Documentation
¶
Index ¶
- Constants
- func SetTracingSpecFromEnv(conf *Configuration)
- type APIAccessRule
- type APIAccessRuleProtocol
- type APIAccessRules
- type APILoggingSpec
- type APISpec
- type AccessControlList
- type AccessControlListOperationAction
- type AccessControlListPolicySpec
- type AccessControlSpec
- type AppOperation
- type AppPolicySpec
- type ApplicationConfig
- type ComponentsSpec
- type Configuration
- type ConfigurationSpec
- type EntityConfig
- type Feature
- type FeatureSpec
- type HandlerSpec
- type LoggingSpec
- type MTLSSpec
- type MetricLabel
- type MetricSpec
- type MetricsRule
- type NameResolutionSpec
- type OtelSpec
- type PipelineSpec
- type ReentrancyConfig
- type SecretsScope
- type SecretsSpec
- type SelectorField
- type SelectorSpec
- type SpiffeID
- type TracingSpec
- type Trie
- type ZipkinSpec
Constants ¶
View Source
const ( SingleStageWildcard = "/*" MultiStageWildcard = "/**" Separation = "/" )
View Source
const ( AllowAccess = "allow" DenyAccess = "deny" DefaultTrustDomain = "public" DefaultNamespace = "default" ActionPolicyApp = "app" ActionPolicyGlobal = "global" SpiffeIDPrefix = "spiffe://" )
Variables ¶
This section is empty.
Functions ¶
func SetTracingSpecFromEnv ¶ added in v1.11.0
func SetTracingSpecFromEnv(conf *Configuration)
Update configuration from Otlp Environment Variables, if they exist.
Types ¶
type APIAccessRule ¶ added in v1.2.0
type APIAccessRule struct {
Name string `json:"name"`
Version string `json:"version"`
Protocol APIAccessRuleProtocol `json:"protocol"`
}
APIAccessRule describes an access rule for allowing a Dapr API to be enabled and accessible by an app.
type APIAccessRuleProtocol ¶ added in v1.11.0
type APIAccessRuleProtocol string
APIAccessRuleProtocol is the type for the protocol in APIAccessRules
const ( APIAccessRuleProtocolHTTP APIAccessRuleProtocol = "http" APIAccessRuleProtocolGRPC APIAccessRuleProtocol = "grpc" )
type APIAccessRules ¶ added in v1.11.0
type APIAccessRules []APIAccessRule
APIAccessRules is a list of API access rules (allowlist or denylist).
func (APIAccessRules) GetRulesByProtocol ¶ added in v1.11.0
func (r APIAccessRules) GetRulesByProtocol(protocol APIAccessRuleProtocol) []APIAccessRule
GetRulesByProtocol returns a list of APIAccessRule objects filtered by protocol
type APILoggingSpec ¶ added in v1.10.0
type APILoggingSpec struct {
// Default value for enabling API logging. Sidecars can always override this by setting `--enable-api-logging` to true or false explicitly.
// The default value is false.
Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
// When enabled, obfuscates the values of URLs in HTTP API logs, logging the route name rather than the full path being invoked, which could contain PII.
// Default: false.
// This option has no effect if API logging is disabled.
ObfuscateURLs bool `json:"obfuscateURLs" yaml:"obfuscateURLs"`
// If true, health checks are not reported in API logs. Default: false.
// This option has no effect if API logging is disabled.
OmitHealthChecks bool `json:"omitHealthChecks,omitempty" yaml:"omitHealthChecks,omitempty"`
}
APILoggingSpec defines the configuration for API logging.
type APISpec ¶ added in v1.2.0
type APISpec struct {
// List of allowed APIs. Can be used in conjunction with denied.
Allowed APIAccessRules `json:"allowed,omitempty"`
// List of denied APIs. Can be used in conjunction with allowed.
