diff --git a/.codecov.yml b/.codecov.yml index 4d8fa69..a67b77d 100644 --- a/.codecov.yml +++ b/.codecov.yml @@ -1,3 +1,6 @@ +# SPDX-FileCopyrightText: 2023 Comcast Cable Communications Management, LLC +# SPDX-License-Identifier: Apache-2.0 +--- coverage: range: 50..80 round: down diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 2fb3c9e..8764f8b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,13 +7,14 @@ updates: - package-ecosystem: "github-actions" directory: "/" schedule: - # Check for updates to GitHub Actions every week + # Check for updates to GitHub Actions every day interval: "daily" labels: - "dependencies" commit-message: prefix: "chore" include: "scope" + open-pull-requests-limit: 10 - package-ecosystem: gomod directory: / @@ -22,5 +23,6 @@ updates: labels: - "dependencies" commit-message: - prefix: "feat" + prefix: "chore" include: "scope" + open-pull-requests-limit: 10 diff --git a/.golangci.yaml b/.golangci.yaml index c27ff5d..7a91de0 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -2,6 +2,9 @@ linters-settings: misspell: locale: US + errorlint: + # Report non-wrapping error creation using fmt.Errorf + errorf: false linters: enable: @@ -32,8 +35,3 @@ issues: - path: main\.go # Accept sha1 for signature text: "G505:" - -linters-settings: - errorlint: - # Report non-wrapping error creation using fmt.Errorf - errorf: false \ No newline at end of file diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 0000000..c2053c9 --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,37 @@ +# SPDX-FileCopyrightText: 2024 Comcast Cable Communications Management, LLC +# SPDX-License-Identifier: Apache-2.0 +--- + +extends: default + +ignore: [] + +rules: + braces: + level: warning + max-spaces-inside: 1 + brackets: + level: warning + max-spaces-inside: 1 + colons: + level: warning + max-spaces-after: -1 + commas: + level: warning + comments: disable + comments-indentation: disable + document-start: + present: true + empty-lines: + max: 2 + hyphens: + max-spaces-after: 1 + indentation: + level: error + indent-sequences: consistent + line-length: + level: warning + max: 90 + allow-non-breakable-words: true + allow-non-breakable-inline-mappings: true + truthy: disable diff --git a/conf/svalinn.yaml b/conf/svalinn.yaml deleted file mode 120000 index edcc970..0000000 --- a/conf/svalinn.yaml +++ /dev/null @@ -1 +0,0 @@ -../svalinn.yaml \ No newline at end of file diff --git a/conf/svalinn.yaml b/conf/svalinn.yaml new file mode 100644 index 0000000..44eb883 --- /dev/null +++ b/conf/svalinn.yaml @@ -0,0 +1,476 @@ +--- + +# The unique fully-qualified-domain-name of the server. It is provided to +# the X-Svalinn-Server header for showing what server fulfilled the request +# sent. +# (Optional) +server: "svalinn-instance-123.example.com" + +######################################## +# Labeling/Tracing via HTTP Headers Configuration +######################################## + +# Provides this build number to the X-Svalinn-Build header for +# showing machine version information. The build number SHOULD +# match the scheme `version-build` but there is not a strict requirement. +# (Optional) +build: "0.1.3-434" + +# Provides the region information to the X-Svalinn-Region header +# for showing what region this machine is located in. The region +# is arbitrary and optional. +# (Optional) +region: "east" + +# Provides the flavor information to the X-Svalinn-Flavor header +# for showing what flavor this machine is associated with. The flavor +# is arbitrary and optional. +# (Optional) +flavor: "mint" + +######################################## +# Primary Endpoint Configuration +######################################## + +# primary defines the details needed for the primary endpoint. The +# primary endpoint accepts requests for events for a specific device id. +primary: + # address provides the port number for the endpoint to bind to. + # ":443" is ideal, but may require some special handling due to it being + # a reserved (by the kernel) port. + address: ":7100" + # HTTPS/TLS + # + # certificateFile provides the public key and CA chain in PEM format if + # TLS is used. Note: the certificate needs to match the fqdn for clients + # to accept without issue. + # + # keyFile provides the private key that matches the certificateFile + # (Optional) + # certificateFile: "/etc/svalinn/public.pem" + # keyFile: "/etc/svalinn/private.pem" + +######################################## +# Health Endpoint Configuration +######################################## + +# health defines the details needed for the health check endpoint. The +# health check endpoint is generally used by services (like AWS Route53 +# or consul) to determine if this particular machine is healthy or not. +health: + # port provides the port number for the endpoint to bind to. + # ":80" is ideal, but may require some special handling due to it being + # a reserved (by the kernel) port. + port: ":7101" + # endpoint provides the endpoint that will provide the health check + # information. + endpoint: "/health" + +######################################## +# Debugging/Pprof Configuration +######################################## + +# pprof defines the details needed for the pprof debug endpoint. +# (Optional) +pprof: + # address provides the port number for the endpoint to bind to. + address: ":7102" + +######################################## +# Metrics Configuration +######################################## + +# metric defines the details needed for the prometheus metrics endpoint +# (Optional) +metric: + # address provides the port number for the endpoint to bind to. Port 9389 + # was chosen because it does not conflict with any of the other prometheus + # metrics or other machines in the xmidt cluster. You may use any port you + # wish. + address: ":7103" + + # metricsOptions provides the details needed to configure the prometheus + # metric data. Metrics generally have the form: + # + # {namespace}_{subsystem}_{metric} + # + # so if you use the suggested value below, your metrics are prefixed like + # this: + # + # codex_svalinn_{metric} + # + # (Optional) + metricsOptions: + # namespace is the namespace of the metrics provided + # (Optional) + namespace: "codex" + # subsystem is the subsystem of the metrics provided + # (Optional) + subsystem: "svalinn" + +######################################## +# Logging Related Configuration +######################################## + +# log configures the logging subsystem details +log: + # file is the name of the most recent log file. If set to "stdout" this + # will log to os.Stdout. + # (Optional) defaults to os.TempDir() + #file: "/var/log/svalinn/svalinn.log" + file: "stdout" + + # level is the logging level to use - INFO, DEBUG, WARN, ERROR + # (Optional) defaults to ERROR + level: "ERROR" + + # maxsize is the maximum file size in MB + # (Optional) defaults to max 100MB + maxsize: 50 + + # maxage is the maximum number of days to retain old log files + # (Optional) defaults to ignore age limit (0) + maxage: 30 + + # maxbackups is the maximum number of old log files to retain + # (Optional) defaults to retain all (0) + maxbackups: 10 + + # json is a flag indicating whether JSON logging output should be used. + # (Optional) defaults to false + json: true + +######################################## +# Database Related Configuration +######################################## + +# db provides the configuration for connecting to the database and database +# calls. +db: + # hosts is and array of address and port used to connect to the cluster. + hosts: + - "db" + # database is the name of the database being connected to. + database: "devices" + # opTimeout is the timeout for database calls after svalinn is connected. + # If the opTimeout is set to 0, it defaults to 10s. + # (Optional) defaults to 10s + opTimeout: 100ms + +# # username is the username to use when connecting to the database. +# # (Optional) +# username: "cassandra" +# +# # password is the password to use when connecting to the database. +# # (Optional) +# password: "cassandra" +# +# # SSLRootCert is the root cert to use when connecting to the database. +# # The SSLKey and SSLCert must also be provided in order to connect securely. +# # (Optional) +# #sslRootCert: "/etc/svalinn/ca.crt" +# +# # SSLKey is the SSL key to use when connecting to the database. The +# # SSLRootCert and SSLCert must also be provided in order to connect securely. +# # (Optional) +# #sslKey: "/etc/svalinn/node.0.0.0.0.key" +# +# # SSLCert is the SSL cert to use when connecting to the database. The SSLKey +# # and SSLRootCert must also be provided in order to connect securely. +# # (Optional) +# #sslCert: "/etc/svalinn/node.0.0.0.0.crt" +# +# # If you want to verify the hostname and server cert (like a wildcard for cass cluster) then you should turn this on +# # This option is basically the inverse of InSecureSkipVerify +# # See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info +# # (Optional) defaults to false +# #enableHostVerification: false + +# insertRetries provides the information needed for making multiple attempts to +# insert the same batch of records. This gets populated into the backoff +# package's ExponentialBackoff struct. Read more about that here: +# https://godoc.org/gopkg.in/cenkalti/backoff.v3#ExponentialBackOff +insertRetries: + # initialInterval provides the initial amount of time to wait in between + # attempts to query the database. Has no effect if maxElapsedTime is less + # than 0. + # (Optional) defaults to 500ms + initialInterval: 500ms + + # randomizationFactor provides the "jitter" amount to be used when + # calculating the amount of time to wait before the next retry. Has no + # effect if maxElapsedTime is less than 0. + # (Optional) defaults to 0.5 + randomizationFactor: 0.05 + + # multiplier provides the number to multiply the initialInterval by between + # each attempt. Has no effect if maxElapsedTime is less than 0. + # (Optional) defaults to 1.5 + multiplier: 5 + + # maxInterval is the maximum amount of time that can be waited for between + # each attempt. Has no effect if maxElapsedTime is less than 0. + # (Optional) defaults to 60s + maxInterval: 11s + + # maxElapsedTime is the maximum amount of time to continue attempting to + # insert into the database. If an attempt is currently ongoing, it may + # continue, but no new attempts will be started past the time given. If + # this value is set below 0, svalinn will attempt to insert only once, with + # no retries. + # defaults to 15m + maxElapsedTime: 30s + +# batchInserter provides the information needed for inserting multiple records +# in one query. +# (Optional) +batchInserter: + # queueSize provides the max number of records that can be stored on the + # queue. Once records are taken off the queue, they are batched together and + # inserted. If a value below 5 is chosen, it defaults to 5. + # (Optional) defaults to 5 + queueSize: 3000 + + # maxWorkers provides the maximum number of workers that can work on + # inserting batches of records at one time. If a value below 1 is chosen, + # it defaults to 5. + # (Optional) defaults to 5 + maxWorkers: 1000 + + # maxBatchSize provides the maximum number of records that can be grouped + # together in a single insert. If a value below 0 is chosen, it defaults to + # 1. If the 0 value is chosen, there is no maximum and records are batched + # together until the maxBatchWaitTime is reached. + # (Optional) defaults to 1 + maxBatchSize: 30 + + # maxBatchWaitTime provides the maximum amount of time to wait once the first + # record in a batch is received. If a value below 0s is chosen, it defaults to + # 0s. + # (Optional) + maxBatchWaitTime: 10ms + +######################################## +# Encryption Related Configuration +######################################## + +# cipher tells svalinn what type of encryption it should be prepared to +# encrypt. This list is used to encrypt the events being inserted the database. +# If there is no encryption, use the "none" configuration below. Svalinn uses +# the first cipher on the list that loads successfully. +cipher: + - # type is the type of encryption. + type: rsa-sym + + # kid is a further identifier for what kind of encryption should be used. + kid: "basic-sha" + + # params are further information for a type of encryption. + # (Optional) + params: + hash: SHA512 + + # keys are the keys to use for this form of encryption. + # (Optional) + keys: + publicKey: "/etc/svalinn/public.pem" + + - # type is the type of encryption. + type: none + + # kid is the a further identifier for what kind of encryption should be used. + kid: none + +######################################## +# Event Parsing Related Configuration +######################################## + +# endpoint provides the endpoint to listen for events at, which is added to the +# api base (a constant in the code). +endpoint: "/device-status" + +# requestParser provides the information