-
Notifications
You must be signed in to change notification settings - Fork 243
/
flags.go
98 lines (89 loc) · 3.35 KB
/
flags.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
// SPDX-License-Identifier: Apache-2.0
// Copyright Authors of Hubble
package config
import (
"github.com/cilium/hubble/pkg/defaults"
"github.com/spf13/pflag"
)
// Keys can be used to retrieve values from GlobalFlags and ServerFlags (e.g.
// when bound to a viper instance).
const (
// GlobalFlags keys.
KeyConfig = "config" // string
KeyDebug = "debug" // bool
// ServerFlags keys.
KeyServer = "server" // string
KeyTLS = "tls" // bool
KeyTLSAllowInsecure = "tls-allow-insecure" // bool
KeyTLSCACertFiles = "tls-ca-cert-files" // []string
KeyTLSClientCertFile = "tls-client-cert-file" // string
KeyTLSClientKeyFile = "tls-client-key-file" // string
KeyTLSServerName = "tls-server-name" // string
KeyBasicAuthUsername = "basic-auth-username" // string
KeyBasicAuthPassword = "basic-auth-password" // string
KeyTimeout = "timeout" // time.Duration
KeyRequestTimeout = "request-timeout" // time.Duration
)
// GlobalFlags are flags that apply to any command.
var GlobalFlags = pflag.NewFlagSet("global", pflag.ContinueOnError)
// ServerFlags are flags that configure how to connect to a Hubble server.
var ServerFlags = pflag.NewFlagSet("server", pflag.ContinueOnError)
func init() {
initGlobalFlags()
initServerFlags()
}
func initGlobalFlags() {
GlobalFlags.String(KeyConfig, defaults.ConfigFile, "Optional config file")
GlobalFlags.BoolP(KeyDebug, "D", false, "Enable debug messages")
}
func initServerFlags() {
ServerFlags.String(KeyServer, defaults.ServerAddress, "Address of a Hubble server. Ignored when --input-file is provided.")
ServerFlags.Duration(KeyTimeout, defaults.DialTimeout, "Hubble server dialing timeout")
ServerFlags.Duration(KeyRequestTimeout, defaults.RequestTimeout, "Unary Request timeout. Only applies to non-streaming RPCs (ServerStatus, ListNodes, ListNamespaces).")
ServerFlags.Bool(
KeyTLS,
false,
"Specify that TLS must be used when establishing a connection to a Hubble server.\r\n"+
"By default, TLS is only enabled if the server address starts with 'tls://'.",
)
ServerFlags.Bool(
KeyTLSAllowInsecure,
false,
"Allows the client to skip verifying the server's certificate chain and host name.\r\n"+
"This option is NOT recommended as, in this mode, TLS is susceptible to machine-in-the-middle attacks.\r\n"+
"See also the 'tls-server-name' option which allows setting the server name.",
)
ServerFlags.StringSlice(
KeyTLSCACertFiles,
nil,
"Paths to custom Certificate Authority (CA) certificate files."+
"The files must contain PEM encoded data.",
)
ServerFlags.String(
KeyTLSClientCertFile,
"",
"Path to the public key file for the client certificate to connect to a Hubble server (implies TLS).\r\n"+
"The file must contain PEM encoded data.",
)
ServerFlags.String(
KeyTLSClientKeyFile,
"",
"Path to the private key file for the client certificate to connect a Hubble server (implies TLS).\r\n"+
"The file must contain PEM encoded data.",
)
ServerFlags.String(
KeyTLSServerName,
"",
"Specify a server name to verify the hostname on the returned certificate (eg: 'instance.hubble-relay.cilium.io').",
)
ServerFlags.String(
KeyBasicAuthUsername,
"",
"Specify a username for basic auth",
)
ServerFlags.String(
KeyBasicAuthPassword,
"",
"Specify a password for basic auth",
)
}