opa: github.com/open-policy-agent/opa/server Index | Files | Directories

package server

import "github.com/open-policy-agent/opa/server"

Package server contains the policy engine's server handlers.


Package Files

buffer.go cache.go doc.go server.go


const (
    PromHandlerV0Data     = "v0/data"
    PromHandlerV1Data     = "v1/data"
    PromHandlerV1Query    = "v1/query"
    PromHandlerV1Policies = "v1/policies"
    PromHandlerV1Compile  = "v1/compile"
    PromHandlerIndex      = "index"
    PromHandlerCatch      = "catchall"
    PromHandlerHealth     = "health"

Set of handlers for use in the "handler" dimension of the duration metric.

type AuthenticationScheme Uses

type AuthenticationScheme int

AuthenticationScheme enumerates the supported authentication schemes. The authentication scheme determines how client identities are established.

const (
    AuthenticationOff AuthenticationScheme = iota

Set of supported authentication schemes.

type AuthorizationScheme Uses

type AuthorizationScheme int

AuthorizationScheme enumerates the supported authorization schemes. The authorization scheme determines how access to OPA is controlled.

const (
    AuthorizationOff AuthorizationScheme = iota

Set of supported authorization schemes.

type Buffer Uses

type Buffer interface {
    // Push adds the given Info into the buffer.

    // Iter iterates over the buffer, from oldest present Info to newest. It should
    // call fn on each Info.
    Iter(fn func(*Info))

Buffer defines an interface for recording decisions. DEPRECATED. Use Decision Logging instead.

type BundleInfo Uses

type BundleInfo struct {
    Revision string

BundleInfo contains information describing a bundle

type Info Uses

type Info struct {
    Txn        storage.Transaction
    Revision   string // Deprecated: Use `Bundles` instead
    Bundles    map[string]BundleInfo
    DecisionID string
    RemoteAddr string
    Query      string
    Path       string
    Timestamp  time.Time
    Input      *interface{}
    Results    *interface{}
    Error      error
    Metrics    metrics.Metrics
    Trace      []*topdown.Event

Info contains information describing a policy decision.

type Loop Uses

type Loop func() error

Loop will contain all the calls from the server that we'll be listening on.

type Metrics Uses

type Metrics interface {
    RegisterEndpoints(registrar func(path, method string, handler http.Handler))
    InstrumentHandler(handler http.Handler, label string) http.Handler

Metrics defines the interface that the server requires for recording HTTP handler metrics.

type Server Uses

type Server struct {
    Handler           http.Handler
    DiagnosticHandler http.Handler
    // contains filtered or unexported fields

Server represents an instance of OPA running in server mode.

func New Uses

func New() *Server

New returns a new Server.

func (*Server) Addrs Uses

func (s *Server) Addrs() []string

Addrs returns a list of addresses that the server is listening on. If the server hasn't been started it will not return an address.

func (*Server) DiagnosticAddrs Uses

func (s *Server) DiagnosticAddrs() []string

DiagnosticAddrs returns a list of addresses that the server is listening on for the read-only diagnostic API's (eg /health, /metrics, etc) If the server hasn't been started it will not return an address.

func (*Server) Init Uses

func (s *Server) Init(ctx context.Context) (*Server, error)

Init initializes the server. This function MUST be called before Loop.

func (*Server) Listeners Uses

func (s *Server) Listeners() ([]Loop, error)

Listeners returns functions that listen and serve connections.

func (*Server) Shutdown Uses

func (s *Server) Shutdown(ctx context.Context) error

Shutdown will attempt to gracefully shutdown each of the http servers currently in use by the OPA Server. If any exceed the deadline specified by the context an error will be returned.

func (*Server) WithAddresses Uses

func (s *Server) WithAddresses(addrs []string) *Server

WithAddresses sets the listening addresses that the server will bind to.

func (*Server) WithAuthentication Uses

func (s *Server) WithAuthentication(scheme AuthenticationScheme) *Server

WithAuthentication sets authentication scheme to use on the server.

func (*Server) WithAuthorization Uses

func (s *Server) WithAuthorization(scheme AuthorizationScheme) *Server

WithAuthorization sets authorization scheme to use on the server.

func (*Server) WithCertPool Uses

func (s *Server) WithCertPool(pool *x509.CertPool) *Server

WithCertPool sets the server-side cert pool that the server will use.

func (*Server) WithCertificate Uses

func (s *Server) WithCertificate(cert *tls.Certificate) *Server

WithCertificate sets the server-side certificate that the server will use.

func (*Server) WithCompilerErrorLimit Uses

func (s *Server) WithCompilerErrorLimit(limit int) *Server

WithCompilerErrorLimit sets the limit on the number of compiler errors the server will allow.

func (*Server) WithDecisionIDFactory Uses

func (s *Server) WithDecisionIDFactory(f func() string) *Server

WithDecisionIDFactory sets a function on the server to generate decision IDs.

func (*Server) WithDecisionLogger Uses

func (s *Server) WithDecisionLogger(logger func(context.Context, *Info)) *Server

WithDecisionLogger sets the decision logger used by the server. DEPRECATED. Use WithDecisionLoggerWithErr instead.

func (*Server) WithDecisionLoggerWithErr Uses

func (s *Server) WithDecisionLoggerWithErr(logger func(context.Context, *Info) error) *Server

WithDecisionLoggerWithErr sets the decision logger used by the server.

func (*Server) WithDiagnosticAddresses Uses

func (s *Server) WithDiagnosticAddresses(addrs []string) *Server

WithDiagnosticAddresses sets the listening addresses that the server will bind to and *only* serve read-only diagnostic API's.

func (*Server) WithInsecureAddress Uses

func (s *Server) WithInsecureAddress(addr string) *Server

WithInsecureAddress sets the listening address that the server will bind to.

func (*Server) WithManager Uses

func (s *Server) WithManager(manager *plugins.Manager) *Server

WithManager sets the plugins manager used by the server.

func (*Server) WithMetrics Uses

func (s *Server) WithMetrics(m Metrics) *Server

WithMetrics sets the metrics provider used by the server.

func (*Server) WithPprofEnabled Uses

func (s *Server) WithPprofEnabled(pprofEnabled bool) *Server

WithPprofEnabled sets whether pprof endpoints are enabled

func (*Server) WithRouter Uses

func (s *Server) WithRouter(router *mux.Router) *Server

WithRouter sets the mux.Router to attach OPA's HTTP API routes onto. If a router is not supplied, the server will create it's own.

func (*Server) WithRuntime Uses

func (s *Server) WithRuntime(term *ast.Term) *Server

WithRuntime sets the runtime data to provide to the evaluation engine.

func (*Server) WithStore Uses

func (s *Server) WithStore(store storage.Store) *Server

WithStore sets the storage used by the server.


authorizerPackage authorizer provides authorization handlers to the server.
identifierPackage identifier provides handlers for associating an identity with incoming requests.
typesPackage types contains request/response types and codes for the server.
writerPackage writer contains utilities for writing responses in the server.

Package server imports 37 packages (graph) and is imported by 17 packages. Updated 2020-05-21. Refresh now. Tools for package owners.