Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SpiceDB: add docs #298

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

SpiceDB: add docs #298

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion pages/spicedb/_meta.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,6 @@
"modeling": "Modeling & Integrating",
"ops": "Operations",
"api": "API Reference",
"links": "Links"
"links": "Links",
"docs": "CLI Docs"
}
40 changes: 40 additions & 0 deletions pages/spicedb/docs/spicedb.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
## spicedb

A modern permissions database

### Synopsis

A database that stores, computes, and validates application permissions

### Examples

```
No TLS and in-memory:
spicedb serve --grpc-preshared-key "somerandomkeyhere"

TLS and a real datastore:
spicedb serve --grpc-preshared-key "realkeyhere" --grpc-tls-cert-path path/to/tls/cert --grpc-tls-key-path path/to/tls/key \
--http-tls-cert-path path/to/tls/cert --http-tls-key-path path/to/tls/key \
--datastore-engine postgres --datastore-conn-uri "postgres-connection-string-here"

```

### Options

```
-h, --help help for spicedb
--log-format string format of logs ("auto", "console", "json") (default "auto")
--log-level string verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
--skip-release-check if true, skips checking for new SpiceDB releases
```

### SEE ALSO

* [spicedb datastore](spicedb_datastore.md) - datastore operations
* [spicedb lsp](spicedb_lsp.md) - serve language server protocol
* [spicedb serve](spicedb_serve.md) - serve the permissions database
* [spicedb serve-devtools](spicedb_serve-devtools.md) - runs the developer tools service
* [spicedb serve-testing](spicedb_serve-testing.md) - test server with an in-memory datastore
* [spicedb version](spicedb_version.md) - displays the version of SpiceDB

###### Auto generated by spf13/cobra on 20-Jan-2025
31 changes: 31 additions & 0 deletions pages/spicedb/docs/spicedb_datastore.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
## spicedb datastore

datastore operations

### Synopsis

Operations against the configured datastore

### Options

```
-h, --help help for datastore
```

### Options inherited from parent commands

```
--log-format string format of logs ("auto", "console", "json") (default "auto")
--log-level string verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
--skip-release-check if true, skips checking for new SpiceDB releases
```

### SEE ALSO

* [spicedb](spicedb.md) - A modern permissions database
* [spicedb datastore gc](spicedb_datastore_gc.md) - executes garbage collection
* [spicedb datastore head](spicedb_datastore_head.md) - compute the head database migration revision
* [spicedb datastore migrate](spicedb_datastore_migrate.md) - execute datastore schema migrations
* [spicedb datastore repair](spicedb_datastore_repair.md) - executes datastore repair

###### Auto generated by spf13/cobra on 20-Jan-2025
100 changes: 100 additions & 0 deletions pages/spicedb/docs/spicedb_datastore_gc.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
## spicedb datastore gc

executes garbage collection

### Synopsis

Executes garbage collection against the datastore

```
spicedb datastore gc [flags]
```

### Options

```
--datastore-allowed-migrations stringArray migration levels that will not fail the health check (in addition to the current head migration)
--datastore-bootstrap-files strings bootstrap data yaml files to load
--datastore-bootstrap-overwrite overwrite any existing data with bootstrap data (this can be quite slow)
--datastore-bootstrap-timeout duration maximum duration before timeout for the bootstrap data to be written (default 10s)
--datastore-conn-max-lifetime-jitter duration waits rand(0, jitter) after a connection is open for max lifetime to actually close the connection (default: 20% of max lifetime)
--datastore-conn-pool-read-healthcheck-interval duration amount of time between connection health checks in a remote datastore's connection pool (default 30s)
--datastore-conn-pool-read-max-idletime duration maximum amount of time a connection can idle in a remote datastore's connection pool (default 30m0s)
--datastore-conn-pool-read-max-lifetime duration maximum amount of time a connection can live in a remote datastore's connection pool (default 30m0s)
--datastore-conn-pool-read-max-lifetime-jitter duration waits rand(0, jitter) after a connection is open for max lifetime to actually close the connection (default: 20% of max lifetime)
--datastore-conn-pool-read-max-open int number of concurrent connections open in a remote datastore's connection pool (default 20)
--datastore-conn-pool-read-min-open int number of minimum concurrent connections open in a remote datastore's connection pool (default 20)
--datastore-conn-pool-write-healthcheck-interval duration amount of time between connection health checks in a remote datastore's connection pool (default 30s)
--datastore-conn-pool-write-max-idletime duration maximum amount of time a connection can idle in a remote datastore's connection pool (default 30m0s)
--datastore-conn-pool-write-max-lifetime duration maximum amount of time a connection can live in a remote datastore's connection pool (default 30m0s)
--datastore-conn-pool-write-max-lifetime-jitter duration waits rand(0, jitter) after a connection is open for max lifetime to actually close the connection (default: 20% of max lifetime)
--datastore-conn-pool-write-max-open int number of concurrent connections open in a remote datastore's connection pool (default 10)
--datastore-conn-pool-write-min-open int number of minimum concurrent connections open in a remote datastore's connection pool (default 10)
--datastore-conn-uri string connection string used by remote datastores (e.g. "postgres://postgres:password@localhost:5432/spicedb")
--datastore-connect-rate duration rate at which new connections are allowed to the datastore (at a rate of 1/duration) (cockroach driver only) (default 100ms)
--datastore-connection-balancing enable connection balancing between database nodes (cockroach driver only) (default true)
--datastore-credentials-provider-name string retrieve datastore credentials dynamically using ("aws-iam")
--datastore-engine string type of datastore to initialize ("cockroachdb", "mysql", "postgres", "spanner") (default "memory")
--datastore-experimental-column-optimization enable experimental column optimization
--datastore-follower-read-delay-duration duration amount of time to subtract from non-sync revision timestamps to ensure they are sufficiently in the past to enable follower reads (cockroach driver only) (default 4.8s)
--datastore-gc-interval duration amount of time between passes of garbage collection (postgres driver only) (default 3m0s)
--datastore-gc-max-operation-time duration maximum amount of time a garbage collection pass can operate before timing out (postgres driver only) (default 1m0s)
--datastore-gc-window duration amount of time before revisions are garbage collected (default 24h0m0s)
--datastore-include-query-parameters-in-traces include query parameters in traces (postgres and CRDB drivers only)
--datastore-max-tx-retries int number of times a retriable transaction should be retried (default 10)
--datastore-migration-phase string datastore-specific flag that should be used to signal to a datastore which phase of a multi-step migration it is in
--datastore-mysql-table-prefix string prefix to add to the name of all SpiceDB database tables
--datastore-prometheus-metrics set to false to disabled prometheus metrics from the datastore (default true)
--datastore-read-replica-conn-pool-healthcheck-interval duration amount of time between connection health checks in a remote datastore's connection pool (default 30s)
--datastore-read-replica-conn-pool-max-idletime duration maximum amount of time a connection can idle in a remote datastore's connection pool (default 30m0s)
--datastore-read-replica-conn-pool-max-lifetime duration maximum amount of time a connection can live in a remote datastore's connection pool (default 30m0s)
--datastore-read-replica-conn-pool-max-lifetime-jitter duration waits rand(0, jitter) after a connection is open for max lifetime to actually close the connection (default: 20% of max lifetime)
--datastore-read-replica-conn-pool-max-open int number of concurrent connections open in a remote datastore's connection pool (default 20)
--datastore-read-replica-conn-pool-min-open int number of minimum concurrent connections open in a remote datastore's connection pool (default 20)
--datastore-read-replica-conn-uri stringArray connection string used by remote datastores for read replicas (e.g. "postgres://postgres:password@localhost:5432/spicedb"). Only supported for postgres and mysql.
--datastore-read-replica-credentials-provider-name string retrieve datastore credentials dynamically using ("aws-iam")
--datastore-readonly set the service to read-only mode
--datastore-relationship-integrity-current-key-filename string current key filename for relationship integrity checks
--datastore-relationship-integrity-current-key-id string current key id for relationship integrity checks
--datastore-relationship-integrity-enabled enables relationship integrity checks. only supported on CRDB
--datastore-relationship-integrity-expired-keys stringArray config for expired keys for relationship integrity checks
--datastore-request-hedging enable request hedging
--datastore-request-hedging-initial-slow-value duration initial value to use for slow datastore requests, before statistics have been collected (default 10ms)
--datastore-request-hedging-max-requests uint maximum number of historical requests to consider (default 1000000)
--datastore-request-hedging-quantile float quantile of historical datastore request time over which a request will be considered slow (default 0.95)
--datastore-revision-quantization-interval duration boundary interval to which to round the quantized revision (default 5s)
--datastore-revision-quantization-max-staleness-percent float float percentage (where 1 = 100%) of the revision quantization interval where we may opt to select a stale revision for performance reasons. Defaults to 0.1 (representing 10%) (default 0.1)
--datastore-spanner-credentials string path to service account key credentials file with access to the cloud spanner instance (omit to use application default credentials)
--datastore-spanner-emulator-host string URI of spanner emulator instance used for development and testing (e.g. localhost:9010)
--datastore-spanner-max-sessions uint maximum number of sessions across all Spanner gRPC connections the client can have at a given time (default 400)
--datastore-spanner-min-sessions uint minimum number of sessions across all Spanner gRPC connections the client can have at a given time (default 100)
--datastore-tx-overlap-key string static key to touch when writing to ensure transactions overlap (only used if --datastore-tx-overlap-strategy=static is set; cockroach driver only) (default "key")
--datastore-tx-overlap-strategy string strategy to generate transaction overlap keys ("request", "prefix", "static", "insecure") (cockroach driver only - see https://spicedb.dev/d/crdb-overlap for details)" (default "static")
--datastore-watch-buffer-length uint16 how large the watch buffer should be before blocking (default 1024)
--datastore-watch-buffer-write-timeout duration how long the watch buffer should queue before forcefully disconnecting the reader (default 1s)
--datastore-watch-connect-timeout duration how long the watch connection should wait before timing out (cockroachdb driver only) (default 1s)
-h, --help help for gc
--otel-endpoint string OpenTelemetry collector endpoint - the endpoint can also be set by using enviroment variables
--otel-insecure connect to the OpenTelemetry collector in plaintext
--otel-provider string OpenTelemetry provider for tracing ("none", "otlphttp", "otlpgrpc") (default "none")
--otel-sample-ratio float ratio of traces that are sampled (default 0.01)
--otel-service-name string service name for trace data (default "spicedb")
--otel-trace-propagator string OpenTelemetry trace propagation format ("b3", "w3c", "ottrace"). Add multiple propagators separated by comma. (default "w3c")
--pprof-block-profile-rate int sets the block profile sampling rate
--pprof-mutex-profile-rate int sets the mutex profile sampling rate
--termination-log-path string define the path to the termination log file, which contains a JSON payload to surface as reason for termination - disabled by default
```

### Options inherited from parent commands

```
--log-format string format of logs ("auto", "console", "json") (default "auto")
--log-level string verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
--skip-release-check if true, skips checking for new SpiceDB releases
```

### SEE ALSO

* [spicedb datastore](spicedb_datastore.md) - datastore operations

###### Auto generated by spf13/cobra on 20-Jan-2025
37 changes: 37 additions & 0 deletions pages/spicedb/docs/spicedb_datastore_head.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
## spicedb datastore head

compute the head database migration revision

```
spicedb datastore head [flags]
```

### Options

```
--datastore-engine string type of datastore to initialize ("cockroachdb", "mysql", "postgres", "spanner") (default "postgres")
-h, --help help for head
--otel-endpoint string OpenTelemetry collector endpoint - the endpoint can also be set by using enviroment variables
--otel-insecure connect to the OpenTelemetry collector in plaintext
--otel-provider string OpenTelemetry provider for tracing ("none", "otlphttp", "otlpgrpc") (default "none")
--otel-sample-ratio float ratio of traces that are sampled (default 0.01)
--otel-service-name string service name for trace data (default "spicedb")
--otel-trace-propagator string OpenTelemetry trace propagation format ("b3", "w3c", "ottrace"). Add multiple propagators separated by comma. (default "w3c")
--pprof-block-profile-rate int sets the block profile sampling rate
--pprof-mutex-profile-rate int sets the mutex profile sampling rate
--termination-log-path string define the path to the termination log file, which contains a JSON payload to surface as reason for termination - disabled by default
```

### Options inherited from parent commands

```
--log-format string format of logs ("auto", "console", "json") (default "auto")
--log-level string verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
--skip-release-check if true, skips checking for new SpiceDB releases
```

### SEE ALSO

* [spicedb datastore](spicedb_datastore.md) - datastore operations

###### Auto generated by spf13/cobra on 20-Jan-2025
49 changes: 49 additions & 0 deletions pages/spicedb/docs/spicedb_datastore_migrate.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
## spicedb datastore migrate

execute datastore schema migrations

### Synopsis

Executes datastore schema migrations for the datastore.
The special value "head" can be used to migrate to the latest revision.

```
spicedb datastore migrate [revision] [flags]
```

### Options

```
--datastore-conn-uri string connection string used by remote datastores (e.g. "postgres://postgres:password@localhost:5432/spicedb")
--datastore-credentials-provider-name string retrieve datastore credentials dynamically using ("aws-iam")
--datastore-engine string type of datastore to initialize ("cockroachdb", "mysql", "postgres", "spanner") (default "memory")
--datastore-mysql-table-prefix string prefix to add to the name of all mysql database tables
--datastore-spanner-credentials string path to service account key credentials file with access to the cloud spanner instance (omit to use application default credentials)
--datastore-spanner-emulator-host string URI of spanner emulator instance used for development and testing (e.g. localhost:9010)
-h, --help help for migrate
--migration-backfill-batch-size uint number of items to migrate per iteration of a datastore backfill (default 1000)
--migration-timeout duration defines a timeout for the execution of the migration, set to 1 hour by default (default 1h0m0s)
--otel-endpoint string OpenTelemetry collector endpoint - the endpoint can also be set by using enviroment variables
--otel-insecure connect to the OpenTelemetry collector in plaintext
--otel-provider string OpenTelemetry provider for tracing ("none", "otlphttp", "otlpgrpc") (default "none")
--otel-sample-ratio float ratio of traces that are sampled (default 0.01)
--otel-service-name string service name for trace data (default "spicedb")
--otel-trace-propagator string OpenTelemetry trace propagation format ("b3", "w3c", "ottrace"). Add multiple propagators separated by comma. (default "w3c")
--pprof-block-profile-rate int sets the block profile sampling rate
--pprof-mutex-profile-rate int sets the mutex profile sampling rate
--termination-log-path string define the path to the termination log file, which contains a JSON payload to surface as reason for termination - disabled by default
```

### Options inherited from parent commands

```
--log-format string format of logs ("auto", "console", "json") (default "auto")
--log-level string verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
--skip-release-check if true, skips checking for new SpiceDB releases
```

### SEE ALSO

* [spicedb datastore](spicedb_datastore.md) - datastore operations

###### Auto generated by spf13/cobra on 20-Jan-2025
Loading