Documentation
¶
Index ¶
- Constants
- func GetAppUrl(appPathDomain AppPathDomain, serverConfig *ServerConfig) string
- func GetCommit() string
- func GetHTTPHeader(header http.Header, key string) string
- func GetVersion() string
- func Int64ToInt32(v int64) (int32, error)
- func RegexMatch(perm, entry string) (bool, error)
- func RollingFileLogger(config *LogConfig, logType string) io.Writer
- func StripQuotes(s string) string
- type AccountLink
- type ActionConfig
- type AppApplyResponse
- type AppApplyResult
- type AppApproveResponse
- type AppAuthnType
- type AppConfig
- type AppCreateResponse
- type AppDeleteResponse
- type AppEntry
- type AppFile
- type AppGetResponse
- type AppId
- type AppInfo
- type AppLinkAccountResponse
- type AppListResponse
- type AppMetadata
- type AppMetadataConfigType
- type AppPathDomain
- type AppPreviewResponse
- type AppPromoteResponse
- type AppReloadOption
- type AppReloadResponse
- type AppReloadResult
- type AppResponse
- type AppSettings
- type AppSpec
- type AppStagedUpdateResponse
- type AppToken
- type AppUpdateMessage
- type AppUpdateMetadataResponse
- type AppUpdatePayload
- type AppUpdateSettingsResponse
- type AppVersion
- type AppVersionFilesResponse
- type AppVersionListResponse
- type AppVersionSwitchResponse
- type ApproveResult
- type Audit
- type AuditEvent
- type AuthConfig
- type AuthorizerFunc
- type Binding
- type BindingGrant
- type BindingMetadata
- type BoolValue
- type BuilderConfig
- type CORS
- type ClientCertConfig
- type ClientConfig
- type ClientConfigStruct
- type ConfigResponse
- type ConfigUpdateMessage
- type ConfigUpdatePayload
- type Container
- type ContextKey
- type CreateAppRequest
- type CreateBindingRequest
- type CustomPermsFunc
- type DryRun
- type DynamicConfig
- type EventStatus
- type EventType
- type FS
- type ForwardConfig
- type GitAuthEntry
- type GlobalConfig
- type GrantType
- type HttpConfig
- type HttpsConfig
- type JSLibrary
- type Kubernetes
- type KubernetesConfig
- type LibraryType
- type LogConfig
- type Logger
- type MetadataConfig
- type NodeConfig
- type NotificationMessage
- type Permission
- type PermissionsConfig
- type PluginContext
- type PluginSettings
- type Proxy
- type RBACConfig
- type RBACGrant
- type RBACPermission
- type RegistryConfig
- type RequestError
- type RunBindingCommandRequest
- type SAMLConfig
- type SecretConfig
- type Security
- type SecurityConfig
- type ServerConfig
- type ServerId
- type Service
- type SpecFiles
- type StringValue
- type StyleType
- type SyncCreateResponse
- type SyncDeleteResponse
- type SyncEntry
- type SyncJobStatus
- type SyncListResponse
- type SyncMetadata
- type SystemConfig
- type TelemetryConfig
- type TokenCreateResponse
- type TokenDeleteResponse
- type TokenListResponse
- type Transaction
- type UpdateAppMetadataRequest
- type UpdateAppRequest
- type UpdateBindingRequest
- type UserFile
- type VersionMetadata
- type WebhookTokens
- type WebhookType
Constants ¶
const ( OPENRUN_HOME = "OPENRUN_HOME" ID_PREFIX_APP_PROD = "app_prd_" ID_PREFIX_APP_DEV = "app_dev_" ID_PREFIX_APP_STAGE = "app_stg_" ID_PREFIX_APP_PREVIEW = "app_pre_" ID_PREFIX_SERVICE = "srv_" ID_PREFIX_BINDING = "bnd_" ID_PREFIX_SERVER = "srv_id_" INTERNAL_URL_PREFIX = "/_openrun" WEBHOOK_URL_PREFIX = "/_openrun_webhook" APP_INTERNAL_URL_PREFIX = "/_openrun_app" INTERNAL_APP_DELIM = "_cl_" STAGE_SUFFIX = INTERNAL_APP_DELIM + "stage" PREVIEW_SUFFIX = INTERNAL_APP_DELIM + "preview" NO_SOURCE = "-" // No source url is provided )
const ( TL_CONTEXT = "TL_context" TL_DEFER_MAP = "TL_defer_map" TL_CURRENT_MODULE_FULL_PATH = "TL_current_module_full_path" TL_PLUGIN_API_FAILED_ERROR = "TL_plugin_api_failed_error" TL_CONTAINER_URL = "TL_container_url" TL_AUDIT_OPERATION = "TL_audit_operation" TL_AUDIT_TARGET = "TL_audit_target" TL_AUDIT_DETAIL = "TL_audit_detail" TL_CONTAINER_HANDLER = "TL_container_handler" TL_BRANCH = "TL_branch" TL_DEV = "TL_dev" TL_APP_URL = "TL_app_url" )
const ( CONTAINER_SOURCE_AUTO = "auto" CONTAINER_SOURCE_NIXPACKS = "nixpacks" CONTAINER_SOURCE_IMAGE_PREFIX = "image:" CONTAINER_LIFETIME_COMMAND = "command" CONTAINER_KUBERNETES = "kubernetes" )
const ( ANONYMOUS_USER = "anonymous" ADMIN_USER = "admin" AUTH_MODIFIER_DELIMITER string = "+" )
const ( LIB_PATH = "static/gen/lib" ESM_PATH = "static/gen/esm" )
const ( SAML_SESSION_KV_PREFIX = "saml_session:" OAUTH_SESSION_KV_PREFIX = "oauth_session:" HTTP_SESSION_KV_PREFIX = "http_session:" CONSTANT_KV_PREFIX = "constant:" COOKIE_SESSION_SECRET_KV = "cookie_session_secret" COOKIE_SESSION_BLOCK_KEY_KV = "cookie_session_block_key" OPENRUN_COOKIE_MARKER = "_openrun_" GOTHIC_SESSION_COOKIE = "_gothic_session" OAUTH_SESSION_COOKIE = "openrun_session" SAML_SESSION_COOKIE = "openrun_saml_session" )
const ( // OpenRun headers are used to pass information to the downstream service OPENRUN_HEADER_PREFIX = "X-Openrun-" OPENRUN_HEADER_USER = OPENRUN_HEADER_PREFIX + "User" OPENRUN_HEADER_USER_STRIPPED = OPENRUN_HEADER_PREFIX + "User-Stripped" // the user ID stripped of the provider prefix OPENRUN_HEADER_USER_ID = OPENRUN_HEADER_PREFIX + "User-Id" OPENRUN_HEADER_USER_EMAIL = OPENRUN_HEADER_PREFIX + "User-Email" OPENRUN_HEADER_PERMS = OPENRUN_HEADER_PREFIX + "Perms" OPENRUN_HEADER_APP_RBAC_ENABLED = OPENRUN_HEADER_PREFIX + "Rbac-Enabled" )
const (
GrantTargetAll = "*"
)
const MessageTypeAppUpdate = "app_update"
const MessageTypeConfigUpdate = "config_update"
const REGEX_PREFIX = "regex:"
Variables ¶
This section is empty.
Functions ¶
func GetAppUrl ¶ added in v0.14.8
func GetAppUrl(appPathDomain AppPathDomain, serverConfig *ServerConfig) string
func GetHTTPHeader ¶
GetHTTPHeader returns the first value of the header with the given key. The key has to be a HTTP Canonical Header Key (case is important)
func GetVersion ¶ added in v0.16.9
func GetVersion() string
func Int64ToInt32 ¶ added in v0.16.24
Int64ToInt32 converts an int64 to an int32, returning an error if the value is out of range
func RegexMatch ¶
func StripQuotes ¶
Types ¶
type AccountLink ¶
AccountLink links the account to use for each plugin
type ActionConfig ¶ added in v0.17.1
type ActionConfig struct {
MaxRequestBodyBytes int64 `toml:"max_request_body_bytes"`
}
type AppApplyResponse ¶
type AppApplyResponse struct {
DryRun bool `json:"dry_run"`
CommitId string `json:"commit_id"`
SkippedApply bool `json:"skipped_apply"`
CreateResults []AppCreateResponse `json:"create_results"`
UpdateResults []AppPathDomain `json:"update_results"`
ApproveResults []ApproveResult `json:"approve_results"`
PromoteResults []AppPathDomain `json:"promote_results"`
ReloadResults []AppPathDomain `json:"reload_results"`
SkippedResults []AppPathDomain `json:"skipped_results"`
FilteredApps []AppPathDomain `json:"filtered_apps"`
CreateBindingResults []string `json:"create_binding_results"`
UpdateBindingResults []string `json:"update_binding_results"`
PromoteBindingResults []string `json:"promote_binding_results"`
}
type AppApplyResult ¶
type AppApplyResult struct {
DryRun bool `json:"dry_run"`
CreateResult AppCreateResponse `json:"create_result"`
ApproveResult *ApproveResult `json:"approve_result"`
Updated []AppPathDomain `json:"updated"`
Reloaded []AppPathDomain `json:"reloaded"`
Skipped []AppPathDomain `json:"skipped"`
Promoted bool `json:"promoted"`
}
type AppApproveResponse ¶
type AppApproveResponse struct {
DryRun bool `json:"dry_run"`
StagedUpdateResults []ApproveResult `json:"staged_update_results"`
PromoteResults []AppPathDomain `json:"promote_results"`
}
type AppAuthnType ¶
type AppAuthnType string
AppAuthnType is the app level authentication type
const ( AppAuthnNone AppAuthnType = "none" // No auth AppAuthnDefault AppAuthnType = "default" // Use whatever auth is the default for the system AppAuthnSystem AppAuthnType = "system" // Use the system admin user )
type AppConfig ¶
type AppConfig struct {
CORS CORS `toml:"cors"`
Action ActionConfig `toml:"action"`
Container Container `toml:"container"`
Kubernetes Kubernetes `toml:"kubernetes"`
Proxy Proxy `toml:"proxy"`
FS FS `toml:"fs"`
Audit Audit `toml:"audit"`
Security Security `toml:"security"`
StarBase string `toml:"star_base"` // The base directory for starlark config files
}
type AppCreateResponse ¶
type AppCreateResponse struct {
AppPathDomain AppPathDomain `json:"app_path_domain"`
DryRun bool `json:"dry_run"`
HttpUrl string `json:"http_url"`
HttpsUrl string `json:"https_url"`
ApproveResults []ApproveResult `json:"approve_results"`
OrigSourceUrl string `json:"orig_source_url"`
SourceUrl string `json:"source_url"`
}
type AppDeleteResponse ¶
type AppEntry ¶
type AppEntry struct {
Id AppId `json:"id"`
Path string `json:"path"`
Domain string `json:"domain"`
MainApp AppId `json:"main_app"` // the id of the app that this app is linked to
LinkedAppPath string `json:"linked_app_path"` // the path of the app that this app is linked to
// for main app, points to the stage app. For stage app, points to the main app.
// For preview apps, points to the base app. Not set for dev apps.
SourceUrl string `json:"source_url"`
IsDev bool `json:"is_dev"`
UserID string `json:"user_id"`
CreateTime *time.Time `json:"create_time"`
UpdateTime *time.Time `json:"update_time"`
Settings AppSettings `json:"settings"` // settings are not version controlled
Metadata AppMetadata `json:"metadata"` // metadata is version controlled
}
AppEntry is the application configuration in the DB
func (*AppEntry) AppPathDomain ¶
func (ae *AppEntry) AppPathDomain() AppPathDomain
type AppGetResponse ¶
type AppGetResponse struct {
AppEntry AppEntry `json:"app_entry"`
}
type AppInfo ¶
type AppInfo struct {
AppPathDomain
Name string
Id AppId
IsDev bool
MainApp AppId
LinkedAppPath string
Auth AppAuthnType
SourceUrl string
Spec AppSpec
Version int
GitSha string
GitMessage string
Branch string
StarBase string
UpdateTime time.Time
RetainVersions int
}
AppInfo is the basic info for an app
type AppLinkAccountResponse ¶
type AppLinkAccountResponse struct {
DryRun bool `json:"dry_run"`
StagedUpdateResults []AppPathDomain `json:"staged_update_results"`
PromoteResults []AppPathDomain `json:"promote_results"`
}
type AppListResponse ¶
type AppListResponse struct {
Apps []AppResponse `json:"apps"`
}
type AppMetadata ¶
type AppMetadata struct {
Name string `json:"name"`
VersionMetadata VersionMetadata `json:"version_metadata"`
Loads []string `json:"loads"`
Permissions []Permission `json:"permissions"`
Accounts []AccountLink `json:"accounts"`
BindingSourcePerms []string `json:"binding_source_perms"` // the binding source permissions that are requested for the app
ApprovedBindingSourcePerms []string `json:"approved_binding_source_perms"` // the binding source permissions that are approved for the app
ParamValues map[string]string `json:"param_values"`
Spec AppSpec `json:"spec"`
SpecFiles *SpecFiles `json:"spec_files"`
ContainerOptions map[string]string `json:"container_options"`
ContainerArgs map[string]string `json:"container_args"`
ContainerVolumes []string `json:"container_volumes"`
AppConfig map[string]string `json:"appconfig"`
AuthnType AppAuthnType `json:"authn_type"`
GitAuthName string `json:"git_auth_name"`
Bindings []string `json:"bindings"`
}
AppMetadata contains the configuration for an app. App configurations are version controlled.
type AppMetadataConfigType ¶
type AppMetadataConfigType string
const ( AppMetadataAppConfig AppMetadataConfigType = "app_config" AppMetadataContainerOptions AppMetadataConfigType = "container_options" AppMetadataContainerArgs AppMetadataConfigType = "container_args" AppMetadataContainerVolumes AppMetadataConfigType = "container_volumes" AppMetadataAuthnType AppMetadataConfigType = "auth" AppMetadataGitAuthName AppMetadataConfigType = "git_auth" AppMetadataBindings AppMetadataConfigType = "bindings" AppMetadataBindingPerms AppMetadataConfigType = "bind_perm" )
type AppPathDomain ¶
AppPathDomain is a unique identifier for an app, consisting of the path and domain
func CreateAppPathDomain ¶
func CreateAppPathDomain(path, domain string) AppPathDomain
func (AppPathDomain) String ¶
func (a AppPathDomain) String() string
type AppPreviewResponse ¶
type AppPreviewResponse struct {
DryRun bool `json:"dry_run"`
HttpUrl string `json:"http_url"`
HttpsUrl string `json:"https_url"`
Success bool `json:"success"`
ApproveResult ApproveResult `json:"approve_result"`
}
type AppPromoteResponse ¶
type AppPromoteResponse struct {
DryRun bool `json:"dry_run"`
PromoteResults []AppPathDomain `json:"promote_results"`
}
type AppReloadOption ¶
type AppReloadOption string
const ( AppReloadOptionNone AppReloadOption = "none" AppReloadOptionUpdated AppReloadOption = "updated" AppReloadOptionMatched AppReloadOption = "matched" )
type AppReloadResponse ¶
type AppReloadResponse struct {
DryRun bool `json:"dry_run"`
ReloadResults []AppPathDomain `json:"reload_results"`
ApproveResults []ApproveResult `json:"approve_results"`
PromoteResults []AppPathDomain `json:"promote_results"`
SkippedResults []AppPathDomain `json:"skipped_results"`
}
type AppReloadResult ¶
type AppReloadResult struct {
DryRun bool `json:"dry_run"`
ReloadResults []AppPathDomain `json:"reload_results"`
ApproveResult *ApproveResult `json:"approve_result"`
PromoteResults []AppPathDomain `json:"promote_results"`
SkippedResults []AppPathDomain `json:"skipped_results"`
}
type AppResponse ¶
type AppSettings ¶
type AppSettings struct {
//Deprecated: use AppMetadata.AuthnType instead
AuthnType AppAuthnType `json:"authn_type"`
//Deprecated: use AppMetadata.GitAuthName instead
GitAuthName string `json:"git_auth_name"`
StageWriteAccess bool `json:"stage_write_access"`
PreviewWriteAccess bool `json:"preview_write_access"`
WebhookTokens WebhookTokens `json:"webhook_tokens"`
OrigSourceUrl string `json:"orig_source_url"` // the original source url of the app, used for git create in dev mode
}
AppSettings contains the settings for an app. Settings are not version controlled.
type AppStagedUpdateResponse ¶
type AppStagedUpdateResponse struct {
DryRun bool `json:"dry_run"`
StagedUpdateResults any `json:"staged_update_results"`
PromoteResults []AppPathDomain `json:"promote_results"`
}
type AppToken ¶
type AppToken struct {
Type WebhookType `json:"type"`
Url string `json:"url"`
Token string `json:"token"`
}
type AppUpdateMessage ¶
type AppUpdateMessage struct {
MessageType string `json:"message_type"`
Payload AppUpdatePayload `json:"payload"`
}
type AppUpdateMetadataResponse ¶
type AppUpdateMetadataResponse struct {
DryRun bool `json:"dry_run"`
StagedUpdateResults []AppPathDomain `json:"staged_update_results"`
PromoteResults []AppPathDomain `json:"promote_results"`
}
type AppUpdatePayload ¶
type AppUpdatePayload struct {
AppPathDomains []AppPathDomain `json:"app_path_domains"`
ServerId ServerId `json:"server_id"`
}
type AppUpdateSettingsResponse ¶
type AppUpdateSettingsResponse struct {
DryRun bool `json:"dry_run"`
UpdateResults []AppPathDomain `json:"update_results"`
}
type AppVersion ¶
type AppVersionFilesResponse ¶
type AppVersionFilesResponse struct {
Files []AppFile `json:"files"`
}
type AppVersionListResponse ¶
type AppVersionListResponse struct {
Versions []AppVersion `json:"versions"`
}
type ApproveResult ¶
type ApproveResult struct {
Id AppId `json:"id"`
AppPathDomain AppPathDomain `json:"app_path_domain"`
NewLoads []string `json:"new_loads"`
NewPermissions []Permission `json:"new_permissions"`
ApprovedLoads []string `json:"approved_loads"`
ApprovedPermissions []Permission `json:"approved_permissions"`
NewBindingSourcePerms []string `json:"new_binding_source_perms"`
ApprovedBindingSourcePerms []string `json:"approved_binding_source_perms"`
NeedsApproval bool `json:"needs_approval"`
}
ApproveResult represents the result of an app approval audit
type AuditEvent ¶
type AuthConfig ¶
type AuthConfig struct {
Key string `toml:"key"` // the client id
Secret string `toml:"secret"` // the client secret
OrgUrl string `toml:"org_url"` // the org url, used for Okta
Domain string `toml:"domain"` // the domain, used for Auth0
DiscoveryUrl string `toml:"discovery_url"` // the discovery url, used for OIDC
HostedDomain string `toml:"hosted_domain"` // the hosted domain, used for Google
Scopes []string `toml:"scopes"` // oauth scopes
}
AuthConfig is the configuration for the Authentication provider
type AuthorizerFunc ¶ added in v0.15.1
type Binding ¶ added in v0.17.2
type Binding struct {
Id string `json:"id"` // the id of the binding
Path string `json:"path"` // the path of the binding
Source string `json:"source"` // service id, or the base binding path
ServiceType string `json:"service_type"` // the type of the service
ServiceName string `json:"service_name"` // the name of the service
ServiceIsDefault bool `json:"-"`
DerivedFrom string `json:"derived_from"` // the base binding path this is derived from
StagedMetadata BindingMetadata `json:"staged_metadata"`
Metadata BindingMetadata `json:"metadata"`
CreateTime time.Time `json:"create_time"`
UpdateTime time.Time `json:"update_time"`
}
Binding is a binding entry in the metadata database A binding is a link between a service and a source service
type BindingGrant ¶ added in v0.17.3
type BindingGrant struct {
GrantType GrantType `json:"grant_type"`
GrantTarget string `json:"grant_target"`
}
func ParseGrant ¶ added in v0.17.3
func ParseGrant(grant string, supportedGrantTypes []GrantType) (BindingGrant, error)
func (BindingGrant) String ¶ added in v0.17.3
func (g BindingGrant) String() string
type BindingMetadata ¶ added in v0.17.2
type BuilderConfig ¶ added in v0.15.20
type ClientCertConfig ¶
type ClientConfig ¶
type ClientConfig struct {
GlobalConfig
Client ClientConfigStruct `toml:"client"`
}
ClientConfig is the configuration for the OpenRun Client
type ClientConfigStruct ¶
type ClientConfigStruct struct {
SkipCertCheck bool `toml:"skip_cert_check"`
AdminPassword string `toml:"admin_password"`
DefaultFormat string `toml:"default_format"` // the default format for the CLI output
}
ClientConfigStruct is the configuration for the OpenRun Client
type ConfigResponse ¶ added in v0.14.10
type ConfigResponse struct {
DynamicConfig DynamicConfig `json:"dynamic_config"`
}
type ConfigUpdateMessage ¶ added in v0.15.0
type ConfigUpdateMessage struct {
MessageType string `json:"message_type"`
Payload ConfigUpdatePayload `json:"payload"`
}
type ConfigUpdatePayload ¶ added in v0.15.0
type ConfigUpdatePayload struct {
ServerId ServerId `json:"server_id"`
}
type Container ¶
type Container struct {
// Health check related config
HealthUrl string `toml:"health_url"`
HealthAttemptsAfterStartup int `toml:"health_attempts_after_startup"`
HealthTimeoutSecs int `toml:"health_timeout_secs"`
DeployProbePeriodSecs int `toml:"deploy_probe_period_secs"`
DeployHealthAttempts int `toml:"deploy_health_attempts"`
// Overrides Kubernetes progressDeadlineSeconds when >0. Keep 0 unless tests
// or operators deliberately want failed rollouts to be declared earlier.
DeployProgressDeadlineSecs int `toml:"deploy_progress_deadline_secs"`
LogLinesToShow int `toml:"log_lines_to_show"`
ShowLogsForFailure bool `toml:"show_logs_for_failure"`
// Idle shutdown related config
IdleShutdownSecs int `toml:"idle_shutdown_secs"`
IdleShutdownDevApps bool `toml:"idle_shutdown_dev_apps"`
IdleBytesHighWatermark int `toml:"idle_bytes_high_watermark"`
// Status check related config
StatusCheckIntervalSecs int `toml:"status_check_interval_secs"`
StatusHealthAttempts int `toml:"status_health_attempts"`
}
type ContextKey ¶
type ContextKey string
const ( USER_ID ContextKey = "user_id" USER_SUBJECT ContextKey = "user_subject" USER_EMAIL ContextKey = "user_email" SHARED ContextKey = "shared" REQUEST_ID ContextKey = "request_id" APP_ID ContextKey = "app_id" APP_PATH_DOMAIN ContextKey = "app_path_domain" APP_AUTH ContextKey = "app_auth" GROUPS ContextKey = "groups" RBAC_ENABLED ContextKey = "rbac_enabled" CUSTOM_PERMS ContextKey = "custom_perms" )
type CreateAppRequest ¶
type CreateAppRequest struct {
Path string `json:"path"`
SourceUrl string `json:"source_url"`
IsDev bool `json:"is_dev"`
AppAuthn AppAuthnType `json:"app_authn"`
GitBranch string `json:"git_branch"`
GitCommit string `json:"git_commit"`
GitAuthName string `json:"git_auth_name"`
Spec AppSpec `json:"spec"`
ParamValues map[string]string `json:"param_values"`
ContainerOptions map[string]string `json:"container_options"`
ContainerArgs map[string]string `json:"container_args"`
ContainerVolumes []string `json:"container_volumes"`
AppConfig map[string]string `json:"appconfig"`
Bindings []string `json:"bindings"`
BindingSourcePerms []string `json:"binding_source_perms"`
StageAt string `json:"stage_at"`
Verify bool `json:"verify"`
}
CreateAppRequest is the request body for creating an app This gets saved as ApplyInfo when doing declarative app creation
type CreateBindingRequest ¶ added in v0.17.5
type CreateBindingRequest struct {
Path string `json:"path"`
Source string `json:"source"`
Grants []string `json:"grants"`
Config map[string]string `json:"config"`
ApplyInfo []byte `json:"-"`
}
CreateBindingRequest is the request body for creating a binding.
type CustomPermsFunc ¶ added in v0.15.9
type DynamicConfig ¶ added in v0.14.10
type DynamicConfig struct {
VersionId string `json:"version_id"`
RBAC RBACConfig `json:"rbac"`
}
DynamicConfig is the configuration which is settable through API and is persisted to metadata
type EventStatus ¶
type EventStatus string
const ( EventStatusSuccess EventStatus = "Success" EventStatusFailure EventStatus = "Failed" )
type ForwardConfig ¶ added in v0.17.4
type ForwardConfig struct {
AuthUrl string `toml:"auth_url"` // the auth url to send the GET request to
ForwardHeaders []string `toml:"forward_headers"` // the headers to forward to the auth url. If empty, all headers are forwarded.
CopyResponseHeaders []string `toml:"copy_response_headers"` // the headers to copy from the authserver response to app. Default is none
}
type GitAuthEntry ¶
type GitAuthEntry struct {
UserID string `toml:"user_id"` // the user id of the user, defaults to "git" https://github.com/src-d/go-git/issues/637
KeyFilePath string `toml:"key_file_path"` // the path to the private key file
Password string `toml:"password"` // the password for the private key file
}
GitAuth is a github auth config entry
type GlobalConfig ¶
type GlobalConfig struct {
ConfigFile string `toml:"config_file"`
AdminUser string `toml:"admin_user"`
ServerUri string `toml:"server_uri"`
}
Config entries shared between client and server
type HttpConfig ¶
type HttpConfig struct {
Host string `toml:"host"`
Port int `toml:"port"`
RedirectToHttps bool `toml:"redirect_to_https"`
}
HttpConfig is the configuration for the HTTP server
type HttpsConfig ¶
type HttpsConfig struct {
Host string `toml:"host"`
Port int `toml:"port"`
EnableCertLookup bool `toml:"enable_cert_lookup"`
MkcertPath string `toml:"mkcert_path"`
ServiceEmail string `toml:"service_email"`
UseStaging bool `toml:"use_staging"`
StorageLocation string `toml:"storage_location"`
CertLocation string `toml:"cert_location"`
DisableClientCerts bool `toml:"disable_client_certs"`
}
HttpsConfig is the configuration for the HTTPs server
type JSLibrary ¶
type JSLibrary struct {
LibType LibraryType
DirectUrl string
PackageName string
Version string
EsbuildArgs [10]string // use an array so that the struct can be used as key in the jsCache map
SanitizedFileName string
}
JSLibrary handles the downloading for JS libraries and esbuild based bundling for ESM libraries
type Kubernetes ¶ added in v0.16.0
type Kubernetes struct {
DefaultVolumeSize string `toml:"default_volume_size"`
ScalingThresholdCPU int32 `toml:"scaling_threshold_cpu"` // CPU utilization threshold for HPA scaling
}
Kubernetes related settings in the App Config
type KubernetesConfig ¶ added in v0.15.20
type LibraryType ¶
type LibraryType string
const ( ESModule LibraryType = "ecmascript_module" Library LibraryType = "library" )
type LogConfig ¶
type LogConfig struct {
Level string `toml:"level"`
MaxBackups int `toml:"max_backups"`
MaxSizeMB int `toml:"max_size_mb"`
Console bool `toml:"console"`
File bool `toml:"file"`
AccessLogging bool `toml:"access_logging"`
}
LogConfig is the configuration for the Logger
type MetadataConfig ¶
type MetadataConfig struct {
DBConnection string `toml:"db_connection"`
AutoUpgrade bool `toml:"auto_upgrade"`
AuditDBConnection string `toml:"audit_db_connection"`
IgnoreHigherVersion bool `toml:"ignore_higher_version"` // If true, ignore higher version of the metadata schema
FileCacheConnection string `toml:"file_cache_connection"` // The connection string for the file cache database
}
MetadataConfig is the configuration for the Metadata persistence layer
type NodeConfig ¶
type NotificationMessage ¶
type NotificationMessage struct {
MessageType string `json:"message_type"`
}
NotificationMessage is the message sent through the postgres listener
type Permission ¶
type Permission struct {
Plugin string `json:"plugin" toml:"plugin"`
Method string `json:"method" toml:"method"`
Arguments []string `json:"arguments" toml:"arguments"`
IsRead *bool `json:"is_read,omitempty" toml:"is_read,omitempty"` // Whether the call is a Read operation or Write operation.
// nil value means go with the default as set in the plugin code
Secrets [][]string `json:"secrets" toml:"secrets"` // The secrets that are allowed to be used in the call.
}
Permission represents a permission granted to an app to run a plugin method with the given arguments
type PermissionsConfig ¶ added in v0.16.21
type PermissionsConfig struct {
Allow []Permission `toml:"allow"` // the permissions that are allowed for all apps, without requiring explicit approval
FullAccess []string `toml:"full_access"` // the apps that have full access to all plugins
BindingSourcePerms []string `toml:"binding_source_perms"` // the binding sources that are allowed for all apps, without requiring explicit approval
}
PermissionsConfig is the permissions configuration for the server. This overrides the permissions configured in the app metadata.
type PluginContext ¶
type PluginContext struct {
Logger *Logger
AppId AppId
StoreInfo *starlark_type.StoreInfo
Config PluginSettings
AppConfig AppConfig
AppPath string
}
type PluginSettings ¶
type RBACConfig ¶ added in v0.14.10
type RBACConfig struct {
Enabled bool `json:"enabled"` // whether rbac is enabled
Groups map[string][]string `json:"groups"` // groups names to user ids. These groups are appended to the groups info from SAML
Roles map[string][]RBACPermission `json:"roles"` // role names to permissions.
Grants []RBACGrant `json:"grants"` // grants are used to grant permissions to users/groups for specific apps
}
type RBACPermission ¶ added in v0.14.10
type RBACPermission string
const ( PermissionList RBACPermission = "list" // list apps PermissionAccess RBACPermission = "access" // access apps )
type RegistryConfig ¶ added in v0.15.20
type RegistryConfig struct {
URL string `toml:"url"`
Project string `toml:"project"`
Type string `toml:"type"` // "", "ecr"
Username string `toml:"username"`
Password string `toml:"password"`
PasswordFile string `toml:"password_file"`
CAFile string `toml:"ca_file"`
ClientCertFile string `toml:"client_cert_file"`
ClientKeyFile string `toml:"client_key_file"`
Insecure bool `toml:"insecure"`
AWSRegion string `toml:"aws_region"`
}
type RequestError ¶
RequestError is the error returned by the API
func CreateRequestError ¶
func CreateRequestError(message string, code int) RequestError
func (RequestError) Error ¶
func (r RequestError) Error() string
type RunBindingCommandRequest ¶ added in v0.17.4
type RunBindingCommandRequest struct {
BindingName string `json:"binding_name"`
UseStaging bool `json:"use_staging"`
Command string `json:"command"`
}
RunBindingCommandRequest is the request body for running a command through a service binding account.
type SAMLConfig ¶ added in v0.15.3
type SAMLConfig struct {
MetadataURL string `toml:"metadata_url"`
GroupsAttr string `toml:"groups_attr"`
UsePost bool `toml:"use_post"` // whether to use POST binding
ForceAuthn bool `toml:"force_authn"` // whether to force authn
SPKeyFile string `toml:"sp_key_file"` // the SP key file to use
SPCertFile string `toml:"sp_cert_file"` // the SP cert file to use
}
type SecretConfig ¶
type SecurityConfig ¶
type SecurityConfig struct {
UnsafeAdminOverTCP bool `toml:"unsafe_admin_over_tcp"`
AdminPasswordBcrypt string `toml:"admin_password_bcrypt"`
AppDefaultAuthType string `toml:"app_default_auth_type"`
AuthRequired bool `toml:"auth_required"`
SessionMaxAge int `toml:"session_max_age"`
SessionHttpsOnly bool `toml:"session_https_only"`
TrustedProxies []string `toml:"trusted_proxies"`
CallbackUrl string `toml:"callback_url"`
DefaultGitAuth string `toml:"default_git_auth"`
StageEnableWriteAccess bool `toml:"stage_enable_write_access"`
PreviewEnableWriteAccess bool `toml:"preview_enable_write_access"`
AllowedContainerArgs map[string]string `toml:"allowed_container_args"` // the container args that are allowed to be used in the app config
AllowedMounts []string `toml:"allowed_mounts"` // the volume mounts paths that are allowed to be used in the app config
}
SecurityConfig is the security related configuration
type ServerConfig ¶
type ServerConfig struct {
GlobalConfig
Http HttpConfig `toml:"http"`
Https HttpsConfig `toml:"https"`
Security SecurityConfig `toml:"security"`
Metadata MetadataConfig `toml:"metadata"`
Log LogConfig `toml:"logging"`
Telemetry TelemetryConfig `toml:"telemetry"`
System SystemConfig `toml:"system"`
Registry RegistryConfig `toml:"registry"`
Builder BuilderConfig `toml:"builder"`
Kubernetes KubernetesConfig `toml:"kubernetes"`
GitAuth map[string]GitAuthEntry `toml:"git_auth"`
Plugins map[string]PluginSettings `toml:"plugin"`
Auth map[string]AuthConfig `toml:"auth"`
SAML map[string]SAMLConfig `toml:"saml"`
ClientAuth map[string]ClientCertConfig `toml:"client_auth"`
Secret map[string]SecretConfig `toml:"secret"`
Forward map[string]ForwardConfig `toml:"forward"`
ProfileMode string `toml:"profile_mode"`
AppConfig AppConfig `toml:"app_config"`
NodeConfig NodeConfig `toml:"node_config"`
Permissions PermissionsConfig `toml:"permissions"`
}
ServerConfig is the configuration for the OpenRun Server
type ServerId ¶
type ServerId string // the id of the server that sent the notification
var CurrentServerId ServerId // initialized in server.go init()
type Service ¶ added in v0.17.2
type Service struct {
Id string `json:"id"`
Name string `json:"name"`
ServiceType string `json:"service_type"`
IsDefault bool `json:"is_default"`
Staging string `json:"staging"`
Config map[string]string `json:"config"`
CreateTime time.Time `json:"create_time"`
UpdateTime time.Time `json:"update_time"`
}
Service is a service entry in the metadata database service is the admin level connection from which bindings are created
type SpecFiles ¶
SpecFiles is a map of file names to file data. JSON encoding uses base 64 encoding of file text
func (*SpecFiles) MarshalJSON ¶
func (*SpecFiles) UnmarshalJSON ¶
type StringValue ¶
type StringValue string
const (
StringValueUndefined StringValue = "<OPENRUN_UNDEFINED>"
)
type SyncCreateResponse ¶
type SyncDeleteResponse ¶
type SyncEntry ¶
type SyncEntry struct {
Id string `json:"id"`
Path string `json:"path"`
IsScheduled bool `json:"is_scheduled"` // whether this is a scheduled sync
UserID string `json:"user_id"`
CreateTime *time.Time `json:"create_time"`
Metadata SyncMetadata `json:"metadata"`
Status SyncJobStatus `json:"status"`
}
type SyncJobStatus ¶
type SyncJobStatus struct {
State string `json:"state"` // the state of the sync job
FailureCount int `json:"failure_count"` // the number of times the sync job has failed recently
LastExecutionTime time.Time `json:"last_execution_time"` // the last time the sync job was executed
Error string `json:"error"` // the error message if the sync job failed
CommitId string `json:"commit_id"` // the commit id of the sync job
IsApply bool `json:"is_apply"` // whether this is an apply job
ApplyResponse AppApplyResponse `json:"app_apply_response"` // the response of the apply job
}
type SyncListResponse ¶
type SyncListResponse struct {
Entries []*SyncEntry `json:"entries"`
}
type SyncMetadata ¶
type SyncMetadata struct {
GitBranch string `json:"git_branch"` // the git branch to sync from
GitAuth string `json:"git_auth"` // the git auth entry to use for the sync
Promote bool `json:"promote"` // whether this sync does a promote
Approve bool `json:"approve"` // whether this sync does an approve
Verify bool `json:"verify"` // whether this sync verifies container reloads
Reload string `json:"reload"` // which apps to reload after the sync
Clobber bool `json:"clobber"` // whether to force update the sync, overwriting non-declarative changes
ForceReload bool `json:"force_reload"` // whether to force reload even if there is no new commit
WebhookUrl string `json:"webhook_url"` // for webhook : the url to use
WebhookSecret string `json:"webhook_secret"` // for webhook : the secret to use
ScheduleFrequency int `json:"schedule_frequency"` // for scheduled: the frequency of the sync, every N minutes
}
type SystemConfig ¶
type SystemConfig struct {
TailwindCSSCommand string `toml:"tailwindcss_command"`
FileWatcherDebounceMillis int `toml:"file_watcher_debounce_millis"`
WatchIgnorePatterns []string `toml:"watch_ignore_patterns"`
NodePath string `toml:"node_path"`
ContainerCommand string `toml:"container_command"`
StaleContainerCleanupIntervalMins int `toml:"stale_container_cleanup_interval_mins"` // Interval for stale OpenRun container cleanup. Set <=0 to disable.
