Documentation ¶
Index ¶
- Constants
- Variables
- func RegisterCAServer(s grpc.ServiceRegistrar, srv CAServer)
- type CAClient
- type CAServer
- type SignCertificateRequest
- func (*SignCertificateRequest) Descriptor() ([]byte, []int)deprecated
- func (x *SignCertificateRequest) GetCertificateSigningRequest() []byte
- func (x *SignCertificateRequest) GetId() string
- func (x *SignCertificateRequest) GetNamespace() string
- func (x *SignCertificateRequest) GetToken() string
- func (x *SignCertificateRequest) GetTokenValidator() SignCertificateRequest_TokenValidator
- func (x *SignCertificateRequest) GetTrustDomain() string
- func (*SignCertificateRequest) ProtoMessage()
- func (x *SignCertificateRequest) ProtoReflect() protoreflect.Message
- func (x *SignCertificateRequest) Reset()
- func (x *SignCertificateRequest) String() string
- type SignCertificateRequest_TokenValidator
- func (SignCertificateRequest_TokenValidator) Descriptor() protoreflect.EnumDescriptor
- func (x SignCertificateRequest_TokenValidator) Enum() *SignCertificateRequest_TokenValidator
- func (SignCertificateRequest_TokenValidator) EnumDescriptor() ([]byte, []int)deprecated
- func (x SignCertificateRequest_TokenValidator) Number() protoreflect.EnumNumber
- func (x SignCertificateRequest_TokenValidator) String() string
- func (SignCertificateRequest_TokenValidator) Type() protoreflect.EnumType
- type SignCertificateResponse
- func (*SignCertificateResponse) Descriptor() ([]byte, []int)deprecated
- func (x *SignCertificateResponse) GetTrustChainCertificates() [][]byte
- func (x *SignCertificateResponse) GetValidUntil() *timestamppb.Timestamp
- func (x *SignCertificateResponse) GetWorkloadCertificate() []byte
- func (*SignCertificateResponse) ProtoMessage()
- func (x *SignCertificateResponse) ProtoReflect() protoreflect.Message
- func (x *SignCertificateResponse) Reset()
- func (x *SignCertificateResponse) String() string
- type UnimplementedCAServer
- type UnsafeCAServer
Constants ¶
const (
CA_SignCertificate_FullMethodName = "/dapr.proto.sentry.v1.CA/SignCertificate"
)
Variables ¶
var ( SignCertificateRequest_TokenValidator_name = map[int32]string{ 0: "UNKNOWN", 1: "INSECURE", 2: "KUBERNETES", 3: "JWKS", } SignCertificateRequest_TokenValidator_value = map[string]int32{ "UNKNOWN": 0, "INSECURE": 1, "KUBERNETES": 2, "JWKS": 3, } )
Enum value maps for SignCertificateRequest_TokenValidator.
var CA_ServiceDesc = grpc.ServiceDesc{ ServiceName: "dapr.proto.sentry.v1.CA", HandlerType: (*CAServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "SignCertificate", Handler: _CA_SignCertificate_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "dapr/proto/sentry/v1/sentry.proto", }
CA_ServiceDesc is the grpc.ServiceDesc for CA service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
var File_dapr_proto_sentry_v1_sentry_proto protoreflect.FileDescriptor
Functions ¶
func RegisterCAServer ¶
func RegisterCAServer(s grpc.ServiceRegistrar, srv CAServer)
Types ¶
type CAClient ¶
type CAClient interface { // A request for a time-bound certificate to be signed. // // The requesting side must provide an id for both loosely based // And strong based identities. SignCertificate(ctx context.Context, in *SignCertificateRequest, opts ...grpc.CallOption) (*SignCertificateResponse, error) }
CAClient is the client API for CA service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewCAClient ¶
func NewCAClient(cc grpc.ClientConnInterface) CAClient
type CAServer ¶
type CAServer interface { // A request for a time-bound certificate to be signed. // // The requesting side must provide an id for both loosely based // And strong based identities. SignCertificate(context.Context, *SignCertificateRequest) (*SignCertificateResponse, error) }
CAServer is the server API for CA service. All implementations should embed UnimplementedCAServer for forward compatibility
type SignCertificateRequest ¶
type SignCertificateRequest struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Token string `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"` TrustDomain string `protobuf:"bytes,3,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` Namespace string `protobuf:"bytes,4,opt,name=namespace,proto3" json:"namespace,omitempty"` // A PEM-encoded x509 CSR. CertificateSigningRequest []byte `` /* 138-byte string literal not displayed */ // Name of the validator to use, if not the default for the environemtn. TokenValidator SignCertificateRequest_TokenValidator `` /* 168-byte string literal not displayed */ // contains filtered or unexported fields }
func (*SignCertificateRequest) Descriptor
deprecated
func (*SignCertificateRequest) Descriptor() ([]byte, []int)
Deprecated: Use SignCertificateRequest.ProtoReflect.Descriptor instead.
func (*SignCertificateRequest) GetCertificateSigningRequest ¶
func (x *SignCertificateRequest) GetCertificateSigningRequest() []byte
func (*SignCertificateRequest) GetId ¶
func (x *SignCertificateRequest) GetId() string
func (*SignCertificateRequest) GetNamespace ¶ added in v0.11.0
func (x *SignCertificateRequest) GetNamespace() string
func (*SignCertificateRequest) GetToken ¶
func (x *SignCertificateRequest) GetToken() string
func (*SignCertificateRequest) GetTokenValidator ¶ added in v1.12.0
func (x *SignCertificateRequest) GetTokenValidator() SignCertificateRequest_TokenValidator
func (*SignCertificateRequest) GetTrustDomain ¶ added in v0.11.0
func (x *SignCertificateRequest) GetTrustDomain() string
func (*SignCertificateRequest) ProtoMessage ¶
func (*SignCertificateRequest) ProtoMessage()
func (*SignCertificateRequest) ProtoReflect ¶ added in v1.0.0
func (x *SignCertificateRequest) ProtoReflect() protoreflect.Message
func (*SignCertificateRequest) Reset ¶
func (x *SignCertificateRequest) Reset()
func (*SignCertificateRequest) String ¶
func (x *SignCertificateRequest) String() string
type SignCertificateRequest_TokenValidator ¶ added in v1.12.0
type SignCertificateRequest_TokenValidator int32
const ( // Not specified - use the default value. SignCertificateRequest_UNKNOWN SignCertificateRequest_TokenValidator = 0 // Insecure validator (default on self-hosted). SignCertificateRequest_INSECURE SignCertificateRequest_TokenValidator = 1 // Kubernetes validator (default on Kubernetes). SignCertificateRequest_KUBERNETES SignCertificateRequest_TokenValidator = 2 // JWKS validator. SignCertificateRequest_JWKS SignCertificateRequest_TokenValidator = 3 )
func (SignCertificateRequest_TokenValidator) Descriptor ¶ added in v1.12.0
func (SignCertificateRequest_TokenValidator) Descriptor() protoreflect.EnumDescriptor
func (SignCertificateRequest_TokenValidator) EnumDescriptor
deprecated
added in
v1.12.0
func (SignCertificateRequest_TokenValidator) EnumDescriptor() ([]byte, []int)
Deprecated: Use SignCertificateRequest_TokenValidator.Descriptor instead.
func (SignCertificateRequest_TokenValidator) Number ¶ added in v1.12.0
func (x SignCertificateRequest_TokenValidator) Number() protoreflect.EnumNumber
func (SignCertificateRequest_TokenValidator) String ¶ added in v1.12.0
func (x SignCertificateRequest_TokenValidator) String() string
func (SignCertificateRequest_TokenValidator) Type ¶ added in v1.12.0
func (SignCertificateRequest_TokenValidator) Type() protoreflect.EnumType
type SignCertificateResponse ¶
type SignCertificateResponse struct { // A PEM-encoded x509 Certificate. WorkloadCertificate []byte `protobuf:"bytes,1,opt,name=workload_certificate,json=workloadCertificate,proto3" json:"workload_certificate,omitempty"` // A list of PEM-encoded x509 Certificates that establish the trust chain // between the workload certificate and the well-known trust root cert. TrustChainCertificates [][]byte `` /* 129-byte string literal not displayed */ ValidUntil *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=valid_until,json=validUntil,proto3" json:"valid_until,omitempty"` // contains filtered or unexported fields }
func (*SignCertificateResponse) Descriptor
deprecated
func (*SignCertificateResponse) Descriptor() ([]byte, []int)
Deprecated: Use SignCertificateResponse.ProtoReflect.Descriptor instead.
func (*SignCertificateResponse) GetTrustChainCertificates ¶
func (x *SignCertificateResponse) GetTrustChainCertificates() [][]byte
func (*SignCertificateResponse) GetValidUntil ¶
func (x *SignCertificateResponse) GetValidUntil() *timestamppb.Timestamp
func (*SignCertificateResponse) GetWorkloadCertificate ¶
func (x *SignCertificateResponse) GetWorkloadCertificate() []byte
func (*SignCertificateResponse) ProtoMessage ¶
func (*SignCertificateResponse) ProtoMessage()
func (*SignCertificateResponse) ProtoReflect ¶ added in v1.0.0
func (x *SignCertificateResponse) ProtoReflect() protoreflect.Message
func (*SignCertificateResponse) Reset ¶
func (x *SignCertificateResponse) Reset()
func (*SignCertificateResponse) String ¶
func (x *SignCertificateResponse) String() string
type UnimplementedCAServer ¶
type UnimplementedCAServer struct { }
UnimplementedCAServer should be embedded to have forward compatible implementations.
func (UnimplementedCAServer) SignCertificate ¶
func (UnimplementedCAServer) SignCertificate(context.Context, *SignCertificateRequest) (*SignCertificateResponse, error)
type UnsafeCAServer ¶ added in v1.0.0
type UnsafeCAServer interface {
// contains filtered or unexported methods
}
UnsafeCAServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to CAServer will result in compilation errors.