Versions in this module Expand all Collapse all v0 v0.2.0-dev.1 May 10, 2023 v0.1.0 Feb 15, 2023 Changes in this version + const CACertPEMFileName + const K8sSAJWTFileName + const K8sSATrustworthyJWTFileName + func CreateK8SToken(ctx context.Context, config *rest.Config, saName, saNamespace string, ...) ([]byte, error) + func GetIMGWData(cl client.Client, config *rest.Config, scheme *runtime.Scheme, ...) (pod corev1.Pod, address string, err error) + func GetIstioRootCAPEM(cl client.Client, istioRevision string) ([]byte, error) + func GetIstioTokenFromPod(config *rest.Config, scheme *runtime.Scheme, name, namespace string) ([]byte, error) + func GetIstiodService(cl client.Client, istioRevision string) (*corev1.Service, error) + func NewIstioCAClient(config IstioCAClientConfig, logger logr.Logger) ca.Client + type CitadelClient struct + func NewCitadelClient(opts *security.Options, tlsOpts *TLSOptions, logger logr.Logger) (*CitadelClient, error) + func (c *CitadelClient) CSRSign(csrPEM []byte, certValidTTLInSec int64) ([]string, error) + func (c *CitadelClient) Close() + func (c *CitadelClient) GetRootCertBundle() ([]string, error) + type ConfigRetrievalError struct + Status string + func (e ConfigRetrievalError) Error() string + type CredFetcher struct + Token string + func (f CredFetcher) GetIdentityProvider() string + func (f CredFetcher) GetPlatformCredential() (string, error) + func (f CredFetcher) GetType() string + func (f CredFetcher) Stop() + type IstioCAClient struct + func (c *IstioCAClient) GetCAEndpoint() string + func (c *IstioCAClient) GetCAPem() []byte + func (c *IstioCAClient) GetCertificate(hostname string, ttl time.Duration) (ca.Certificate, error) + func (c *IstioCAClient) GetConfig() IstioCAClientConfig + type IstioCAClientConfig struct + CAEndpoint string + CAEndpointSAN string + CApem []byte + ClusterID string + Revision string + Token []byte + func GetIstioCAClientConfig(clusterID string, istioRevision string) (IstioCAClientConfig, error) + func GetIstioCAClientConfigFromLocal(clusterID string, endpointAddress string) (config IstioCAClientConfig, err error) + func GetIstioCAClientConfigWithKubeConfig(clusterID string, istioRevision string, kubeConfig []byte, ...) (IstioCAClientConfig, error) + type IstioCAClientConfigAndEnvironment struct + CAClientConfig IstioCAClientConfig + Environment environment.IstioEnvironment + func GetIstioCAClientConfigFromHeimdall(heimdallURL, clientID, clientSecret, version string) (config IstioCAClientConfigAndEnvironment, err error) + type TLSOptions struct + CertPEM []byte + KeyPEM []byte + RootCertPEM []byte