def __init__(self, backend_url=None, token=None):
"""
Args:
backend_url ([type], optional): Defaults to opal_client_config.SERVER_URL.
token ([type], optional): [description]. Defaults to opal_client_config.CLIENT_TOKEN.
"""
self._backend_url = backend_url or opal_client_config.SERVER_URL
self._token = token or opal_client_config.CLIENT_TOKEN
self._auth_headers = tuple_to_dict(
get_authorization_header(self._token))
def setup_publisher_task(
server_uri: str = None,
server_token: str = None,
) -> TopicPublisher:
server_uri = server_uri or opal_server_config.OPAL_WS_LOCAL_URL,
server_token = server_token or opal_server_config.OPAL_WS_TOKEN,
return ClientSideTopicPublisher(
client=PubSubClient(
extra_headers=[get_authorization_header(server_token)]),
server_uri=server_uri,
)
async def run():
# trigger an update
entries = [DataSourceEntry(url=DATA_URL)]
update = DataUpdate(reason="Test", entries=entries)
async with PubSubClient(server_uri=UPDATES_URL,
methods_class=TenantAwareRpcEventClientMethods,
extra_headers=[
get_authorization_header(
opal_client_config.CLIENT_TOKEN)
]) as client:
# Channel must be ready before we can publish on it
await asyncio.wait_for(client.wait_until_ready(), 5)
logging.info("Publishing data event")
await client.publish(DATA_TOPICS, data=update)
def __init__(self, default_data_url: str = None, token: str = None):
"""
Args:
default_data_url (str, optional): The URL used to fetch data if no specific url is given in a fetch request. Defaults to DEFAULT_DATA_URL.
token (str, optional): default auth token. Defaults to CLIENT_TOKEN.
"""
# defaults
default_data_url: str = default_data_url or opal_client_config.DEFAULT_DATA_URL
token: str = token or opal_client_config.CLIENT_TOKEN
# The underlying fetching engine
self._engine = FetchingEngine()
self._data_url = default_data_url
self._token = token
self._auth_headers = tuple_to_dict(get_authorization_header(token))
self._default_fetcher_config = HttpFetcherConfig(
headers=self._auth_headers, is_json=True)
def __init__(self,
token: str = None,
pubsub_url: str = None,
data_sources_config_url: str = None,
fetch_on_connect: bool = True,
data_topics: List[str] = None,
policy_store: BasePolicyStoreClient = None,
should_send_reports=None):
"""
Keeps policy-stores (e.g. OPA) up to date with relevant data
Obtains data configuration on startup from OPAL-server
Uses Pub/Sub to subscribe to data update events, and fetches (using FetchingEngine) data from sources.
Args:
token (str, optional): Auth token to include in connections to OPAL server. Defaults to CLIENT_TOKEN.
pubsub_url (str, optional): URL for Pub/Sub updates for data. Defaults to OPAL_SERVER_PUBSUB_URL.
data_sources_config_url (str, optional): URL to retrive base data configuration. Defaults to DEFAULT_DATA_SOURCES_CONFIG_URL.
fetch_on_connect (bool, optional): Should the update fetch basic data immediately upon connection/reconnection. Defaults to True.
data_topics (List[str], optional): Topics of data to fetch and subscribe to. Defaults to DATA_TOPICS.
policy_store (BasePolicyStoreClient, optional): Policy store client to use to store data. Defaults to DEFAULT_POLICY_STORE.
"""
# Defaults
token: str = token or opal_client_config.CLIENT_TOKEN
pubsub_url: str = pubsub_url or opal_client_config.SERVER_PUBSUB_URL
data_sources_config_url: str = data_sources_config_url or opal_client_config.DEFAULT_DATA_SOURCES_CONFIG_URL
# Should the client use the default data source to fetch on connect
self._fetch_on_connect = fetch_on_connect
# The policy store we'll save data updates into
self._policy_store = policy_store or DEFAULT_POLICY_STORE_GETTER()
# Pub/Sub topics we subscribe to for data updates
self._data_topics = data_topics if data_topics is not None else opal_client_config.DATA_TOPICS
self._should_send_reports = should_send_reports if should_send_reports is not None else opal_client_config.SHOULD_REPORT_ON_DATA_UPDATES
# The pub/sub client for data updates
self._client = None
# The task running the Pub/Sub subcribing client
self._subscriber_task = None
# Data fetcher
self._data_fetcher = DataFetcher()
self._token = token
self._server_url = pubsub_url
self._data_sources_config_url = data_sources_config_url
if self._token is None:
self._extra_headers = None
else:
self._extra_headers = [get_authorization_header(self._token)]
self._stopping = False
def setup_webhook_listener(
callback: TopicCallback,
server_uri: str = None,
server_token: str = None,
topic: Topic = "webhook",
) -> TopicListener:
# load defaults
server_uri = server_uri or opal_server_config.OPAL_WS_LOCAL_URL
server_token = server_token or opal_server_config.OPAL_WS_TOKEN
return TopicListener(
client=PubSubClient(
extra_headers=[get_authorization_header(server_token)]),
server_uri=server_uri,
topics=[topic],
callback=callback,
)
def __init__(
self,
token: str = None,
pubsub_url: str = None,
subscription_directories: List[str] = None,
policy_store: BasePolicyStoreClient = None,
):
"""inits the policy updater.
Args:
token (str, optional): Auth token to include in connections to OPAL server. Defaults to CLIENT_TOKEN.
pubsub_url (str, optional): URL for Pub/Sub updates for policy. Defaults to OPAL_SERVER_PUBSUB_URL.
subscription_directories (List[str], optional): directories in the policy source repo to subscribe to.
Defaults to POLICY_SUBSCRIPTION_DIRS. every time the directory is updated by a commit we will receive
a message on its respective topic. we dedups directories with ancestral relation, and will only
receive one message for each updated file.
policy_store (BasePolicyStoreClient, optional): Policy store client to use to store policy code. Defaults to DEFAULT_POLICY_STORE.
"""
# defaults
token: str = token or opal_client_config.CLIENT_TOKEN
pubsub_url: str = pubsub_url or opal_client_config.SERVER_PUBSUB_URL
subscription_directories: List[str] = subscription_directories or opal_client_config.POLICY_SUBSCRIPTION_DIRS
# The policy store we'll save policy modules into (i.e: OPA)
self._policy_store = policy_store or DEFAULT_POLICY_STORE_GETTER()
# pub/sub server url and authentication data
self._server_url = pubsub_url
self._token = token
if self._token is None:
self._extra_headers = None
else:
self._extra_headers = [get_authorization_header(self._token)]
# Pub/Sub topics we subscribe to for policy updates
self._topics = pubsub_topics_from_directories(subscription_directories)
# The pub/sub client for data updates
self._client = None
# The task running the Pub/Sub subcribing client
self._subscriber_task = None
self._stopping = False
# policy fetcher - fetches policy bundles
self._policy_fetcher = PolicyFetcher()
