Documentation ¶
Index ¶
- type AuditConfig
- type AuthenticationCleanupSchedule
- type AuthenticationConfig
- type AuthenticationMethod
- type AuthenticationMethodInfo
- type AuthenticationMethodInfoProvider
- type AuthenticationMethodKubernetesConfig
- type AuthenticationMethodOIDCConfig
- type AuthenticationMethodOIDCProvider
- type AuthenticationMethodTokenBootstrapConfig
- type AuthenticationMethodTokenConfig
- type AuthenticationMethods
- type AuthenticationSession
- type AuthenticationSessionCSRF
- type BufferConfig
- type CacheBackend
- type CacheConfig
- type Config
- type CorsConfig
- type DatabaseConfig
- type DatabaseProtocol
- type JaegerTracingConfig
- type LogConfig
- type LogEncoding
- type LogFileSinkConfig
- type LogKeys
- type MemoryCacheConfig
- type MetaConfig
- type OTLPTracingConfig
- type RedisCacheConfig
- type Result
- type Scheme
- type ServerConfig
- type SinksConfig
- type StaticAuthenticationMethodInfo
- type TracingConfig
- type TracingExporter
- type UIConfig
- type ZipkinTracingConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuditConfig ¶ added in v1.21.0
type AuditConfig struct { Sinks SinksConfig `json:"sinks,omitempty" mapstructure:"sinks"` Buffer BufferConfig `json:"buffer,omitempty" mapstructure:"buffer"` }
AuditConfig contains fields, which enable and configure Flipt's various audit sink mechanisms.
type AuthenticationCleanupSchedule ¶ added in v1.16.0
type AuthenticationCleanupSchedule struct { Interval time.Duration `json:"interval,omitempty" mapstructure:"interval"` GracePeriod time.Duration `json:"gracePeriod,omitempty" mapstructure:"grace_period"` }
AuthenticationCleanupSchedule is used to configure a cleanup goroutine.
type AuthenticationConfig ¶ added in v1.15.0
type AuthenticationConfig struct { // Required designates whether authentication credentials are validated. // If required == true, then authentication is required for all API endpoints. // Else, authentication is not required and Flipt's APIs are not secured. Required bool `json:"required,omitempty" mapstructure:"required"` Session AuthenticationSession `json:"session,omitempty" mapstructure:"session"` Methods AuthenticationMethods `json:"methods,omitempty" mapstructure:"methods"` }
AuthenticationConfig configures Flipts authentication mechanisms
func (AuthenticationConfig) ShouldRunCleanup ¶ added in v1.16.0
func (c AuthenticationConfig) ShouldRunCleanup() (shouldCleanup bool)
ShouldRunCleanup returns true if the cleanup background process should be started. It returns true given at-least 1 method is enabled and it's associated schedule has been configured (non-nil).
type AuthenticationMethod ¶ added in v1.17.0
type AuthenticationMethod[C AuthenticationMethodInfoProvider] struct { Method C `mapstructure:",squash"` Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` Cleanup *AuthenticationCleanupSchedule `json:"cleanup,omitempty" mapstructure:"cleanup"` }
AuthenticationMethod is a container for authentication methods. It describes the common properties of all authentication methods. Along with leaving a generic slot for the particular method to declare its own structural fields. This generic field (Method) must implement the AuthenticationMethodInfoProvider to be valid at compile time. nolint:musttag
type AuthenticationMethodInfo ¶ added in v1.17.0
type AuthenticationMethodInfo struct { Method auth.Method SessionCompatible bool Metadata *structpb.Struct }
AuthenticationMethodInfo is a structure which describes properties of a particular authentication method. i.e. the name and whether or not the method is session compatible.
func (AuthenticationMethodInfo) Name ¶ added in v1.17.0
func (a AuthenticationMethodInfo) Name() string
Name returns the friendly lower-case name for the authentication method.
type AuthenticationMethodInfoProvider ¶ added in v1.17.0
type AuthenticationMethodInfoProvider interface {
// contains filtered or unexported methods
}
AuthenticationMethodInfoProvider is a type with a single method Info which returns an AuthenticationMethodInfo describing the underlying methods properties.
type AuthenticationMethodKubernetesConfig ¶ added in v1.19.0
type AuthenticationMethodKubernetesConfig struct { // DiscoveryURL is the URL to the local Kubernetes cluster serving the "well-known" OIDC discovery endpoint. // https://openid.net/specs/openid-connect-discovery-1_0.html // The URL is used to fetch the OIDC configuration and subsequently the JWKS certificates. DiscoveryURL string `json:"discoveryURL,omitempty" mapstructure:"discovery_url"` // CAPath is the path on disk to the trusted certificate authority certificate for validating // HTTPS requests to the issuer. CAPath string `json:"caPath,omitempty" mapstructure:"ca_path"` // ServiceAccountTokenPath is the location on disk to the Flipt instances service account token. // This should be the token issued for the service account associated with Flipt in the environment. ServiceAccountTokenPath string `json:"serviceAccountTokenPath,omitempty" mapstructure:"service_account_token_path"` }
AuthenticationMethodKubernetesConfig contains the fields necessary for the Kubernetes authentication method to be performed. This method supports Flipt being deployed in a Kubernetes environment and allowing it to exchange client tokens for valid service account tokens presented via this method.
type AuthenticationMethodOIDCConfig ¶ added in v1.17.0
type AuthenticationMethodOIDCConfig struct {
Providers map[string]AuthenticationMethodOIDCProvider `json:"providers,omitempty" mapstructure:"providers"`
}
AuthenticationMethodOIDCConfig configures the OIDC authentication method. This method can be used to establish browser based sessions.
type AuthenticationMethodOIDCProvider ¶ added in v1.17.0
type AuthenticationMethodOIDCProvider struct { IssuerURL string `json:"issuerURL,omitempty" mapstructure:"issuer_url"` ClientID string `json:"clientID,omitempty" mapstructure:"client_id"` ClientSecret string `json:"clientSecret,omitempty" mapstructure:"client_secret"` RedirectAddress string `json:"redirectAddress,omitempty" mapstructure:"redirect_address"` Scopes []string `json:"scopes,omitempty" mapstructure:"scopes"` }
AuthenticationOIDCProvider configures provider credentials
type AuthenticationMethodTokenBootstrapConfig ¶ added in v1.19.0
type AuthenticationMethodTokenBootstrapConfig struct { Token string `json:"-" mapstructure:"token"` Expiration time.Duration `json:"expiration,omitempty" mapstructure:"expiration"` }
AuthenticationMethodTokenBootstrapConfig contains fields used to configure the bootstrap process for the authentication method "token".
type AuthenticationMethodTokenConfig ¶ added in v1.15.0
type AuthenticationMethodTokenConfig struct {
Bootstrap AuthenticationMethodTokenBootstrapConfig `json:"bootstrap" mapstructure:"bootstrap"`
}
AuthenticationMethodTokenConfig contains fields used to configure the authentication method "token". This authentication method supports the ability to create static tokens via the /auth/v1/method/token prefix of endpoints.
type AuthenticationMethods ¶ added in v1.16.0
type AuthenticationMethods struct { Token AuthenticationMethod[AuthenticationMethodTokenConfig] `json:"token,omitempty" mapstructure:"token"` OIDC AuthenticationMethod[AuthenticationMethodOIDCConfig] `json:"oidc,omitempty" mapstructure:"oidc"` Kubernetes AuthenticationMethod[AuthenticationMethodKubernetesConfig] `json:"kubernetes,omitempty" mapstructure:"kubernetes"` }
AuthenticationMethods is a set of configuration for each authentication method available for use within Flipt.
func (*AuthenticationMethods) AllMethods ¶ added in v1.17.0
func (a *AuthenticationMethods) AllMethods() []StaticAuthenticationMethodInfo
AllMethods returns all the AuthenticationMethod instances available.
