Documentation
¶
Index ¶
- Constants
- Variables
- type Config
- func (cfg *Config) Complete() error
- func (cfg *Config) GetEnrollmentMetricsCallback() client.RPCMetricsCallback
- func (cfg *Config) GetManagementMetricsCallback() client.RPCMetricsCallback
- func (cfg *Config) GetTestRootDir() string
- func (cfg *Config) LoadWithOverrides(configFile string) error
- func (cfg *Config) ParseConfigFile(cfgFile string) error
- func (cfg *Config) PathFor(filePath string) string
- func (cfg *Config) SetEnrollmentMetricsCallback(cb client.RPCMetricsCallback)
- func (cfg *Config) SetManagementMetricsCallback(cb client.RPCMetricsCallback)
- func (cfg *Config) String() string
- func (cfg *Config) StringSanitized() string
- func (cfg *Config) Validate() error
- type TPM
Constants ¶
View Source
const ( // DefaultSpecFetchInterval is the default interval between two reads of the remote device spec DefaultSpecFetchInterval = util.Duration(60 * time.Second) // DefaultStatusUpdateInterval is the default interval between two status updates DefaultStatusUpdateInterval = util.Duration(60 * time.Second) // DefaultSystemInfoTimeout is the default timeout for collecting system info DefaultSystemInfoTimeout = util.Duration(2 * time.Minute) // MaxSystemInfoTimeout is the maximum timeout for collecting system info MaxSystemInfoTimeout = util.Duration(2 * time.Minute) // DefaultPullRetrySteps is the default retry attempts are allowed for pulling an OCI target. DefaultPullRetrySteps = 6 // DefaultPullTimeout is the default timeout for pulling a single OCI // targets. Pull Timeout can not be greater that the prefetch timeout. DefaultPullTimeout = util.Duration(10 * time.Minute) // MinSyncInterval is the minimum interval allowed for the spec fetch and status update MinSyncInterval = util.Duration(2 * time.Second) // DefaultConfigDir is the default directory where the device's configuration is stored DefaultConfigDir = "/etc/flightctl" // DefaultConfigFile is the default path to the agent's configuration file DefaultConfigFile = DefaultConfigDir + "/config.yaml" // DefaultDataDir is the default directory where the device's data is stored DefaultDataDir = "/var/lib/flightctl" // SystemInfoCustomScriptDir is the directory where custom system info scripts are stored. SystemInfoCustomScriptDir = "/usr/lib/flightctl/custom-info.d" // DefaultCertsDir is the default directory where the device's certificates are stored DefaultCertsDirName = "certs" // DefaultManagementEndpoint is the default address of the device management server DefaultManagementEndpoint = "https://localhost:7443" // name of the CA bundle file CacertFile = "ca.crt" // GeneratedCertFile is the name of the cert file which is generated as the result of enrollment GeneratedCertFile = "agent.crt" // name of the agent's key file KeyFile = "agent.key" // CSRFile is the name of the persisted CSR file (temporary, deleted after enrollment) CSRFile = "agent.csr" // name of the enrollment certificate file EnrollmentCertFile = "client-enrollment.crt" // name of the enrollment key file EnrollmentKeyFile = "client-enrollment.key" // DefaultTPMDevicePath is the default TPM device path DefaultTPMDevicePath = "/dev/tpm0" // DefaultTPMKeyFile is the default filename for TPM key persistence DefaultTPMKeyFile = "tpm-blob.yaml" // TestRootDirEnvKey is the environment variable key used to set the file system root when testing. TestRootDirEnvKey = "FLIGHTCTL_TEST_ROOT_DIR" // DefaultMetricsEnabled controls whether Prometheus metrics are enabled by default. DefaultMetricsEnabled = false // DefaultProfilingEnabled controls whether runtime profiling (pprof) is enabled by default. DefaultProfilingEnabled = false )
Variables ¶
View Source
var DefaultSystemInfo = []string{
"hostname",
"kernel",
"distroName",
"distroVersion",
"productName",
"productUuid",
"productSerial",
"netInterfaceDefault",
"netIpDefault",
"netMacDefault",
}
DefaultSystemInfo defines the list of system information keys that are included in the default system info statud report generated by the agent.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
config.ServiceConfig
// ConfigDir is the directory where the device's configuration is stored
ConfigDir string `json:"-"`
// DataDir is the directory where the device's data is stored
DataDir string `json:"-"`
// SpecFetchInterval is the interval between two reads of the remote device spec
// This field is deprecated and will be removed in a future release. The functionality
// is controlled by the server rendered wait timeout.
SpecFetchInterval util.Duration `json:"spec-fetch-interval,omitempty"`
// StatusUpdateInterval is the interval between two status updates
StatusUpdateInterval util.Duration `json:"status-update-interval,omitempty"`
// TPM holds all TPM-related configuration
TPM TPM `json:"tpm,omitempty"`
// AuditLog holds all audit logging configuration
AuditLog audit.AuditConfig `json:"audit,omitempty"`
// LogLevel is the level of logging. can be: "panic", "fatal", "error", "warn"/"warning",
// "info", "debug" or "trace", any other will be treated as "info"
LogLevel string `json:"log-level,omitempty"`
// LogPrefix is the log prefix used for testing
LogPrefix string `json:"log-prefix,omitempty"`
// DefaultLabels are automatically applied to this device when the agent is enrolled in a service
DefaultLabels map[string]string `json:"default-labels,omitempty"`
// SystemInfo lists built-in system information keys to collect.
SystemInfo []string `json:"system-info,omitempty"`
// SystemInfoCustom defines keys used to collect custom system information.
// Each key should match the name of an executable script in the custom info directory.
// The script must output a single string, which will be included in device.status.systemInfo.CustomInfo.
//
// Keys must be camelCase with no spaces or special characters.
// Script filenames may be camelCase or lowercase.
SystemInfoCustom []string `json:"system-info-custom,omitempty"`
// SystemInfoTimeout is the timeout for collecting system info.
SystemInfoTimeout util.Duration `json:"system-info-timeout,omitempty"`
// PullTimeout is the max duration a single OCI target will try to pull.
PullTimeout util.Duration `json:"pull-timeout,omitempty"`
// PullRetrySteps defines how many retry attempts are allowed for pulling an OCI target.
PullRetrySteps int `json:"pull-retry-steps,omitempty"`
// MetricsEnabled enables the loopback-only Prometheus /metrics endpoint for local observability.
MetricsEnabled bool `json:"metrics-enabled,omitempty"`
// ProfilingEnabled turns on the loopback-only pprof server for local debugging.
ProfilingEnabled bool `json:"profiling-enabled,omitempty"`
// contains filtered or unexported fields
}
func NewDefault ¶
func NewDefault() *Config
func (*Config) GetEnrollmentMetricsCallback ¶ added in v0.9.0
func (cfg *Config) GetEnrollmentMetricsCallback() client.RPCMetricsCallback
func (*Config) GetManagementMetricsCallback ¶ added in v0.9.0
func (cfg *Config) GetManagementMetricsCallback() client.RPCMetricsCallback
func (*Config) GetTestRootDir ¶
func (*Config) LoadWithOverrides ¶
func (*Config) ParseConfigFile ¶
ParseConfigFile reads the config file and unmarshals it into the Config struct
func (*Config) PathFor ¶
Some files are handled from the crypto modules that don't work with our device fileio and need to know the real paths TODO: potentially unify all file writer/readers under some mockable interface
func (*Config) SetEnrollmentMetricsCallback ¶
func (cfg *Config) SetEnrollmentMetricsCallback(cb client.RPCMetricsCallback)
func (*Config) SetManagementMetricsCallback ¶ added in v0.9.0
func (cfg *Config) SetManagementMetricsCallback(cb client.RPCMetricsCallback)
func (*Config) StringSanitized ¶ added in v0.10.0
StringSanitized returns a JSON representation of the config with sensitive fields removed
type TPM ¶ added in v0.9.0
type TPM struct {
// Enabled indicates whether to use TPM for device identity.
Enabled bool `json:"enabled,omitempty"`
// DevicePath is the path to the TPM device.
DevicePath string `json:"device-path,omitempty"`
// Auth indicates whether the TPM owner hierarchy will be set by password.
AuthEnabled bool `json:"auth-enabled,omitempty"`
// StorageFilePath specifies the file path for TPM key storage.
StorageFilePath string `json:"storage-file-path,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.