Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶
type Config struct {
// If true, merge intermediate certificates into Bundle file instead of SVID file.
// This is the expected format for MySQL and some other applications.
AddIntermediatesToBundle bool
// The address of the Agent Workload API.
AgentAddress string
// The path to the process to launch.
Cmd string
// The arguments of the process to launch.
CmdArgs string
// Signal external process via PID file
PIDFileName string
// The directory name to store the x509s and/or JWTs.
CertDir string
// If true, fetches x509 certificate and then exit(0).
ExitWhenReady bool
// Permissions to use when writing x509 SVID to disk
CertFileMode fs.FileMode
// Permissions to use when writing x509 SVID Key to disk
KeyFileMode fs.FileMode
// Permissions to use when writing JWT Bundle to disk
JWTBundleFileMode fs.FileMode
// Permissions to use when writing JWT SVIDs to disk
JWTSVIDFileMode fs.FileMode
// If true, includes trust domains from federated servers in the CA bundle.
IncludeFederatedDomains bool
// An array with the audience and file name to store the JWT SVIDs. File is Base64-encoded string.
JWTSVIDs []JWTConfig
// File name to be used to store JWT Bundle in JSON format.
JWTBundleFilename string
// The logger to use
Log logrus.FieldLogger
// The signal that the process to be launched expects to reload the certificates. Not supported on Windows.
RenewSignal string
// File name to be used to store the X.509 SVID public certificate in PEM format.
SVIDFileName string
// File name to be used to store the X.509 SVID private key and public certificate in PEM format.
SVIDKeyFileName string
// File name to be used to store the X.509 SVID Bundle in PEM format.
SVIDBundleFileName string
// TODO: is there a reason for this to be exposed? and inside of config?
ReloadExternalProcess func() error
}
type JWTBundlesWatcher ¶ added in v0.8.0
type JWTBundlesWatcher struct {
// contains filtered or unexported fields
}
JWTBundlesWatcher is an implementation of workload.JWTBundleWatcher interface
func (JWTBundlesWatcher) OnJWTBundlesUpdate ¶ added in v0.8.0
func (w JWTBundlesWatcher) OnJWTBundlesUpdate(jwkSet *jwtbundle.Set)
OnJWTBundlesUpdate is run every time a bundle is updated
func (JWTBundlesWatcher) OnJWTBundlesWatchError ¶ added in v0.8.0
func (w JWTBundlesWatcher) OnJWTBundlesWatchError(err error)
OnJWTBundlesWatchError is run when the client runs into an error
type Sidecar ¶
type Sidecar struct {
// contains filtered or unexported fields
}
Sidecar is the component that consumes the Workload API and renews certs implements the interface Sidecar
func (*Sidecar) CertReadyChan ¶
func (s *Sidecar) CertReadyChan() <-chan struct{}
CertReadyChan returns a channel to know when the certificates are ready
Source Files
Click to show internal directories.
Click to hide internal directories.