zentinel-proxy 0.6.11

A security-first reverse proxy built on Pingora with sleepable ops at the edge
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224

// Allow lints for work-in-progress features and code patterns
#![allow(dead_code)]
#![allow(unused_variables)]
#![allow(unused_imports)]
#![allow(clippy::too_many_arguments)]
#![allow(clippy::match_like_matches_macro)]
#![allow(clippy::manual_strip)]
#![allow(clippy::only_used_in_recursion)]
#![allow(clippy::type_complexity)]
#![allow(clippy::manual_try_fold)]
#![allow(private_interfaces)]

//! Zentinel Proxy Library
//!
//! A security-first reverse proxy built on Pingora with sleepable ops at the edge.
//!
//! This library provides the core components for building a production-grade
//! reverse proxy with:
//!
//! - **Routing**: Flexible path-based and header-based routing
//! - **Upstream Management**: Load balancing, health checking, circuit breakers
//! - **Static File Serving**: Compression, caching, range requests
//! - **Validation**: JSON Schema validation for API requests/responses
//! - **Error Handling**: Customizable error pages per service type
//! - **Hot Reload**: Configuration changes without restarts
//!
//! # Example
//!
//! ```ignore
//! use zentinel_proxy::{StaticFileServer, ErrorHandler, SchemaValidator};
//! use zentinel_config::{StaticFileConfig, ServiceType};
//!
//! // Create a static file server
//! let config = StaticFileConfig::default();
//! let server = StaticFileServer::new(config);
//!
//! // Create an error handler for API responses
//! let handler = ErrorHandler::new(ServiceType::Api, None);
//! ```

// ============================================================================
// Module Declarations
// ============================================================================

pub mod acme;
pub mod agents;
pub mod app;
pub mod builtin_handlers;
pub mod cache;
pub mod decompression;
pub mod discovery;
pub mod disk_cache;
pub mod distributed_rate_limit;
pub mod errors;
pub mod hybrid_cache;
pub mod memcached_rate_limit;

// Kubernetes kubeconfig parsing (requires kubernetes feature)
pub mod geo_filter;
pub mod grpc_health;
pub mod health;
pub mod http_helpers;
pub mod inference;
#[cfg(feature = "kubernetes")]
pub mod kubeconfig;
pub mod logging;
pub mod memory_cache;
pub mod metrics;
pub mod otel;
pub mod proxy;
pub mod rate_limit;
pub mod reload;
pub mod routing;
pub mod scoped_circuit_breaker;
pub mod scoped_rate_limit;
pub mod scoped_routing;
pub mod shadow;
pub mod static_files;
pub mod tls;
pub mod trace_id;
pub mod upstream;
pub mod validation;
pub mod websocket;

// Bundle management (agent installation)
pub mod bundle;

// ============================================================================
// Public API Re-exports
// ============================================================================

// Error handling
pub use errors::ErrorHandler;

// Static file serving
pub use static_files::{CacheStats, CachedFile, FileCache, StaticFileServer};

// Request validation
pub use validation::SchemaValidator;

// Routing
pub use routing::{RequestInfo, RouteMatch, RouteMatcher};
pub use scoped_routing::{ScopedRouteMatch, ScopedRouteMatcher};

// Upstream management
pub use upstream::{
    LoadBalancer, PoolConfigSnapshot, PoolStats, RequestContext, ShadowTarget, TargetSelection,
    UpstreamPool, UpstreamTarget,
};

// Health checking
pub use health::{ActiveHealthChecker, PassiveHealthChecker, TargetHealthInfo};

// Agents
pub use agents::{AgentAction, AgentCallContext, AgentDecision, AgentManager};

// Hot reload
pub use reload::{ConfigManager, ReloadEvent, ReloadTrigger, SignalManager, SignalType};

// Application state
pub use app::AppState;

// Proxy core
pub use proxy::ZentinelProxy;

