secrets

package
v1.2.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 20, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// Separator is the separator between the prefix and the name of the certificate.
	Separator = ":"
)

Variables

This section is empty.

Functions

func GetSecretNameForIdentity added in v0.10.0

func GetSecretNameForIdentity(si identity.ServiceIdentity) string

GetSecretNameForIdentity returns the SDS secret name corresponding to the given ServiceIdentity

Types

type SDSCert

type SDSCert struct {
	// Name is the name of the SDS secret for the certificate
	Name string

	// CertType is the certificate type
	CertType SDSCertType
}

SDSCert is only used to interface the naming and related functions to Marshal/Unmarshal a resource name, this avoids having sprintf/parsing logic all over the place

func UnmarshalSDSCert

func UnmarshalSDSCert(str string) (*SDSCert, error)

UnmarshalSDSCert parses the SDS resource name and returns an SDSCert object and an error if any Examples: 1. Unmarshalling 'service-cert:foo/bar' returns SDSCert{CertType: service-cert, Name: foo/bar}, nil 2. Unmarshalling 'root-cert-for-mtls-inbound:foo/bar' returns SDSCert{CertType: root-cert-for-mtls-inbound, Name: foo/bar}, nil 3. Unmarshalling 'invalid-cert' returns nil, error

func (*SDSCert) GetK8sServiceAccount

func (sdsc *SDSCert) GetK8sServiceAccount() (*identity.K8sServiceAccount, error)

GetK8sServiceAccount unmarshals a K8sServiceAccount type from a SDSCert name

func (*SDSCert) GetMeshService

func (sdsc *SDSCert) GetMeshService() (*service.MeshService, error)

GetMeshService unmarshals a NamespaceService type from a SDSCert name

func (SDSCert) String

func (sdsc SDSCert) String() string

String is a common facility/interface to generate a string resource name out of a SDSCert This is to keep the sprintf logic and/or separators used agnostic to other modules

type SDSCertType

type SDSCertType string

SDSCertType is a type of a certificate requested by an Envoy proxy via SDS.

const (
	// ServiceCertType is the prefix for the service certificate resource name. Example: "service-cert:ns/name"
	ServiceCertType SDSCertType = "service-cert"

	// RootCertTypeForMTLSOutbound is the prefix for the mTLS root certificate resource name for upstream connectivity. Example: "root-cert-for-mtls-outbound:ns/name"
	RootCertTypeForMTLSOutbound SDSCertType = "root-cert-for-mtls-outbound"

	// RootCertTypeForMTLSInbound is the prefix for the mTLS root certificate resource name for downstream connectivity. Example: "root-cert-for-mtls-inbound:ns/name"
	RootCertTypeForMTLSInbound SDSCertType = "root-cert-for-mtls-inbound"
)

SDSCertType enums

func (SDSCertType) String

func (ct SDSCertType) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL