This repository has been archived by the owner on May 23, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 22
/
config.proto
157 lines (145 loc) · 6.45 KB
/
config.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// If this file changes, regenerate dependent files via: `go generate ./...`
syntax = "proto3";
// $title: Apigee
// $description: Adapter for Apigee's distributed policy checks and analytics.
// $location: https://istio.io/docs/reference/config/policy-and-telemetry/adapters/apigee.html
// $provider: Apigee
// $contact_email:
// $support_link: https://apigee.com/about/support/portal
// $source_link: https://github.com/apigee/istio-mixer-adapter
// $latest_release_link: https://github.com/apigee/istio-mixer-adapter/releases
// $helm_chart_link:
// $istio_versions: "1.1.x, 1.2.x, 1.3.x"
// $supported_templates: authorization, analytics
// The Apigee Mixer adapter provides Apigee's distributed authentication and quota policy checks
// as well as the ingestion of Istio telemetry for analysis and reporting.
//
// Important: The adapter is provided in an enhanced Mixer image. The default Mixer image must be replaced and the
// proper CRDs must be applied in order to use these features. Complete Apigee documentation on the concepts and usage
// of this adapter is available on the [Apigee Adapter for Istio](https://docs.apigee.com/api-platform/istio-adapter/concepts)
// site. For more information and product support, please [contact Apigee support](https://apigee.com/about/support/portal).
//
// This adapter supports the [authorization template](https://istio.io/docs/reference/config/policy-and-telemetry/templates/authorization/)
// and Apigee's [analytics template](https://istio.io/docs/reference/config/policy-and-telemetry/templates/analytics/).
//
// Example config:
//
// ```yaml
// apiVersion: config.istio.io/v1alpha2
// kind: apigee
// metadata:
// name: apigee-handler
// namespace: istio-system
// spec:
// apigee_base: https://istioservices.apigee.net/edgemicro
// customer_base: https://myorg-test.apigee.net/istio-auth
// hybrid_config: /opt/apigee/customer/default.properties
// org_name: myorg
// env_name: test
// key: mykey
// secret: mysecret
// temp_dir: /tmp/apigee-istio
// client_timeout: 30s
// allowUnverifiedSSLCert: false
// products:
// refresh_rate: 2m
// analytics:
// legacy_endpoint: false
// file_limit: 1024
// auth:
// api_key_claim:
// api_key_cache_duration: 30m
// ```
package config;
option go_package="config";
import "gogoproto/gogo.proto";
import "google/protobuf/duration.proto";
option (gogoproto.goproto_getters_all) = false;
option (gogoproto.equal_all) = false;
option (gogoproto.gostring_all) = false;
// The Configuration for the Apigee adapter provides information on how the adapter should contact
// the Apigee proxies and how it should operate. Running the `apigee-istio provision` CLI command
// will ensure that all proxies are installed into your Apigee environment and generate this file
// with all required settings for you.
// For additional information on this adapter or support please contact anchor-prega-support@google.com.
message Params {
// Apigee Base is the URI for a shared proxy on Apigee.
// Required.
string apigee_base = 1;
// Customer Base is the URI for an organization-specific proxy on Apigee.
// Required.
string customer_base = 2;
// Org Name is the name of the organization on Apigee.
// Required.
string org_name = 3;
// Env Name is the name of the environment on Apigee.
// Required.
string env_name = 4;
// Key is used to authenticate to the Apigee proxy endpoints, generated during provisioning.
// Required.
string key = 5;
// Secret is used to authenticate to the Apigee proxy endpoints, generated during provisioning.
// Required.
string secret = 6;
// The local directory to be used by the adapter for temporary files.
// Optional. Default: "/tmp/apigee-istio".
string temp_dir = 7;
// The timeout to be used for adapter requests to Apigee servers.
// Optional. Default: "30s" (30 seconds).
google.protobuf.Duration client_timeout = 8;
// Set to true to allow an unknown server SSL Certificate (eg. self-signed)
// Optional. Default: false.
bool allowUnverifiedSSLCert = 9;
// Path to the local Apigee Hybrid configuration file.
// Optional. Presence indicates Hybrid environment, must not be set for SaaS or OPDK.
string hybrid_config = 10;
// Options specific to to products handling.
message product_options {
// The rate at which the list of products is refreshed from Apigee.
// Optional. Default: "2m" (2 minutes).
google.protobuf.Duration refresh_rate = 1;
}
// Options specific to to products handling.
product_options products = 15;
// Options specific to to analytics handling.
message analytics_options {
// If true, use legacy direct communication analytics protocol instead of buffering. Must be true for OPDK.
// Optional. Default: false.
bool legacy_endpoint = 1;
// The number of analytics files that can be buffered before oldest files are dropped.
// Optional. Default: 1024.
int64 file_limit = 2;
// The size of the channel used to buffer rfecord sends in memory.
// Optional. Default: 10.
int64 send_channel_size = 3;
// How often spooled analytics are swept and sent to Apigee.
// Optional. Default: "2m" (2 minutes).
google.protobuf.Duration collection_interval = 4;
}
// Options specific to to analytics handling.
analytics_options analytics = 16;
// Options specific to to auth handling.
message auth_options {
// The length of time API Keys are valid in the cache.
// Optional. Default: "30m" (30 minutes).
google.protobuf.Duration api_key_cache_duration = 1;
// The name of a JWT claim from which to look for an api_key.
// Optional. Default: none.
string api_key_claim = 2;
}
// Options specific to to auth handling.
auth_options auth = 17;
}