Documentation
¶
Overview ¶
Package config provides configuration-related files and methods.
Package config provides configuration-related files and methods.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var CLIConfigVersions = NewVersionList("1")
CLIConfigVersions is the list of allowed versions for the CLIConfig.
var CryptoConfigVersions = NewVersionList("1")
CryptoConfigVersions is the list of allowed versions for the CryptoConfig.
var JustificationConfigVersions = NewVersionList("1")
JustificationConfigVersions is the list of allowed versions for the JustificationConfig.
Functions ¶
This section is empty.
Types ¶
type CLIAuthentication ¶
type CLIAuthentication struct {
// Insecure indiates whether to use insecured connection to the JVS server.
Insecure bool `yaml:"insecure,omitempty"`
}
CLIAuthentication is the CLI authentication config.
type CLIConfig ¶
type CLIConfig struct {
// Version is the version of the config.
Version string `yaml:"version,omitempty"`
// Server is the JVS server address.
Server string `yaml:"server,omitempty"`
// Authentication is the authentication config.
Authentication *CLIAuthentication `yaml:"authentication,omitempty"`
}
func (*CLIConfig) SetDefault ¶
func (cfg *CLIConfig) SetDefault()
SetDefault sets default for the config.
type CryptoConfig ¶
type CryptoConfig struct {
// Version is the version of the config.
Version string `yaml:"version,omitempty" env:"VERSION,overwrite,default=1"`
// -- Crypto variables --
// KeyTTL is the length of time that we expect a key to be valid for.
KeyTTL time.Duration `yaml:"key_ttl,omitempty" env:"KEY_TTL,overwrite"`
// GracePeriod is a length of time between when we rotate the key and when an old Key Version is no longer valid and available
GracePeriod time.Duration `yaml:"grace_period,omitempty" env:"GRACE_PERIOD,overwrite"`
// PropagationDelay is the time that it takes for a change in the key in KMS to be reflected in the client.
PropagationDelay time.Duration `yaml:"propagation_delay,omitempty" env:"PROPAGATION_DELAY,overwrite"`
// DisabledPeriod is a time between when the key is disabled, and when we delete the key.
DisabledPeriod time.Duration `yaml:"disabled_period,omitempty" env:"DISABLED_PERIOD,overwrite"`
// TODO: This is intended to be temporary, and will eventually be retrieved from a persistent external datastore
// https://github.com/abcxyz/jvs/issues/17
// KeyName format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`
// https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/kms/v1#CryptoKey
KeyNames []string `yaml:"key_names,omitempty" env:"KEY_NAMES,overwrite"`
}
CryptoConfig is the full jvs config.
func LoadCryptoConfig ¶
func LoadCryptoConfig(ctx context.Context, b []byte) (*CryptoConfig, error)
LoadConfig calls the necessary methods to load in config using the OsLookuper which finds env variables specified on the host.
func (*CryptoConfig) DestroyAge ¶
func (cfg *CryptoConfig) DestroyAge() time.Duration
GetDestroyAge gets the duration after a key has been created when it becomes a candidate to be destroyed.
func (*CryptoConfig) RotationAge ¶
func (cfg *CryptoConfig) RotationAge() time.Duration
GetRotationAge gets the duration after a key has been created that a new key should be created.
func (*CryptoConfig) Validate ¶
func (cfg *CryptoConfig) Validate() error
Validate checks if the config is valid.
type JustificationConfig ¶
type JustificationConfig struct {
// Version is the version of the config.
Version string `yaml:"version,omitempty" env:"VERSION,overwrite,default=1"`
// Service configuration.
Port string `yaml:"port,omitempty" env:"PORT,overwrite,default=8080"`
// KeyName format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`
// https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/kms/v1#CryptoKey
KeyName string `yaml:"key,omitempty" env:"KEY,overwrite"`
// SignerCacheTimeout is the duration that keys stay in cache before being revoked.
SignerCacheTimeout time.Duration `yaml:"signer_cache_timeout" env:"SIGNER_CACHE_TIMEOUT,overwrite,default=5m"`
// Issuer will be used to set the issuer field when signing JWTs
Issuer string `yaml:"issuer" env:"ISSUER,overwrite,default=jvs.abcxyz.dev"`
}
JustificationConfig is the full jvs config.
func LoadJustificationConfig ¶
func LoadJustificationConfig(ctx context.Context, b []byte) (*JustificationConfig, error)
LoadJustificationConfig calls the necessary methods to load in config using the OsLookuper which finds env variables specified on the host.
func (*JustificationConfig) Validate ¶
func (cfg *JustificationConfig) Validate() error
Validate checks if the config is valid.
type PublicKeyConfig ¶
type PublicKeyConfig struct {
// TODO: This is intended to be temporary, and will eventually be retrieved from a persistent external datastore
// https://github.com/abcxyz/jvs/issues/17
// KeyName format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`
// https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/kms/v1#PublicKeyKey
KeyNames []string `yaml:"key_names,omitempty" env:"KEY_NAMES,overwrite"`
CacheTimeout time.Duration `yaml:"cache_timeout" env:"CACHE_TIMEOUT"`
Port string `env:"PORT,default=8080"`
}
PublicKeyConfig is the config used for public key hosting.
func LoadPublicKeyConfig ¶
func LoadPublicKeyConfig(ctx context.Context, b []byte) (*PublicKeyConfig, error)
LoadConfig calls the necessary methods to load in config using the OsLookuper which finds env variables specified on the host.
type VersionList ¶
type VersionList struct {
// contains filtered or unexported fields
}
VersionList is a set of allowed versions. Create with NewVersionList.
func NewVersionList ¶
func NewVersionList(versions ...string) *VersionList
NewVersionList creates an efficient list of allowed version strings and exposes functions for efficiently querying membership.
func (*VersionList) Contains ¶
func (vl *VersionList) Contains(version string) bool
Contains returns true if the given version string is an allowed version in the list, or false otherwise.
func (*VersionList) List ¶
func (vl *VersionList) List() []string
List returns a copy of the list of allowed versions, usually for displaying in an error message.
Source Files