config

package

v1.11.53 Latest Latest Go to latest Published: Mar 4, 2024 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/AthenZ/athenz

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AccessToken ¶

type AccessToken struct {
	FileName                 string   // FileName under /var/lib/sia/tokens
	Service                  string   // Principal service that is a member of the roles
	Domain                   string   // Domain in which principal is a member of
	Roles                    []string // Roles under the Domain for which access tokens are being requested
	User                     string   // Owner of the access token file on disc
	Uid                      int      // Uid of the Owner of file on disc
	Gid                      int      // Gid of the file on disc
	Expiry                   int      // Expiry of the access token
	ProxyPrincipalSpiffeUris string   // Proxy Principal Spiffe URIs to be included in the token
}

AccessToken is the type that holds information AFTER processing the configuration

type Role ¶

type Role struct {
	Service                  string   `json:"service,omitempty"`                     // principal service with role access
	Roles                    []string `json:"roles,omitempty"`                       // the roles in the domain in which principal is a member
	Expiry                   int      `json:"expires_in,omitempty"`                  // requested expiry time for access token in seconds
	ProxyPrincipalSpiffeUris string   `json:"proxy_principal_spiffe_uris,omitempty"` // Proxy Principal Spiffe URIs to be included in the token
}

Role models the configuration to be specified in sia_config

type StoreTokenOptions ¶ added in v1.11.3

type StoreTokenOptions int

const (
	ZtsResponse                  StoreTokenOptions = iota // Default - store the entire AccessTokenResponse from ZTS
	AccessTokenProp                                       // Store only the access_token property
	AccessTokenWithoutQuotesProp                          // Store only the access_token without enclosing in quotes
)

type TokenOptions ¶

type TokenOptions struct {
	Domain          string            // Domain of the instance
	Services        []TokenService    // Services set on the instance
	TokenDir        string            // Directory where tokens will be saved, typically /var/lib/sia/tokens
	Tokens          []AccessToken     // List of Access Tokens with their configuration
	CertDir         string            // Directory where certs can be found, typically /var/lib/sia/certs
	KeyDir          string            // Directory where keys can be found, typically /var/lib/sia/keys
	ZtsUrl          string            // ZTS endpoint
	UserAgent       string            // User Agent string to be sent in the client call to ZTS, typically a client version
	TokenRefresh    time.Duration     // Token refresh interval
	StoreOptions    StoreTokenOptions // Store token option
	ExpiryThreshold int               // Called specified expiry in minutes for refresh
}

TokenOptions holds all the configurable options for driving Access Tokens functionality

type TokenService ¶ added in v1.11.20

type TokenService struct {
	Name         string
	KeyFilename  string
	CertFilename string
}

TokenService service definition with key/cert filenames

Source Files ¶

View all Source files

config.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL