Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CurrentNamespace ¶
func CurrentNamespace() string
CurrentNamespace returns the namespace of this workload.
func CurrentNamespaceOrError ¶ added in v1.12.1
CurrentNamespaceOrError returns the namespace of this workload. If current Namespace is not found, error.
func GetAPIToken ¶
func GetAPIToken() string
GetAPIToken returns the value of the api token from an environment variable.
func GetAppToken ¶
func GetAppToken() string
GetAppToken returns the value of the app api token from an environment variable.
Types ¶
type Handler ¶
type Handler interface { GRPCServerOptionMTLS() grpc.ServerOption GRPCServerOptionNoClientAuth() grpc.ServerOption GRPCDialOptionMTLSUnknownTrustDomain(ns, appID string) grpc.DialOption GRPCDialOptionMTLS(spiffeid.ID) grpc.DialOption TLSServerConfigNoClientAuth() *tls.Config NetListenerID(net.Listener, spiffeid.ID) net.Listener NetDialerID(context.Context, spiffeid.ID, time.Duration) func(network, addr string) (net.Conn, error) ControlPlaneTrustDomain() spiffeid.TrustDomain ControlPlaneNamespace() string CurrentTrustAnchors() ([]byte, error) WatchTrustAnchors(context.Context, chan<- []byte) }
Handler implements middleware for client and server connection security.
type Options ¶
type Options struct { // SentryAddress is the network address of the sentry server. SentryAddress string // ControlPlaneTrustDomain is the trust domain of the control plane // components. ControlPlaneTrustDomain string // ControlPlaneNamespace is the dapr namespace of the control plane // components. ControlPlaneNamespace string // TrustAnchors is the X.509 PEM encoded CA certificates for this Dapr // installation. Cannot be used with TrustAnchorsFile. TrustAnchorsFile is // preferred so changes to the file are automatically picked up. TrustAnchors []byte // TrustAnchorsFile is the path to the X.509 PEM encoded CA certificates for // this Dapr installation. Prefer this over TrustAnchors so changes to the // file are automatically picked up. Cannot be used with TrustAnchors. TrustAnchorsFile string // AppID is the application ID of this workload. AppID string // MTLS is true if mTLS is enabled. MTLSEnabled bool // OverrideCertRequestSource is used to override where certificates are requested // from. Default to an implementation requesting from Sentry. OverrideCertRequestSource RequestFn // WriteSVIDoDir is the directory to write the X.509 SVID certificate private // key pair to. This is highly discouraged since it results in the private // key being written to file. WriteSVIDToDir *string // Mode is the operation mode of this security instance (self-hosted or // Kubernetes). Mode modes.DaprMode }
Options are the options for the security authenticator.
Click to show internal directories.
Click to hide internal directories.