Documentation ¶
Index ¶
- func AuthorizeNode(ctx context.Context, storage nodeenrollment.Storage, ...) (*types.NodeInformation, error)
- func FetchNodeCredentials(ctx context.Context, storage nodeenrollment.Storage, ...) (*types.FetchNodeCredentialsResponse, error)
- func RegisterViaServerLedFlow(ctx context.Context, storage nodeenrollment.Storage, ...) (*types.NodeCredentials, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthorizeNode ¶
func AuthorizeNode( ctx context.Context, storage nodeenrollment.Storage, req *types.FetchNodeCredentialsRequest, opt ...nodeenrollment.Option, ) (*types.NodeInformation, error)
AuthorizeNode authorizes a node via a registration request.
Note: THIS IS NOT A CONCURRENCY SAFE FUNCTION. In most cases, the given storage should ensure concurrency safety; as examples, version numbers could be used within NodeInformation's "state" parameter, or the application using this library could implement a higher-level lock on the API that leads to calling this function. Failing to account for concurrency could mean that two calls to AuthorizeNode running concurrently result in different certificate/encryption parameters being saved on the server vs. sent to the node.
Supported options: WithWrapper (passed through to LoadNodeInformation, LoadRootCertificates, and NodeInformation.Store), WithState (set into the stored NodeInformation), WithNotBeforeClockSkew/WithNotAfterClockSkew (passed through to validateFetchRequest), WithSkipStorage, WithRandomReader
func FetchNodeCredentials ¶
func FetchNodeCredentials( ctx context.Context, storage nodeenrollment.Storage, req *types.FetchNodeCredentialsRequest, opt ...nodeenrollment.Option, ) (*types.FetchNodeCredentialsResponse, error)
FetchNodeCredentials fetches node credentials based on the submitted information.
Supported options: WithRandomReader, WithWrapper (passed through to LoadNodeInformation, NodeInformation.Store, and LoadRootCertificates), WithNotBeforeClockSkew/WithNotAfterClockSkew (passed through to validateFetchRequest)
func RegisterViaServerLedFlow ¶
func RegisterViaServerLedFlow( ctx context.Context, storage nodeenrollment.Storage, req *types.ServerLedRegistrationRequest, opt ...nodeenrollment.Option, ) (*types.NodeCredentials, error)
RegisterViaServerLedFlow registers a node, creating all keys and certificates and returning the full set.
Note: there are currently no fields in the registration request but it is required so that if fields are added it is not an API change.
Supported options: WithWrapper (passed through to LoadRootCertificates and NodeInformation.Store), WithSkipStorage (useful for tests)
Types ¶
This section is empty.