ContainerBuilder string `toml:"container_builder"`
DefaultDomain string `toml:"default_domain"`
RootServeListApps string `toml:"root_serve_list_apps"`
EnableCompression bool `toml:"enable_compression"`
HttpEventRetentionDays int `toml:"http_event_retention_days"`
NonHttpEventRetentionDays int `toml:"non_http_event_retention_days"`
AllowedEnv []string `toml:"allowed_env"` // List of environment variables that are allowed to be used in the node config
DefaultScheduleMins int `toml:"default_schedule_mins"` // Default schedule time in minutes for scheduled sync
MaxSyncFailureCount int `toml:"max_sync_failure_count"` // Max failure count for sync jobs
MaxConcurrentBuilds int `toml:"max_concurrent_builds"` // Max concurrent container builds
MaxBuildWaitSecs int `toml:"max_build_wait_secs"` // Max wait time for a build lock
EarlyHints bool `toml:"early_hints"` // enable early hints for HTML responses
LeaderElectionLeaseSecs int `toml:"leader_election_lease_secs"` // The lease time for the leader election
LeaderElectionHeartbeatIntervalSecs int `toml:"leader_election_heartbeat_interval_secs"` // The interval for the leader election heartbeat
FileWorkers int `toml:"file_workers"` // number of parallel workers for file compression during app version creation
ListAppsTitle string `toml:"list_apps_title"` // the title of the list apps page
ShowHostedWith bool `toml:"show_hosted_with"` // whether to show "Hosted with OpenRun" in the list apps page
FallbackUnknownDomains bool `toml:"fallback_unknown_domains"` // whether to fallback to default domain for unknown domains
ForwardAuthTimeoutSecs int `toml:"forward_auth_timeout_secs"` // timeout in seconds for forward auth requests. Defaults to 30 seconds.
BuilderAuthToken string `toml:"builder_auth_token"` // the token for the builder auth
// StageAt is the default staging mode for new prod apps. "domain" stages at domain level,
// "path" stages at path level, and any other value is treated as the staging domain.
// Defaults to "domain".
StageAt string `toml:"stage_at"`
DefaultStageDomain string `toml:"default_stage_domain"`
}
SystemConfig is the system level configuration
type TelemetryConfig ¶ added in v0.17.1
type TelemetryConfig struct {
Enabled bool `toml:"enabled"`
ServiceName string `toml:"service_name"`
Environment string `toml:"environment"`
Endpoint string `toml:"endpoint"`
Headers map[string]string `toml:"headers"`
Traces bool `toml:"traces"`
Metrics bool `toml:"metrics"`
// PluginSpans, when true, creates a span around each Starlark plugin
// invocation. Off by default because data-heavy apps may issue many
// plugin calls per request.
PluginSpans bool `toml:"plugin_spans"`
}
TelemetryConfig is the OpenTelemetry configuration.
type TokenCreateResponse ¶
type TokenDeleteResponse ¶
type TokenDeleteResponse struct {
DryRun bool `json:"dry_run"`
}
type TokenListResponse ¶
type TokenListResponse struct {
Tokens []AppToken `json:"tokens"`
}
type Transaction ¶
Transaction is a wrapper around sql.Tx
func (*Transaction) IsInitialized ¶
func (t *Transaction) IsInitialized() bool
type UpdateAppMetadataRequest ¶
type UpdateAppMetadataRequest struct {
Spec StringValue `json:"spec"`
ConfigType AppMetadataConfigType `json:"config_type"`
ConfigEntries []string `json:"config_entries"`
}
UpdateAppMetadataRequest is the request body for updating an app metadata
func CreateUpdateAppMetadataRequest ¶
func CreateUpdateAppMetadataRequest() UpdateAppMetadataRequest
type UpdateAppRequest ¶
type UpdateAppRequest struct {
AuthnType StringValue `json:"authn_type"`
GitAuthName StringValue `json:"git_auth_name"`
StageWriteAccess BoolValue `json:"stage_write_access"`
PreviewWriteAccess BoolValue `json:"preview_write_access"`
Spec StringValue `json:"spec"`
}
UpdateAppRequest is the request body for updating an app settings
func CreateUpdateAppRequest ¶
func CreateUpdateAppRequest() UpdateAppRequest
type UpdateBindingRequest ¶ added in v0.17.3
type UpdateBindingRequest struct {
Path string `json:"path"`
AddGrants []string `json:"add_grants"`
DeleteGrants []string `json:"delete_grants"`
}
UpdateBindingRequest is the request body for updating a binding. Binding updates are limited to grant changes.
type VersionMetadata ¶
type VersionMetadata struct {
Version int `json:"version"`
PreviousVersion int `json:"previous_version"`
GitBranch string `json:"git_branch"`
GitCommit string `json:"git_commit"`
GitMessage string `json:"git_message"`
ApplyInfo []byte `json:"apply_info"`
}
VersionMetadata contains the metadata for an app
type WebhookTokens ¶
type WebhookType ¶
type WebhookType string
const ( WebhookReload WebhookType = "reload" WebhookReloadPromote WebhookType = "reload_promote" WebhookPromote WebhookType = "promote" )