util

package

v3.2.1 Latest Latest Go to latest Published: Apr 5, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/AthenZ/k8s-athenz-sia

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func DomainToDNSPart(domain string) (part string)
func NamespaceToDomain(ns, pre, d, suf string) (domain string)
func RoleSpiffeURI(domain, role string) (*url.URL, error)
func ServiceAccountToService(svc string) string
func ServiceSpiffeURI(domain, service string) (*url.URL, error)
type CertReloader
- func NewCertReloader(config ReloadConfig) (*CertReloader, error)
type LogFn
type ReloadConfig

Constants ¶

View Source

const DOMAIN_DELIMITER = "."

View Source

const NS_DELIMITER = "-"

Variables ¶

View Source

var DefaultPollInterval = 1 * time.Second // 1s default interval to allow 1m cert refreshes

Functions ¶

func DomainToDNSPart ¶

func DomainToDNSPart(domain string) (part string)

DomainToDNSPart converts the Athenz domain into a DNS label

func NamespaceToDomain ¶

func NamespaceToDomain(ns, pre, d, suf string) (domain string)

NamespaceToDomain converts a kube namespace to an Athenz domain

func RoleSpiffeURI ¶

func RoleSpiffeURI(domain, role string) (*url.URL, error)

RoleSpiffeURI returns the SPIFFE URI for the specified Athens domain and service.

func ServiceAccountToService ¶

func ServiceAccountToService(svc string) string

ServiceAccountToService converts a kube serviceaccount name to an Athenz service

func ServiceSpiffeURI ¶

func ServiceSpiffeURI(domain, service string) (*url.URL, error)

ServiceSpiffeURI returns the SPIFFE URI for the specified Athens domain and service.

Types ¶

type CertReloader ¶

type CertReloader struct {
	// contains filtered or unexported fields
}

CertReloader reloads the (key, cert) pair from the filesystem when the cert file is updated.

func NewCertReloader ¶

func NewCertReloader(config ReloadConfig) (*CertReloader, error)

NewCertReloader returns a CertReloader that reloads the (key, cert) pair whenever the cert file changes on the filesystem.

func (*CertReloader) Close ¶

func (w *CertReloader) Close() error

Close stops the background refresh.

func (*CertReloader) GetLatestCertificate ¶

func (w *CertReloader) GetLatestCertificate() (*tls.Certificate, error)

GetLatestCertificate returns the latest known certificate.

func (*CertReloader) GetLatestKeyAndCert ¶

func (w *CertReloader) GetLatestKeyAndCert() ([]byte, []byte, error)

GetLatestKeyAndCert returns the latest known key and certificate in raw bytes.

func (*CertReloader) UpdateCertificate ¶

func (w *CertReloader) UpdateCertificate(certPEM []byte, keyPEM []byte) error

UpdateCertificate update certificate and key in cert reloader.

type LogFn ¶

type LogFn func(format string, args ...interface{})

LogFn allows customized logging.

type ReloadConfig ¶

type ReloadConfig struct {
	Init            bool
	ProviderService string
	CertFile        string // the cert file
	KeyFile         string // the key file
	Logger          LogFn  // custom log function for errors, optional
	PollInterval    time.Duration
}

ReloadConfig contains the config for cert reload.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL