config

package
v1.11.47 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2023 License: Apache-2.0 Imports: 1 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessToken

type AccessToken struct {
	FileName                 string   // FileName under /var/lib/sia/tokens
	Service                  string   // Principal service that is a member of the roles
	Domain                   string   // Domain in which principal is a member of
	Roles                    []string // Roles under the Domain for which access tokens are being requested
	User                     string   // Owner of the access token file on disc
	Uid                      int      // Uid of the Owner of file on disc
	Gid                      int      // Gid of the file on disc
	Expiry                   int      // Expiry of the access token
	ProxyPrincipalSpiffeUris string   // Proxy Principal Spiffe URIs to be included in the token
}

AccessToken is the type that holds information AFTER processing the configuration

type Role

type Role struct {
	Service                  string   `json:"service,omitempty"`                     // principal service with role access
	Roles                    []string `json:"roles,omitempty"`                       // the roles in the domain in which principal is a member
	Expiry                   int      `json:"expires_in,omitempty"`                  // requested expiry time for access token in seconds
	ProxyPrincipalSpiffeUris string   `json:"proxy_principal_spiffe_uris,omitempty"` // Proxy Principal Spiffe URIs to be included in the token
}

Role models the configuration to be specified in sia_config

type StoreTokenOptions added in v1.11.3

type StoreTokenOptions int
const (
	ZtsResponse                  StoreTokenOptions = iota // Default - store the entire AccessTokenResponse from ZTS
	AccessTokenProp                                       // Store only the access_token property
	AccessTokenWithoutQuotesProp                          // Store only the access_token without enclosing in quotes
)

type TokenOptions

type TokenOptions struct {
	Domain          string            // Domain of the instance
	Services        []TokenService    // Services set on the instance
	TokenDir        string            // Directory where tokens will be saved, typically /var/lib/sia/tokens
	Tokens          []AccessToken     // List of Access Tokens with their configuration
	CertDir         string            // Directory where certs can be found, typically /var/lib/sia/certs
	KeyDir          string            // Directory where keys can be found, typically /var/lib/sia/keys
	ZtsUrl          string            // ZTS endpoint
	UserAgent       string            // User Agent string to be sent in the client call to ZTS, typically a client version
	TokenRefresh    time.Duration     // Token refresh interval
	StoreOptions    StoreTokenOptions // Store token option
	ExpiryThreshold int               // Called specified expiry in minutes for refresh
}

TokenOptions holds all the configurable options for driving Access Tokens functionality

type TokenService added in v1.11.20

type TokenService struct {
	Name         string
	KeyFilename  string
	CertFilename string
}

TokenService service definition with key/cert filenames

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL