Documentation ¶
Index ¶
- Constants
- Variables
- type AuditConfig
- type Authentication
- type AuthenticationCleanupSchedule
- type AuthenticationConfig
- type AuthenticationMethod
- type AuthenticationMethodInfo
- type AuthenticationMethodInfoProvider
- type AuthenticationMethodKubernetesConfig
- type AuthenticationMethodOIDCConfig
- type AuthenticationMethodOIDCProvider
- type AuthenticationMethodTokenBootstrapConfig
- type AuthenticationMethodTokenConfig
- type AuthenticationMethods
- type AuthenticationSession
- type AuthenticationSessionCSRF
- type BasicAuth
- type BufferConfig
- type CacheBackend
- type CacheConfig
- type Config
- type CorsConfig
- type DatabaseConfig
- type DatabaseProtocol
- type ExperimentalConfig
- type ExperimentalFlag
- type Git
- type JaegerTracingConfig
- type Local
- type LogConfig
- type LogEncoding
- type LogFileSinkConfig
- type LogKeys
- type MemoryCacheConfig
- type MetaConfig
- type OTLPTracingConfig
- type RedisCacheConfig
- type Result
- type Scheme
- type ServerConfig
- type SinksConfig
- type StaticAuthenticationMethodInfo
- type StorageConfig
- type StorageType
- type TokenAuth
- type TracingConfig
- type TracingExporter
- type UIConfig
- type ZipkinTracingConfig
Constants ¶
const ( DatabaseStorageType = StorageType("database") LocalStorageType = StorageType("local") GitStorageType = StorageType("git") )
Variables ¶
var DecodeHooks = []mapstructure.DecodeHookFunc{ mapstructure.StringToTimeDurationHookFunc(), stringToSliceHookFunc(), stringToEnumHookFunc(stringToLogEncoding), stringToEnumHookFunc(stringToCacheBackend), stringToEnumHookFunc(stringToTracingExporter), stringToEnumHookFunc(stringToScheme), stringToEnumHookFunc(stringToDatabaseProtocol), stringToEnumHookFunc(stringToAuthMethod), }
Functions ¶
This section is empty.
Types ¶
type AuditConfig ¶ added in v1.21.0
type AuditConfig struct { Sinks SinksConfig `json:"sinks,omitempty" mapstructure:"sinks"` Buffer BufferConfig `json:"buffer,omitempty" mapstructure:"buffer"` }
AuditConfig contains fields, which enable and configure Flipt's various audit sink mechanisms.
func (*AuditConfig) Enabled ¶ added in v1.23.0
func (c *AuditConfig) Enabled() bool
Enabled returns true if any nested sink is enabled
type Authentication ¶ added in v1.23.0
type Authentication struct { BasicAuth *BasicAuth `json:"basic,omitempty" mapstructure:"basic,omitempty"` TokenAuth *TokenAuth `json:"token,omitempty" mapstructure:"token,omitempty"` }
Authentication holds structures for various types of auth we support. Token auth will take priority over Basic auth if both are provided.
To make things easier, if there are multiple inputs that a particular auth method needs, and not all inputs are given but only partially, we will return a validation error. (e.g. if username for basic auth is given, and token is also given a validation error will be returned)
type AuthenticationCleanupSchedule ¶ added in v1.16.0
type AuthenticationCleanupSchedule struct { Interval time.Duration `json:"interval,omitempty" mapstructure:"interval"` GracePeriod time.Duration `json:"gracePeriod,omitempty" mapstructure:"grace_period"` }
AuthenticationCleanupSchedule is used to configure a cleanup goroutine.
type AuthenticationConfig ¶ added in v1.15.0
type AuthenticationConfig struct { // Required designates whether authentication credentials are validated. // If required == true, then authentication is required for all API endpoints. // Else, authentication is not required and Flipt's APIs are not secured. Required bool `json:"required,omitempty" mapstructure:"required"` Session AuthenticationSession `json:"session,omitempty" mapstructure:"session"` Methods AuthenticationMethods `json:"methods,omitempty" mapstructure:"methods"` }
AuthenticationConfig configures Flipts authentication mechanisms
func (AuthenticationConfig) Enabled ¶ added in v1.23.0
func (c AuthenticationConfig) Enabled() bool
Enabled returns true if authentication is marked as required or any of the authentication methods are enabled.
func (AuthenticationConfig) ShouldRunCleanup ¶ added in v1.16.0
func (c AuthenticationConfig) ShouldRunCleanup() (shouldCleanup bool)
ShouldRunCleanup returns true if the cleanup background process should be started. It returns true given at-least 1 method is enabled and it's associated schedule has been configured (non-nil).
type AuthenticationMethod ¶ added in v1.17.0
type AuthenticationMethod[C AuthenticationMethodInfoProvider] struct { Method C `mapstructure:",squash"` Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` Cleanup *AuthenticationCleanupSchedule `json:"cleanup,omitempty" mapstructure:"cleanup,omitempty"` }
AuthenticationMethod is a container for authentication methods. It describes the common properties of all authentication methods. Along with leaving a generic slot for the particular method to declare its own structural fields. This generic field (Method) must implement the AuthenticationMethodInfoProvider to be valid at compile time. nolint:musttag
type AuthenticationMethodInfo ¶ added in v1.17.0
type AuthenticationMethodInfo struct { Method auth.Method SessionCompatible bool Metadata *structpb.Struct }
AuthenticationMethodInfo is a structure which describes properties of a particular authentication method. i.e. the name and whether or not the method is session compatible.
func (AuthenticationMethodInfo) Name ¶ added in v1.17.0
func (a AuthenticationMethodInfo) Name() string
Name returns the friendly lower-case name for the authentication method.
type AuthenticationMethodInfoProvider ¶ added in v1.17.0
type AuthenticationMethodInfoProvider interface {
// contains filtered or unexported methods
}
AuthenticationMethodInfoProvider is a type with a single method Info which returns an AuthenticationMethodInfo describing the underlying methods properties.
type AuthenticationMethodKubernetesConfig ¶ added in v1.19.0
type AuthenticationMethodKubernetesConfig struct { // DiscoveryURL is the URL to the local Kubernetes cluster serving the "well-known" OIDC discovery endpoint. // https://openid.net/specs/openid-connect-discovery-1_0.html // The URL is used to fetch the OIDC configuration and subsequently the JWKS certificates. DiscoveryURL string `json:"discoveryURL,omitempty" mapstructure:"discovery_url"` // CAPath is the path on disk to the trusted certificate authority certificate for validating // HTTPS requests to the issuer. CAPath string `json:"caPath,omitempty" mapstructure:"ca_path"` // ServiceAccountTokenPath is the location on disk to the Flipt instances service account token. // This should be the token issued for the service account associated with Flipt in the environment. ServiceAccountTokenPath string `json:"serviceAccountTokenPath,omitempty" mapstructure:"service_account_token_path"` }
AuthenticationMethodKubernetesConfig contains the fields necessary for the Kubernetes authentication method to be performed. This method supports Flipt being deployed in a Kubernetes environment and allowing it to exchange client tokens for valid service account tokens presented via this method.
type AuthenticationMethodOIDCConfig ¶ added in v1.17.0
type AuthenticationMethodOIDCConfig struct {
Providers map[string]AuthenticationMethodOIDCProvider `json:"providers,omitempty" mapstructure:"providers"`
}
AuthenticationMethodOIDCConfig configures the OIDC authentication method. This method can be used to establish browser based sessions.
type AuthenticationMethodOIDCProvider ¶ added in v1.17.0
type AuthenticationMethodOIDCProvider struct { IssuerURL string `json:"issuerURL,omitempty" mapstructure:"issuer_url"` ClientID string `json:"clientID,omitempty" mapstructure:"client_id"` ClientSecret string `json:"clientSecret,omitempty" mapstructure:"client_secret"` RedirectAddress string `json:"redirectAddress,omitempty" mapstructure:"redirect_address"` Scopes []string `json:"scopes,omitempty" mapstructure:"scopes"` }
AuthenticationOIDCProvider configures provider credentials
type AuthenticationMethodTokenBootstrapConfig ¶ added in v1.19.0
type AuthenticationMethodTokenBootstrapConfig struct { Token string `json:"-" mapstructure:"token"` Expiration time.Duration `json:"expiration,omitempty" mapstructure:"expiration"` }
AuthenticationMethodTokenBootstrapConfig contains fields used to configure the bootstrap process for the authentication method "token".
type AuthenticationMethodTokenConfig ¶ added in v1.15.0
type AuthenticationMethodTokenConfig struct {
Bootstrap AuthenticationMethodTokenBootstrapConfig `json:"bootstrap" mapstructure:"bootstrap"`
}
AuthenticationMethodTokenConfig contains fields used to configure the authentication method "token". This authentication method supports the ability to create static tokens via the /auth/v1/method/token prefix of endpoints.
type AuthenticationMethods ¶ added in v1.16.0
type AuthenticationMethods struct { Token AuthenticationMethod[AuthenticationMethodTokenConfig] `json:"token,omitempty" mapstructure:"token"` OIDC AuthenticationMethod[AuthenticationMethodOIDCConfig] `json:"oidc,omitempty" mapstructure:"oidc"` Kubernetes AuthenticationMethod[AuthenticationMethodKubernetesConfig] `json:"kubernetes,omitempty" mapstructure:"kubernetes"` }
AuthenticationMethods is a set of configuration for each authentication method available for use within Flipt.
func (*AuthenticationMethods) AllMethods ¶ added in v1.17.0
func (a *AuthenticationMethods) AllMethods() []StaticAuthenticationMethodInfo
AllMethods returns all the AuthenticationMethod instances available.
func (*AuthenticationMethods) EnabledMethods ¶ added in v1.21.0
func (a *AuthenticationMethods) EnabledMethods() []StaticAuthenticationMethodInfo
EnabledMethods returns all the AuthenticationMethod instances that have been enabled.
type AuthenticationSession ¶ added in v1.17.0
type AuthenticationSession struct { // Domain is the domain on which to register session cookies. Domain string `json:"domain,omitempty" mapstructure:"domain"` // Secure sets the secure property (i.e. HTTPS only) on both the state and token cookies. Secure bool `json:"secure" mapstructure:"secure"` // TokenLifetime is the duration of the flipt client token generated once // authentication has been established via a session compatible method. TokenLifetime time.Duration `json:"tokenLifetime,omitempty" mapstructure:"token_lifetime"` // StateLifetime is the lifetime duration of the state cookie. StateLifetime time.Duration `json:"stateLifetime,omitempty" mapstructure:"state_lifetime"` // CSRF configures CSRF provention mechanisms. CSRF AuthenticationSessionCSRF `json:"csrf,omitempty" mapstructure:"csrf"` }
AuthenticationSession configures the session produced for browsers when establishing authentication via HTTP.
type AuthenticationSessionCSRF ¶ added in v1.17.0
type AuthenticationSessionCSRF struct { // Key is the private key string used to authenticate csrf tokens. Key string `json:"-" mapstructure:"key"` }
AuthenticationSessionCSRF configures cross-site request forgery prevention.
type BasicAuth ¶ added in v1.23.0
type BasicAuth struct { Username string `json:"username,omitempty" mapstructure:"username"` Password string `json:"password,omitempty" mapstructure:"password"` }
BasicAuth has configuration for authenticating with private git repositories with basic auth.
type BufferConfig ¶ added in v1.21.0
type BufferConfig struct { Capacity int `json:"capacity,omitempty" mapstructure:"capacity"` FlushPeriod time.Duration `json:"flushPeriod,omitempty" mapstructure:"flush_period"` }
BufferConfig holds configuration for the buffering of sending the audit events to the sinks.
type CacheBackend ¶
type CacheBackend uint8
CacheBackend is either memory or redis
const ( // CacheMemory ... CacheMemory CacheBackend // CacheRedis ... CacheRedis )
func (CacheBackend) MarshalJSON ¶
func (c CacheBackend) MarshalJSON() ([]byte, error)
func (CacheBackend) String ¶
func (c CacheBackend) String() string
type CacheConfig ¶
type CacheConfig struct { Enabled bool `json:"enabled" mapstructure:"enabled"` TTL time.Duration `json:"ttl,omitempty" mapstructure:"ttl"` Backend CacheBackend `json:"backend,omitempty" mapstructure:"backend"` Memory MemoryCacheConfig `json:"memory,omitempty" mapstructure:"memory"` Redis RedisCacheConfig `json:"redis,omitempty" mapstructure:"redis"` }
CacheConfig contains fields, which enable and configure Flipt's various caching mechanisms.
Currently, flipt support in-memory and redis backed caching.
type Config ¶
type Config struct { Version string `json:"version,omitempty" mapstructure:"version,omitempty"` Experimental ExperimentalConfig `json:"experimental,omitempty" mapstructure:"experimental"` Log LogConfig `json:"log,omitempty" mapstructure:"log"` UI UIConfig `json:"ui,omitempty" mapstructure:"ui"` Cors CorsConfig `json:"cors,omitempty" mapstructure:"cors"` Cache CacheConfig `json:"cache,omitempty" mapstructure:"cache"` Server ServerConfig `json:"server,omitempty" mapstructure:"server"` Storage StorageConfig `json:"storage,omitempty" mapstructure:"storage" experiment:"filesystem_storage"` Tracing TracingConfig `json:"tracing,omitempty" mapstructure:"tracing"` Database DatabaseConfig `json:"db,omitempty" mapstructure:"db"` Meta MetaConfig `json:"meta,omitempty" mapstructure:"meta"` Authentication AuthenticationConfig `json:"authentication,omitempty" mapstructure:"authentication"` Audit AuditConfig `json:"audit,omitempty" mapstructure:"audit"` }
Config contains all of Flipts configuration needs.
The root of this structure contains a collection of sub-configuration categories.
Each sub-configuration (e.g. LogConfig) optionally implements either or both of the defaulter or validator interfaces. Given the sub-config implements a `setDefaults(*viper.Viper) []string` method then this will be called with the viper context before unmarshalling. This allows the sub-configuration to set any appropriate defaults. Given the sub-config implements a `validate() error` method then this will be called after unmarshalling, such that the function can emit any errors derived from the resulting state of the configuration.
func DefaultConfig ¶ added in v1.23.2
func DefaultConfig() *Config
DefaultConfig is the base config used when no configuration is explicit provided.
type CorsConfig ¶
type CorsConfig struct { Enabled bool `json:"enabled" mapstructure:"enabled"` AllowedOrigins []string `json:"allowedOrigins,omitempty" mapstructure:"allowed_origins"` }
CorsConfig contains fields, which configure behaviour in the HTTPServer relating to the CORS header-based mechanisms.
type DatabaseConfig ¶
type DatabaseConfig struct { URL string `json:"url,omitempty" mapstructure:"url,omitempty"` MaxIdleConn int `json:"maxIdleConn,omitempty" mapstructure:"max_idle_conn"` MaxOpenConn int `json:"maxOpenConn,omitempty" mapstructure:"max_open_conn"` ConnMaxLifetime time.Duration `json:"connMaxLifetime,omitempty" mapstructure:"conn_max_lifetime"` Name string `json:"name,omitempty" mapstructure:"name,omitempty"` User string `json:"user,omitempty" mapstructure:"user,omitempty"` Password string `json:"password,omitempty" mapstructure:"password,omitempty"` Host string `json:"host,omitempty" mapstructure:"host,omitempty"` Port int `json:"port,omitempty" mapstructure:"port,omitempty"` Protocol DatabaseProtocol `json:"protocol,omitempty" mapstructure:"protocol,omitempty"` PreparedStatementsEnabled bool `json:"preparedStatementsEnabled,omitempty" mapstructure:"prepared_statements_enabled"` }
DatabaseConfig contains fields, which configure the various relational database backends.
Flipt currently supports SQLite, Postgres and MySQL backends.
type DatabaseProtocol ¶
type DatabaseProtocol uint8
DatabaseProtocol represents a database protocol
const ( // DatabaseSQLite ... DatabaseSQLite DatabaseProtocol // DatabasePostgres ... DatabasePostgres // DatabaseMySQL ... DatabaseMySQL // DatabaseCockroachDB ... DatabaseCockroachDB )
func (DatabaseProtocol) MarshalJSON ¶
func (d DatabaseProtocol) MarshalJSON() ([]byte, error)
func (DatabaseProtocol) String ¶
func (d DatabaseProtocol) String() string
type ExperimentalConfig ¶ added in v1.23.0
type ExperimentalConfig struct {
FilesystemStorage ExperimentalFlag `json:"filesystem_storage,omitempty" mapstructure:"filesystem_storage"`
}
ExperimentalConfig allows for experimental features to be enabled and disabled.
type ExperimentalFlag ¶ added in v1.23.0
type ExperimentalFlag struct {
Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"`
}
ExperimentalFlag is a structure which has properties to configure experimental feature enablement.
type Git ¶ added in v1.23.0
type Git struct { Repository string `json:"repository,omitempty" mapstructure:"repository"` Ref string `json:"ref,omitempty" mapstructure:"ref"` PollInterval time.Duration `json:"pollInterval,omitempty" mapstructure:"poll_interval"` Authentication Authentication `json:"authentication,omitempty" mapstructure:"authentication,omitempty"` }
Git contains configuration for referencing a git repository.
type JaegerTracingConfig ¶
type JaegerTracingConfig struct { Host string `json:"host,omitempty" mapstructure:"host"` Port int `json:"port,omitempty" mapstructure:"port"` }
JaegerTracingConfig contains fields, which configure Jaeger span and tracing output destination.
type Local ¶ added in v1.23.0
type Local struct {
Path string `json:"path,omitempty" mapstructure:"path"`
}
Local contains configuration for referencing a local filesystem.
type LogConfig ¶
type LogConfig struct { Level string `json:"level,omitempty" mapstructure:"level"` File string `json:"file,omitempty" mapstructure:"file"` Encoding LogEncoding `json:"encoding,omitempty" mapstructure:"encoding"` GRPCLevel string `json:"grpcLevel,omitempty" mapstructure:"grpc_level"` Keys LogKeys `json:"keys" mapstructure:"keys"` }
LogConfig contains fields which control, direct and filter the logging telemetry produces by Flipt.
type LogEncoding ¶
type LogEncoding uint8
LogEncoding is either console or JSON
const ( LogEncodingConsole LogEncoding LogEncodingJSON )
func (LogEncoding) MarshalJSON ¶
func (e LogEncoding) MarshalJSON() ([]byte, error)
func (LogEncoding) String ¶
func (e LogEncoding) String() string
type LogFileSinkConfig ¶ added in v1.21.0
type LogFileSinkConfig struct { Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` File string `json:"file,omitempty" mapstructure:"file"` }
LogFileSinkConfig contains fields that hold configuration for sending audits to a log file.
type MemoryCacheConfig ¶
type MemoryCacheConfig struct {
EvictionInterval time.Duration `json:"evictionInterval,omitempty" mapstructure:"eviction_interval"`
}
MemoryCacheConfig contains fields, which configure in-memory caching.
type MetaConfig ¶
type MetaConfig struct { CheckForUpdates bool `json:"checkForUpdates" mapstructure:"check_for_updates"` TelemetryEnabled bool `json:"telemetryEnabled" mapstructure:"telemetry_enabled"` StateDirectory string `json:"stateDirectory" mapstructure:"state_directory"` }
MetaConfig contains a variety of meta configuration fields.
type OTLPTracingConfig ¶ added in v1.18.2
type OTLPTracingConfig struct {
Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}
OTLPTracingConfig contains fields, which configure OTLP span and tracing output destination.
type RedisCacheConfig ¶
type RedisCacheConfig struct { Host string `json:"host,omitempty" mapstructure:"host"` Port int `json:"port,omitempty" mapstructure:"port"` Password string `json:"password,omitempty" mapstructure:"password"` DB int `json:"db,omitempty" mapstructure:"db"` }
RedisCacheConfig contains fields, which configure the connection credentials for redis backed caching.
type ServerConfig ¶
type ServerConfig struct { Host string `json:"host,omitempty" mapstructure:"host"` Protocol Scheme `json:"protocol,omitempty" mapstructure:"protocol"` HTTPPort int `json:"httpPort,omitempty" mapstructure:"http_port"` HTTPSPort int `json:"httpsPort,omitempty" mapstructure:"https_port"` GRPCPort int `json:"grpcPort,omitempty" mapstructure:"grpc_port"` CertFile string `json:"certFile,omitempty" mapstructure:"cert_file"` CertKey string `json:"certKey,omitempty" mapstructure:"cert_key"` }
ServerConfig contains fields, which configure both HTTP and gRPC API serving.
type SinksConfig ¶ added in v1.21.0
type SinksConfig struct {
LogFile LogFileSinkConfig `json:"log,omitempty" mapstructure:"log"`
}
SinksConfig contains configuration held in structures for the different sinks that we will send audits to.
type StaticAuthenticationMethodInfo ¶ added in v1.17.0
type StaticAuthenticationMethodInfo struct { AuthenticationMethodInfo Enabled bool Cleanup *AuthenticationCleanupSchedule // contains filtered or unexported fields }
StaticAuthenticationMethodInfo embeds an AuthenticationMethodInfo alongside the other properties of an AuthenticationMethod.
func (StaticAuthenticationMethodInfo) Enable ¶ added in v1.18.2
func (s StaticAuthenticationMethodInfo) Enable(t *testing.T)
Enable can only be called in a testing scenario. It is used to enable a target method without having a concrete reference.
func (StaticAuthenticationMethodInfo) SetCleanup ¶ added in v1.18.2
func (s StaticAuthenticationMethodInfo) SetCleanup(t *testing.T, c AuthenticationCleanupSchedule)
SetCleanup can only be called in a testing scenario. It is used to configure cleanup for a target method without having a concrete reference.
type StorageConfig ¶ added in v1.23.0
type StorageConfig struct { Type StorageType `json:"type,omitempty" mapstructure:"type"` Local *Local `json:"local,omitempty" mapstructure:"local,omitempty"` Git *Git `json:"git,omitempty" mapstructure:"git,omitempty"` }
StorageConfig contains fields which will configure the type of backend in which Flipt will serve flag state.
type StorageType ¶ added in v1.23.0
type StorageType string
type TokenAuth ¶ added in v1.23.0
type TokenAuth struct {
AccessToken string `json:"accessToken,omitempty" mapstructure:"access_token"`
}
TokenAuth has configuration for authenticating with private git repositories with token auth.
type TracingConfig ¶
type TracingConfig struct { Enabled bool `json:"enabled,omitempty" mapstructure:"enabled"` Exporter TracingExporter `json:"exporter,omitempty" mapstructure:"exporter"` Jaeger JaegerTracingConfig `json:"jaeger,omitempty" mapstructure:"jaeger"` Zipkin ZipkinTracingConfig `json:"zipkin,omitempty" mapstructure:"zipkin"` OTLP OTLPTracingConfig `json:"otlp,omitempty" mapstructure:"otlp"` }
TracingConfig contains fields, which configure tracing telemetry output destinations.
type TracingExporter ¶ added in v1.18.2
type TracingExporter uint8
TracingExporter represents the supported tracing exporters.
const ( // TracingJaeger ... TracingJaeger TracingExporter // TracingZipkin ... TracingZipkin // TracingOTLP ... TracingOTLP )
func (TracingExporter) MarshalJSON ¶ added in v1.18.2
func (e TracingExporter) MarshalJSON() ([]byte, error)
func (TracingExporter) String ¶ added in v1.18.2
func (e TracingExporter) String() string
type UIConfig ¶
type UIConfig struct {
Enabled bool `json:"enabled" mapstructure:"enabled"`
}
UIConfig contains fields, which control the behaviour of Flipt's user interface.
type ZipkinTracingConfig ¶ added in v1.18.2
type ZipkinTracingConfig struct {
Endpoint string `json:"endpoint,omitempty" mapstructure:"endpoint"`
}
ZipkinTracingConfig contains fields, which configure Zipkin span and tracing output destination.