needed for starting the parser, which +# turns events into records. +# (Optional) +requestParser: + # queueSize provides the maximum number of events that can be added to the + # queue. Once events are taken off the queue, they are parsed into records. + # If a value below 5 is chosen, it defaults to 5. + # (Optional) defaults to 5 + queueSize: 3000 + + # maxWorkers provides the maximum number of workers parsing events at a + # time. If a value below 5 is chosen, it defaults to 5. + # (Optional) defaults to 5 + maxWorkers: 10000 + + # metadataMaxSize provides the number of bytes that the marshaled metadata of + # an event must not exceed. If the metadata is larger than that, it is removed + # from the event before the event is put in a record. If a value below 0 is + # chosen, it defaults to 0. + # (Optional) + metadataMaxSize: 1000 + + # payloadMaxSize provides the number of bytes that the payload of an event must + # not exceed. If the payload is larger than that, it is removed from the event + # before the events is put in a record. If a value below 0 is chosen, it + # defaults to 0. + # (Optional) + payloadMaxSize: 1000 + + # defaultTTL provides the amount of time a record is kept in the database + # before it is removed. This TTL is for any event that doesn't have a rule + # with a TTL specified. If 0 is chosen, it defaults to 5m. + # (Optional) defaults to 5m + defaultTTL: 5s + + # regexRules provides rules for events whose destinations match the regular + # expression. If the event matches the regex of a rule, Svalinn gets + # instructions on whether or not to store the event's payload (storePayload), + # what the event type should be (eventType), and how long the record should + # live in the database (ruleTTL). If no rules are provided, the payload isn't + # stored, the event type is the default, and the record's TTL is the defaultTTL. + # Svalinn uses the first rule whose regex matches an event's destination. + # + # The eventType indicates where to find the device id in the event. If the + # event type is "State", the device id is parsed out of the event Destination. + # Otherwise, the event Source is used as the device id. + # eventType options: "State", "Default" + # + # (Optional) + regexRules: + - regex: ".*/online$" + storePayload: true + ruleTTL: 30s + eventType: "State" + - regex: ".*/offline$" + storePayload: true + ruleTTL: 30s + eventType: "State" + +# blacklistInterval provides how often Svalinn should get the blacklist from +# the database. If a device id matches a regular expression on the blacklist, +# that event isn't inserted into the database. If 0s is chosen, it defaults to +# 1m. +# (Oprional) defaults to 1m +blacklistInterval: 1m + +######################################## +# Authorization Related Configuration +######################################## + +# secret contains information for finding the secret on incoming requests. If +# both header and webhook secret are empty, no authentication is done on +# incoming requests to Svalinn. Otherwise, the value at the header provided +# should hold a sha1 hash of the request body. It should be in the format: +# +# Sha1 +# +# (Optional) +secret: + # header provides the header key where the hash is expected. + # (Optional) + header: "X-Webpa-Signature" + + # delimiter provides the string that is expected between "Sha1" and the hash. + # (Optional) + delimiter: "=" + +######################################## +# Webhook Registration Related Configuration +######################################## + +# webhook provides the information needed to register to a webhook. If the +# urls and event regex aren't empty and the interval is greater than 0, +# registration occurs. +# (Optional) +webhook: + # registrationInterval provides the time to wait between each registration to + # the webhook. If this is set to 0, no registration is done. + # (Optional) + registrationInterval: "4m" + + # timeout provides the length of time the request should wait before timing + # out. + timeout: "1m" + + # registrationURL provides the place to register the webhook. + registrationURL: "https://127.0.0.1:6000/hook" + + # request provides the information passed in the webhook registration request. + request: + # config provides configuration values for the requests to the webhook + # receiver. + config: + # url provides the server the webhook should send the events to. If this + # value isn't set, no registration happens. + url: "http://host.docker.internal:8181/api/v1/device-status" + + # contentType provides the content type Svalinn expects from the requests + # it receives. + # (Optional) defaults to "wrp" + #contentType: "wrp" + + # secret provides the key for hashing the messages the webhook sends. + # If this is empty, no authentication is done later for incoming requests + # to Svalinn. + # (Optional) + secret: "super secret" + + # maxRetryCount is the number of times to retry on a failure. + # (Optional) + maxRetryCount: 3 + + # alternativeURLs provides endpoints to round robin through on a failure + # to send an event. This is only used if the maxRetryCount is greater + # than 0. + # (Optional) + #AlternativeURLs: [] + + # events provides a list of regular expressions that tells the webhook + # which endpoints to send to Svalinn. If the destination of an event + # matches a regular expression in this list, it is sent to Svalinn + events: ["device-status.*"] + + # matcher provides regular expressions to match against the event source. + # (Optional) default is [".*"] + # matcher: + # deviceID: [".*"] + + # the below configuration values provide a way to add an Authorization header + # to the request to the webhook. If both basic and sat contain empty values, + # no header is sent. sat takes priority over basic if both are set. + + # basic provides a way to use Basic Authorization when registering to a + # webhook. If this value is provided and sat isn't, the following header is + # added to the registration request: + # + # Authorization Basic {basic} + # + # (Optional) + basic: "" + + # jwt provides a way to use Bearer Authorization when registering to a + # webhook. If the below values are all provided, a request is made to the + # URL to get the token to be used in the registration request. The + # header would look like: + # + # Authorization Bearer {token} + # + # (Optional) + jwt: + # requestHeaders are added to the request for the token. + # (Optional) + # requestHeaders: + # "": "" + + # authURL is the URL to access for the token. + authURL: "" + + # timeout is how long the request to get the token will take before + # timing out. + timeout: "1m" + + # buffer is the length of time before a token expires to get a new token. + # (Optional) + buffer: "5s" diff --git a/deploy/packaging/svalinn_spruce.yaml b/deploy/packaging/svalinn_spruce.yaml index 757ad9f..cf5d3db 100644 --- a/deploy/packaging/svalinn_spruce.yaml +++ b/deploy/packaging/svalinn_spruce.yaml @@ -44,7 +44,7 @@ primary: # ":443" is ideal, but may require some special handling due to it being # a reserved (by the kernel) port. address: ":7100" - # HTTPS/TLS + # HTTPS/TLS # # certificateFile provides the public key and CA chain in PEM format if # TLS is used. Note: the certificate needs to match the fqdn for clients @@ -67,7 +67,7 @@ health: # ":80" is ideal, but may require some special handling due to it being # a reserved (by the kernel) port. port: ":7101" - # endpoint provides the endpoint that will provide the health check + # endpoint provides the endpoint that will provide the health check # information. endpoint: "/health" @@ -149,7 +149,7 @@ log: # Database Related Configuration ######################################## -# db provides the configuration for connecting to the database and database +# db provides the configuration for connecting to the database and database # calls. db: # hosts is and array of address and port used to connect to the cluster. @@ -191,66 +191,66 @@ db: # # (Optional) defaults to false # #enableHostVerification: false -# insertRetries provides the information needed for making multiple attempts to -# insert the same batch of records. This gets populated into the backoff +# insertRetries provides the information needed for making multiple attempts to +# insert the same batch of records. This gets populated into the backoff # package's ExponentialBackoff struct. Read more about that here: # https://godoc.org/gopkg.in/cenkalti/backoff.v3#ExponentialBackOff insertRetries: - # initialInterval provides the initial amount of time to wait in between - # attempts to query the database. Has no effect if maxElapsedTime is less + # initialInterval provides the initial amount of time to wait in between + # attempts to query the database. Has no effect if maxElapsedTime is less # than 0. # (Optional) defaults to 500ms initialInterval: 500ms - # randomizationFactor provides the "jitter" amount to be used when - # calculating the amount of time to wait before the next retry. Has no + # randomizationFactor provides the "jitter" amount to be used when + # calculating the amount of time to wait before the next retry. Has no # effect if maxElapsedTime is less than 0. # (Optional) defaults to 0.5 randomizationFactor: 0.05 - # multiplier provides the number to multiply the initialInterval by between + # multiplier provides the number to multiply the initialInterval by between # each attempt. Has no effect if maxElapsedTime is less than 0. # (Optional) defaults to 1.5 multiplier: 5 - # maxInterval is the maximum amount of time that can be waited for between + # maxInterval is the maximum amount of time that can be waited for between # each attempt. Has no effect if maxElapsedTime is less than 0. # (Optional) defaults to 60s maxInterval: 11s - # maxElapsedTime is the maximum amount of time to continue attempting to - # insert into the database. If an attempt is currently ongoing, it may - # continue, but no new attempts will be started past the time given. If - # this value is set below 0, svalinn will attempt to insert only once, with + # maxElapsedTime is the maximum amount of time to continue attempting to + # insert into the database. If an attempt is currently ongoing, it may + # continue, but no new attempts will be started past the time given. If + # this value is set below 0, svalinn will attempt to insert only once, with # no retries. # defaults to 15m maxElapsedTime: 30s -# batchInserter provides the information needed for inserting multiple records +# batchInserter provides the information needed for inserting multiple records # in one query. # (Optional) batchInserter: - # queueSize provides the max number of records that can be stored on the - # queue. Once records are taken off the queue, they are batched together and + # queueSize provides the max number of records that can be stored on the + # queue. Once records are taken off the queue, they are batched together and # inserted. If a value below 5 is chosen, it defaults to 5. # (Optional) defaults to 5 queueSize: 3000 - # maxWorkers provides the maximum number of workers that can work on + # maxWorkers provides the maximum number of workers that can work on # inserting batches of records at one time. If a value below 1 is chosen, # it defaults to 5. # (Optional) defaults to 5 maxWorkers: 1000 - # maxBatchSize provides the maximum number of records that can be grouped + # maxBatchSize provides the maximum number of records that can be grouped # together in a single insert. If a value below 0 is chosen, it defaults to - # 1. If the 0 value is chosen, there is no maximum and records are batched + # 1. If the 0 value is chosen, there is no maximum and records are batched # together until the maxBatchWaitTime is reached. # (Optional) defaults to 1 maxBatchSize: 30 - # maxBatchWaitTime provides the maximum amount of time to wait once the first - # record in a batch is received. If a value below 0s is chosen, it defaults to + # maxBatchWaitTime provides the maximum amount of time to wait once the first + # record in a batch is received. If a value below 0s is chosen, it defaults to # 0s. # (Optional) maxBatchWaitTime: 10ms @@ -259,9 +259,9 @@ batchInserter: # Encryption Related Configuration ######################################## -# cipher tells svalinn what type of encryption it should be prepared to +# cipher tells svalinn what type of encryption it should be prepared to # encrypt. This list is used to encrypt the events being inserted the database. -# If there is no encryption, use the "none" configuration below. Svalinn uses +# If there is no encryption, use the "none" configuration below. Svalinn uses # the first cipher on the list that loads successfully. cipher: - # type is the type of encryption. @@ -290,57 +290,57 @@ cipher: # Event Parsing Related Configuration ######################################## -# endpoint provides the endpoint to listen for events at, which is added to the +# endpoint provides the endpoint to listen for events