options

package
v1.11.58 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 8, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetSvcNames 

func GetSvcNames(svcs []Service) string

GetSvcNames returns command separated list of service names

Types

type Config 

type Config struct {
	Version          string                   `json:"version,omitempty"`            //name of the provider
	Service          string                   `json:"service,omitempty"`            //name of the service for the identity
	Services         map[string]ConfigService `json:"services,omitempty"`           //names of the multiple services for the identity
	Ssh              *bool                    `json:"ssh,omitempty"`                //ssh certificate support
	Accounts         []ConfigAccount          `json:"accounts,omitempty"`           //array of configured accounts
	SanDnsWildcard   bool                     `json:"sandns_wildcard,omitempty"`    //san dns wildcard support
	SanDnsHostname   bool                     `json:"sandns_hostname,omitempty"`    //san dns hostname support
	FileDirectUpdate bool                     `json:"file_direct_update,omitempty"` //update key/cert files directly instead of using rename
}

Config represents entire sia_config file

type ConfigAccount 

type ConfigAccount struct {
	Provider string                `json:"provider,omitempty"` //name of the provider
	Name     string                `json:"name,omitempty"`     //name of the service identity
	User     string                `json:"user,omitempty"`     //the user name to chown the cert/key dirs to. If absent, then root.
	Group    string                `json:"group,omitempty"`    //the group name to chown the cert/key dirs to. If absent, then athenz.
	Domain   string                `json:"domain,omitempty"`   //name of the domain for the identity
	Account  string                `json:"account,omitempty"`  //name of the account
	Service  string                `json:"service,omitempty"`  //name of the service for the identity
	Zts      string                `json:"zts,omitempty"`      //the ZTS to contact
	Roles    map[string]ConfigRole `json:"roles,omitempty"`    //map of roles to retrieve certificates for
	Version  string                `json:"version,omitempty"`  // sia version number
}

ConfigAccount represents each of the accounts that can be specified in the config file

type ConfigRole 

type ConfigRole struct {
	Filename string `json:"filename,omitempty"`
}

ConfigRole represents a role to be specified by user, and specify attributes for the role

type ConfigService 

type ConfigService struct {
	KeyFilename  string `json:"key_filename,omitempty"`
	CertFilename string `json:"cert_filename,omitempty"`
	User         string `json:"user,omitempty"`
	Group        string `json:"group,omitempty"`
}

ConfigService represents a service to be specified by user, and specify User/Group attributes for the service

type Options 

type Options struct {
	Provider          string                //name of the provider
	Name              string                //name of the service identity
	User              string                //the user name to chown the cert/key dirs to. If absent, then root
	Group             string                //the group name to chown the cert/key dirs to. If absent, then athenz
	Domain            string                //name of the domain for the identity
	Account           string                //name of the account
	Services          []Service             //array of configured services
	Ssh               bool                  //ssh certificate support
	Zts               string                //the ZTS to contact
	Roles             map[string]ConfigRole //list of configured roles
	Version           string                //sia version number
	KeyDir            string                //private key directory path
	CertDir           string                //x.509 certificate directory path
	CountryName       string                //country name
	AthenzCACertFile  string                //filename to store Athenz CA certs
	ZTSCACertFile     string                //filename for CA certs when communicating with ZTS
	ZTSServerName     string                //ZTS server name, if necessary for tls
	ZTSAzureDomains   []string              //list of domain prefixes for sanDNS entries
	SanDnsWildcard    bool                  //san dns wildcard support
	SanDnsHostname    bool                  //san dns hostname support
	FileDirectUpdate  bool                  //update key/cert files directly instead of using rename
	AddlSanDNSEntries []string              //additional san dns entries to be added to the CSR
}

Options represents settings that are derived from config file and application defaults

func NewOptions 

func NewOptions(bytes []byte, identityDocument *attestation.IdentityDocument, siaDir, version, ztsCaCert, ztsServerName string, ztsAzureDomains []string, countryName, azureProvider string) (*Options, error)

NewOptions takes in sia_config bytes and returns a pointer to Options after parsing and initializing the defaults It uses identity document defaults when sia_config is empty or non-parsable. It populates "services" array

type Role 

type Role struct {
	Name     string
	Service  string
	Filename string
	User     string
	Uid      int
	Gid      int
}

Role contains role details. Attributes are set based on the config values

type Service 

type Service struct {
	Name         string
	KeyFilename  string
	CertFilename string
	User         string
	Group        string
	Uid          int
	Gid          int
}

Service represents service details. Attributes are filled in based on the config values

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.