config

package
v0.32.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 3, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const ConfigFileVersion = 2
View Source 
const EdgeTemplate = templatePreamble + `
opa:
  instance_id: {{ .TenantID }}
  graceful_shutdown_period_seconds: 2
  local_bundles:
    paths: []
    skip_verification: true
  config:
    services:
      aserto-discovery:
        url: {{ .DiscoveryURL }}
        credentials:
          bearer:
            token: {{ .TenantKey }}
            scheme: "basic"
        headers:
          Aserto-Tenant-Id: {{ .TenantID }}
    discovery:
      service: aserto-discovery
      resource: {{ .PolicyName }}/{{ .PolicyName }}/opa
{{ if .ControlPlane.Enabled }}
controller:
  enabled: true
  server:
    address: {{ .ControlPlane.Address }}
    client_cert_path: {{ .ControlPlane.ClientCertPath }}
    client_key_path: {{ .ControlPlane.ClientKeyPath }}
{{ else }}
controller:
  enabled: false
{{ end }}
{{ if .DecisionLogging }}
decision_logger:
  type: self
  config:
    store_directory: {{ .DecisionLogger.StorePath }}
    scribe:
      address: {{ .DecisionLogger.EMSAddress }}
      client_cert_path: {{ .DecisionLogger.ClientCertPath }}
      client_key_path: {{ .DecisionLogger.ClientKeyPath }}
      ack_wait_seconds: 30
      headers:
        Aserto-Tenant-Id: {{ .TenantID }}
    shipper:
      publish_timeout_seconds: 2
{{ end }}
`
View Source 
const LocalImageTemplate = templatePreamble + `
opa:
  instance_id: "-"
  graceful_shutdown_period_seconds: 2
  # max_plugin_wait_time_seconds: 30 set as default
  local_bundles:
    local_policy_image: {{ .LocalPolicyImage }}
    watch: true
    skip_verification: true
`
View Source 
const Template = templatePreamble + `
opa:
  instance_id: "-"
  graceful_shutdown_period_seconds: 2
  # max_plugin_wait_time_seconds: 30 set as default
  local_bundles:
    paths: []
    skip_verification: true
  config:
    services:
      ghcr:
        url: https://ghcr.io
        type: "oci"
        response_header_timeout_seconds: 5
    bundles:
      {{ .PolicyName }}:
        service: ghcr
        resource: "{{ .Resource }}"
        persist: false
        config:
          polling:
            min_delay_seconds: 60
            max_delay_seconds: 120
`

Variables

View Source 
var (
	DefaultTLSGenDir = os.ExpandEnv("$HOME/.config/topaz/certs")
	CertificateSets  = []string{"grpc", "gateway"}
)

Functions

func FileExists added in v0.30.25 

func FileExists(path string) (bool, error)

func GetConfig added in v0.32.0 

func GetConfig(configFilePath string) *currentConfig

func NewLoggerConfig 

func NewLoggerConfig(configPath Path, overrides Overrider) (*logger.Config, error)

NewLoggerConfig creates a new LoggerConfig.

func SetEnvVars added in v0.30.29 

func SetEnvVars(fileContents string) (string, error)

Types

type AuthnConfig 

type AuthnConfig struct {
	APIKeys map[string]string `json:"api_keys"`
	Options CallOptions       `json:"options"`
}

type CallOptions 

type CallOptions struct {
	Default   Options           `json:"default"`
	Overrides []OptionOverrides `json:"overrides"`
}

func (*CallOptions) ForPath 

func (co *CallOptions) ForPath(path string) *Options

type CommandMode 

type CommandMode int

CommandMode -- enum type. 

const (
	CommandModeUnknown CommandMode = 0 + iota
	CommandModeRun
	CommandModeBuild
)

CommandMode -- enum constants.

type Common 

type Common struct {
	Version int           `json:"version"`
	Logging logger.Config `json:"logging"`
	Debug   debug.Config  `json:"debug"`

	Command struct {
		Mode CommandMode
	} `json:"-"`

	APIConfig ServicesConfig `json:"api"`

	JWT struct {
		// Specifies the duration in which exp (Expiry) and nbf (Not Before)
		// claims may differ by. This value should be positive.
		AcceptableTimeSkewSeconds int `json:"acceptable_time_skew_seconds"`
	} `json:"jwt"`

	// Directory configuration
	Edge directory.Config `json:"directory"`

	// Authorizer directory resolver configuration
	DirectoryResolver client.Config `json:"remote_directory"`

