opa

package

v0.0.0-...-fa273ca Latest Latest Go to latest Published: Nov 18, 2019 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/meowdada/minio-debug

Documentation ¶

Index ¶

Constants
Variables
func SetPolicyOPAConfig(s config.Config, opaArgs Args)
type Args
- func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (Args, error)
- func (a *Args) UnmarshalJSON(data []byte) error
- func (a *Args) Validate() error
type Opa
- func New(args Args) *Opa
- func (o *Opa) IsAllowed(args iampolicy.Args) (bool, error)

Constants ¶

View Source

const (
	URL       = "url"
	AuthToken = "auth_token"

	EnvPolicyOpaURL       = "MINIO_POLICY_OPA_URL"
	EnvPolicyOpaAuthToken = "MINIO_POLICY_OPA_AUTH_TOKEN"
)

Env IAM OPA URL

View Source

const (
	EnvIamOpaURL       = "MINIO_IAM_OPA_URL"
	EnvIamOpaAuthToken = "MINIO_IAM_OPA_AUTHTOKEN"
)

Legacy OPA envs

Variables ¶

View Source

var (
	DefaultKVS = config.KVS{
		config.State:   config.StateOff,
		config.Comment: "This is a default OPA configuration",
		URL:            "",
		AuthToken:      "",
	}
)

DefaultKVS - default config for OPA config

View Source

var (
	Help = config.HelpKV{
		URL:            `Points to URL for OPA HTTP API endpoint. eg: "http://localhost:8181/v1/data/httpapi/authz/allow"`,
		AuthToken:      "Authorization token for the OPA HTTP API endpoint (optional)",
		config.State:   "Indicates if OPA policy is enabled or not",
		config.Comment: "A comment to describe the OPA policy setting",
	}
)

Help template for OPA policy feature.

Functions ¶

func SetPolicyOPAConfig ¶

func SetPolicyOPAConfig(s config.Config, opaArgs Args)

SetPolicyOPAConfig - One time migration code needed, for migrating from older config to new for PolicyOPAConfig.

Types ¶

type Args ¶

type Args struct {
	URL         *xnet.URL             `json:"url"`
	AuthToken   string                `json:"authToken"`
	Transport   http.RoundTripper     `json:"-"`
	CloseRespFn func(r io.ReadCloser) `json:"-"`
}

Args opa general purpose policy engine configuration.

func LookupConfig ¶

func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (Args, error)

LookupConfig lookup Opa from config, override with any ENVs.

func (*Args) UnmarshalJSON ¶

func (a *Args) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data.

func (*Args) Validate ¶

func (a *Args) Validate() error

Validate - validate opa configuration params.

type Opa ¶

type Opa struct {
	// contains filtered or unexported fields
}

Opa - implements opa policy agent calls.

func New ¶

func New(args Args) *Opa

New - initializes opa policy engine connector.

func (*Opa) IsAllowed ¶

func (o *Opa) IsAllowed(args iampolicy.Args) (bool, error)

IsAllowed - checks given policy args is allowed to continue the REST API.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL