Documentation
¶
Index ¶
Constants ¶
const ( GatewayFunctionalityTypeRegular = "regular" GatewayFunctionalityTypeAI = "ai" GatewayFunctionalityTypeEvent = "event" )
Gateway Functionality Type Constants
const ( RestApi = "RestApi" WebSubApi = "WebSubApi" WebBrokerApi = "WebBrokerApi" LLMProvider = "LlmProvider" LLMProviderTemplate = "LlmProviderTemplate" LLMProxy = "LlmProxy" MCPProxy = "Mcp" )
Kinds of artifacts
const ( OriginCP = "control_plane" OriginDP = "gateway_api" )
Artifact origin values. Origin distinguishes control-plane created artifacts (control_plane) from artifacts pushed up by a data-plane gateway (gateway_api). gateway_api artifacts are read-only in the control plane. The values match the gateway's origin naming (see gateway-controller models.Origin).
const ( APITypeHTTP = "HTTP" APITypeWS = "WS" APITypeSOAPToREST = "SOAPTOREST" APITypeSOAP = "SOAP" APITypeGraphQL = "GRAPHQL" APITypeWebSub = "WEBSUB" APITypeSSE = "SSE" APITypeWebhook = "WEBHOOK" APITypeAsync = "ASYNC" )
API Type Constants
const ( APISubTypeHTTP = "REST" APISubTypeGraphQL = "GQL" APISubTypeAsync = "ASYNC" APISubTypeWebSocket = "WEBSOCKET" APISubTypeSOAP = "SOAP" )
API SubType Constants
const ( GatewayApiVersionV1Alpha1 = "gateway.api-platform.wso2.com/v1alpha1" GatewayApiVersion = "gateway.api-platform.wso2.com/v1" )
Gateway artifact apiVersion (the `apiVersion:` field on deployment artifacts). GatewayApiVersionV1Alpha1 is the legacy value for gateways < 1.2.0 — use it only in down-convert paths (deploymenttransform) that must produce artifacts consumable by old gateways. New code should use GatewayApiVersion.
const ( APIVersion = "v0.9" APIBasePath = "/api/" + APIVersion )
Platform-api resource URL version. APIBasePath is the single source of truth for the prefix every handler route group is mounted under. NOTE: this is a DIFFERENT axis from GatewayApiVersion* (the gateway artifact apiVersion) — the two are governed independently and currently hold different values ("v0.9" vs "v1").
const ( PolicyManagedByCustomer = "customer" PolicyManagedByWSO2 = "wso2" )
Custom Policy ManagedBy constants
const ( APIKeyStatusActive = "active" APIKeyStatusRevoked = "revoked" )
API key status constants
const ( GatewayTokenStatusActive = "active" GatewayTokenStatusRevoked = "revoked" )
Gateway token status constants
const ( ThrottleLimitUnitMinute = "MINUTE" ThrottleLimitUnitHour = "HOUR" ThrottleLimitUnitDay = "DAY" ThrottleLimitUnitMonth = "MONTH" )
Throttle limit unit constants
const ( LimitTypeRequestCount = "REQUEST_COUNT" LimitTypeBandwidth = "BANDWIDTH" LimitTypeTotalToken = "TOTAL_TOKEN_COUNT" )
Subscription plan limit type constants (subscription_plan_limits.limit_type). NOTE: only LimitTypeRequestCount is currently produced/consumed; BANDWIDTH and token-based types exist in the schema but are not yet wired through the platform-api, gateway events or gateway-controller.
const ( // MetadataKeyEndpointUrl is the metadata key for the per-deployment endpoint URL override. MetadataKeyEndpointUrl = "endpointUrl" // MetadataKeyVhostMain is the metadata key for the per-deployment main vhost value. MetadataKeyVhostMain = "vhostMain" // MetadataKeyVhostSandbox is the metadata key for the per-deployment sandbox vhost value. MetadataKeyVhostSandbox = "vhostSandbox" // VhostGatewayDefault is the sentinel value that instructs the gateway-controller to resolve // and persist the current gateway default vhosts, ensuring deployments are immune to future // gateway config changes. VhostGatewayDefault = "_gateway_default_" )
Metadata key constants for deployment metadata
const APIKeyAllowedTargetsAll = "ALL"
API Key allowed targets constants
const AdminRole = "admin"
AdminRole is the role name that grants administrative privileges
const (
AssociationTypeGateway = "gateway"
)
Constants for association types
const DefaultGatewayFunctionalityType = GatewayFunctionalityTypeRegular
DefaultGatewayFunctionalityType Default gateway functionality type for new gateways
const DeletedUser = "deleted_user"
DeletedUser is returned for audit-identity fields (createdBy/updatedBy/ revokedBy/performedBy) and external/data-plane events when the stored internal UUID has no entry in user_idp_references — an anonymous write, or a user whose mapping was removed.
