config

package
v1.23.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2023 License: GPL-3.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DatabaseStorageType = StorageType("database")
	LocalStorageType    = StorageType("local")
	GitStorageType      = StorageType("git")
)

Variables

View Source
var DecodeHooks = []mapstructure.DecodeHookFunc{
	mapstructure.StringToTimeDurationHookFunc(),
	stringToSliceHookFunc(),
	stringToEnumHookFunc(stringToLogEncoding),
	stringToEnumHookFunc(stringToCacheBackend),
	stringToEnumHookFunc(stringToTracingExporter),
	stringToEnumHookFunc(stringToScheme),
	stringToEnumHookFunc(stringToDatabaseProtocol),
	stringToEnumHookFunc(stringToAuthMethod),
}

Functions

This section is empty.

Types

type AuditConfig added in v1.21.0

type AuditConfig struct {
	Sinks  SinksConfig  `json:"sinks,omitempty" mapstructure:"sinks"`
	Buffer BufferConfig `json:"buffer,omitempty" mapstructure:"buffer"`
}

AuditConfig contains fields, which enable and configure Flipt's various audit sink mechanisms.

func (*AuditConfig) Enabled added in v1.23.0

func (c *AuditConfig) Enabled() bool

Enabled returns true if any nested sink is enabled

type Authentication added in v1.23.0

type Authentication struct {
	BasicAuth *BasicAuth `json:"basic,omitempty" mapstructure:"basic,omitempty"`
	TokenAuth *TokenAuth `json:"token,omitempty" mapstructure:"token,omitempty"`
}

Authentication holds structures for various types of auth we support. Token auth will take priority over Basic auth if both are provided.

To make things easier, if there are multiple inputs that a particular auth method needs, and not all inputs are given but only partially, we will return a validation error. (e.g. if username for basic auth is given, and token is also given a validation error will be returned)

type AuthenticationCleanupSchedule added in v1.16.0

type AuthenticationCleanupSchedule struct {
	Interval    time.Duration `json:"interval,omitempty" mapstructure:"interval"`
	GracePeriod time.Duration `json:"gracePeriod,omitempty" mapstructure:"grace_period"`
}

AuthenticationCleanupSchedule is used to configure a cleanup goroutine.

type AuthenticationConfig added in v1.15.0

type AuthenticationConfig struct {
	// Required designates whether authentication credentials are validated.
	// If required == true, then authentication is required for all API endpoints.
	// Else, authentication is not required and Flipt's APIs are not secured.
	Required bool `json:"required,omitempty" mapstructure:"required"`

	Session AuthenticationSession `json:"session,omitempty" mapstructure:"session"`
	Methods AuthenticationMethods `json:"methods,omitempty" mapstructure:"methods"`
}

AuthenticationConfig configures Flipts authentication mechanisms

func (AuthenticationConfig) Enabled added in v1.23.0

func (c AuthenticationConfig) Enabled() bool

Enabled returns true if authentication is marked as required or any of the authentication methods are enabled.

func (AuthenticationConfig) ShouldRunCleanup added in v1.16.0

func (c AuthenticationConfig) ShouldRunCleanup() (shouldCleanup bool)

ShouldRunCleanup returns true if the cleanup background process should be started. It returns true given at-least 1 method is enabled and it's associated schedule has been configured (non-nil).

type AuthenticationMethod added in v1.17.0

type AuthenticationMethod[C AuthenticationMethodInfoProvider] struct {
	Method  C                              `mapstructure:",squash"`
	Enabled bool                           `json:"enabled,omitempty" mapstructure:"enabled"`
	Cleanup *AuthenticationCleanupSchedule `json:"cleanup,omitempty" mapstructure:"cleanup,omitempty"`
}

AuthenticationMethod is a container for authentication methods. It describes the common properties of all authentication methods. Along with leaving a generic slot for the particular method to declare its own structural fields. This generic field (Method) must implement the AuthenticationMethodInfoProvider to be valid at compile time. nolint:musttag

type AuthenticationMethodInfo added in v1.17.0

type AuthenticationMethodInfo struct {
	Method            auth.Method
	SessionCompatible bool
	Metadata          *structpb.Struct
}

AuthenticationMethodInfo is a structure which describes properties of a particular authentication method. i.e. the name and whether or not the method is session compatible.

func (AuthenticationMethodInfo) Name added in v1.17.0

Name returns the friendly lower-case name for the authentication method.

type AuthenticationMethodInfoProvider added in v1.17.0

type AuthenticationMethodInfoProvider interface {
	// contains filtered or unexported methods
}

AuthenticationMethodInfoProvider is a type with a single method Info which returns an AuthenticationMethodInfo describing the underlying methods properties.

type AuthenticationMethodKubernetesConfig added in v1.19.0

type AuthenticationMethodKubernetesConfig struct {
	// DiscoveryURL is the URL to the local Kubernetes cluster serving the "well-known" OIDC discovery endpoint.
	// https://openid.net/specs/openid-connect-discovery-1_0.html
	// The URL is used to fetch the OIDC configuration and subsequently the JWKS certificates.
	DiscoveryURL string `json:"discoveryURL,omitempty" mapstructure:"discovery_url"`
	// CAPath is the path on disk to the trusted certificate authority certificate for validating
	// HTTPS requests to the issuer.
	CAPath string `json:"caPath,omitempty" mapstructure:"ca_path"`
	// ServiceAccountTokenPath is the location on disk to the Flipt instances service account token.
	// This should be the token issued for the service account associated with Flipt in the environment.
	ServiceAccountTokenPath string `json:"serviceAccountTokenPath,omitempty" mapstructure:"service_account_token_path"`
}

AuthenticationMethodKubernetesConfig contains the fields necessary for the Kubernetes authentication method to be performed. This method supports Flipt being deployed in a Kubernetes environment and allowing it to exchange client tokens for valid service account tokens presented via this method.

type AuthenticationMethodOIDCConfig added in v1.17.0

type AuthenticationMethodOIDCConfig struct {
	Providers map[string]AuthenticationMethodOIDCProvider `json:"providers,omitempty" mapstructure:"providers"`
}

AuthenticationMethodOIDCConfig configures the OIDC authentication method. This method can be used to establish browser based sessions.

type AuthenticationMethodOIDCProvider added in v1.17.0

type AuthenticationMethodOIDCProvider struct {
	IssuerURL       string   `json:"issuerURL,omitempty" mapstructure:"issuer_url"`
	ClientID        string   `json:"clientID,omitempty" mapstructure:"client_id"`
	ClientSecret    string   `json:"clientSecret,omitempty" mapstructure:"client_secret"`
	RedirectAddress string   `json:"redirectAddress,omitempty" mapstructure:"redirect_address"`
	Scopes          []string `json:"scopes,omitempty" mapstructure:"scopes"`
}

AuthenticationOIDCProvider configures provider credentials

type AuthenticationMethodTokenBootstrapConfig added in v1.19.0

type AuthenticationMethodTokenBootstrapConfig struct {
	Token      string        `json:"-" mapstructure:"token"`
	Expiration time.Duration `json:"expiration,omitempty" mapstructure:"expiration"`
}

AuthenticationMethodTokenBootstrapConfig contains fields used to configure the bootstrap process for the authentication method "token".

type AuthenticationMethodTokenConfig added in v1.15.0

type AuthenticationMethodTokenConfig struct {
	Bootstrap AuthenticationMethodTokenBootstrapConfig `json:"bootstrap" mapstructure:"bootstrap"`
}

AuthenticationMethodTokenConfig contains fields used to configure the authentication method "token". This authentication method supports the ability to create static tokens via the /auth/v1/method/token prefix of endpoints.

type AuthenticationMethods added in v1.16.0

type AuthenticationMethods struct {
	Token      AuthenticationMethod[AuthenticationMethodTokenConfig]      `json:"token,omitempty" mapstructure:"token"`
	OIDC       AuthenticationMethod[AuthenticationMethodOIDCConfig]       `json:"oidc,omitempty" mapstructure:"oidc"`
	Kubernetes AuthenticationMethod[AuthenticationMethodKubernetesConfig] `json:"kubernetes,omitempty" mapstructure:"kubernetes"`
}

AuthenticationMethods is a set of configuration for each authentication method available for use within Flipt.

func (*AuthenticationMethods) AllMethods added in v1.17.0

AllMethods returns all the AuthenticationMethod instances available.

func (*AuthenticationMethods) EnabledMethods added in v1.21.0

EnabledMethods returns all the AuthenticationMethod instances that have been enabled.

type AuthenticationSession added in v1.17.0

type AuthenticationSession struct {
	// Domain is the domain on which to register session cookies.
	Domain string `json:"domain,omitempty" mapstructure:"domain"`
	// Secure sets the secure property (i.e. HTTPS only) on both the state and token cookies.
	Secure bool `json:"secure" mapstructure:"secure"`
	// TokenLifetime is the duration of the flipt client token generated once
	// authentication has been established via a session compatible method.
	TokenLifetime time.Duration `json:"tokenLifetime,omitempty" mapstructure:"token_lifetime"`
	// StateLifetime is the lifetime duration of the state cookie.
	StateLifetime time.Duration `json:"stateLifetime,omitempty" mapstructure:"state_lifetime"`
	// CSRF configures CSRF provention mechanisms.
	CSRF AuthenticationSessionCSRF `json:"csrf,omitempty" mapstructure:"csrf"`
}

AuthenticationSession configures the session produced for browsers when establishing authentication via HTTP.

type AuthenticationSessionCSRF added in v1.17.0

type AuthenticationSessionCSRF struct {
	// Key is the private key string used to authenticate csrf tokens.
	Key string `json:"-" mapstructure:"key"`
}

AuthenticationSessionCSRF configures cross-site request forgery prevention.

type BasicAuth added in v1.23.0

type BasicAuth struct {
	Username string `json:"username,omitempty" mapstructure:"username"`
	Password string `json:"password,omitempty" mapstructure:"password"`
}

BasicAuth has configuration for authenticating with private git repositories with basic auth.

type BufferConfig added in v1.21.0

type BufferConfig struct {
	Capacity    int           `json:"capacity,omitempty" mapstructure:"capacity"`
	FlushPeriod time.Duration `json:"flushPeriod,omitempty" mapstructure:"flush_period"`
}

BufferConfig holds configuration for the buffering of sending the audit events to the sinks.

type CacheBackend

type CacheBackend uint8

CacheBackend is either memory or redis

const (

	// CacheMemory ...
	CacheMemory CacheBackend
	// CacheRedis ...
	CacheRedis
)

func (CacheBackend) MarshalJSON

func (c CacheBackend) MarshalJSON() ([]byte, error)

func (CacheBackend) String

func (c CacheBackend) String() string

type CacheConfig

type CacheConfig struct {
	Enabled bool              `json:"enabled" mapstructure:"enabled"`
	TTL     time.Duration     `json:"ttl,omitempty" mapstructure:"ttl"`
	Backend CacheBackend      `json:"backend,omitempty" mapstructure:"backend"`
	Memory  MemoryCacheConfig `json:"memory,omitempty" mapstructure:"memory"`
	Redis   RedisCacheConfig  `json:"redis,omitempty" mapstructure:"redis"`
}

CacheConfig contains fields, which enable and configure Flipt's various caching mechanisms.

Currently, flipt support in-memory and redis backed caching.

type Config

type Config struct {
	Version        string               `json:"version,omitempty" mapstructure:"version,omitempty"`
	Experimental   ExperimentalConfig   `json:"experimental,omitempty" mapstructure:"experimental"`
	Log            LogConfig            `json:"log,omitempty" mapstructure:"log"`
	UI             UIConfig             `json:"ui,omitempty" mapstructure:"ui"`
	Cors           CorsConfig           `json:"cors,omitempty" mapstructure:"cors"`
	Cache          CacheConfig          `json:"cache,omitempty" mapstructure:"cache"`
	Server         ServerConfig         `json:"server,omitempty" mapstructure:"server"`
	Storage        StorageConfig        `json:"storage,omitempty" mapstructure:"storage" experiment:"filesystem_storage"`
	Tracing        TracingConfig        `json:"tracing,omitempty" mapstructure:"tracing"`
	Database       DatabaseConfig       `json:"db,omitempty" mapstructure:"db"`
	Meta           MetaConfig           `json:"meta,omitempty" mapstructure:"meta"`
	Authentication AuthenticationConfig `json:"authentication,omitempty" mapstructure:"authentication"`
	Audit          AuditConfig          `json:"audit,omitempty" mapstructure:"audit"`
}

Config contains all of Flipts configuration needs.

The root of this structure contains a collection of sub-configuration categories.

Each sub-configuration (e.g. LogConfig) optionally implements either or both of the defaulter or validator interfaces. Given the sub-config implements a `setDefaults(*viper.Viper) []string` method then this will be called with the viper context before unmarshalling. This allows the sub-configuration to set any appropriate defaults. Given the sub-config implements a `validate() error` method then this will be called after unmarshalling, such that the function can emit any errors derived from the resulting state of the configuration.

func DefaultConfig added in v1.23.2

func DefaultConfig() *Config

DefaultConfig is the base config used when no configuration is explicit provided.

func (*Config) ServeHTTP

func (c *Config) ServeHTTP(w http.ResponseWriter, r *http.Request)

type CorsConfig

type CorsConfig struct {
	Enabled        bool     `json:"enabled" mapstructure:"enabled"`
	AllowedOrigins []string `json:"allowedOrigins,omitempty" mapstructure:"allowed_origins"`
}

CorsConfig contains fields, which configure behaviour in the HTTPServer relating to the CORS header-based mechanisms.

type DatabaseConfig

type DatabaseConfig struct {
	URL                       string           `json:"url,omitempty" mapstructure:"url,omitempty"`
	MaxIdleConn               int              `json:"maxIdleConn,omitempty" mapstructure:"max_idle_conn"`
	MaxOpenConn               int              `json:"maxOpenConn,omitempty" mapstructure:"max_open_conn"`
	ConnMaxLifetime           time.Duration    `json:"connMaxLifetime,omitempty" mapstructure:"conn_max_lifetime"`
	Name                      string           `json:"name,omitempty" mapstructure:"name,omitempty"`
	User                      string           `json:"user,omitempty" mapstructure:"user,omitempty"`
	Password                  string           `json:"password,omitempty" mapstructure:"password,omitempty"`
	Host                      string           `json:"host,omitempty" mapstructure:"host,omitempty"`
	Port                      int              `json:"port,omitempty" mapstructure:"port,omitempty"`
	Protocol                  DatabaseProtocol `json:"protocol,omitempty" mapstructure:"protocol,omitempty"`
	PreparedStatementsEnabled bool             `json:"preparedStatementsEnabled,omitempty" mapstructure:"prepared_statements_enabled"`
}

DatabaseConfig contains fields, which configure the various relational database backends.

Flipt currently supports SQLite, Postgres and MySQL backends.

type DatabaseProtocol

type DatabaseProtocol uint8

DatabaseProtocol represents a database protocol

const (

	// DatabaseSQLite ...
	DatabaseSQLite DatabaseProtocol
	// DatabasePostgres ...
	DatabasePostgres
	// DatabaseMySQL ...
	DatabaseMySQL
	// DatabaseCockroachDB ...
	DatabaseCockroachDB
)

func (DatabaseProtocol) MarshalJSON

func (d DatabaseProtocol) MarshalJSON() ([]byte, error)

func (DatabaseProtocol) String

func (d DatabaseProtocol) String() string

type ExperimentalConfig added in v1.23.0

type ExperimentalConfig struct {
	FilesystemStorage ExperimentalFlag `json:"filesystem_storage,omitempty" mapstructure:"filesystem_storage"`
}

ExperimentalConfig allows for experimental features to be enabled and disabled.

type ExperimentalFlag added in v1.23.0

type ExperimentalFlag struct {
	Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"`
}

ExperimentalFlag is a structure which has properties to configure experimental feature enablement.

type Git added in v1.23.0

type Git struct {
	Repository     string         `json:"repository,omitempty" mapstructure:"repository"`
	Ref            string         `json:"ref,omitempty" mapstructure:"ref"`
	PollInterval   time.Duration  `json:"pollInterval,omitempty" mapstructure:"poll_interval"`
	Authentication Authentication `json:"authentication,omitempty" mapstructure:"authentication,omitempty"`
}

Git contains configuration for referencing a git repository.

type JaegerTracingConfig

type JaegerTracingConfig struct {
	Host string `json:"host,omitempty" mapstructure:"host"`
	Port int    `json:"port,omitempty" mapstructure:"port"`
}

JaegerTracingConfig contains fields, which configure Jaeger span and tracing output destination.

type Local added in v1.23.0

type Local struct {
	Path string `json:"path,omitempty" mapstructure:"path"`
}

Local contains configuration for referencing a local filesystem.

type LogConfig

type LogConfig struct {
	Level     string      `json:"level,omitempty" mapstructure:"level"`
	File      string      `json:"file,omitempty" mapstructure:"file"`
	Encoding  LogEncoding `json:"encoding,omitempty" mapstructure:"encoding"`
	GRPCLevel string      `json:"grpcLevel,omitempty" mapstructure:"grpc_level"`
	Keys      LogKeys     `json:"keys" mapstructure:"keys"`
}

LogConfig contains fields which control, direct and filter the logging telemetry produces by Flipt.

type LogEncoding

type LogEncoding uint8

LogEncoding is either console or JSON

const (
	LogEncodingConsole LogEncoding
	LogEncodingJSON
)

func (LogEncoding) MarshalJSON

func (e LogEncoding) MarshalJSON() ([]byte, error)

func (LogEncoding) String

func (e LogEncoding) String() string

type LogFileSinkConfig added in v1.21.0

type LogFileSinkConfig struct {
	Enabled bool   `json:"enabled,omitempty" mapstructure:"enabled"`
	File    string `json:"file,omitempty" mapstructure:"file"`
}

LogFileSinkConfig contains fields that hold configuration for sending audits to a log file.

type LogKeys added in v1.18.1

type LogKeys struct {
	Time    string `json:"time" mapstructure:"time"`
	Level   string `json:"level" mapstructure:"level"`
	Message string `json:"message" mapstructure:"message"`
}

type MemoryCacheConfig

type MemoryCacheConfig struct {
	EvictionInterval time.Duration `json:"evictionInterval,omitempty" mapstructure:"eviction_interval"`
}

MemoryCacheConfig contains fields, which configure in-memory caching.

type MetaConfig

type MetaConfig struct {
	CheckForUpdates  bool   `json:"checkForUpdates" mapstructure:"check_for_updates"`
	TelemetryEnabled bool   `json:"telemetryEnabled" mapstructure:"telemetry_enabled"`
	StateDirectory   string `json:"stateDirectory" mapstructure:"state_directory"`
}

MetaConfig contains a variety of meta configuration fields.

type OTLPTracingConfig added in v1.18.2

type OTLPTracingConfig struct {
	Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}

OTLPTracingConfig contains fields, which configure OTLP span and tracing output destination.

type RedisCacheConfig

type RedisCacheConfig struct {
	Host     string `json:"host,omitempty" mapstructure:"host"`
	Port     int    `json:"port,omitempty" mapstructure:"port"`
	Password string `json:"password,omitempty" mapstructure:"password"`
	DB       int    `json:"db,omitempty" mapstructure:"db"`
}

RedisCacheConfig contains fields, which configure the connection credentials for redis backed caching.

type Result added in v1.17.0

type Result struct {
	Config   *Config
	Warnings []string
}

func Load

func Load(path string) (*Result, error)

type Scheme

type Scheme uint
const (
	HTTP Scheme = iota
	HTTPS
)

func (Scheme) MarshalJSON

func (s Scheme) MarshalJSON() ([]byte, error)

func (Scheme) String

func (s Scheme) String() string

type ServerConfig

type ServerConfig struct {
	Host      string `json:"host,omitempty" mapstructure:"host"`
	Protocol  Scheme `json:"protocol,omitempty" mapstructure:"protocol"`
	HTTPPort  int    `json:"httpPort,omitempty" mapstructure:"http_port"`
	HTTPSPort int    `json:"httpsPort,omitempty" mapstructure:"https_port"`
	GRPCPort  int    `json:"grpcPort,omitempty" mapstructure:"grpc_port"`
	CertFile  string `json:"certFile,omitempty" mapstructure:"cert_file"`
	CertKey   string `json:"certKey,omitempty" mapstructure:"cert_key"`
}

ServerConfig contains fields, which configure both HTTP and gRPC API serving.

type SinksConfig added in v1.21.0

type SinksConfig struct {
	LogFile LogFileSinkConfig `json:"log,omitempty" mapstructure:"log"`
}

SinksConfig contains configuration held in structures for the different sinks that we will send audits to.

type StaticAuthenticationMethodInfo added in v1.17.0

type StaticAuthenticationMethodInfo struct {
	AuthenticationMethodInfo
	Enabled bool
	Cleanup *AuthenticationCleanupSchedule
	// contains filtered or unexported fields
}

StaticAuthenticationMethodInfo embeds an AuthenticationMethodInfo alongside the other properties of an AuthenticationMethod.

func (StaticAuthenticationMethodInfo) Enable added in v1.18.2

Enable can only be called in a testing scenario. It is used to enable a target method without having a concrete reference.

func (StaticAuthenticationMethodInfo) SetCleanup added in v1.18.2

SetCleanup can only be called in a testing scenario. It is used to configure cleanup for a target method without having a concrete reference.

type StorageConfig added in v1.23.0

type StorageConfig struct {
	Type  StorageType `json:"type,omitempty" mapstructure:"type"`
	Local *Local      `json:"local,omitempty" mapstructure:"local,omitempty"`
	Git   *Git        `json:"git,omitempty" mapstructure:"git,omitempty"`
}

StorageConfig contains fields which will configure the type of backend in which Flipt will serve flag state.

type StorageType added in v1.23.0

type StorageType string

type TokenAuth added in v1.23.0

type TokenAuth struct {
	AccessToken string `json:"accessToken,omitempty" mapstructure:"access_token"`
}

TokenAuth has configuration for authenticating with private git repositories with token auth.

type TracingConfig

type TracingConfig struct {
	Enabled  bool                `json:"enabled,omitempty" mapstructure:"enabled"`
	Exporter TracingExporter     `json:"exporter,omitempty" mapstructure:"exporter"`
	Jaeger   JaegerTracingConfig `json:"jaeger,omitempty" mapstructure:"jaeger"`
	Zipkin   ZipkinTracingConfig `json:"zipkin,omitempty" mapstructure:"zipkin"`
	OTLP     OTLPTracingConfig   `json:"otlp,omitempty" mapstructure:"otlp"`
}

TracingConfig contains fields, which configure tracing telemetry output destinations.

type TracingExporter added in v1.18.2

type TracingExporter uint8

TracingExporter represents the supported tracing exporters.

const (

	// TracingJaeger ...
	TracingJaeger TracingExporter
	// TracingZipkin ...
	TracingZipkin
	// TracingOTLP ...
	TracingOTLP
)

func (TracingExporter) MarshalJSON added in v1.18.2

func (e TracingExporter) MarshalJSON() ([]byte, error)

func (TracingExporter) String added in v1.18.2

func (e TracingExporter) String() string

type UIConfig

type UIConfig struct {
	Enabled bool `json:"enabled" mapstructure:"enabled"`
}

UIConfig contains fields, which control the behaviour of Flipt's user interface.

type ZipkinTracingConfig added in v1.18.2

type ZipkinTracingConfig struct {
	Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}

ZipkinTracingConfig contains fields, which configure Zipkin span and tracing output destination.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL