opa: github.com/open-policy-agent/opa/runtime Index | Files

package runtime

import "github.com/open-policy-agent/opa/runtime"

Package runtime contains the entry point to the policy engine.


Package Files

config.go doc.go logging.go runtime.go

func NewLoggingHandler Uses

func NewLoggingHandler(inner http.Handler) http.Handler

NewLoggingHandler returns a new http.Handler.

func RegisterPlugin Uses

func RegisterPlugin(name string, factory plugins.Factory)

RegisterPlugin registers a plugin factory with the runtime package. When the runtime is created, the factories are used to parse plugin configuration and instantiate plugins. If no configuration is provided, plugins are not instantiated. This function is idempotent.

type LoggingConfig Uses

type LoggingConfig struct {
    Level  string
    Format string

LoggingConfig stores the configuration for OPA's logging behaviour.

type LoggingHandler Uses

type LoggingHandler struct {
    // contains filtered or unexported fields

LoggingHandler returns an http.Handler that will print log messages containing the request information as well as response status and latency.

func (*LoggingHandler) ServeHTTP Uses

func (h *LoggingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type Params Uses

type Params struct {

    // Globally unique identifier for this OPA instance. If an ID is not specified,
    // the runtime will generate one.
    ID  string

    // Addrs are the listening addresses that the OPA server will bind to.
    Addrs *[]string

    // InsecureAddr is the listening address that the OPA server will bind to
    // in addition to Addr if TLS is enabled.
    InsecureAddr string

    // Authentication is the type of authentication scheme to use.
    Authentication server.AuthenticationScheme

    // Authorization is the type of authorization scheme to use.
    Authorization server.AuthorizationScheme

    // Certificate is the certificate to use in server-mode. If the certificate
    // is nil, the server will NOT use TLS.
    Certificate *tls.Certificate

    // CertPool holds the CA certs trusted by the OPA server.
    CertPool *x509.CertPool

    // HistoryPath is the filename to store the interactive shell user
    // input history.
    HistoryPath string

    // Output format controls how the REPL will print query results.
    // Default: "pretty".
    OutputFormat string

    // Paths contains filenames of base documents and policy modules to load on
    // startup. Data files may be prefixed with "<dotted-path>:" to indicate
    // where the contained document should be loaded.
    Paths []string

    // Optional filter that will be passed to the file loader.
    Filter loader.Filter

    // BundleMode will enable treating the Paths provided as bundles rather than
    // loading all data & policy files.
    BundleMode bool

    // Watch flag controls whether OPA will watch the Paths files for changes.
    // If this flag is true, OPA will watch the Paths files for changes and
    // reload the storage layer each time they change. This is useful for
    // interactive development.
    Watch bool

    // ErrorLimit is the number of errors the compiler will allow to occur before
    // exiting early.
    ErrorLimit int

    // PprofEnabled flag controls whether pprof endpoints are enabled
    PprofEnabled bool

    // DecisionIDFactory generates decision IDs to include in API responses
    // sent by the server (in response to Data API queries.)
    DecisionIDFactory func() string

    // DiagnosticsBuffer is used by the server to record policy decisions.
    // DEPRECATED. Use decision logging instead.
    DiagnosticsBuffer server.Buffer

    // Logging configures the logging behaviour.
    Logging LoggingConfig

    // ConfigFile refers to the OPA configuration to load on startup.
    ConfigFile string

    // ConfigOverrides are overrides for the OPA configuration that are applied
    // over top the config file They are in a list of key=value syntax that
    // conform to the syntax defined in the `strval` package
    ConfigOverrides []string

    // ConfigOverrideFiles Similar to `ConfigOverrides` except they are in the
    // form of `key=path/to/file`where the file contains the value to be used.
    ConfigOverrideFiles []string

    // Output is the output stream used when run as an interactive shell. This
    // is mostly for test purposes.
    Output io.Writer

    // GracefulShutdownPeriod is the time (in seconds) to wait for the http
    // server to shutdown gracefully.
    GracefulShutdownPeriod int

Params stores the configuration for an OPA instance.

func NewParams Uses

func NewParams() Params

NewParams returns a new Params object.

type Runtime Uses

type Runtime struct {
    Params  Params
    Store   storage.Store
    Manager *plugins.Manager
    // contains filtered or unexported fields

Runtime represents a single OPA instance.

func NewRuntime Uses

func NewRuntime(ctx context.Context, params Params) (*Runtime, error)

NewRuntime returns a new Runtime object initialized with params.

func (*Runtime) Addrs Uses

func (rt *Runtime) Addrs() []string

Addrs returns a list of addresses that the runtime is listening on (when in server mode). Returns an empty list if it hasn't started listening.

func (*Runtime) Serve Uses

func (rt *Runtime) Serve(ctx context.Context) error

Serve will start a new REST API server and listen for requests. This will block until either: an error occurs, the context is canceled, or a SIGTERM or SIGKILL signal is sent.

func (*Runtime) StartREPL Uses

func (rt *Runtime) StartREPL(ctx context.Context)

StartREPL starts the runtime in REPL mode. This function will block the calling goroutine.

func (*Runtime) StartServer Uses

func (rt *Runtime) StartServer(ctx context.Context)

StartServer starts the runtime in server mode. This function will block the calling goroutine and will exit the program on error.

Package runtime imports 43 packages (graph) and is imported by 8 packages. Updated 2019-12-12. Refresh now. Tools for package owners.