints.
type AuthenticationMethods ¶ added in v1.16.0
type AuthenticationMethods struct {
Token AuthenticationMethod[AuthenticationMethodTokenConfig] `json:"token,omitempty" mapstructure:"token"`
OIDC AuthenticationMethod[AuthenticationMethodOIDCConfig] `json:"oidc,omitempty" mapstructure:"oidc"`
Kubernetes AuthenticationMethod[AuthenticationMethodKubernetesConfig] `json:"kubernetes,omitempty" mapstructure:"kubernetes"`
}
AuthenticationMethods is a set of configuration for each authentication method available for use within Flipt.
func (*AuthenticationMethods) AllMethods ¶ added in v1.17.0
func (a *AuthenticationMethods) AllMethods() []StaticAuthenticationMethodInfo
AllMethods returns all the AuthenticationMethod instances available.
type AuthenticationSession ¶ added in v1.17.0
type AuthenticationSession struct {
// Domain is the domain on which to register session cookies.
Domain string `json:"domain,omitempty" mapstructure:"domain"`
// Secure sets the secure property (i.e. HTTPS only) on both the state and token cookies.
Secure bool `json:"secure" mapstructure:"secure"`
// TokenLifetime is the duration of the flipt client token generated once
// authentication has been established via a session compatible method.
TokenLifetime time.Duration `json:"tokenLifetime,omitempty" mapstructure:"token_lifetime"`
// StateLifetime is the lifetime duration of the state cookie.
StateLifetime time.Duration `json:"stateLifetime,omitempty" mapstructure:"state_lifetime"`
// CSRF configures CSRF provention mechanisms.
CSRF AuthenticationSessionCSRF `json:"csrf,omitempty" mapstructure:"csrf"`
}
AuthenticationSession configures the session produced for browsers when establishing authentication via HTTP.
type AuthenticationSessionCSRF ¶ added in v1.17.0
type AuthenticationSessionCSRF struct {
// Key is the private key string used to authenticate csrf tokens.
Key string `json:"-" mapstructure:"key"`
}
AuthenticationSessionCSRF configures cross-site request forgery prevention.
type CacheBackend ¶
type CacheBackend uint8
CacheBackend is either memory or redis
const ( // CacheMemory ... CacheMemory CacheBackend // CacheRedis ... CacheRedis )
func (CacheBackend) MarshalJSON ¶
func (c CacheBackend) MarshalJSON() ([]byte, error)
func (CacheBackend) String ¶
func (c CacheBackend) String() string
type CacheConfig ¶
type CacheConfig struct {
Enabled bool `json:"enabled" mapstructure:"enabled"`
TTL time.Duration `json:"ttl,omitempty" mapstructure:"ttl"`
Backend CacheBackend `json:"backend,omitempty" mapstructure:"backend"`
Memory MemoryCacheConfig `json:"memory,omitempty" mapstructure:"memory"`
Redis RedisCacheConfig `json:"redis,omitempty" mapstructure:"redis"`
}
CacheConfig contains fields, which enable and configure Flipt's various caching mechanisms.
Currently, flipt support in-memory and redis backed caching.
type Config ¶
type Config struct {
Version string `json:"version,omitempty"`
Log LogConfig `json:"log,omitempty" mapstructure:"log"`
UI UIConfig `json:"ui,omitempty" mapstructure:"ui"`
Cors CorsConfig `json:"cors,omitempty" mapstructure:"cors"`
Cache CacheConfig `json:"cache,omitempty" mapstructure:"cache"`
Server ServerConfig `json:"server,omitempty" mapstructure:"server"`
Tracing TracingConfig `json:"tracing,omitempty" mapstructure:"tracing"`
Database DatabaseConfig `json:"db,omitempty" mapstructure:"db"`
Meta MetaConfig `json:"meta,omitempty" mapstructure:"meta"`
Authentication AuthenticationConfig `json:"authentication,omitempty" mapstructure:"authentication"`
}
Config contains all of Flipts configuration needs.
The root of this structure contains a collection of sub-configuration categories.
Each sub-configuration (e.g. LogConfig) optionally implements either or both of the defaulter or validator interfaces. Given the sub-config implements a `setDefaults(*viper.Viper) []string` method then this will be called with the viper context before unmarshalling. This allows the sub-configuration to set any appropriate defaults. Given the sub-config implements a `validate() error` method then this will be called after unmarshalling, such that the function can emit any errors derived from the resulting state of the configuration.
type CorsConfig ¶
type CorsConfig struct {
Enabled bool `json:"enabled" mapstructure:"enabled"`
AllowedOrigins []string `json:"allowedOrigins,omitempty" mapstructure:"allowed_origins"`
}
CorsConfig contains fields, which configure behaviour in the HTTPServer relating to the CORS header-based mechanisms.
type DatabaseConfig ¶
type DatabaseConfig struct {
URL string `json:"url,omitempty" mapstructure:"url"`
MaxIdleConn int `json:"maxIdleConn,omitempty" mapstructure:"max_idle_conn"`
MaxOpenConn int `json:"maxOpenConn,omitempty" mapstructure:"max_open_conn"`
ConnMaxLifetime time.Duration `json:"connMaxLifetime,omitempty" mapstructure:"conn_max_lifetime"`
Name string `json:"name,omitempty" mapstructure:"name"`
User string `json:"user,omitempty" mapstructure:"user"`
Password string `json:"password,omitempty" mapstructure:"password"`
Host string `json:"host,omitempty" mapstructure:"host"`
Port int `json:"port,omitempty" mapstructure:"port"`
Protocol DatabaseProtocol `json:"protocol,omitempty" mapstructure:"protocol"`
}
DatabaseConfig contains fields, which configure the various relational database backends.
Flipt currently supports SQLite, Postgres and MySQL backends.
type DatabaseProtocol ¶
type DatabaseProtocol uint8
DatabaseProtocol represents a database protocol
const ( // DatabaseSQLite ... DatabaseSQLite DatabaseProtocol // DatabasePostgres ... DatabasePostgres // DatabaseMySQL ... DatabaseMySQL // DatabaseCockroachDB ... DatabaseCockroachDB )
func (DatabaseProtocol) MarshalJSON ¶
func (d DatabaseProtocol) MarshalJSON() ([]byte, error)
func (DatabaseProtocol) String ¶
func (d DatabaseProtocol) String() string
type JaegerTracingConfig ¶
type JaegerTracingConfig struct {
Host string `json:"host,omitempty" mapstructure:"host"`
Port int `json:"port,omitempty" mapstructure:"port"`
}
JaegerTracingConfig contains fields, which configure Jaeger span and tracing output destination.
type LogConfig ¶
type LogConfig struct {
Level string `json:"level,omitempty" mapstructure:"level"`
File string `json:"file,omitempty" mapstructure:"file"`
Encoding LogEncoding `json:"encoding,omitempty" mapstructure:"encoding"`
GRPCLevel string `json:"grpcLevel,omitempty" mapstructure:"grpc_level"`
Keys LogKeys `json:"keys" mapstructure:"keys"`
}
LogConfig contains fields which control, direct and filter the logging telemetry produces by Flipt.
type LogEncoding ¶
type LogEncoding uint8
LogEncoding is either console or JSON
const ( LogEncodingConsole LogEncoding LogEncodingJSON )
func (LogEncoding) MarshalJSON ¶
func (e LogEncoding) MarshalJSON() ([]byte, error)
func (LogEncoding) String ¶
func (e LogEncoding) String() string
type MemoryCacheConfig ¶
type MemoryCacheConfig struct {
EvictionInterval time.Duration `json:"evictionInterval,omitempty" mapstructure:"eviction_interval"`
}
MemoryCacheConfig contains fields, which configure in-memory caching.
type MetaConfig ¶
type MetaConfig struct {
CheckForUpdates bool `json:"checkForUpdates" mapstructure:"check_for_updates"`
TelemetryEnabled bool `json:"telemetryEnabled" mapstructure:"telemetry_enabled"`
StateDirectory string `json:"stateDirectory" mapstructure:"state_directory"`
}
MetaConfig contains a variety of meta configuration fields.
type OTLPTracingConfig ¶ added in v1.18.2
type OTLPTracingConfig struct {
Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}
OTLPTracingConfig contains fields, which configure OTLP span and tracing output destination.
type RedisCacheConfig ¶
type RedisCacheConfig struct {
Host string `json:"host,omitempty" mapstructure:"host"`
Port int `json:"port,omitempty" mapstructure:"port"`
Password string `json:"password,omitempty" mapstructure:"password"`
DB int `json:"db,omitempty" mapstructure:"db"`
}
RedisCacheConfig contains fields, which configure the connection credentials for redis backed caching.
type ServerConfig ¶
type ServerConfig struct {
Host string `json:"host,omitempty" mapstructure:"host"`
Protocol Scheme `json:"protocol,omitempty" mapstructure:"protocol"`
HTTPPort int `json:"httpPort,omitempty" mapstructure:"http_port"`
HTTPSPort int `json:"httpsPort,omitempty" mapstructure:"https_port"`
GRPCPort int `json:"grpcPort,omitempty" mapstructure:"grpc_port"`
CertFile string `json:"certFile,omitempty" mapstructure:"cert_file"`
CertKey string `json:"certKey,omitempty" mapstructure:"cert_key"`
}
ServerConfig contains fields, which configure both HTTP and gRPC API serving.
type StaticAuthenticationMethodInfo ¶ added in v1.17.0
type StaticAuthenticationMethodInfo struct {
AuthenticationMethodInfo
Enabled bool
Cleanup *AuthenticationCleanupSchedule
// contains filtered or unexported fields
}
StaticAuthenticationMethodInfo embeds an AuthenticationMethodInfo alongside the other properties of an AuthenticationMethod.
func (StaticAuthenticationMethodInfo) Enable ¶ added in v1.18.2
func (s StaticAuthenticationMethodInfo) Enable(t *testing.T)
Enable can only be called in a testing scenario. It is used to enable a target method without having a concrete reference.
func (StaticAuthenticationMethodInfo) SetCleanup ¶ added in v1.18.2
func (s StaticAuthenticationMethodInfo) SetCleanup(t *testing.T, c AuthenticationCleanupSchedule)
SetCleanup can only be called in a testing scenario. It is used to configure cleanup for a target method without having a concrete reference.
type TracingConfig ¶
type TracingConfig struct {
Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"`
Exporter TracingExporter `json:"exporter,omitempty" mapstructure:"exporter"`
Jaeger JaegerTracingConfig `json:"jaeger,omitempty" mapstructure:"jaeger"`
Zipkin ZipkinTracingConfig `json:"zipkin,omitempty" mapstructure:"zipkin"`
OTLP OTLPTracingConfig `json:"otlp,omitempty" mapstructure:"otlp"`
}
TracingConfig contains fields, which configure tracing telemetry output destinations.
type TracingExporter ¶ added in v1.18.2
type TracingExporter uint8
TracingExporter represents the supported tracing exporters.
const ( // TracingJaeger ... TracingJaeger TracingExporter // TracingZipkin ... TracingZipkin // TracingOTLP ... TracingOTLP )
func (TracingExporter) MarshalJSON ¶ added in v1.18.2
func (e TracingExporter) MarshalJSON() ([]byte, error)
func (TracingExporter) String ¶ added in v1.18.2
func (e TracingExporter) String() string
type UIConfig ¶
type UIConfig struct {
Enabled bool `json:"enabled" mapstructure:"enabled"`
}
UIConfig contains fields, which control the behaviour of Flipt's user interface.
type ZipkinTracingConfig ¶ added in v1.18.2
type ZipkinTracingConfig struct {
Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}
ZipkinTracingConfig contains fields, which configure Zipkin span and tracing output destination.
Source Files