serverops

package
v0.0.0-...-71c47e0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 21, 2025 License: Apache-2.0 Imports: 21 Imported by: 19

Documentation

Overview

Package serverops provides core infrastructure for server operations including data persistence, state management, error handling, and security utilities and other primitives or wiring for libraries.

Subpackages are prohibited from cross-importing. Shared utilities in other words: subpackages of serverops are NEVER allowed to use other subpackages of serverops.

Index

Constants

View Source 
const (
	DefaultServerGroup         = "server"
	DefaultDefaultServiceGroup = "admin_panel"
)
View Source 
const (
	TasksPoolID   = "internal_tasks_pool"
	TasksPoolName = "Tasks"
	TenantID      = "6ba7b810-9dad-11d1-80b4-00c04fd430c8"
)

Variables

View Source 
var (
	ErrEncodeInvalidJSON      = errors.New("serverops: encoding failing, invalid json")
	ErrDecodeInvalidJSON      = errors.New("serverops: decoding failing, invalid json")
	ErrDecodeInvalidYAML      = errors.New("serverops: decoding failing, invalid yaml")
	ErrDecodeBase64           = errors.New("serverops: decoding failing, invalid base64 data")
	ErrUnsupportedContentType = errors.New("serverops: unsupported content type for decoding")
	ErrReadingRequestBody     = errors.New("serverops: failed to read request body")
	ErrMalformedContentType   = errors.New("serverops: malformed Content-Type header")
)
View Source 
var (
	ErrInvalidParameterValue = errors.New("serverops: invalid parameter value type")
	ErrBadPathValue          = errors.New("serverops: bad path value")
	ErrImmutableModel        = errors.New("serverops: immutable model")
	ErrImmutablePool         = errors.New("serverops: immutable pool")
	ErrMissingParameter      = errors.New("serverops: missing parameter")
)
View Source 
var CoreVersion = "CORE-UNSET-dev"
View Source 
var DefaultAdminUser string = "admin@admin.com"
View Source 
var ErrFileEmpty = errors.New("serverops: file cannot be empty")

ErrFileEmpty indicates an attempt to upload an empty file.

View Source 
var ErrFileSizeLimitExceeded = errors.New("serverops: file size limit exceeded")

ErrFileSizeLimitExceeded indicates the specific file exceeded its allowed size limit.

View Source 
var ErrInvalidChain = errors.New("invalid chain definition")

Functions

func CheckPassword 

func CheckPassword(password, encodedHash, salt, signingKey string) (bool, error)

func CheckResourceAuthorization 

func CheckResourceAuthorization(ctx context.Context, storeInstance store.Store, args ResourceArgs) error

CheckResourceAuthorization checks if the user has the required permission for a given resource.

func CheckServiceAuthorization 

func CheckServiceAuthorization[T ServiceMeta](ctx context.Context, storeInstance store.Store, s T, permission store.Permission) error

func CreateAuthToken 

func CreateAuthToken(subject string, permissions store.AccessList) (string, time.Time, error)

func Decode 

func Decode[T any](r *http.Request) (T, error)

func Encode 

func Encode[T any](w http.ResponseWriter, _ *http.Request, status int, v T) error

func Error 

func Error(w http.ResponseWriter, r *http.Request, err error, op Operation) error

Error sends a JSON-encoded error response with an appropriate status code

func GetIdentity 

func GetIdentity(ctx context.Context) (string, error)

GetIdentity extracts the identity from the context using the JWT secret from the ServiceManager.

func InitCredentials 

func InitCredentials(ctx context.Context, config *Config, tx dbexec.Exec) error

func LoadConfig 

func LoadConfig[T any](cfg *T) error

func NewPasswordHash 

func NewPasswordHash(password, signingKey string) (encodedHash, encodedSalt string, err error)

func NewServiceManager 

func NewServiceManager(config *Config) error

NewServiceManager creates a new instance of server.

