sentry

package
v1.14.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 12, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CA_SignCertificate_FullMethodName = "/dapr.proto.sentry.v1.CA/SignCertificate"
)

Variables

View Source
var (
	SignCertificateRequest_TokenValidator_name = map[int32]string{
		0: "UNKNOWN",
		1: "INSECURE",
		2: "KUBERNETES",
		3: "JWKS",
	}
	SignCertificateRequest_TokenValidator_value = map[string]int32{
		"UNKNOWN":    0,
		"INSECURE":   1,
		"KUBERNETES": 2,
		"JWKS":       3,
	}
)

Enum value maps for SignCertificateRequest_TokenValidator.

View Source
var CA_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "dapr.proto.sentry.v1.CA",
	HandlerType: (*CAServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "SignCertificate",
			Handler:    _CA_SignCertificate_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "dapr/proto/sentry/v1/sentry.proto",
}

CA_ServiceDesc is the grpc.ServiceDesc for CA service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source
var File_dapr_proto_sentry_v1_sentry_proto protoreflect.FileDescriptor

Functions

func RegisterCAServer

func RegisterCAServer(s grpc.ServiceRegistrar, srv CAServer)

Types

type CAClient

type CAClient interface {
	// A request for a time-bound certificate to be signed.
	//
	// The requesting side must provide an id for both loosely based
	// And strong based identities.
	SignCertificate(ctx context.Context, in *SignCertificateRequest, opts ...grpc.CallOption) (*SignCertificateResponse, error)
}

CAClient is the client API for CA service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewCAClient

func NewCAClient(cc grpc.ClientConnInterface) CAClient

type CAServer

type CAServer interface {
	// A request for a time-bound certificate to be signed.
	//
	// The requesting side must provide an id for both loosely based
	// And strong based identities.
	SignCertificate(context.Context, *SignCertificateRequest) (*SignCertificateResponse, error)
}

CAServer is the server API for CA service. All implementations should embed UnimplementedCAServer for forward compatibility

type SignCertificateRequest

type SignCertificateRequest struct {
	Id          string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Token       string `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"`
	TrustDomain string `protobuf:"bytes,3,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"`
	Namespace   string `protobuf:"bytes,4,opt,name=namespace,proto3" json:"namespace,omitempty"`
	// A PEM-encoded x509 CSR.
	CertificateSigningRequest []byte `` /* 138-byte string literal not displayed */
	// Name of the validator to use, if not the default for the environemtn.
	TokenValidator SignCertificateRequest_TokenValidator `` /* 168-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*SignCertificateRequest) Descriptor deprecated

func (*SignCertificateRequest) Descriptor() ([]byte, []int)

Deprecated: Use SignCertificateRequest.ProtoReflect.Descriptor instead.

func (*SignCertificateRequest) GetCertificateSigningRequest

func (x *SignCertificateRequest) GetCertificateSigningRequest() []byte

func (*SignCertificateRequest) GetId

func (x *SignCertificateRequest) GetId() string

func (*SignCertificateRequest) GetNamespace added in v0.11.0

func (x *SignCertificateRequest) GetNamespace() string

func (*SignCertificateRequest) GetToken

func (x *SignCertificateRequest) GetToken() string

func (*SignCertificateRequest) GetTokenValidator added in v1.12.0

func (*SignCertificateRequest) GetTrustDomain added in v0.11.0

func (x *SignCertificateRequest) GetTrustDomain() string

func (*SignCertificateRequest) ProtoMessage

func (*SignCertificateRequest) ProtoMessage()

func (*SignCertificateRequest) ProtoReflect added in v1.0.0

func (x *SignCertificateRequest) ProtoReflect() protoreflect.Message

func (*SignCertificateRequest) Reset

func (x *SignCertificateRequest) Reset()

func (*SignCertificateRequest) String

func (x *SignCertificateRequest) String() string

type SignCertificateRequest_TokenValidator added in v1.12.0

type SignCertificateRequest_TokenValidator int32
const (
	// Not specified - use the default value.
	SignCertificateRequest_UNKNOWN SignCertificateRequest_TokenValidator = 0
	// Insecure validator (default on self-hosted).
	SignCertificateRequest_INSECURE SignCertificateRequest_TokenValidator = 1
	// Kubernetes validator (default on Kubernetes).
	SignCertificateRequest_KUBERNETES SignCertificateRequest_TokenValidator = 2
	// JWKS validator.
	SignCertificateRequest_JWKS SignCertificateRequest_TokenValidator = 3
)

func (SignCertificateRequest_TokenValidator) Descriptor added in v1.12.0

func (SignCertificateRequest_TokenValidator) Enum added in v1.12.0

func (SignCertificateRequest_TokenValidator) EnumDescriptor deprecated added in v1.12.0

func (SignCertificateRequest_TokenValidator) EnumDescriptor() ([]byte, []int)

Deprecated: Use SignCertificateRequest_TokenValidator.Descriptor instead.

func (SignCertificateRequest_TokenValidator) Number added in v1.12.0

func (SignCertificateRequest_TokenValidator) String added in v1.12.0

func (SignCertificateRequest_TokenValidator) Type added in v1.12.0

type SignCertificateResponse

type SignCertificateResponse struct {

	// A PEM-encoded x509 Certificate.
	WorkloadCertificate []byte `protobuf:"bytes,1,opt,name=workload_certificate,json=workloadCertificate,proto3" json:"workload_certificate,omitempty"`
	// A list of PEM-encoded x509 Certificates that establish the trust chain
	// between the workload certificate and the well-known trust root cert.
	TrustChainCertificates [][]byte               `` /* 129-byte string literal not displayed */
	ValidUntil             *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=valid_until,json=validUntil,proto3" json:"valid_until,omitempty"`
	// contains filtered or unexported fields
}

func (*SignCertificateResponse) Descriptor deprecated

func (*SignCertificateResponse) Descriptor() ([]byte, []int)

Deprecated: Use SignCertificateResponse.ProtoReflect.Descriptor instead.

func (*SignCertificateResponse) GetTrustChainCertificates

func (x *SignCertificateResponse) GetTrustChainCertificates() [][]byte

func (*SignCertificateResponse) GetValidUntil

func (x *SignCertificateResponse) GetValidUntil() *timestamppb.Timestamp

func (*SignCertificateResponse) GetWorkloadCertificate

func (x *SignCertificateResponse) GetWorkloadCertificate() []byte

func (*SignCertificateResponse) ProtoMessage

func (*SignCertificateResponse) ProtoMessage()

func (*SignCertificateResponse) ProtoReflect added in v1.0.0

func (x *SignCertificateResponse) ProtoReflect() protoreflect.Message

func (*SignCertificateResponse) Reset

func (x *SignCertificateResponse) Reset()

func (*SignCertificateResponse) String

func (x *SignCertificateResponse) String() string

type UnimplementedCAServer

type UnimplementedCAServer struct {
}

UnimplementedCAServer should be embedded to have forward compatible implementations.

func (UnimplementedCAServer) SignCertificate

type UnsafeCAServer added in v1.0.0

type UnsafeCAServer interface {
	// contains filtered or unexported methods
}

UnsafeCAServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to CAServer will result in compilation errors.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL