Documentation ¶
Index ¶
- func DialIdentityServer(ctx context.Context, relayServerDialOpts grpcutils.DialOpts, ...) (*grpc.ClientConn, error)
- func ParseCert(certPem, keyPem []byte) (tls.Certificate, error)
- func SecretToTLSConfig(secret *corev1.Secret, client bool) (*tls.Config, error)
- func TLSConfig(root, certPem, keyPem []byte, client bool) (*tls.Config, error)
- type Options
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DialIdentityServer ¶
func DialIdentityServer( ctx context.Context, relayServerDialOpts grpcutils.DialOpts, secretClient v1.SecretClient, rootCertSecretRef client.ObjectKey, ) (*grpc.ClientConn, error)
Copied from https://github.com/solo-io/skv2-enterprise/blob/b6945a04e5ff216469ccbc5feee0d201fc8266cc/relay/pkg/grpc/dialer.go#L146 creates the initial TLS connection from agent to server for establishing identity by decorating grpcutils.DialOpts with TLS credentials derived from the rootCertSecretRef for verifying server identity exposed for usage in validation contexts
func SecretToTLSConfig ¶
Copied from https://github.com/solo-io/skv2-enterprise/blob/4faa29210abf6591325ffe0bbdac09f1bda2befe/relay/pkg/identity/server/ca/secret.go#L50 SecretToTLSConfig parses TLS config data from a k8s secret storing tls certs
Types ¶
type Options ¶
type Options struct { Server grpcutils.DialOpts Cluster string RelayHost string AgentLabels map[string]string // Reference to a Secret containing the Client TLS Certificates used to identify the Relay Agent to the Server. // If the secret does not exist, a Token and Root cert secret are required. ClientCertSecret client.ObjectKey // Reference to a Secret containing a Root TLS Certificates used to verify the Relay Server Certificate. // The secret can also optionally specify a `tls.key` which will be used to generate the Agent Client Certificate. RootTlsSecret client.ObjectKey // Reference to a Secret containing a shared Token for authenticating to the Relay Server TokenSecret struct { Name string Namespace string Key string } }
func (*Options) AddToFlags ¶
Click to show internal directories.
Click to hide internal directories.