const (
// DeploymentLimitBuffer is the buffer added to MaxPerAPIGateway for hard limit enforcement
DeploymentLimitBuffer = 100
)
Deployment limit constants
const TemplateManagedByOrganization = "organization"
Variables ¶
var ( ErrHandleExists = errors.New("handle already exists") ErrHandleDoesNotExist = errors.New("handle does not exist") ErrHandleEmpty = errors.New("handle cannot be empty") ErrHandleTooShort = errors.New("handle must be at least 3 characters") ErrHandleTooLong = errors.New("handle must be at most 63 characters") ErrInvalidHandle = errors.New("handle must be lowercase alphanumeric with hyphens only (no consecutive hyphens, cannot start or end with hyphen)") ErrHandleGenerationFailed = errors.New("failed to generate unique handle after maximum retries") ErrHandleSourceEmpty = errors.New("source string cannot be empty for handle generation") ErrOrganizationExists = errors.New("organization already exists with the given UUID") ErrOrganizationNotFound = errors.New("organization not found") ErrMultipleOrganizations = errors.New("multiple organizations found") ErrInvalidInput = errors.New("invalid input parameters") ErrHandleImmutable = errors.New("id is immutable and cannot be changed") )
var ( ErrProjectExists = errors.New("project already exists in organization") ErrProjectNotFound = errors.New("project not found") ErrInvalidProjectName = errors.New("invalid project name") ErrOrganizationMustHAveAtLeastOneProject = errors.New("organization must have at least one project") ErrProjectHasAssociatedAPIs = errors.New("project has associated APIs") ErrProjectHasAssociatedMCPProxies = errors.New("project has associated MCP proxies") ErrProjectHasAssociatedApplications = errors.New("project has associated applications") ErrorInvalidProjectUUID = errors.New("invalid project UUID") )
var ( ErrApplicationExists = errors.New("application already exists in project") ErrApplicationNotFound = errors.New("application not found") ErrInvalidApplicationName = errors.New("invalid application name") ErrInvalidApplicationType = errors.New("invalid application type") ErrUnsupportedApplicationType = errors.New("unsupported application type") ErrInvalidApplicationID = errors.New("invalid application ID") )
var ( ErrAPINotFound = errors.New("api not found") ErrAPIAlreadyExists = errors.New("api already exists in project") ErrAPINameVersionAlreadyExists = errors.New("api with same name and version already exists") ErrInvalidAPIContext = errors.New("invalid api context format") ErrInvalidAPIVersion = errors.New("invalid api version format") ErrInvalidAPIName = errors.New("invalid api name format") ErrInvalidLifecycleState = errors.New("invalid lifecycle state") ErrInvalidAPIType = errors.New("invalid api type") ErrInvalidTransport = errors.New("invalid transport protocol") ErrInvalidDeployment = errors.New("invalid api deployment") ErrGatewayNotAssociated = errors.New("api is not associated with gateway") ErrAPIContextVersionConflict = errors.New("api with same context and version already deployed in gateway") ErrUpstreamRequired = errors.New("upstream configuration is required") )
var ( ErrGatewayNotFound = errors.New("gateway not found") ErrGatewayAlreadyAssociated = errors.New("gateway already associated with API") ErrGatewayHasAssociatedAPIs = errors.New("cannot delete gateway: it has associated APIs. Please remove all API associations before deleting the gateway") ErrGatewayHasDeployments = errors.New("cannot delete gateway: it has active API deployments. Please undeploy all APIs before deleting the gateway") ErrGatewayVersionMismatch = errors.New("gateway version mismatch") ErrGatewayFunctionalityTypeMismatch = errors.New("gateway functionality type mismatch") )
var ( ErrCustomPolicyNotFound = errors.New("custom policy not found") ErrCustomPolicyInUse = errors.New("custom policy is in use by one or more APIs") ErrCustomPolicyVersionMismatch = errors.New("custom policy version does not match") )
var ( ErrDeploymentNotFound = errors.New("deployment not found") ErrDeploymentNotActive = errors.New("no active deployment found for this API on the gateway") ErrDeploymentIsDeployed = errors.New("cannot delete an active deployment - undeploy it first") ErrDeploymentAlreadyActive = errors.New("deployment is already active") ErrBaseDeploymentNotFound = errors.New("base deployment not found") ErrInvalidDeploymentStatus = errors.New("invalid deployment status") ErrDeploymentNameRequired = errors.New("deployment name is required") ErrDeploymentBaseRequired = errors.New("base is required") ErrDeploymentGatewayIDRequired = errors.New("gatewayId is required") ErrAPINoBackendServices = errors.New("API must have at least one backend service attached before deployment") ErrDeploymentAlreadyDeployed = errors.New("cannot restore to the currently deployed deployment") ErrInvalidDeploymentRestoreState = errors.New("deployment cannot be restored: only ARCHIVED or UNDEPLOYED deployments are eligible") ErrGatewayIDMismatch = errors.New("gateway ID mismatch: deployment is bound to a different gateway") )
var ( ErrArtifactNotFound = errors.New("artifact not found") ErrArtifactExists = errors.New("artifact already exists") ErrArtifactInvalidKind = errors.New("invalid artifact kind") // ErrArtifactReadOnly is returned when a mutating control-plane operation is // attempted on a data-plane-originated (origin=DP) artifact. Such artifacts are // read-only in the control plane; only documentation/OpenAPI updates are allowed. ErrArtifactReadOnly = errors.New("artifact is read-only: it originated from a data-plane gateway") // ErrArtifactDeployed is returned when a DP-originated artifact is deleted from the // control plane while still deployed on one or more gateways. It can only be deleted // once it is undeployed on all gateways it was deployed to. ErrArtifactDeployed = errors.New("artifact is still deployed on a gateway and cannot be deleted") // ErrArtifactRuntimeImmutable is returned when an update to a data-plane-originated // (origin=DP) artifact would change its gateway runtime artifact. The gateway owns // the runtime artifact, so a change to it cannot be applied from the control plane; // edits that leave the runtime artifact unchanged (description, lifecycle status, // display metadata, docs) are allowed. It is a distinct error from ErrArtifactReadOnly // (which blocks all edits) and is mapped to 403 separately by the guard-response handler. ErrArtifactRuntimeImmutable = errors.New( "the update changes the gateway runtime configuration, which is owned by the data-plane gateway and cannot be modified from the control plane") )
var ( // API Project Import errors ErrAPIProjectNotFound = errors.New("api project not found") ErrMalformedAPIProject = errors.New("malformed api project") ErrInvalidAPIProject = errors.New("invalid api project") ErrConfigFileNotFound = errors.New("API Project config file not found") ErrOpenAPIFileNotFound = errors.New("OpenAPI definition file not found") ErrWSO2ArtifactNotFound = errors.New("WSO2 API artifact not found") )
var ( ErrLLMProviderTemplateExists = errors.New("llm provider template already exists") ErrLLMProviderTemplateNotFound = errors.New("llm provider template not found") ErrLLMProviderTemplateVersionExists = errors.New("llm provider template version already exists") ErrLLMProviderTemplateInUse = errors.New("llm provider template is in use by one or more providers") ErrLLMProviderTemplateReadOnly = errors.New("built-in llm provider template is read-only") ErrLLMProviderTemplateNotToggleable = errors.New("only built-in templates can be enabled or disabled") ErrLLMProviderTemplateManagedByReserved = errors.New("'wso2' is reserved and cannot be used as managedBy on custom templates") ErrLLMProviderExists = errors.New("llm provider already exists") ErrLLMProviderNotFound = errors.New("llm provider not found") ErrLLMProviderLimitReached = errors.New("llm provider limit reached for organization") ErrLLMProxyExists = errors.New("llm proxy already exists") ErrLLMProxyNotFound = errors.New("llm proxy not found") ErrLLMProxyLimitReached = errors.New("llm proxy limit reached for organization") )
var ( ErrMCPProxyExists = errors.New("mcp proxy already exists") ErrMCPProxyNotFound = errors.New("mcp proxy not found") ErrMCPProxyLimitReached = errors.New("mcp proxy limit reached for organization") )
var ( ErrWebSubAPIExists = errors.New("websub api already exists") ErrWebSubAPINotFound = errors.New("websub api not found") ErrWebSubAPILimitReached = errors.New("websub api limit reached for organization") ErrProjectHasAssociatedWebSubAPIs = errors.New("project has associated WebSub APIs") )
var ( ErrHmacSecretNotFound = errors.New("hmac secret not found") ErrHmacSecretAlreadyExists = errors.New("hmac secret with this name already exists") ErrHmacSecretEncryptionKeyMissing = errors.New("hmac secret encryption key is not configured") ErrHmacSecretInvalidValue = errors.New("secret value must be at least 32 characters") )
