Documentation
¶
Overview ¶
The scope of this file is: - Define the configuration struct. - Set default configuration values. - Map the data so viper can load the configuration there. See: https://articles.wesionary.team/environment-variable-configuration-in-your-golang-project-using-viper-4e8289ef664d See: https://consoledot.pages.redhat.com/docs/dev/getting-started/migration/config.html
Index ¶
Constants ¶
View Source
const ( // DefaultAppName is used to compose the route paths DefaultAppName = "idmsvc" // API URL path prefix DefaultPathPrefix = "/api/idmsvc/v1" // DefaultExpirationTime is used for the default token expiration period // expressed in seconds. The default value is set to 7200 (2 hours) DefaultTokenExpirationTimeSeconds = 7200 // HostconfJWKs expire after 90 days and get renewed when the last // token expires in less than 30 days. DefaultHostconfJwkValidity = time.Duration(90 * 24 * time.Hour) DefaultHostconfJwkRenewalThreshold = time.Duration(30 * 24 * time.Hour) // DefaultWebPort is the default port where the public API is listening DefaultWebPort = 8000 // DefaultEnableRBAC is true DefaultEnableRBAC = true // DefaultDatabaseMaxOpenConn is the default for max open database connections DefaultDatabaseMaxOpenConn = 30 // DefaultIdleTimeout 5 mins by default DefaultIdleTimeout = time.Duration(5 * time.Minute) // DefaultReadTimeout 3 seconds by default DefaultReadTimeout = time.Duration(3 * time.Second) // DefaultWriteTimeout 3 seconds by default DefaultWriteTimeout = time.Duration(3 * time.Second) // PaginationDefaultLimit is the default limit for the pagination PaginationDefaultLimit = 10 // PaginationMaxLimit is the default max limit for the pagination PaginationMaxLimit = 1000 // DefaultAcceptXRHFakeIdentity is disabled DefaultAcceptXRHFakeIdentity = false // DefaultValidateAPI is true DefaultValidateAPI = true // EnvSSLCertDirectory environment variable that provides // the paths for the CA certificates EnvSSLCertDirectory = "SSL_CERT_DIR" )
Variables ¶
View Source
var ( // DefaultSizeLimitRequestHeader in bytes. Default 32KB DefaultSizeLimitRequestHeader = (32 * 1024) // DefaultSizeLimitRequestBody in bytes. Default 128KB DefaultSizeLimitRequestBody = (128 * 1024) )
Functions ¶
func DefaultCloudwatchStream ¶
func DefaultCloudwatchStream() string
Types ¶
type Application ¶
type Application struct {
// Name is the internal application name
Name string `validate:"required"`
// API URL's path prefix, e.g. /api/idmsvc/v1
PathPrefix string `mapstructure:"url_path_prefix" validate:"required"`
// This is the default expiration time for the token
// generated when a RHEL IDM domain is created
TokenExpirationTimeSeconds int `mapstructure:"token_expiration_seconds" validate:"gte=600,lte=86400"`
// Expiration and renewal duration for hostconf JWKs
// TODO: short gte for local testing
HostconfJwkValidity time.Duration `mapstructure:"hostconf_jwk_validity" validate:"gte=1m,lte=8760h"`
HostconfJwkRenewalThreshold time.Duration `mapstructure:"hostconf_jwk_renewal_threshold" validate:"gte=1m,lte=2160h"`
// Indicate the default pagination limit when it is 0 or not filled
PaginationDefaultLimit int `mapstructure:"pagination_default_limit"`
// Indicate the max pagination limit when it is grather
PaginationMaxLimit int `mapstructure:"pagination_max_limit"`
// AcceptXRHFakeIdentity define when the fake middleware is added to the route
// to process the x-rh-fake-identity
AcceptXRHFakeIdentity bool `mapstructure:"accept_x_rh_fake_identity"`
// ValidateAPI indicate when the middleware to validate the API
// requests and responses is disabled; by default it is enabled.
ValidateAPI bool `mapstructure:"validate_api"`
// secret for various MAC and encryptions like domain registration
// token and encrypted private JWKs.
// Secrets are derived with HKDF-SHA256.
MainSecret string `mapstructure:"secret" validate:"required,base64rawurl" json:"-"`
// Flag to enable/disable rbac
EnableRBAC bool `mapstructure:"enable_rbac"`
// IdleTimeout for the API endpoints.
IdleTimeout time.Duration `mapstructure:"idle_timeout" validate:"gte=1ms,lte=5m"`
// ReadTimeout for the API endpoints.
ReadTimeout time.Duration `mapstructure:"read_timeout" validate:"gte=1ms,lte=10s"`
// WriteTimeout for the API endpoints.
WriteTimeout time.Duration `mapstructure:"write_timeout" validate:"gte=1ms,lte=10s"`
// SizeLimitRequestHeader for the API endpoints.
SizeLimitRequestHeader int `mapstructure:"size_limit_request_header"`
// SizeLimitRequestBody for the API endpoints.
SizeLimitRequestBody int `mapstructure:"size_limit_request_body"`
}
Application hold specific application settings
type Clients ¶
type Clients struct {
// RbacBaseURL is the base endpoint to launch RBAC requests.
RbacBaseURL string `mapstructure:"rbac_base_url"`
// PendoBaseURL is the base url to reach out the pendo API.
PendoBaseURL string `mapstructure:"pendo_base_url"`
// PendoAPIKey indicates the shared key to communicate with the API.
PendoAPIKey string `mapstructure:"pendo_api_key" json:"-"`
// PendoTrackEventKey indicates the shared key to communicate with the API
// for track events.
PendoTrackEventKey string `mapstructure:"pendo_track_event_key" json:"-"`
// PendoRequestTimeoutSecs indicates the timeout for every request.
PendoRequestTimeoutSecs int `mapstructure:"pendo_request_timeout_secs"`
}
Clients gather all the configuration to properly setup the third party services that idmsvc need to interact with.
type Cloudwatch ¶
type Config ¶
type Config struct {
Loaded bool
Web Web
Database Database
Logging Logging
Kafka Kafka
Metrics Metrics
Clients Clients
Application Application `mapstructure:"app"`
// Secrets is an untagged field and filled out on load
Secrets secrets.AppSecrets `mapstructure:"-" json:"-"`
}
type Kafka ¶
type Kafka struct {
Timeout int
Group struct {
Id string
}
Auto struct {
Offset struct {
Reset string
}
Commit struct {
Interval struct {
Ms int
}
}
}
Bootstrap struct {
Servers string
}
Topics []string
Sasl struct {
Username string
Password string `json:"-"`
Mechanism string
Protocol string
}
Request struct {
Timeout struct {
Ms int
}
Required struct {
Acks int
}
}
Capath string
Message struct {
Send struct {
Max struct {
Retries int
}
}
}
Retry struct {
Backoff struct {
Ms int
}
}
}
type Logging ¶
type Logging struct {
Level string
Console bool
Location bool
Type string
Cloudwatch Cloudwatch
}
type TopicTranslation ¶
type TopicTranslation struct {
// contains filtered or unexported fields
}
TopicMap is used to map between real and internal topics, this is it could be that the name we indicate for the topics into the clowderapp resource be different from the real created in kafka, so this type allow to preproce the mappings, and use them when needed to translate them into the producer and consumer functions
var TopicTranslationConfig *TopicTranslation = nil
It store the mapping between the internal topic managed by the service and the real topic managed by kafka
func NewTopicTranslationWithClowder ¶
func NewTopicTranslationWithClowder(cfg *clowder.AppConfig) *TopicTranslation
NewTopicTranslationWithClowder Build a topic map based into the clowder configuration.
func NewTopicTranslationWithDefaults ¶
func NewTopicTranslationWithDefaults() *TopicTranslation
NewDefaultTopicMap Build a default topic map that map all the allowed topics to itselfs Return A TopicMap initialized as default values
func (*TopicTranslation) GetInternal ¶
func (tm *TopicTranslation) GetInternal(realTopic string) string
GetInternal translate the name of a real topic to the internal topic name. This will be used by the consumers.
func (*TopicTranslation) GetReal ¶
func (tm *TopicTranslation) GetReal(internalTopic string) string
GetReal translate the name of an internal topic to the real topic name. This will be used by the producers. Returns empty string when the topic is not found into the translation map.
Source Files
Click to show internal directories.
Click to hide internal directories.