Documentation
¶
Overview ¶
Package config provides configuration-related files and methods.
Package config provides configuration-related files and methods.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertRotationConfig ¶ added in v0.0.5
type CertRotationConfig struct {
// ProjectID is the Google Cloud project ID.
ProjectID string `env:"PROJECT_ID"`
// DevMode controls enables more granular debugging in logs.
DevMode bool `env:"DEV_MODE,default=false"`
// Port is the port where the service runs.
Port string `env:"PORT,default=8080"`
// -- Crypto variables --
// KeyTTL is the length of time that we expect a key to be valid for.
KeyTTL time.Duration `env:"JVS_ROTATION_KEY_TTL,overwrite"`
// GracePeriod is a length of time between when we rotate the key and when an old Key Version is no longer valid and available
GracePeriod time.Duration `env:"JVS_ROTATION_GRACE_PERIOD,overwrite"`
// PropagationDelay is the time that it takes for a change in the key in KMS to be reflected in the client.
PropagationDelay time.Duration `env:"JVS_ROTATION_PROPAGATION_DELAY,overwrite"`
// DisabledPeriod is a time between when the key is disabled, and when we delete the key.
DisabledPeriod time.Duration `env:"JVS_ROTATION_DISABLED_PERIOD,overwrite"`
// KeyName format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`
// https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/kms/v1#CryptoKey
KeyNames []string `env:"JVS_KEY_NAMES,overwrite"`
}
CertRotationConfig is a configuration for cert rotation services.
func (*CertRotationConfig) DestroyAge ¶ added in v0.0.5
func (cfg *CertRotationConfig) DestroyAge() time.Duration
DestroyAge gets the duration after a key has been created when it becomes a candidate to be destroyed.
func (*CertRotationConfig) RotationAge ¶ added in v0.0.5
func (cfg *CertRotationConfig) RotationAge() time.Duration
RotationAge gets the duration after a key has been created that a new key should be created.
func (*CertRotationConfig) ToFlags ¶ added in v0.0.5
func (cfg *CertRotationConfig) ToFlags(set *cli.FlagSet) *cli.FlagSet
ToFlags binds the config to the give cli.FlagSet and returns it.
func (*CertRotationConfig) Validate ¶ added in v0.0.5
func (cfg *CertRotationConfig) Validate() (merr error)
Validate checks if the config is valid.
type JustificationConfig ¶
type JustificationConfig struct {
// ProjectID is the Google Cloud project ID.
ProjectID string `env:"PROJECT_ID"`
// Service configuration.
Port string `yaml:"port,omitempty" env:"PORT,overwrite,default=8080"`
// DevMode enables more granular debugging in logs.
DevMode bool `env:"DEV_MODE,default=false"`
// KeyName format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`
// https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/kms/v1#CryptoKey
KeyName string `env:"JVS_KEY,overwrite"`
// SignerCacheTimeout is the duration that keys stay in cache before being revoked.
SignerCacheTimeout time.Duration `env:"JVS_API_SIGNER_CACHE_TIMEOUT,overwrite,default=5m"`
// Issuer will be used to set the issuer field when signing JWTs
Issuer string `env:"JVS_API_ISSUER,overwrite,default=jvs.abcxyz.dev"`
// PluginDir is the path of the directory to load plugins.
PluginDir string `env:"JVS_PLUGIN_DIR,overwrite,default=/var/jvs/plugins"`
// DefaultTTL sets the default TTL for JVS tokens that do not explicitly
// request a TTL. MaxTTL is the system-configured maximum TTL that a token can
// request.
//
// The DefaultTTL must be less than or equal to MaxTTL.
DefaultTTL time.Duration `env:"JVS_API_DEFAULT_TTL,overwrite,default=15m"`
MaxTTL time.Duration `env:"JVS_API_MAX_TTL,overwrite,default=4h"`
}
JustificationConfig is the full jvs config.
func (*JustificationConfig) ToFlags ¶ added in v0.0.5
func (cfg *JustificationConfig) ToFlags(set *cli.FlagSet) *cli.FlagSet
ToFlags binds the config to the give cli.FlagSet and returns it.
func (*JustificationConfig) Validate ¶
func (cfg *JustificationConfig) Validate() (merr error)
Validate checks if the config is valid.
type PublicKeyConfig ¶
type PublicKeyConfig struct {
// ProjectID is the Google Cloud project ID.
ProjectID string `env:"PROJECT_ID"`
// DevMode controls enables more granular debugging in logs.
DevMode bool `env:"DEV_MODE,default=false"`
Port string `env:"PORT,default=8080"`
// KeyNames format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`
// https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/kms/v1#PublicKeyKey
KeyNames []string `env:"JVS_KEY_NAMES,overwrite"`
CacheTimeout time.Duration `env:"JVS_PUBLIC_KEY_CACHE_TIMEOUT, default=5m"`
}
PublicKeyConfig is the config used for public key hosting.
func (*PublicKeyConfig) ToFlags ¶ added in v0.0.5
func (cfg *PublicKeyConfig) ToFlags(set *cli.FlagSet) *cli.FlagSet
ToFlags binds the config to the give cli.FlagSet and returns it.
func (*PublicKeyConfig) Validate ¶ added in v0.0.5
func (cfg *PublicKeyConfig) Validate() (merr error)
type UIServiceConfig ¶ added in v0.0.3
type UIServiceConfig struct {
*JustificationConfig
Allowlist []string `env:"JVS_UI_ALLOWLIST,required"`
}
UIServiceConfig defines the set over environment variables required for running this application.
func (*UIServiceConfig) ToFlags ¶ added in v0.0.5
func (cfg *UIServiceConfig) ToFlags(set *cli.FlagSet) *cli.FlagSet
ToFlags binds the config to the give cli.FlagSet and returns it.
func (*UIServiceConfig) Validate ¶ added in v0.0.3
func (cfg *UIServiceConfig) Validate() (merr error)
Validate checks if the config is valid.
Source Files
Click to show internal directories.
Click to hide internal directories.