func (*AuthenticationMethods) EnabledMethods ¶ added in v1.21.0
func (a *AuthenticationMethods) EnabledMethods() []StaticAuthenticationMethodInfo
EnabledMethods returns all the AuthenticationMethod instances that have been enabled.
type AuthenticationSession ¶ added in v1.17.0
type AuthenticationSession struct { // Domain is the domain on which to register session cookies. Domain string `json:"domain,omitempty" mapstructure:"domain"` // Secure sets the secure property (i.e. HTTPS only) on both the state and token cookies. Secure bool `json:"secure" mapstructure:"secure"` // TokenLifetime is the duration of the flipt client token generated once // authentication has been established via a session compatible method. TokenLifetime time.Duration `json:"tokenLifetime,omitempty" mapstructure:"token_lifetime"` // StateLifetime is the lifetime duration of the state cookie. StateLifetime time.Duration `json:"stateLifetime,omitempty" mapstructure:"state_lifetime"` // CSRF configures CSRF provention mechanisms. CSRF AuthenticationSessionCSRF `json:"csrf,omitempty" mapstructure:"csrf"` }
AuthenticationSession configures the session produced for browsers when establishing authentication via HTTP.
type AuthenticationSessionCSRF ¶ added in v1.17.0
type AuthenticationSessionCSRF struct { // Key is the private key string used to authenticate csrf tokens. Key string `json:"-" mapstructure:"key"` }
AuthenticationSessionCSRF configures cross-site request forgery prevention.
type BufferConfig ¶ added in v1.21.0
type BufferConfig struct { Capacity int `json:"capacity,omitempty" mapstructure:"capacity"` FlushPeriod time.Duration `json:"flushPeriod,omitempty" mapstructure:"flush_period"` }
BufferConfig holds configuration for the buffering of sending the audit events to the sinks.
type CacheBackend ¶
type CacheBackend uint8
CacheBackend is either memory or redis
const ( // CacheMemory ... CacheMemory CacheBackend // CacheRedis ... CacheRedis )
func (CacheBackend) MarshalJSON ¶
func (c CacheBackend) MarshalJSON() ([]byte, error)
func (CacheBackend) String ¶
func (c CacheBackend) String() string
type CacheConfig ¶
type CacheConfig struct { Enabled bool `json:"enabled" mapstructure:"enabled"` TTL time.Duration `json:"ttl,omitempty" mapstructure:"ttl"` Backend CacheBackend `json:"backend,omitempty" mapstructure:"backend"` Memory MemoryCacheConfig `json:"memory,omitempty" mapstructure:"memory"` Redis RedisCacheConfig `json:"redis,omitempty" mapstructure:"redis"` }
CacheConfig contains fields, which enable and configure Flipt's various caching mechanisms.
Currently, flipt support in-memory and redis backed caching.
type Config ¶
type Config struct { Version string `json:"version,omitempty"` Log LogConfig `json:"log,omitempty" mapstructure:"log"` UI UIConfig `json:"ui,omitempty" mapstructure:"ui"` Cors CorsConfig `json:"cors,omitempty" mapstructure:"cors"` Cache CacheConfig `json:"cache,omitempty" mapstructure:"cache"` Server ServerConfig `json:"server,omitempty" mapstructure:"server"` Tracing TracingConfig `json:"tracing,omitempty" mapstructure:"tracing"` Database DatabaseConfig `json:"db,omitempty" mapstructure:"db"` Meta MetaConfig `json:"meta,omitempty" mapstructure:"meta"` Authentication AuthenticationConfig `json:"authentication,omitempty" mapstructure:"authentication"` Audit AuditConfig `json:"audit,omitempty" mapstructure:"audit"` }
Config contains all of Flipts configuration needs.
The root of this structure contains a collection of sub-configuration categories.
Each sub-configuration (e.g. LogConfig) optionally implements either or both of the defaulter or validator interfaces. Given the sub-config implements a `setDefaults(*viper.Viper) []string` method then this will be called with the viper context before unmarshalling. This allows the sub-configuration to set any appropriate defaults. Given the sub-config implements a `validate() error` method then this will be called after unmarshalling, such that the function can emit any errors derived from the resulting state of the configuration.
type CorsConfig ¶
type CorsConfig struct { Enabled bool `json:"enabled" mapstructure:"enabled"` AllowedOrigins []string `json:"allowedOrigins,omitempty" mapstructure:"allowed_origins"` }
CorsConfig contains fields, which configure behaviour in the HTTPServer relating to the CORS header-based mechanisms.
type DatabaseConfig ¶
type DatabaseConfig struct { URL string `json:"url,omitempty" mapstructure:"url"` MaxIdleConn int `json:"maxIdleConn,omitempty" mapstructure:"max_idle_conn"` MaxOpenConn int `json:"maxOpenConn,omitempty" mapstructure:"max_open_conn"` ConnMaxLifetime time.Duration `json:"connMaxLifetime,omitempty" mapstructure:"conn_max_lifetime"` Name string `json:"name,omitempty" mapstructure:"name"` User string `json:"user,omitempty" mapstructure:"user"` Password string `json:"password,omitempty" mapstructure:"password"` Host string `json:"host,omitempty" mapstructure:"host"` Port int `json:"port,omitempty" mapstructure:"port"` Protocol DatabaseProtocol `json:"protocol,omitempty" mapstructure:"protocol"` }
DatabaseConfig contains fields, which configure the various relational database backends.
Flipt currently supports SQLite, Postgres and MySQL backends.
type DatabaseProtocol ¶
type DatabaseProtocol uint8
DatabaseProtocol represents a database protocol
const ( // DatabaseSQLite ... DatabaseSQLite DatabaseProtocol // DatabasePostgres ... DatabasePostgres // DatabaseMySQL ... DatabaseMySQL // DatabaseCockroachDB ... DatabaseCockroachDB )
func (DatabaseProtocol) MarshalJSON ¶
func (d DatabaseProtocol) MarshalJSON() ([]byte, error)
func (DatabaseProtocol) String ¶
func (d DatabaseProtocol) String() string
type JaegerTracingConfig ¶
type JaegerTracingConfig struct { Host string `json:"host,omitempty" mapstructure:"host"` Port int `json:"port,omitempty" mapstructure:"port"` }
JaegerTracingConfig contains fields, which configure Jaeger span and tracing output destination.
type LogConfig ¶
type LogConfig struct { Level string `json:"level,omitempty" mapstructure:"level"` File string `json:"file,omitempty" mapstructure:"file"` Encoding LogEncoding `json:"encoding,omitempty" mapstructure:"encoding"` GRPCLevel string `json:"grpcLevel,omitempty" mapstructure:"grpc_level"` Keys LogKeys `json:"keys" mapstructure:"keys"` }
LogConfig contains fields which control, direct and filter the logging telemetry produces by Flipt.
type LogEncoding ¶
type LogEncoding uint8
LogEncoding is either console or JSON
const ( LogEncodingConsole LogEncoding LogEncodingJSON )
func (LogEncoding) MarshalJSON ¶
func (e LogEncoding) MarshalJSON() ([]byte, error)
func (LogEncoding) String ¶
func (e LogEncoding) String() string
type LogFileSinkConfig ¶ added in v1.21.0
type LogFileSinkConfig struct { Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` File string `json:"file,omitempty" mapstructure:"file"` }
LogFileSinkConfig contains fields that hold configuration for sending audits to a log file.
type MemoryCacheConfig ¶
type MemoryCacheConfig struct {
EvictionInterval time.Duration `json:"evictionInterval,omitempty" mapstructure:"eviction_interval"`
}
MemoryCacheConfig contains fields, which configure in-memory caching.
type MetaConfig ¶
type MetaConfig struct { CheckForUpdates bool `json:"checkForUpdates" mapstructure:"check_for_updates"` TelemetryEnabled bool `json:"telemetryEnabled" mapstructure:"telemetry_enabled"` StateDirectory string `json:"stateDirectory" mapstructure:"state_directory"` }
MetaConfig contains a variety of meta configuration fields.
type OTLPTracingConfig ¶ added in v1.18.2
type OTLPTracingConfig struct {
Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}
OTLPTracingConfig contains fields, which configure OTLP span and tracing output destination.
type RedisCacheConfig ¶
type RedisCacheConfig struct { Host string `json:"host,omitempty" mapstructure:"host"` Port int `json:"port,omitempty" mapstructure:"port"` Password string `json:"password,omitempty" mapstructure:"password"` DB int `json:"db,omitempty" mapstructure:"db"` }
RedisCacheConfig contains fields, which configure the connection credentials for redis backed caching.
type ServerConfig ¶
type ServerConfig struct { Host string `json:"host,omitempty" mapstructure:"host"` Protocol Scheme `json:"protocol,omitempty" mapstructure:"protocol"` HTTPPort int `json:"httpPort,omitempty" mapstructure:"http_port"` HTTPSPort int `json:"httpsPort,omitempty" mapstructure:"https_port"` GRPCPort int `json:"grpcPort,omitempty" mapstructure:"grpc_port"` CertFile string `json:"certFile,omitempty" mapstructure:"cert_file"` CertKey string `json:"certKey,omitempty" mapstructure:"cert_key"` }
ServerConfig contains fields, which configure both HTTP and gRPC API serving.
type SinksConfig ¶ added in v1.21.0
type SinksConfig struct {
LogFile LogFileSinkConfig `json:"log,omitempty" mapstructure:"log"`
}
SinksConfig contains configuration held in structures for the different sinks that we will send audits to.
type StaticAuthenticationMethodInfo ¶ added in v1.17.0
type StaticAuthenticationMethodInfo struct { AuthenticationMethodInfo Enabled bool Cleanup *AuthenticationCleanupSchedule // contains filtered or unexported fields }
StaticAuthenticationMethodInfo embeds an AuthenticationMethodInfo alongside the other properties of an AuthenticationMethod.
func (StaticAuthenticationMethodInfo) Enable ¶ added in v1.18.2
func (s StaticAuthenticationMethodInfo) Enable(t *testing.T)
Enable can only be called in a testing scenario. It is used to enable a target method without having a concrete reference.
func (StaticAuthenticationMethodInfo) SetCleanup ¶ added in v1.18.2
func (s StaticAuthenticationMethodInfo) SetCleanup(t *testing.T, c AuthenticationCleanupSchedule)
SetCleanup can only be called in a testing scenario. It is used to configure cleanup for a target method without having a concrete reference.
type TracingConfig ¶
type TracingConfig struct { Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` Exporter TracingExporter `json:"exporter,omitempty" mapstructure:"exporter"` Jaeger JaegerTracingConfig `json:"jaeger,omitempty" mapstructure:"jaeger"` Zipkin ZipkinTracingConfig `json:"zipkin,omitempty" mapstructure:"zipkin"` OTLP OTLPTracingConfig `json:"otlp,omitempty" mapstructure:"otlp"` }
TracingConfig contains fields, which configure tracing telemetry output destinations.
type TracingExporter ¶ added in v1.18.2
type TracingExporter uint8
TracingExporter represents the supported tracing exporters.
const ( // TracingJaeger ... TracingJaeger TracingExporter // TracingZipkin ... TracingZipkin // TracingOTLP ... TracingOTLP )
func (TracingExporter) MarshalJSON ¶ added in v1.18.2
func (e TracingExporter) MarshalJSON() ([]byte, error)
func (TracingExporter) String ¶ added in v1.18.2
func (e TracingExporter) String() string
type UIConfig ¶
type UIConfig struct {
Enabled bool `json:"enabled" mapstructure:"enabled"`
}
UIConfig contains fields, which control the behaviour of Flipt's user interface.
type ZipkinTracingConfig ¶ added in v1.18.2
type ZipkinTracingConfig struct {
Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}
ZipkinTracingConfig contains fields, which configure Zipkin span and tracing output destination.