forked from raystack/frontier
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.go
70 lines (50 loc) · 2.76 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package server
import (
"fmt"
"github.com/goto/shield/internal/store/inmemory"
)
type GRPCConfig struct {
Port int `mapstructure:"port" default:"8081"`
MaxRecvMsgSize int `mapstructure:"max_recv_msg_size" default:"33554432"`
MaxSendMsgSize int `mapstructure:"max_send_msg_size" default:"33554432"`
}
type ServiceDataConfig struct {
BootstrapEnabled bool `yaml:"bootstrap_enabled" mapstructure:"bootstrap_enabled" default:"true"`
MaxNumUpsertData int `yaml:"max_num_upsert_data" mapstructure:"max_num_upsert_data" default:"1"`
}
func (cfg Config) grpcAddr() string { return fmt.Sprintf("%s:%d", cfg.Host, cfg.GRPC.Port) }
type Config struct {
// port to listen HTTP requests on
Port int `yaml:"port" mapstructure:"port" default:"8080"`
// GRPC Config
GRPC GRPCConfig `mapstructure:"grpc"`
// metrics port
MetricsPort int `yaml:"metrics_port" mapstructure:"metrics_port" default:"9000"`
// the network interface to listen on
Host string `yaml:"host" mapstructure:"host" default:"127.0.0.1"`
Name string
// RulesPath is a directory path where ruleset is defined
// that this service should implement
RulesPath string `yaml:"ruleset" mapstructure:"ruleset"`
// RulesPathSecret could be a env name, file path or actual value required
// to access RulesPath files
RulesPathSecret string `yaml:"ruleset_secret" mapstructure:"ruleset_secret"`
// TODO might not suitable here because it is also being used by proxy
// Headers which will have user's email id
IdentityProxyHeader string `yaml:"identity_proxy_header" mapstructure:"identity_proxy_header" default:"X-Shield-Email"`
// Header which will have user_id
UserIDHeader string `yaml:"user_id_header" mapstructure:"user_id_header" default:"X-Shield-User-Id"`
// ResourcesPath is a directory path where resources is defined
// that this service should implement
ResourcesConfigPath string `yaml:"resources_config_path" mapstructure:"resources_config_path"`
// ResourcesPathSecretSecret could be a env name, file path or actual value required
// to access ResourcesPathSecretPath files
ResourcesConfigPathSecret string `yaml:"resources_config_path_secret" mapstructure:"resources_config_path_secret"`
// CheckAPILimit will have the maximum number of resource permissions that can be included
// in the resource permission check API. Default: 5
CheckAPILimit int `yaml:"check_api_limit" mapstructure:"check_api_limit" default:"5"`
DefaultSystemEmail string `yaml:"default_system_email" mapstructure:"default_system_email" default:"shield-service@gotocompany.com"`
ServiceData ServiceDataConfig `yaml:"service_data" mapstructure:"service_data"`
PublicAPIPrefix string `yaml:"public_api_prefix" mapstructure:"public_api_prefix" default:"/shield"`
CacheConfig inmemory.Config `yaml:"cache" mapstructure:"cache"`
}