// Built-in handlers
pub use builtin_handlers::{
    execute_handler, BuiltinHandlerState, CachePurgeRequest, TargetHealthStatus, TargetStatus,
    UpstreamHealthSnapshot, UpstreamStatus,
};

// HTTP helpers
pub use http_helpers::{
    extract_request_info, get_or_create_trace_id, write_error, write_json_error, write_response,
    write_text_error, OwnedRequestInfo,
};

// Trace ID generation (TinyFlake)
pub use trace_id::{
    generate_for_format, generate_tinyflake, generate_uuid, TraceIdFormat, TINYFLAKE_LENGTH,
};

// OpenTelemetry tracing
pub use otel::{
    create_traceparent, generate_span_id, generate_trace_id, get_tracer, init_tracer,
    shutdown_tracer, OtelError, OtelTracer, RequestSpan, TraceContext, TRACEPARENT_HEADER,
    TRACESTATE_HEADER,
};

// TLS / SNI support
pub use tls::{
    build_server_config, build_upstream_tls_config, load_client_ca, validate_tls_config,
    validate_upstream_tls_config, CertificateReloader, HotReloadableSniResolver, OcspCacheEntry,
    OcspStapler, SniResolver, TlsError,
};

// Logging
pub use logging::{
    AccessLogEntry, AccessLogFormat, AuditEventType, AuditLogEntry, ErrorLogEntry, LogManager,
    SharedLogManager,
};

// Rate limiting
pub use rate_limit::{
    RateLimitConfig, RateLimitManager, RateLimitOutcome, RateLimitResult, RateLimiterPool,
};

// Scoped rate limiting
pub use scoped_rate_limit::{ScopedRateLimitManager, ScopedRateLimitResult};

// Scoped circuit breakers
pub use scoped_circuit_breaker::{ScopedBreakerStatus, ScopedCircuitBreakerManager};

// Traffic mirroring / shadowing
pub use shadow::{buffer_request_body, clone_body_for_shadow, should_buffer_method, ShadowManager};

// GeoIP filtering
pub use geo_filter::{
    GeoDatabaseWatcher, GeoFilterManager, GeoFilterPool, GeoFilterResult, GeoLookupError,
};

// Body decompression with ratio limits
pub use decompression::{
    decompress_body, decompress_body_with_stats, is_supported_encoding, parse_content_encoding,
    DecompressionConfig, DecompressionError, DecompressionResult, DecompressionStats,
};

// Distributed rate limiting - Redis
#[cfg(feature = "distributed-rate-limit")]
pub use distributed_rate_limit::{
    create_redis_rate_limiter, DistributedRateLimitStats, RedisRateLimiter,
};

// Distributed rate limiting - Memcached
#[cfg(feature = "distributed-rate-limit-memcached")]
pub use memcached_rate_limit::{
    create_memcached_rate_limiter, MemcachedRateLimitStats, MemcachedRateLimiter,
};

// HTTP caching
pub use cache::{
    configure_cache, get_cache_eviction, get_cache_lock, get_cache_storage, init_disk_cache_state,
    is_cache_enabled, save_disk_cache_state, CacheConfig, CacheManager, HttpCacheStats,
};

// Memory caching
pub use memory_cache::{
    MemoryCacheConfig, MemoryCacheManager, MemoryCacheStats, RouteMatchEntry, TypedCache,
};

// Prometheus metrics
pub use metrics::{MetricsManager, MetricsResponse};

// Service discovery
pub use discovery::{
    ConsulDiscovery, DiscoveryConfig, DiscoveryManager, DnsDiscovery, KubernetesDiscovery,
};

// Kubernetes kubeconfig parsing
#[cfg(feature = "kubernetes")]
pub use kubeconfig::{KubeAuth, Kubeconfig, KubeconfigError, ResolvedKubeConfig};

// Re-export common error types for convenience
pub use zentinel_common::errors::{LimitType, ZentinelError, ZentinelResult};