func RefreshPlainToken 

func RefreshPlainToken(ctx context.Context, token string, withGracePeriod *time.Duration) (string, bool, time.Time, error)

func RefreshToken 

func RefreshToken(ctx context.Context) (string, bool, time.Time, error)

func ValidateConfig 

func ValidateConfig(cfg *Config) error

Types

type Config 

type Config struct {
	DatabaseURL         string `json:"database_url"`
	Port                string `json:"port"`
	Addr                string `json:"addr"`
	AllowedAPIOrigins   string `json:"allowed_api_origins"`
	AllowedMethods      string `json:"allowed_methods"`
	AllowedHeaders      string `json:"allowed_headers"`
	SigningKey          string `json:"signing_key"`
	EncryptionKey       string `json:"encryption_key"`
	JWTSecret           string `json:"jwt_secret"`
	JWTExpiry           string `json:"jwt_expiry"`
	TiKVPDEndpoint      string `json:"tikv_pd_endpoint"`
	NATSURL             string `json:"nats_url"`
	NATSUser            string `json:"nats_user"`
	NATSPassword        string `json:"nats_password"`
	SecurityEnabled     string `json:"security_enabled"`
	OpensearchURL       string `json:"opensearch_url"`
	ProxyOrigin         string `json:"proxy_origin"`
	UIBaseURL           string `json:"ui_base_url"`
	TokenizerServiceURL string `json:"tokenizer_service_url"`
	VectorStoreURL      string `json:"vector_store_url"`
	WorkerUserAccountID string `json:"worker_user_account_id"`
	WorkerUserPassword  string `json:"worker_user_password"`
	WorkerUserEmail     string `json:"worker_user_email"`
	KVBackend           string `json:"kv_backend"`
	KVHost              string `json:"kv_host"`
	KVPassword          string `json:"kv_password"`
	RuntimeBaseUrl      string `json:"runtime_base_url"`
	// RateLimit           string `json:"rate_limit"`
	// RateWindow          string `json:"rate_window"`
	DownstreamToken string `json:"downstream_token"`
	GatewayURL      string `json:"gateway_url"`
}

type ConfigTokenizerService 

type ConfigTokenizerService struct {
	Addr                 string `json:"addr"`
	FallbackModel        string `json:"fallback_model"`
	ModelSourceAuthToken string `json:"model_source_auth_token"`
	PreloadModels        string `json:"preload_models"`
	UseDefaultURLs       string `json:"use_default_urls"`
}

type Event 

type Event struct {
	Time time.Time `json:"time"`
	Key  string    `json:"key"`
}

type Operation 

type Operation uint16
const (
	CreateOperation Operation = iota
	GetOperation
	UpdateOperation
	DeleteOperation
	ListOperation
	AuthorizeOperation
	ServerOperation
	ExecuteOperation
)

type RateLimiter 

type RateLimiter struct {
	// contains filtered or unexported fields
}

func NewRateLimiter 

func NewRateLimiter(kv libkv.KVManager) *RateLimiter

func (*RateLimiter) Allow 

func (r *RateLimiter) Allow(ctx context.Context, key string, limit int, window time.Duration) (bool, error)

Allow checks whether a request should be allowed based on approximate rate limiting. This implementation tracks recent events and approximates a sliding window. Under high concurrency, with multiple nodes it may allow more than `limit` requests. This implementation is lock-free.

type ResourceArgs 

type ResourceArgs struct {
	ResourceType       string
	Resource           string
	RequiredPermission store.Permission
}

type ServiceManager 

type ServiceManager interface {
	RegisterServices(s ...ServiceMeta) error
	GetServices() ([]ServiceMeta, error)
	IsSecurityEnabled(serviceName string) bool
	HasValidLicenseFor(serviceName string) bool
	GetSecret() string
	GetTokenExpiry() time.Duration
}

func GetManagerInstance 

func GetManagerInstance() ServiceManager

type ServiceMeta 

type ServiceMeta interface {
	GetServiceName() string
	GetServiceGroup() string
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.