in cmd/root.go [493:647]
func NewCommand(opts ...Option) *Command {
rootCmd := &cobra.Command{
Use: "alloydb-auth-proxy instance_uri...",
Version: versionString,
Short: "alloydb-auth-proxy provides a secure way to authorize connections to AlloyDB.",
//remove the inline annotation required by release-please to update version.
Long: strings.ReplaceAll(longHelp, "{x-release-please-version}", ""),
}
logger := log.NewStdLogger(os.Stdout, os.Stderr)
c := &Command{
Command: rootCmd,
logger: logger,
cleanup: func() error { return nil },
conf: &proxy.Config{
UserAgent: defaultUserAgent,
},
}
for _, o := range opts {
o(c)
}
var waitCmd = &cobra.Command{
Use: "wait",
Short: "Wait for another Proxy process to start",
Long: waitHelp,
RunE: runWaitCmd,
}
waitFlags := waitCmd.Flags()
waitFlags.DurationP(
waitMaxFlag, "m",
30*time.Second,
"maximum amount of time to wait for startup",
)
rootCmd.AddCommand(waitCmd)
rootCmd.Args = func(_ *cobra.Command, args []string) error {
return loadConfig(c, args, opts)
}
rootCmd.RunE = func(*cobra.Command, []string) error { return runSignalWrapper(c) }
// Flags that apply only to the root command
localFlags := rootCmd.Flags()
// Flags that apply to all sub-commands
globalFlags := rootCmd.PersistentFlags()
localFlags.BoolP("help", "h", false, "Display help information for alloydb-auth-proxy")
localFlags.BoolP("version", "v", false, "Print the alloydb-auth-proxy version")
localFlags.StringVar(&c.conf.Filepath, "config-file", c.conf.Filepath,
"Path to a TOML file containing configuration options.")
localFlags.StringVar(&c.conf.OtherUserAgents, "user-agent", "",
"Space separated list of additional user agents, e.g. custom-agent/0.0.1")
localFlags.StringVarP(&c.conf.Token, "token", "t", "",
"Bearer token used for authorization.")
localFlags.StringVarP(&c.conf.CredentialsFile, "credentials-file", "c", "",
"Path to a service account key to use for authentication.")
localFlags.StringVarP(&c.conf.CredentialsJSON, "json-credentials", "j", "",
"Use service account key JSON as a source of IAM credentials.")
localFlags.BoolVarP(&c.conf.GcloudAuth, "gcloud-auth", "g", false,
`Use gcloud's user credentials as a source of IAM credentials.
NOTE: this flag is a legacy feature and generally should not be used.
Instead prefer Application Default Credentials
(enabled with: gcloud auth application-default login) which
the Proxy will then pick-up automatically.`)
localFlags.BoolVarP(&c.conf.StructuredLogs, "structured-logs", "l", false,
"Enable structured logs using the LogEntry format")
localFlags.BoolVar(&c.conf.DebugLogs, "debug-logs", false,
"Enable debug logging")
localFlags.Uint64Var(&c.conf.MaxConnections, "max-connections", 0,
`Limits the number of connections by refusing any additional connections.
When this flag is not set, there is no limit.`)
localFlags.DurationVar(&c.conf.WaitBeforeClose, "min-sigterm-delay", 0,
`The number of seconds to accept new connections after receiving a TERM
signal. Defaults to 0s.`)
localFlags.DurationVar(&c.conf.WaitOnClose, "max-sigterm-delay", 0,
`Maximum amount of time to wait after for any open connections
to close after receiving a TERM signal. The proxy will shut
down when the number of open connections reaches 0 or when
the maximum time has passed. Defaults to 0s.`)
localFlags.StringVar(&c.conf.APIEndpointURL, "alloydbadmin-api-endpoint",
"https://alloydb.googleapis.com",
"When set, the proxy uses this host as the base API path.")
localFlags.StringVar(&c.conf.FUSEDir, "fuse", "",
"Mount a directory at the path using FUSE to access AlloyDB instances.")
localFlags.StringVar(&c.conf.FUSETempDir, "fuse-tmp-dir",
filepath.Join(os.TempDir(), "alloydb-tmp"),
"Temp dir for Unix sockets created with FUSE")
localFlags.StringVar(&c.conf.ImpersonationChain, "impersonate-service-account", "",
`Comma separated list of service accounts to impersonate. Last value
+is the target account.`)
rootCmd.PersistentFlags().BoolVar(&c.conf.Quiet, "quiet", false, "Log error messages only")
localFlags.StringVar(&c.conf.TelemetryProject, "telemetry-project", "",
"Enable Cloud Monitoring and Cloud Trace integration with the provided project ID.")
localFlags.BoolVar(&c.conf.DisableTraces, "disable-traces", false,
"Disable Cloud Trace integration (used with telemetry-project)")
localFlags.IntVar(&c.conf.TelemetryTracingSampleRate, "telemetry-sample-rate", 10_000,
"Configure the denominator of the probabilistic sample rate of traces sent to Cloud Trace\n(e.g., 10,000 traces 1/10,000 calls).")
localFlags.BoolVar(&c.conf.DisableMetrics, "disable-metrics", false,
"Disable Cloud Monitoring integration (used with telemetry-project)")
localFlags.StringVar(&c.conf.TelemetryPrefix, "telemetry-prefix", "",
"Prefix to use for Cloud Monitoring metrics.")
localFlags.BoolVar(&c.conf.Prometheus, "prometheus", false,
"Enable Prometheus HTTP endpoint /metrics")
localFlags.StringVar(&c.conf.PrometheusNamespace, "prometheus-namespace", "",
"Use the provided Prometheus namespace for metrics")
globalFlags.StringVar(&c.conf.HTTPAddress, "http-address", "localhost",
"Address for Prometheus and health check server")
globalFlags.StringVar(&c.conf.HTTPPort, "http-port", "9090",
"Port for the Prometheus server to use")
localFlags.BoolVar(&c.conf.Debug, "debug", false,
"Enable pprof on the localhost admin server")
localFlags.BoolVar(&c.conf.QuitQuitQuit, "quitquitquit", false,
"Enable quitquitquit endpoint on the localhost admin server")
localFlags.StringVar(&c.conf.AdminPort, "admin-port", "9091",
"Port for localhost-only admin server")
localFlags.BoolVar(&c.conf.HealthCheck, "health-check", false,
`Enables HTTP endpoints /startup, /liveness, and /readiness
that report on the proxy's health. Endpoints are available on localhost
only. Uses the port specified by the http-port flag.`)
localFlags.BoolVar(&c.conf.RunConnectionTest, "run-connection-test", false, `Runs a connection test
against all specified instances. If an instance is unreachable, the Proxy exits with a failure
status code.`)
localFlags.BoolVar(&c.conf.LazyRefresh, "lazy-refresh", false,
`Configure a lazy refresh where connection info is retrieved only if
the cached copy has expired. Use this setting in environments where the
CPU may be throttled and a background refresh cannot run reliably
(e.g., Cloud Run)`,
)
localFlags.StringVar(&c.conf.StaticConnectionInfo, "static-connection-info",
"", "JSON file with static connection info. See --help for format.")
localFlags.BoolVar(&c.conf.ExitZeroOnSigterm, "exit-zero-sigterm", false,
"Exit with 0 exit code when Sigterm received (default is 143)")
localFlags.BoolVar(&c.conf.DisableBuiltInTelemetry,
"disable-built-in-telemetry", false,
"Disables the internal metric reporter")
// Global and per instance flags
localFlags.StringVarP(&c.conf.Addr, "address", "a", "127.0.0.1",
"(*) Address on which to bind AlloyDB instance listeners.")
localFlags.IntVarP(&c.conf.Port, "port", "p", 5432,
"(*) Initial port to use for listeners. Subsequent listeners increment from this value.")
localFlags.StringVarP(&c.conf.UnixSocket, "unix-socket", "u", "",
`(*) Enables Unix sockets for all listeners using the provided directory.`)
localFlags.BoolVarP(&c.conf.AutoIAMAuthN, "auto-iam-authn", "i", false,
"(*) Enables Automatic IAM Authentication for all instances")
localFlags.BoolVar(&c.conf.PublicIP, "public-ip", false,
"(*) Connect to the public ip address for all instances")
localFlags.BoolVar(&c.conf.PSC, "psc", false,
"(*) Connect to the PSC endpoint for all instances")
return c
}