Documentation
¶
Index ¶
- func NewCertificateCache() *certificateCache
- func ParseCertificate(ctx context.Context, secretData map[string][]byte, config CertConfig) (*tls.Certificate, error)
- func WaitForCertCache(cache CertCache) error
- func WaitForKeyCache(cache KeysCache) error
- type CertCache
- type CertConfig
- type CredentialType
- type KeyCache
- type KeyStore
- type KeysCache
- type KeysConfig
- type Loader
- type Manager
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewCertificateCache ¶
func NewCertificateCache() *certificateCache
NewCertificateCache is responsible for in-memory managing of a TLS certificate
func ParseCertificate ¶
func ParseCertificate(ctx context.Context, secretData map[string][]byte, config CertConfig) (*tls.Certificate, error)
ParseCertificate parses a certificate by secret data map
func WaitForCertCache ¶
WaitForCertCache waits for a CertCache to get populated with data
func WaitForKeyCache ¶
WaitForKeyCache waits for a KeysCache to get populated with data
Types ¶
type CertCache ¶
type CertCache interface {
Get() map[string]*tls.Certificate
}
CertCache returns a client certificate stored in-memory
func StartCertLoader ¶
func StartCertLoader(ctx context.Context, certLoaderConfig CertConfig) (CertCache, error)
StartCertLoader prepares and run certificate loader goroutine
type CertConfig ¶
type CertConfig struct {
ExternalClientCertSecret string `envconfig:"APP_EXTERNAL_CLIENT_CERT_SECRET"`
ExternalClientCertCertKey string `envconfig:"APP_EXTERNAL_CLIENT_CERT_KEY"`
ExternalClientCertKeyKey string `envconfig:"APP_EXTERNAL_CLIENT_KEY_KEY"`
}
CertConfig holds external client certificate configuration available for the certificate loader
type CredentialType ¶
type CredentialType string
CredentialType determines if the loader is for Keys or for Certificates
const ( // KeysCredential is a constant for Keys KeysCredential CredentialType = "KeysCredentials" // CertificateCredential is a constant for Certificates CertificateCredential CredentialType = "CertificateCredentials" )
type KeyCache ¶
type KeyCache struct {
// contains filtered or unexported fields
}
KeyCache is a mutex secured KeyStore
func NewKeyCache ¶
func NewKeyCache() *KeyCache
NewKeyCache is responsible for in-memory managing of a TLS certificate
func NewKeyCacheWithKeys ¶
NewKeyCacheWithKeys is responsible for in-memory managing of a TLS certificate
type KeysCache ¶
KeysCache missing godoc
func StartKeyLoader ¶
func StartKeyLoader(ctx context.Context, keysLoaderConfig KeysConfig) (KeysCache, error)
StartKeyLoader prepares and run keys loader goroutine
type KeysConfig ¶
type KeysConfig struct {
KeysSecretName string `envconfig:"APP_SYSTEM_FETCHER_EXTERNAL_KEYS_SECRET_NAME"`
KeysSecret string `envconfig:"APP_SYSTEM_FETCHER_EXTERNAL_KEYS_SECRET"`
KeysData string `envconfig:"APP_SYSTEM_FETCHER_EXTERNAL_KEYS_SECRET_DATA_KEY"`
}
KeysConfig holds keys configuration available for the key loader
type Loader ¶
Loader provide mechanism to load credential data into in-memory storage
func NewCertificateLoader ¶
func NewCertificateLoader(config CertConfig, certCache *certificateCache, secretManagers map[string]Manager, secretNames map[string]CredentialType, reconnectInterval time.Duration) Loader
NewCertificateLoader creates new certificate loader which is responsible to watch a secret containing client certificate and update in-memory cache with that certificate if there is any change
func NewKeyLoader ¶
func NewKeyLoader(keysConfig KeysConfig, keysCache *KeyCache, secretManagers map[string]Manager, secretNames map[string]CredentialType, reconnectInterval time.Duration) Loader
NewKeyLoader creates new certificate loader which is responsible to watch a secret containing public/private keys and update in-memory cache with that keys if there is any change
Source Files
Directories