var ( ErrWebBrokerAPIExists = errors.New("webbroker api already exists") ErrWebBrokerAPINotFound = errors.New("webbroker api not found") ErrWebBrokerAPILimitReached = errors.New("webbroker api limit reached for organization") ErrProjectHasAssociatedWebBrokerAPIs = errors.New("project has associated WebBroker APIs") ErrDevPortalNotFound = errors.New("dev portal not found") )
var ( // API Key errors ErrAPIKeyNotFound = errors.New("api key not found") ErrAPIKeyAlreadyExists = errors.New("api key already exists") ErrInvalidAPIKey = errors.New("invalid api key") ErrAPIKeyForbidden = errors.New("forbidden: only the key creator can perform this action") ErrAPIKeyEventDelivery = errors.New("failed to deliver api key event to gateway") ErrAPIKeyHashingFailed = errors.New("failed to hash api key") )
var ( ErrInvalidURL = errors.New("invalid URL") ErrURLUnreachable = errors.New("URL is unreachable") )
var ( // Subscription errors (application-level subscriptions for REST APIs) ErrSubscriptionNotFound = errors.New("subscription not found") ErrSubscriptionAlreadyExists = errors.New("application is already subscribed to this API") ErrSubscriptionSubscriberMismatch = errors.New("subscriber does not match this subscription") )
var ( // Subscription plan errors ErrSubscriptionPlanNotFound = errors.New("subscription plan not found") ErrSubscriptionPlanNotFoundOrInactive = errors.New("subscription plan not found or not active") ErrSubscriptionPlanAlreadyExists = errors.New("subscription plan with this name already exists for the organization") ErrInvalidThrottleLimitUnit = errors.New("invalid throttle limit unit: must be one of SECOND, MINUTE, HOUR, DAY, MONTH, YEAR") )
var ( // Gateway Internal API errors ErrMissingAPIKey = errors.New("API key is required") ErrInvalidAPIToken = errors.New("invalid API token") )
var ( ErrSecretAlreadyExists = errors.New("secret already exists for this organization and handle") ErrSecretNotFound = errors.New("secret not found") ErrSecretInUse = errors.New("secret is referenced by one or more resources") ErrSecretRefMissing = errors.New("one or more referenced secrets do not exist") ErrInvalidSecretType = errors.New("invalid secret type: must be GENERIC or CERTIFICATE") )
var (
ErrInvalidPolicyVersion = errors.New("policy version must be major-only, e.g. v1")
)
var SecretPlaceholderRe = regexp.MustCompile(`\{\{\s*secret\s+\\?"([^"\\]+)\\?"\s*\}\}`)
SecretPlaceholderRe matches {{ secret "handle" }} (and the escaped-quote variant {{ secret \"handle\" }}) in artifact config blobs. A single definition here ensures ref-extraction (repository) and ref-validation (service) always match the same set.
var ValidAPIKeyStatuses = map[string]bool{ APIKeyStatusActive: true, APIKeyStatusRevoked: true, }
ValidAPIKeyStatuses holds accepted values for api_keys.status
var ValidAPITypes = map[string]bool{ "HTTP": true, "WS": true, "SOAPTOREST": true, "SOAP": true, "GRAPHQL": true, "WEBSUB": true, "SSE": true, "WEBHOOK": true, "ASYNC": true, }
ValidAPITypes Valid API types
var ValidArtifactKinds = map[string]bool{ RestApi: true, LLMProvider: true, LLMProxy: true, MCPProxy: true, }
ValidArtifactKinds holds accepted values for artifacts.type for the core (non-plugin) artifact kinds. Plugin-owned kinds (e.g. WebSubApi, WebBrokerApi) are registered into the ArtifactTableRegistry during plugin Init.
var ValidGatewayFunctionalityType = map[string]bool{ GatewayFunctionalityTypeRegular: true, GatewayFunctionalityTypeAI: true, GatewayFunctionalityTypeEvent: true, }
ValidGatewayFunctionalityType Valid gateway functionality types
var ValidGatewayTokenStatuses = map[string]bool{ GatewayTokenStatusActive: true, GatewayTokenStatusRevoked: true, }
ValidGatewayTokenStatuses holds accepted values for gateway_tokens.status
var ValidLifecycleStates = map[string]bool{ "STAGED": true, "CREATED": true, "PUBLISHED": true, "DEPRECATED": true, "RETIRED": true, "BLOCKED": true, }
ValidLifecycleStates Valid lifecycle states
var ValidPolicyManagedBy = map[string]bool{ PolicyManagedByCustomer: true, PolicyManagedByWSO2: true, }
ValidPolicyManagedBy holds accepted values for the managed_by field on gateway custom policies
var ValidThrottleLimitUnits = map[string]bool{ ThrottleLimitUnitMinute: true, ThrottleLimitUnitHour: true, ThrottleLimitUnitDay: true, ThrottleLimitUnitMonth: true, }
ValidThrottleLimitUnits holds accepted values for subscription_plan_limits.time_unit
var ValidTransports = map[string]bool{ "http": true, "https": true, "ws": true, "wss": true, }
ValidTransports Valid transport protocols
Functions ¶
This section is empty.
Types ¶
This section is empty.