at, which is added to the # api base (a constant in the code). endpoint: "/device-status" -# requestParser provides the information needed for starting the parser, which +# requestParser provides the information needed for starting the parser, which # turns events into records. # (Optional) requestParser: - # queueSize provides the maximum number of events that can be added to the - # queue. Once events are taken off the queue, they are parsed into records. + # queueSize provides the maximum number of events that can be added to the + # queue. Once events are taken off the queue, they are parsed into records. # If a value below 5 is chosen, it defaults to 5. # (Optional) defaults to 5 queueSize: 3000 - # maxWorkers provides the maximum number of workers parsing events at a + # maxWorkers provides the maximum number of workers parsing events at a # time. If a value below 5 is chosen, it defaults to 5. # (Optional) defaults to 5 maxWorkers: 10000 - # metadataMaxSize provides the number of bytes that the marshaled metadata of - # an event must not exceed. If the metadata is larger than that, it is removed - # from the event before the event is put in a record. If a value below 0 is + # metadataMaxSize provides the number of bytes that the marshaled metadata of + # an event must not exceed. If the metadata is larger than that, it is removed + # from the event before the event is put in a record. If a value below 0 is # chosen, it defaults to 0. # (Optional) metadataMaxSize: 1000 - # payloadMaxSize provides the number of bytes that the payload of an event must - # not exceed. If the payload is larger than that, it is removed from the event - # before the events is put in a record. If a value below 0 is chosen, it + # payloadMaxSize provides the number of bytes that the payload of an event must + # not exceed. If the payload is larger than that, it is removed from the event + # before the events is put in a record. If a value below 0 is chosen, it # defaults to 0. # (Optional) payloadMaxSize: 1000 - # defaultTTL provides the amount of time a record is kept in the database - # before it is removed. This TTL is for any event that doesn't have a rule + # defaultTTL provides the amount of time a record is kept in the database + # before it is removed. This TTL is for any event that doesn't have a rule # with a TTL specified. If 0 is chosen, it defaults to 5m. # (Optional) defaults to 5m defaultTTL: 5s - # regexRules provides rules for events whose destinations match the regular - # expression. If the event matches the regex of a rule, Svalinn gets - # instructions on whether or not to store the event's payload (storePayload), - # what the event type should be (eventType), and how long the record should - # live in the database (ruleTTL). If no rules are provided, the payload isn't - # stored, the event type is the default, and the record's TTL is the defaultTTL. + # regexRules provides rules for events whose destinations match the regular + # expression. If the event matches the regex of a rule, Svalinn gets + # instructions on whether or not to store the event's payload (storePayload), + # what the event type should be (eventType), and how long the record should + # live in the database (ruleTTL). If no rules are provided, the payload isn't + # stored, the event type is the default, and the record's TTL is the defaultTTL. # Svalinn uses the first rule whose regex matches an event's destination. # - # The eventType indicates where to find the device id in the event. If the + # The eventType indicates where to find the device id in the event. If the # event type is "State", the device id is parsed out of the event Destination. # Otherwise, the event Source is used as the device id. - # eventType options: "State", "Default" + # eventType options: "State", "Default" # # (Optional) regexRules: @@ -353,9 +353,9 @@ requestParser: ruleTTL: 30s eventType: "State" -# blacklistInterval provides how often Svalinn should get the blacklist from -# the database. If a device id matches a regular expression on the blacklist, -# that event isn't inserted into the database. If 0s is chosen, it defaults to +# blacklistInterval provides how often Svalinn should get the blacklist from +# the database. If a device id matches a regular expression on the blacklist, +# that event isn't inserted into the database. If 0s is chosen, it defaults to # 1m. # (Oprional) defaults to 1m blacklistInterval: 1m @@ -364,10 +364,10 @@ blacklistInterval: 1m # Authorization Related Configuration ######################################## -# secret contains information for finding the secret on incoming requests. If -# both header and webhook secret are empty, no authentication is done on -# incoming requests to Svalinn. Otherwise, the value at the header provided -# should hold a sha1 hash of the request body. It should be in the format: +# secret contains information for finding the secret on incoming requests. If +# both header and webhook secret are empty, no authentication is done on +# incoming requests to Svalinn. Otherwise, the value at the header provided +# should hold a sha1 hash of the request body. It should be in the format: # # Sha1 # @@ -385,17 +385,17 @@ secret: # Webhook Registration Related Configuration ######################################## -# webhook provides the information needed to register to a webhook. If the -# urls and event regex aren't empty and the interval is greater than 0, +# webhook provides the information needed to register to a webhook. If the +# urls and event regex aren't empty and the interval is greater than 0, # registration occurs. # (Optional) webhook: - # registrationInterval provides the time to wait between each registration to + # registrationInterval provides the time to wait between each registration to # the webhook. If this is set to 0, no registration is done. # (Optional) registrationInterval: "4m" - # timeout provides the length of time the request should wait before timing + # timeout provides the length of time the request should wait before timing # out. timeout: "1m" @@ -404,20 +404,20 @@ webhook: # request provides the information passed in the webhook registration request. request: - # config provides configuration values for the requests to the webhook + # config provides configuration values for the requests to the webhook # receiver. config: - # url provides the server the webhook should send the events to. If this + # url provides the server the webhook should send the events to. If this # value isn't set, no registration happens. url: "http://host.docker.internal:8181/api/v1/device-status" - # contentType provides the content type Svalinn expects from the requests + # contentType provides the content type Svalinn expects from the requests # it receives. # (Optional) defaults to "wrp" #contentType: "wrp" - # secret provides the key for hashing the messages the webhook sends. - # If this is empty, no authentication is done later for incoming requests + # secret provides the key for hashing the messages the webhook sends. + # If this is empty, no authentication is done later for incoming requests # to Svalinn. # (Optional) secret: "super secret" @@ -426,14 +426,14 @@ webhook: # (Optional) maxRetryCount: 3 - # alternativeURLs provides endpoints to round robin through on a failure - # to send an event. This is only used if the maxRetryCount is greater + # alternativeURLs provides endpoints to round robin through on a failure + # to send an event. This is only used if the maxRetryCount is greater # than 0. # (Optional) #AlternativeURLs: [] - # events provides a list of regular expressions that tells the webhook - # which endpoints to send to Svalinn. If the destination of an event + # events provides a list of regular expressions that tells the webhook + # which endpoints to send to Svalinn. If the destination of an event # matches a regular expression in this list, it is sent to Svalinn events: ["device-status.*"] @@ -442,12 +442,12 @@ webhook: # matcher: # deviceID: [".*"] - # the below configuration values provide a way to add an Authorization header - # to the request to the webhook. If both basic and sat contain empty values, + # the below configuration values provide a way to add an Authorization header + # to the request to the webhook. If both basic and sat contain empty values, # no header is sent. sat takes priority over basic if both are set. - # basic provides a way to use Basic Authorization when registering to a - # webhook. If this value is provided and sat isn't, the following header is + # basic provides a way to use Basic Authorization when registering to a + # webhook. If this value is provided and sat isn't, the following header is # added to the registration request: # # Authorization Basic {basic} @@ -455,13 +455,13 @@ webhook: # (Optional) basic: "" - # jwt provides a way to use Bearer Authorization when registering to a - # webhook. If the below values are all provided, a request is made to the - # URL to get the token to be used in the registration request. The - # header would look like: - # + # jwt provides a way to use Bearer Authorization when registering to a + # webhook. If the below values are all provided, a request is made to the + # URL to get the token to be used in the registration request. The + # header would look like: + # # Authorization Bearer {token} - # + # # (Optional) jwt: # requestHeaders are added to the request for the token. @@ -472,7 +472,7 @@ webhook: # authURL is the URL to access for the token. authURL: "" - # timeout is how long the request to get the token will take before + # timeout is how long the request to get the token will take before # timing out. timeout: "1m" diff --git a/svalinn.yaml b/svalinn.yaml index 44e6beb..44eb883 100644 --- a/svalinn.yaml +++ b/svalinn.yaml @@ -1,7 +1,7 @@ --- -# The unique fully-qualified-domain-name of the server. It is provided to -# the X-Svalinn-Server header for showing what server fulfilled the request +# The unique fully-qualified-domain-name of the server. It is provided to +# the X-Svalinn-Server header for showing what server fulfilled the request # sent. # (Optional) server: "svalinn-instance-123.example.com" @@ -39,7 +39,7 @@ primary: # ":443" is ideal, but may require some special handling due to it being # a reserved (by the kernel) port. address: ":7100" - # HTTPS/TLS + # HTTPS/TLS # # certificateFile provides the public key and CA chain in PEM format if # TLS is used. Note: the certificate needs to match the fqdn for clients @@ -62,7 +62,7 @@ health: # ":80" is ideal, but may require some special handling due to it being # a reserved (by the kernel) port. port: ":7101" - # endpoint provides the endpoint that will provide the health check + # endpoint provides the endpoint that will provide the health check # information. endpoint: "/health" @@ -144,7 +144,7 @@ log: # Database Related Configuration ######################################## -# db provides the configuration for connecting to the database and database +# db provides the configuration for connecting to the database and database # calls. db: # hosts is and array of address and port used to connect to the cluster. @@ -186,66 +186,66 @@ db: # # (Optional) defaults to false # #enableHostVerification: false -# insertRetries provides the information needed for making multiple attempts to -# insert the same batch of records. This gets populated into the backoff +# insertRetries provides the information needed for making multiple attempts to +# insert the same batch of records. This gets populated into the backoff # package's ExponentialBackoff struct. Read more about that here: # https://godoc.org/gopkg.in/cenkalti/backoff.v3#ExponentialBackOff insertRetries: - # initialInterval provides the initial amount of time to wait in between - # attempts to query the database. Has no effect if maxElapsedTime is less + # initialInterval provides the initial amount of time to wait in between + # attempts to query the database. Has no effect if maxElapsedTime is less # than 0. # (Optional) defaults to 500ms initialInterval: 500ms - # randomizationFactor provides the "jitter" amount to be used when - # calculating the amount of time to wait before the next retry. Has no + # randomizationFactor provides the "jitter" amount to be used when + # calculating the amount of time to wait before the next retry. Has no # effect if maxElapsedTime is less than 0. # (Optional) defaults to 0.5 randomizationFactor: 0.05 - # multiplier provides the number to multiply the initialInterval by between + # multiplier provides the number to multiply the initialInterval by between # each attempt. Has no effect if maxElapsedTime is less than 0. # (Optional) defaults to 1.5 multiplier: 5 - # maxInterval is the maximum amount of time that can be waited for between + # maxInterval is the maximum amount of time that can be waited for between # each attempt. Has no effect if maxElapsedTime is less than 0. # (Optional) defaults to 60s maxInterval: 11s - # maxElapsedTime is the maximum amount of time to continue attempting to - # insert into the database. If an attempt is currently ongoing, it may - # continue, but no new attempts will be started past the time given. If - # this value is set below 0, svalinn will attempt to insert only once, with + # maxElapsedTime is the maximum amount of time to continue attempting to + # insert into the database. If an attempt is currently ongoing, it may + # continue, but no new attempts will be started past the time given. If + # this value is set below 0, svalinn will attempt to insert only once, with # no retries. # defaults to 15m maxElapsedTime: 30s -# batchInserter provides the information needed for inserting multiple records +# batchInserter provides the information needed for inserting multiple records # in one query. # (Optional) batchInserter: - # queueSize provides the max number of records that can be stored on the - # queue. Once records are taken off the queue, they are batched together and + # queueSize provides the max number of records that can be stored on the + # queue. Once records are taken off the queue, they are batched together and # inserted. If a value below 5 is chosen, it defaults to 5. # (Optional) defaults to 5 queueSize: 3000 - # maxWorkers provides the maximum number of workers that can work on + # maxWorkers provides the maximum number of workers that can work on # inserting batches of records at one time. If a value below 1 is chosen, # it defaults to 5. # (Optional) defaults to 5 maxWorkers: 1000 - # maxBatchSize provides the maximum number of records that can be grouped + # maxBatchSize provides the maximum number of records that can be grouped # together in a single insert. If a value below 0 is chosen, it defaults to - # 1. If the 0 value is chosen, there is no maximum and records are batched + # 1. If the 0 value is chosen, there is no maximum and records are batched # together until the maxBatchWaitTime is reached. # (Optional) defaults to 1 maxBatchSize: 30 - # maxBatchWaitTime provides the maximum amount of time to wait once the first - # record in a batch is received. If a value below 0s is chosen, it defaults to + # maxBatchWaitTime provides the maximum amount of time to wait once the first + # record in a batch is received. If a value below 0s is chosen, it defaults to # 0s. # (Optional) maxBatchWaitTime: 10ms @@ -254,9 +254,9 @@ batchInserter: # Encryption Related Configuration ######################################## -# cipher tells svalinn what type of encryption it should be prepared to +# cipher tells svalinn what type of encryption it should be prepared to # encrypt. This list is used to encrypt the events being inserted the database. -# If there is no encryption, use the "none" configuration below. Svalinn uses +# If there is no encryption, use the "none" configuration below. Svalinn uses # the first cipher on the list that loads successfully. cipher: - # type is the type of encryption. @@ -285,57 +285,57 @@ cipher: # Event Parsing Related Configuration ######################################## -# endpoint provides the endpoint to listen for events at, which is added to the +# endpoint provides the endpoint to listen for events at, which is added to the # api base (a constant in the code). endpoint: "/device-status" -# requestParser provides the information needed for starting the parser, which +# requestParser provides the information needed for starting the parser, which # turns events into records. # (Optional) requestParser: - # queueSize provides the maximum number of events that can be added to the - # queue. Once events are taken off the queue, they are parsed into records. + # queueSize provides the maximum number of events that can be added to the + # queue. Once events are taken off the queue, they are parsed into records. # If a value below 5 is chosen, it defaults to 5. # (Optional) defaults to 5 queueSize: 3000 - # maxWorkers provides the maximum number of workers parsing events at a + # maxWorkers provides the maximum number of workers parsing events at a # time. If a value below 5 is chosen, it defaults to 5. # (Optional) defaults to 5 maxWorkers: 10000 - # metadataMaxSize provides the number of bytes that the marshaled metadata of - # an event must not exceed. If the metadata is larger than that, it is removed - # from the event before the event is put in a record. If a value below 0 is + # metadataMaxSize provides the number of bytes that the marshaled metadata of + # an event must not exceed. If the metadata is larger than that, it is removed + # from the event before the event is put in a record. If a value below 0 is # chosen, it defaults to 0. # (Optional) metadataMaxSize: 1000 - # payloadMaxSize provides the number of bytes that the payload of an event must - # not exceed. If the payload is larger than that, it is removed from the event - # before the events is put in a record. If a value below 0 is chosen, it + # payloadMaxSize provides the number of bytes that the payload of an event must + # not exceed. If the payload is larger than that, it is removed from the event + # before the events is put in a record. If a value below 0 is chosen, it # defaults to 0. # (Optional) payloadMaxSize: 1000 - # defaultTTL provides the amount of time a record is kept in the database - # before it is removed. This TTL is for any event that doesn't have a rule + # defaultTTL provides the amount of time a record is kept in the database + # before it is removed. This TTL is for any event that doesn't have a rule # with a TTL specified. If 0 is chosen, it defaults to 5m. # (Optional) defaults to 5m defaultTTL: 5s - # regexRules provides rules for events whose destinations match the regular - # expression. If the event matches the regex of a rule, Svalinn gets - # instructions on whether or not to store the event's payload (storePayload), - # what the event type should be (eventType), and how long the record should - # live in the database (ruleTTL). If no rules are provided, the payload isn't - # stored, the event type is the default, and the record's TTL is the defaultTTL. + # regexRules provides rules for events whose destinations match the regular + # expression. If the event matches the regex of a rule, Svalinn gets + # instructions on whether or not to store the event's payload (storePayload), + # what the event type should be (eventType), and how long the record should + # live in