	// Default OPA configuration
	OPA runtime.Config `json:"opa"`
}

Config holds the configuration for the app.

type Config 

type Config struct {
	Common           `json:",squash"`   // nolint:staticcheck // squash is used by mapstructure
	Auth             AuthnConfig        `json:"auth"`
	DecisionLogger   DecisionLogConfig  `json:"decision_logger"`
	ControllerConfig *controller.Config `json:"controller"`
}

func NewConfig 

func NewConfig(configPath Path, log *zerolog.Logger, overrides Overrider, certsGenerator *certs.Generator) (*Config, error)

NewConfig creates the configuration by reading env & files.

type DecisionLogConfig added in v0.25.6 

type DecisionLogConfig struct {
	Type   string                 `json:"type"`
	Config map[string]interface{} `json:"config"`
}

type Generator added in v0.30.29 

type Generator struct {
	ConfigName string
	// contains filtered or unexported fields
}

func NewGenerator added in v0.30.29 

func NewGenerator(configName string) *Generator

func (*Generator) CreateCertsDir added in v0.30.29 

func (g *Generator) CreateCertsDir() (string, error)

func (*Generator) CreateConfigDir added in v0.30.29 

func (g *Generator) CreateConfigDir() (string, error)

func (*Generator) CreateDataDir added in v0.30.29 

func (g *Generator) CreateDataDir() (string, error)

func (*Generator) GenerateConfig added in v0.30.29 

func (g *Generator) GenerateConfig(w io.Writer, templateData string) error

func (*Generator) WithController added in v0.32.0 

func (g *Generator) WithController(url, clientCertPath, clientKeyPath string) *Generator

func (*Generator) WithDiscovery added in v0.32.0 

func (g *Generator) WithDiscovery(url, key string) *Generator

func (*Generator) WithEdgeDirectory added in v0.30.29 

func (g *Generator) WithEdgeDirectory(enabled bool) *Generator

func (*Generator) WithEnableDirectoryV2 added in v0.30.29 

func (g *Generator) WithEnableDirectoryV2(enabled bool) *Generator

func (*Generator) WithLocalPolicyImage added in v0.30.29 

func (g *Generator) WithLocalPolicyImage(image string) *Generator

func (*Generator) WithPolicyName added in v0.30.29 

func (g *Generator) WithPolicyName(policyName string) *Generator

func (*Generator) WithResource added in v0.30.29 

func (g *Generator) WithResource(resource string) *Generator

func (*Generator) WithSelfDecisionLogger added in v0.32.0 

func (g *Generator) WithSelfDecisionLogger(emsURL, clientCertPath, clientKeyPath, storePath string) *Generator

func (*Generator) WithTenantID added in v0.32.0 

func (g *Generator) WithTenantID(tenantID string) *Generator

func (*Generator) WithVersion added in v0.30.29 

func (g *Generator) WithVersion(version int) *Generator

type Loader added in v0.30.29 

type Loader struct {
	Configuration *Config
	HasTopazDir   bool
}

func LoadConfiguration added in v0.30.29 

func LoadConfiguration(fileName string) (*Loader, error)

func (*Loader) GetPaths added in v0.30.29 

func (l *Loader) GetPaths() ([]string, error)

func (*Loader) GetPorts added in v0.30.29 

func (l *Loader) GetPorts() ([]string, error)

type LoggerConfig 

type LoggerConfig Config

LoggerConfig is a basic Config copy that gets loaded before everything else, so we can log during resolving configuration.

type OptionOverrides 

type OptionOverrides struct {
	// API paths to override
	Paths []string `json:"paths"`
	// Override options
	Override Options `json:"override"`
}

type Options 

type Options struct {

	// API Key for machine-to-machine communication, internal to Aserto
	EnableAPIKey bool `json:"enable_api_key"`
	// Allows calls without any form of authentication
	EnableAnonymous bool `json:"enable_anonymous"`
}

type Overrider 

type Overrider func(*Config)

Overrider is a func that mutates configuration.

type Path 

type Path string

Path represents the path to a configuration file.

type ServicesConfig added in v0.30.0 

type ServicesConfig struct {
	Health struct {
		ListenAddress string                `json:"listen_address"`
		Certificates  *certs.TLSCredsConfig `json:"certs"`
	} `json:"health"`
	Metrics struct {
		ListenAddress string                `json:"listen_address"`
		Certificates  *certs.TLSCredsConfig `json:"certs"`
		ZPages        bool                  `json:"zpages"`
	} `json:"metrics"`
	Services map[string]*builder.API `json:"services"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.