proxy

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultAuditQueryLimit is the max entries returned by the audit query endpoint.
	DefaultAuditQueryLimit = 100
	// SSEChannelBufferSize is the buffer size for Server-Sent Events channels.
	SSEChannelBufferSize = 64
	// ApprovalIDPrefix is the prefix for generated approval IDs.
	ApprovalIDPrefix = "ap_"
	// ShutdownTimeout is the graceful shutdown deadline.
	ShutdownTimeout = 10 * time.Second
	// MaxRequestBodySize is the maximum allowed size of incoming request bodies (1 MB).
	MaxRequestBodySize = 1 << 20
)

Variables

This section is empty.

Functions

This section is empty.

Types

type ApprovalQueue 

type ApprovalQueue struct {
	// contains filtered or unexported fields
}

ApprovalQueue manages pending approval requests.

func (*ApprovalQueue) Add 

func (q *ApprovalQueue) Add(req policy.ActionRequest, result policy.CheckResult) *PendingAction

func (*ApprovalQueue) Broadcast 

func (q *ApprovalQueue) Broadcast(event AuditEvent)

Broadcast sends an event to all SSE subscribers (public, acquires lock).

func (*ApprovalQueue) List 

func (q *ApprovalQueue) List() []*PendingAction

func (*ApprovalQueue) Resolve 

func (q *ApprovalQueue) Resolve(id string, decision policy.Decision) error

func (*ApprovalQueue) Subscribe 

func (q *ApprovalQueue) Subscribe() chan AuditEvent

func (*ApprovalQueue) Unsubscribe 

func (q *ApprovalQueue) Unsubscribe(ch chan AuditEvent)

type AuditEvent 

type AuditEvent struct {
	Type      string               `json:"type"` // "check", "approval", "resolved"
	Timestamp time.Time            `json:"timestamp"`
	Request   policy.ActionRequest `json:"request"`
	Result    policy.CheckResult   `json:"result"`
}

AuditEvent is sent over SSE to dashboard clients for any check result.

type Config 

type Config struct {
	Port             int
	Engine           *policy.Engine
	Logger           audit.Logger
	DashboardEnabled bool
	Notifier         *notify.Dispatcher
	// APIKey protects the approve/deny endpoints. If empty, a warning is
	// logged and the endpoints are open (suitable for localhost-only deployments).
	APIKey string
	// AllowedOrigin is returned in Access-Control-Allow-Origin. Defaults to
	// localhost only. Set to a specific origin or leave empty for localhost.
	AllowedOrigin string
	// BaseURL is the externally-reachable URL of this server, used to
	// construct approval URLs. Defaults to http://localhost:<Port>.
	BaseURL string
	// Version is the application version string shown in /health.
	Version string
}

Config holds the server configuration.

type PendingAction 

type PendingAction struct {
	ID        string               `json:"id"`
	Request   policy.ActionRequest `json:"request"`
	Result    policy.CheckResult   `json:"result"`
	CreatedAt time.Time            `json:"created_at"`
	Resolved  bool                 `json:"resolved"`
	Decision  string               `json:"decision,omitempty"`
}

PendingAction is an action waiting for human approval.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server is the AgentGuard HTTP proxy.

func NewServer 

func NewServer(cfg Config) *Server

NewServer creates a new proxy server.

func (*Server) Shutdown 

func (s *Server) Shutdown()

Shutdown gracefully stops the server.

func (*Server) Start 

func (s *Server) Start() error

Start begins listening for requests.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.