Denied APIAccessRules `json:"denied,omitempty"`
}
APISpec describes the configuration for Dapr APIs.
type AccessControlList ¶ added in v0.11.0
type AccessControlList struct {
DefaultAction string
TrustDomain string
PolicySpec map[string]AccessControlListPolicySpec
}
AccessControlList is an in-memory access control list config for fast lookup.
type AccessControlListOperationAction ¶ added in v0.11.0
type AccessControlListOperationAction struct {
VerbAction map[string]string
OperationName string
OperationAction string
}
AccessControlListOperationAction is an in-memory access control list config per operation for fast lookup.
type AccessControlListPolicySpec ¶ added in v0.11.0
type AccessControlListPolicySpec struct {
AppName string
DefaultAction string
TrustDomain string
Namespace string
AppOperationActions *Trie
}
AccessControlListPolicySpec is an in-memory access control list config per app for fast lookup.
type AccessControlSpec ¶ added in v0.11.0
type AccessControlSpec struct {
DefaultAction string `json:"defaultAction" yaml:"defaultAction"`
TrustDomain string `json:"trustDomain" yaml:"trustDomain"`
AppPolicies []AppPolicySpec `json:"policies" yaml:"policies"`
}
AccessControlSpec is the spec object in ConfigurationSpec.
type AppOperation ¶ added in v0.11.0
type AppOperation struct {
Operation string `json:"name" yaml:"name"`
HTTPVerb []string `json:"httpVerb" yaml:"httpVerb"`
Action string `json:"action" yaml:"action"`
}
AppOperation defines the data structure for each app operation.
type AppPolicySpec ¶ added in v0.11.0
type AppPolicySpec struct {
AppName string `json:"appId" yaml:"appId"`
DefaultAction string `json:"defaultAction" yaml:"defaultAction"`
TrustDomain string `json:"trustDomain" yaml:"trustDomain"`
Namespace string `json:"namespace" yaml:"namespace"`
AppOperationActions []AppOperation `json:"operations" yaml:"operations"`
}
AppPolicySpec defines the policy data structure for each app.
type ApplicationConfig ¶
type ApplicationConfig struct {
Entities []string `json:"entities"`
// Duration. example: "1h".
ActorIdleTimeout string `json:"actorIdleTimeout"`
// Duration. example: "30s". This value is global.
ActorScanInterval string `json:"actorScanInterval"`
// Duration. example: "30s".
DrainOngoingCallTimeout string `json:"drainOngoingCallTimeout"`
DrainRebalancedActors bool `json:"drainRebalancedActors"`
Reentrancy ReentrancyConfig `json:"reentrancy,omitempty"`
RemindersStoragePartitions int `json:"remindersStoragePartitions"`
// Duplicate of the above config so we can assign it to individual entities.
EntityConfigs []EntityConfig `json:"entitiesConfig,omitempty"`
}
ApplicationConfig is an optional config supplied by user code.
type ComponentsSpec ¶ added in v1.9.0
type ComponentsSpec struct {
// Denylist of component types that cannot be instantiated
Deny []string `json:"deny,omitempty" yaml:"deny,omitempty"`
}
ComponentsSpec describes the configuration for Dapr components
type Configuration ¶
type Configuration struct {
metav1.TypeMeta `json:",inline" yaml:",inline"`
// See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`
// See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
Spec ConfigurationSpec `json:"spec" yaml:"spec"`
// contains filtered or unexported fields
}
Configuration is an internal (and duplicate) representation of Dapr's Configuration CRD.
func LoadDefaultConfiguration ¶
func LoadDefaultConfiguration() *Configuration
LoadDefaultConfiguration returns the default config.
func LoadKubernetesConfiguration ¶
func LoadKubernetesConfiguration(config, namespace string, podName string, operatorClient operatorv1pb.OperatorClient) (*Configuration, error)
LoadKubernetesConfiguration gets configuration from the Kubernetes operator with a given name.
func LoadStandaloneConfiguration ¶
func LoadStandaloneConfiguration(config string) (*Configuration, string, error)
LoadStandaloneConfiguration gets the path to a config file and loads it into a configuration.
func (Configuration) EnabledFeatures ¶ added in v1.10.0
func (c Configuration) EnabledFeatures() []string
EnabledFeatures returns the list of features that have been enabled.
func (Configuration) IsFeatureEnabled ¶ added in v1.10.0
func (c Configuration) IsFeatureEnabled(target Feature) (enabled bool)
IsFeatureEnabled returns true if a Feature (such as a preview) is enabled.
func (*Configuration) LoadFeatures ¶ added in v1.10.0
func (c *Configuration) LoadFeatures()
LoadFeatures loads the list of enabled features, from the Configuration spec and from the buildinfo.
type ConfigurationSpec ¶
type ConfigurationSpec struct {
HTTPPipelineSpec PipelineSpec `json:"httpPipeline,omitempty" yaml:"httpPipeline,omitempty"`
AppHTTPPipelineSpec PipelineSpec `json:"appHttpPipeline,omitempty" yaml:"appHttpPipeline,omitempty"`
TracingSpec TracingSpec `json:"tracing,omitempty" yaml:"tracing,omitempty"`
MTLSSpec MTLSSpec `json:"mtls,omitempty" yaml:"mtls,omitempty"`
MetricSpec MetricSpec `json:"metric,omitempty" yaml:"metric,omitempty"`
MetricsSpec MetricSpec `json:"metrics,omitempty" yaml:"metrics,omitempty"`
Secrets SecretsSpec `json:"secrets,omitempty" yaml:"secrets,omitempty"`
AccessControlSpec AccessControlSpec `json:"accessControl,omitempty" yaml:"accessControl,omitempty"`
NameResolutionSpec NameResolutionSpec `json:"nameResolution,omitempty" yaml:"nameResolution,omitempty"`
Features []FeatureSpec `json:"features,omitempty" yaml:"features,omitempty"`
APISpec APISpec `json:"api,omitempty" yaml:"api,omitempty"`
ComponentsSpec ComponentsSpec `json:"components,omitempty" yaml:"components,omitempty"`
LoggingSpec LoggingSpec `json:"logging,omitempty" yaml:"logging,omitempty"`
}
type EntityConfig ¶ added in v1.7.0
type EntityConfig struct {
Entities []string `json:"entities"`
// Duration. example: "1h".
ActorIdleTimeout string `json:"actorIdleTimeout"`
// Duration. example: "30s".
DrainOngoingCallTimeout string `json:"drainOngoingCallTimeout"`
DrainRebalancedActors bool `json:"drainRebalancedActors"`
Reentrancy ReentrancyConfig `json:"reentrancy,omitempty"`
RemindersStoragePartitions int `json:"remindersStoragePartitions"`
}
type Feature ¶ added in v1.2.0
type Feature string
const ( // Enable support for streaming in HTTP service invocation ServiceInvocationStreaming Feature = "ServiceInvocationStreaming" // Disables enforcing minimum TLS version 1.2 in AppChannel, which is insecure. // TODO: Remove this feature flag in Dapr 1.13. AppChannelAllowInsecureTLS Feature = "AppChannelAllowInsecureTLS" // Enables support for setting TTL on Actor state keys. Remove this flag in // Dapr 1.12. ActorStateTTL Feature = "ActorStateTTL" )
type FeatureSpec ¶ added in v1.2.0
type FeatureSpec struct {
Name Feature `json:"name" yaml:"name"`
Enabled bool `json:"enabled" yaml:"enabled"`
}
FeatureSpec defines which preview features are enabled.
type HandlerSpec ¶ added in v0.4.0
type HandlerSpec struct {
Name string `json:"name" yaml:"name"`
Type string `json:"type" yaml:"type"`
Version string `json:"version" yaml:"version"`
SelectorSpec SelectorSpec `json:"selector,omitempty" yaml:"selector,omitempty"`
}
func (HandlerSpec) LogName ¶ added in v1.10.0
func (h HandlerSpec) LogName() string
LogName returns the name of the handler that can be used in logging.
type LoggingSpec ¶ added in v1.10.0
type LoggingSpec struct {
// Configure API logging.
APILogging APILoggingSpec `json:"apiLogging,omitempty" yaml:"apiLogging,omitempty"`
}
LoggingSpec defines the configuration for logging.
type MetricLabel ¶ added in v1.10.0
type MetricLabel struct {
Name string `json:"name" yaml:"name"`
Regex map[string]string `json:"regex" yaml:"regex"`
}
MetricsLabel defines an object that allows to set regex expressions for a label.
type MetricSpec ¶ added in v0.11.0
type MetricSpec struct {
Enabled bool `json:"enabled" yaml:"enabled"`
Rules []MetricsRule `json:"rules" yaml:"rules"`
}
MetricSpec configuration for metrics.
type MetricsRule ¶ added in v1.10.0
type MetricsRule struct {
Name string `json:"name" yaml:"name"`
Labels []MetricLabel `json:"labels" yaml:"labels"`
}
MetricsRule defines configuration options for a metric.
type NameResolutionSpec ¶ added in v1.2.0
type OtelSpec ¶ added in v1.9.0
type OtelSpec struct {
Protocol string `json:"protocol" yaml:"protocol"`
EndpointAddress string `json:"endpointAddress" yaml:"endpointAddress"`
IsSecure bool `json:"isSecure" yaml:"isSecure"`
}
OtelSpec defines Otel exporter configurations.
type PipelineSpec ¶ added in v0.4.0
type PipelineSpec struct {
Handlers []HandlerSpec `json:"handlers" yaml:"handlers"`
}
type ReentrancyConfig ¶ added in v1.2.0
type SecretsScope ¶ added in v0.11.0
type SecretsScope struct {
DefaultAccess string `json:"defaultAccess,omitempty" yaml:"defaultAccess,omitempty"`
StoreName string `json:"storeName" yaml:"storeName"`
AllowedSecrets []string `json:"allowedSecrets,omitempty" yaml:"allowedSecrets,omitempty"`
DeniedSecrets []string `json:"deniedSecrets,omitempty" yaml:"deniedSecrets,omitempty"`
}
SecretsScope defines the scope for secrets.
func (SecretsScope) IsSecretAllowed ¶ added in v0.11.0
func (c SecretsScope) IsSecretAllowed(key string) bool
IsSecretAllowed Check if the secret is allowed to be accessed.
type SecretsSpec ¶ added in v0.11.0
type SecretsSpec struct {
Scopes []SecretsScope `json:"scopes"`
}
type SelectorField ¶ added in v0.4.0
type SelectorSpec ¶ added in v0.4.0
type SelectorSpec struct {
Fields []SelectorField `json:"fields" yaml:"fields"`
}
type TracingSpec ¶
type TracingSpec struct {
SamplingRate string `json:"samplingRate" yaml:"samplingRate"`
Stdout bool `json:"stdout" yaml:"stdout"`
Zipkin ZipkinSpec `json:"zipkin" yaml:"zipkin"`
Otel OtelSpec `json:"otel" yaml:"otel"`
}
type Trie ¶ added in v1.7.0
type Trie struct {
// contains filtered or unexported fields
}
func (*Trie) PutOperationAction ¶ added in v1.7.0
func (trie *Trie) PutOperationAction(operation string, data *AccessControlListOperationAction)
func (*Trie) Search ¶ added in v1.7.0
func (trie *Trie) Search(operation string) *AccessControlListOperationAction
type ZipkinSpec ¶ added in v1.0.0
type ZipkinSpec struct {
EndpointAddress string `json:"endpointAddress" yaml:"endpointAddress"`
}
ZipkinSpec defines Zipkin exporter configurations.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.