Documentation ¶
Index ¶
Constants ¶
const (
// Separator is the separator between the prefix and the name of the certificate.
Separator = ":"
)
Variables ¶
This section is empty.
Functions ¶
func GetSecretNameForIdentity ¶ added in v0.10.0
func GetSecretNameForIdentity(si identity.ServiceIdentity) string
GetSecretNameForIdentity returns the SDS secret name corresponding to the given ServiceIdentity
Types ¶
type SDSCert ¶
type SDSCert struct { // Name is the name of the SDS secret for the certificate Name string // CertType is the certificate type CertType SDSCertType }
SDSCert is only used to interface the naming and related functions to Marshal/Unmarshal a resource name, this avoids having sprintf/parsing logic all over the place
func UnmarshalSDSCert ¶
UnmarshalSDSCert parses the SDS resource name and returns an SDSCert object and an error if any Examples: 1. Unmarshalling 'service-cert:foo/bar' returns SDSCert{CertType: service-cert, Name: foo/bar}, nil 2. Unmarshalling 'root-cert-for-mtls-inbound:foo/bar' returns SDSCert{CertType: root-cert-for-mtls-inbound, Name: foo/bar}, nil 3. Unmarshalling 'invalid-cert' returns nil, error
func (*SDSCert) GetK8sServiceAccount ¶
func (sdsc *SDSCert) GetK8sServiceAccount() (*identity.K8sServiceAccount, error)
GetK8sServiceAccount unmarshals a K8sServiceAccount type from a SDSCert name
func (*SDSCert) GetMeshService ¶
func (sdsc *SDSCert) GetMeshService() (*service.MeshService, error)
GetMeshService unmarshals a NamespaceService type from a SDSCert name
type SDSCertType ¶
type SDSCertType string
SDSCertType is a type of a certificate requested by an Envoy proxy via SDS.
const ( // ServiceCertType is the prefix for the service certificate resource name. Example: "service-cert:ns/name" ServiceCertType SDSCertType = "service-cert" // RootCertTypeForMTLSOutbound is the prefix for the mTLS root certificate resource name for upstream connectivity. Example: "root-cert-for-mtls-outbound:ns/name" RootCertTypeForMTLSOutbound SDSCertType = "root-cert-for-mtls-outbound" // RootCertTypeForMTLSInbound is the prefix for the mTLS root certificate resource name for downstream connectivity. Example: "root-cert-for-mtls-inbound:ns/name" RootCertTypeForMTLSInbound SDSCertType = "root-cert-for-mtls-inbound" )
SDSCertType enums
func (SDSCertType) String ¶
func (ct SDSCertType) String() string