run

package
v1.2.0-rc3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 27, 2023 License: Apache-2.0 Imports: 58 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewRunCommand 

func NewRunCommand() *cobra.Command

func RunServer 

func RunServer(ctx context.Context, config *Config) error

func TCPRandomPort added in v0.4.3 

func TCPRandomPort() (int, func())

TCPRandomPort tries to find a random TCP Port. If it can't find one, it panics. Else, it returns the port and a function that releases the port. It is the responsibility of the caller to call the release function.

func VerifyConfig 

func VerifyConfig(cfg *Config) error

Types

type AuthnConfig 

type AuthnConfig struct {

	// Method is the authentication method that should be enforced (e.g. 'none', 'preshared', 'oidc')
	Method                   string
	*AuthnOIDCConfig         `mapstructure:"oidc"`
	*AuthnPresharedKeyConfig `mapstructure:"preshared"`
}

AuthnConfig defines OpenFGA server configurations for authentication specific settings.

type AuthnOIDCConfig 

type AuthnOIDCConfig struct {
	Issuer   string
	Audience string
}

AuthnOIDCConfig defines configurations for the 'oidc' method of authentication.

type AuthnPresharedKeyConfig 

type AuthnPresharedKeyConfig struct {
	// Keys define the preshared keys to verify authn tokens against.
	Keys []string
}

AuthnPresharedKeyConfig defines configurations for the 'preshared' method of authentication.

type Config 

type Config struct {

	// ListObjectsDeadline defines the maximum amount of time to accumulate ListObjects results
	// before the server will respond. This is to protect the server from misuse of the
	// ListObjects endpoints. It cannot be larger than HTTPConfig.UpstreamTimeout.
	ListObjectsDeadline time.Duration

	// ListObjectsMaxResults defines the maximum number of results to accumulate
	// before the non-streaming ListObjects API will respond to the client.
	// This is to protect the server from misuse of the ListObjects endpoints.
	ListObjectsMaxResults uint32

	// MaxTuplesPerWrite defines the maximum number of tuples per Write endpoint.
	MaxTuplesPerWrite int

	// MaxTypesPerAuthorizationModel defines the maximum number of type definitions per authorization model for the WriteAuthorizationModel endpoint.
	MaxTypesPerAuthorizationModel int

	// ChangelogHorizonOffset is an offset in minutes from the current time. Changes that occur after this offset will not be included in the response of ReadChanges.
	ChangelogHorizonOffset int

	// Experimentals is a list of the experimental features to enable in the OpenFGA server.
	Experimentals []string

	// ResolveNodeLimit indicates how deeply nested an authorization model can be.
	ResolveNodeLimit uint32

	Datastore  DatastoreConfig
	GRPC       GRPCConfig
	HTTP       HTTPConfig
	Authn      AuthnConfig
	Log        LogConfig
	Trace      TraceConfig
	Playground PlaygroundConfig
	Profiler   ProfilerConfig
	Metrics    MetricConfig
}

func DefaultConfig 

func DefaultConfig() *Config

DefaultConfig returns the OpenFGA server default configurations.

func MustDefaultConfigWithRandomPorts 

func MustDefaultConfigWithRandomPorts() *Config

MustDefaultConfigWithRandomPorts returns the DefaultConfig, but with random ports for the grpc and http addresses. This function may panic if somehow a random port cannot be chosen.

func ReadConfig 

func ReadConfig() (*Config, error)

ReadConfig returns the OpenFGA server configuration based on the values provided in the server's 'config.yaml' file. The 'config.yaml' file is loaded from '/etc/openfga', '$HOME/.openfga', or the current working directory. If no configuration file is present, the default values are returned.

type DatastoreConfig 

type DatastoreConfig struct {

	// Engine is the datastore engine to use (e.g. 'memory', 'postgres', 'mysql')
	Engine   string
	URI      string
	Username string
	Password string

	// MaxCacheSize is the maximum number of cache keys that the storage cache can store before evicting
	// old keys. The storage cache is used to cache query results for various static resources
	// such as type definitions.
	MaxCacheSize int

	// MaxOpenConns is the maximum number of open connections to the database.
	MaxOpenConns int

	// MaxIdleConns is the maximum number of connections to the datastore in the idle connection pool.
	MaxIdleConns int

	// ConnMaxIdleTime is the maximum amount of time a connection to the datastore may be idle.
	ConnMaxIdleTime time.Duration

	// ConnMaxLifetime is the maximum amount of time a connection to the datastore may be reused.
	ConnMaxLifetime time.Duration
}

DatastoreConfig defines OpenFGA server configurations for datastore specific settings.

type GRPCConfig 

type GRPCConfig struct {
	Addr string
	TLS  *TLSConfig
}

GRPCConfig defines OpenFGA server configurations for grpc server specific settings.

type HTTPConfig 

type HTTPConfig struct {
	Enabled bool
	Addr    string
	TLS     *TLSConfig

	// UpstreamTimeout is the timeout duration for proxying HTTP requests upstream
	// to the grpc endpoint. It cannot be smaller than Config.ListObjectsDeadline.
	UpstreamTimeout time.Duration

	CORSAllowedOrigins []string
	CORSAllowedHeaders []string
}

HTTPConfig defines OpenFGA server configurations for HTTP server specific settings.

type LogConfig 

type LogConfig struct {
	// Format is the log format to use in the log output (e.g. 'text' or 'json')
	Format string

	// Level is the log level to use in the log output (e.g. 'none', 'debug', or 'info')
	Level string
}

LogConfig defines OpenFGA server configurations for log specific settings. For production we recommend using the 'json' log format.

type MetricConfig added in v0.3.5 

type MetricConfig struct {
	Enabled             bool
	Addr                string
	EnableRPCHistograms bool
}

MetricConfig defines configurations for serving custom metrics from OpenFGA.

type OTLPTraceConfig 

type OTLPTraceConfig struct {
	Endpoint string
}

type PlaygroundConfig 

type PlaygroundConfig struct {
	Enabled bool
	Port    int
}

PlaygroundConfig defines OpenFGA server configurations for the Playground specific settings.

type ProfilerConfig 

type ProfilerConfig struct {
	Enabled bool
	Addr    string
}

ProfilerConfig defines server configurations specific to pprof profiling.

type TLSConfig 

type TLSConfig struct {
	Enabled  bool
	CertPath string `mapstructure:"cert"`
	KeyPath  string `mapstructure:"key"`
}

TLSConfig defines configuration specific to Transport Layer Security (TLS) settings.

type TraceConfig 

type TraceConfig struct {
	Enabled     bool
	OTLP        OTLPTraceConfig `mapstructure:"otlp"`
	SampleRatio float64
	ServiceName string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.