the database (ruleTTL). If no rules are provided, the payload isn't + # stored, the event type is the default, and the record's TTL is the defaultTTL. # Svalinn uses the first rule whose regex matches an event's destination. # - # The eventType indicates where to find the device id in the event. If the + # The eventType indicates where to find the device id in the event. If the # event type is "State", the device id is parsed out of the event Destination. # Otherwise, the event Source is used as the device id. - # eventType options: "State", "Default" + # eventType options: "State", "Default" # # (Optional) regexRules: @@ -348,9 +348,9 @@ requestParser: ruleTTL: 30s eventType: "State" -# blacklistInterval provides how often Svalinn should get the blacklist from -# the database. If a device id matches a regular expression on the blacklist, -# that event isn't inserted into the database. If 0s is chosen, it defaults to +# blacklistInterval provides how often Svalinn should get the blacklist from +# the database. If a device id matches a regular expression on the blacklist, +# that event isn't inserted into the database. If 0s is chosen, it defaults to # 1m. # (Oprional) defaults to 1m blacklistInterval: 1m @@ -359,10 +359,10 @@ blacklistInterval: 1m # Authorization Related Configuration ######################################## -# secret contains information for finding the secret on incoming requests. If -# both header and webhook secret are empty, no authentication is done on -# incoming requests to Svalinn. Otherwise, the value at the header provided -# should hold a sha1 hash of the request body. It should be in the format: +# secret contains information for finding the secret on incoming requests. If +# both header and webhook secret are empty, no authentication is done on +# incoming requests to Svalinn. Otherwise, the value at the header provided +# should hold a sha1 hash of the request body. It should be in the format: # # Sha1 # @@ -380,17 +380,17 @@ secret: # Webhook Registration Related Configuration ######################################## -# webhook provides the information needed to register to a webhook. If the -# urls and event regex aren't empty and the interval is greater than 0, +# webhook provides the information needed to register to a webhook. If the +# urls and event regex aren't empty and the interval is greater than 0, # registration occurs. # (Optional) webhook: - # registrationInterval provides the time to wait between each registration to + # registrationInterval provides the time to wait between each registration to # the webhook. If this is set to 0, no registration is done. # (Optional) registrationInterval: "4m" - # timeout provides the length of time the request should wait before timing + # timeout provides the length of time the request should wait before timing # out. timeout: "1m" @@ -399,20 +399,20 @@ webhook: # request provides the information passed in the webhook registration request. request: - # config provides configuration values for the requests to the webhook + # config provides configuration values for the requests to the webhook # receiver. config: - # url provides the server the webhook should send the events to. If this + # url provides the server the webhook should send the events to. If this # value isn't set, no registration happens. url: "http://host.docker.internal:8181/api/v1/device-status" - # contentType provides the content type Svalinn expects from the requests + # contentType provides the content type Svalinn expects from the requests # it receives. # (Optional) defaults to "wrp" #contentType: "wrp" - # secret provides the key for hashing the messages the webhook sends. - # If this is empty, no authentication is done later for incoming requests + # secret provides the key for hashing the messages the webhook sends. + # If this is empty, no authentication is done later for incoming requests # to Svalinn. # (Optional) secret: "super secret" @@ -421,14 +421,14 @@ webhook: # (Optional) maxRetryCount: 3 - # alternativeURLs provides endpoints to round robin through on a failure - # to send an event. This is only used if the maxRetryCount is greater + # alternativeURLs provides endpoints to round robin through on a failure + # to send an event. This is only used if the maxRetryCount is greater # than 0. # (Optional) #AlternativeURLs: [] - # events provides a list of regular expressions that tells the webhook - # which endpoints to send to Svalinn. If the destination of an event + # events provides a list of regular expressions that tells the webhook + # which endpoints to send to Svalinn. If the destination of an event # matches a regular expression in this list, it is sent to Svalinn events: ["device-status.*"] @@ -437,12 +437,12 @@ webhook: # matcher: # deviceID: [".*"] - # the below configuration values provide a way to add an Authorization header - # to the request to the webhook. If both basic and sat contain empty values, + # the below configuration values provide a way to add an Authorization header + # to the request to the webhook. If both basic and sat contain empty values, # no header is sent. sat takes priority over basic if both are set. - # basic provides a way to use Basic Authorization when registering to a - # webhook. If this value is provided and sat isn't, the following header is + # basic provides a way to use Basic Authorization when registering to a + # webhook. If this value is provided and sat isn't, the following header is # added to the registration request: # # Authorization Basic {basic} @@ -450,13 +450,13 @@ webhook: # (Optional) basic: "" - # jwt provides a way to use Bearer Authorization when registering to a - # webhook. If the below values are all provided, a request is made to the - # URL to get the token to be used in the registration request. The - # header would look like: - # + # jwt provides a way to use Bearer Authorization when registering to a + # webhook. If the below values are all provided, a request is made to the + # URL to get the token to be used in the registration request. The + # header would look like: + # # Authorization Bearer {token} - # + # # (Optional) jwt: # requestHeaders are added to the request for the token. @@ -467,7 +467,7 @@ webhook: # authURL is the URL to access for the token. authURL: "" - # timeout is how long the request to get the token will take before + # timeout is how long the request to get the token will take before # timing out. timeout: "1m"