splicetraefikplugin

package module
v0.0.0-...-b609ac0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2022 License: Apache-2.0 Imports: 18 Imported by: 0

README

Developing a Traefik plugin

Traefik plugins are developed using the Go language.

A Traefik middleware plugin is just a Go package that provides an http.Handler to perform specific processing of requests and responses.

Rather than being pre-compiled and linked, however, plugins are executed on the fly by Yaegi, an embedded Go interpreter.

Usage

For a plugin to be active for a given Traefik instance, it must be declared in the static configuration.

Plugins are parsed and loaded exclusively during startup, which allows Traefik to check the integrity of the code and catch errors early on. If an error occurs during loading, the plugin is disabled.

For security reasons, it is not possible to start a new plugin or modify an existing one while Traefik is running.

Once loaded, middleware plugins behave exactly like statically compiled middlewares. Their instantiation and behavior are driven by the dynamic configuration.

Plugin dependencies must be vendored for each plugin. Vendored packages should be included in the plugin's GitHub repository. (Go modules are not supported.)

Configuration

For each plugin, the Traefik static configuration must define the module name (as is usual for Go packages).

The following declaration (given here in YAML) defines a plugin:

# Static configuration
pilot:
  token: xxxxx

experimental:
  plugins:
    example:
      moduleName: github.com/traefik/plugindemo
      version: v0.2.1

Here is an example of a file provider dynamic configuration (given here in YAML), where the interesting part is the http.middlewares section:

# Dynamic configuration

http:
  routers:
    my-router:
      rule: host(`demo.localhost`)
      service: service-foo
      entryPoints:
        - web
      middlewares:
        - my-plugin

  services:
   service-foo:
      loadBalancer:
        servers:
          - url: http://127.0.0.1:5000
  
  middlewares:
    my-plugin:
      plugin:
        example:
          headers:
            Foo: Bar
Local Mode

Traefik also offers a developer mode that can be used for temporary testing of plugins not hosted on GitHub. To use a plugin in local mode, the Traefik static configuration must define the module name (as is usual for Go packages) and a path to a Go workspace, which can be the local GOPATH or any directory.

The plugins must be placed in ./plugins-local directory, which should be in the working directory of the process running the Traefik binary. The source code of the plugin should be organized as follows:

./plugins-local/
    └── src
        └── github.com
            └── traefik
                └── plugindemo
                    ├── demo.go
                    ├── demo_test.go
                    ├── go.mod
                    ├── LICENSE
                    ├── Makefile
                    └── readme.md

# Static configuration
pilot:
  token: xxxxx

experimental:
  localPlugins:
    example:
      moduleName: github.com/traefik/plugindemo

(In the above example, the plugindemo plugin will be loaded from the path ./plugins-local/src/github.com/traefik/plugindemo.)

# Dynamic configuration

http:
  routers:
    my-router:
      rule: host(`demo.localhost`)
      service: service-foo
      entryPoints:
        - web
      middlewares:
        - my-plugin

  services:
   service-foo:
      loadBalancer:
        servers:
          - url: http://127.0.0.1:5000
  
  middlewares:
    my-plugin:
      plugin:
        example:
          headers:
            Foo: Bar

Defining a Plugin

A plugin package must define the following exported Go objects:

  • A type type Config struct { ... }. The struct fields are arbitrary.
  • A function func CreateConfig() *Config.
  • A function func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error).
// Package example a example plugin.
package example

import (
	"context"
	"net/http"
)

// Config the plugin configuration.
type Config struct {
	// ...
}

// CreateConfig creates the default plugin configuration.
func CreateConfig() *Config {
	return &Config{
		// ...
	}
}

// Example a plugin.
type Example struct {
	next     http.Handler
	name     string
	// ...
}

// New created a new plugin.
func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
	// ...
	return &Example{
		// ...
	}, nil
}

func (e *Example) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
	// ...
	e.next.ServeHTTP(rw, req)
}

Traefik Pilot

Traefik plugins are stored and hosted as public GitHub repositories.

Every 30 minutes, the Traefik Pilot online service polls Github to find plugins and add them to its catalog.

Prerequisites

To be recognized by Traefik Pilot, your repository must meet the following criteria:

  • The traefik-plugin topic must be set.
  • The .traefik.yml manifest must exist, and be filled with valid contents.

If your repository fails to meet either of these prerequisites, Traefik Pilot will not see it.

Manifest

A manifest is also mandatory, and it should be named .traefik.yml and stored at the root of your project.

This YAML file provides Traefik Pilot with information about your plugin, such as a description, a full name, and so on.

Here is an example of a typical .traefik.ymlfile:

# The name of your plugin as displayed in the Traefik Pilot web UI.
displayName: Name of your plugin

# For now, `middleware` is the only type available.
type: middleware

# The import path of your plugin.
import: github.com/username/my-plugin

# A brief description of what your plugin is doing.
summary: Description of what my plugin is doing

# Medias associated to the plugin (optional)
iconPath: foo/icon.png
bannerPath: foo/banner.png

# Configuration data for your plugin.
# This is mandatory,
# and Traefik Pilot will try to execute the plugin with the data you provide as part of its startup validity tests.
testData:
  Headers:
    Foo: Bar

Properties include:

  • displayName (required): The name of your plugin as displayed in the Traefik Pilot web UI.
  • type (required): For now, middleware is the only type available.
  • import (required): The import path of your plugin.
  • summary (required): A brief description of what your plugin is doing.
  • testData (required): Configuration data for your plugin. This is mandatory, and Traefik Pilot will try to execute the plugin with the data you provide as part of its startup validity tests.
  • iconPath (optional): A local path in the repository to the icon of the project.
  • bannerPath (optional): A local path in the repository to the image that will be used when you will share your plugin page in social medias.

There should also be a go.mod file at the root of your project. Traefik Pilot will use this file to validate the name of the project.

Tags and Dependencies

Traefik Pilot gets your sources from a Go module proxy, so your plugins need to be versioned with a git tag.

Last but not least, if your plugin middleware has Go package dependencies, you need to vendor them and add them to your GitHub repository.

If something goes wrong with the integration of your plugin, Traefik Pilot will create an issue inside your Github repository and will stop trying to add your repo until you close the issue.

Troubleshooting

If Traefik Pilot fails to recognize your plugin, you will need to make one or more changes to your GitHub repository.

In order for your plugin to be successfully imported by Traefik Pilot, consult this checklist:

  • The traefik-plugin topic must be set on your repository.
  • There must be a .traefik.yml file at the root of your project describing your plugin, and it must have a valid testData property for testing purposes.
  • There must be a valid go.mod file at the root of your project.
  • Your plugin must be versioned with a git tag.
  • If you have package dependencies, they must be vendored and added to your GitHub repository.

Sample Code

This repository includes an example plugin, demo, for you to use as a reference for developing your own plugins.

Build Status

Documentation

Index

Constants

View Source 
const (
	AnonymousUserUUID = "ee2c2da9-889f-4741-9577-118428a87609"
	AnonymousUserID   = 0
)

Variables

View Source 
var AnonymousUser = User{ID: AnonymousUserID, UUID: AnonymousUserUUID}

Functions

func Key 

func Key(password, salt []byte, iter, keyLen int) []byte

func LoggingMiddleware 

func LoggingMiddleware(h http.Handler) http.HandlerFunc

func New 

func New(_ context.Context, next http.Handler, config *Config, name string) (http.Handler, error)

New created a new Demo plugin.

func PKCS7Unpad 

func PKCS7Unpad(data []byte) []byte

PKCS7Unpad removes any potential PKCS7 padding added.

func Unserialize 

func Unserialize(data []byte, session *Session) error

Types

type Config 

type Config struct {
	Headers map[string]string `json:"headers,omitempty"`
}

Config the plugin configuration.

func CreateConfig 

func CreateConfig() *Config

CreateConfig creates the default plugin configuration. 

type Cookie struct {
	Name     string `json:"name"`
	Value    string `json:"value"`
	Domain   string `json:"domain"`
	Path     string `json:"path"`
	HttpOnly bool   `json:"http_only"`
	Secure   bool   `json:"secure"`
	MaxAge   int    `json:"max_age"`
	Expires  int64  `json:"expires_at"`
}

type MessageEncryptor 

type MessageEncryptor struct {
	Key      []byte
	SignKey  []byte
	Cipher   string
	Verifier *MessageVerifier
}

func (*MessageEncryptor) Decrypt 

func (crypt *MessageEncryptor) Decrypt(value string, target *Session) error

Decrypt decrypts a message using the set cipher and the secret. The passed value is expected to be a base 64 encoded string of the encrypted data + IV joined by "--"

func (*MessageEncryptor) DecryptAndVerify 

func (crypt *MessageEncryptor) DecryptAndVerify(msg string, target *Session) error

type MessageVerifier 

type MessageVerifier struct {
	// Secret of 32-bytes if using the default hashing.
	Secret []byte
	// Hasher defaults to sha1 if not set.
	Hasher func() hash.Hash
}

MessageVerifier makes it easy to generate and verify messages which are signed to prevent tampering.

This is useful for cases like remember-me tokens and auto-unsubscribe links where the session store isn't suitable or available.

func (*MessageVerifier) DigestFor 

func (crypt *MessageVerifier) DigestFor(data string) string

DigestFor returns the digest form of a string after hashing it via the verifier's digest and secret.

func (*MessageVerifier) Verify 

func (crypt *MessageVerifier) Verify(msg string) (string, error)

type Session 

type Session struct {
	SessionId string `json:"session_id"`
	CsrfToken string `json:"_csrf_token,omitempty"`
	// [[1], "$2a$10$x.Z3QqY7QUoULBbyb6wbR."]
	WardenUserData []json.RawMessage `json:"warden.user.user.key,omitempty"`
	// contains filtered or unexported fields
}

func (*Session) UserID 

func (s *Session) UserID() int

func (*Session) UserUUID 

func (s *Session) UserUUID() string

type SessionManager 

type SessionManager struct {
	// contains filtered or unexported fields
}

func NewSessionManager 

func NewSessionManager() *SessionManager

func (*SessionManager) UserFromHeader 

func (c *SessionManager) UserFromHeader(ctx context.Context, headerCookie string) (User, error)

func (*SessionManager) UserFromRequest 

func (c *SessionManager) UserFromRequest(ctx context.Context, request *http.Request) (User, error)

type Splice 

type Splice struct {
	// contains filtered or unexported fields
}

Splice the custom splice plugin

func (*Splice) ServeHTTP 

func (a *Splice) ServeHTTP(rw http.ResponseWriter, req *http.Request)

type User 

type User struct {
	ID   int
	UUID string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.