credentialcomposer

package

v1.7.4 Latest Latest Go to latest Published: Aug 16, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/spiffe/spire-plugin-sdk

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
}

Config defines the configuration for the plugin. TODO: Add relevant configurables or remove if no configuration is required.

type Plugin ¶

type Plugin struct {
	// UnimplementedCredentialComposerServer is embedded to satisfy gRPC
	credentialcomposerv1.UnimplementedCredentialComposerServer

	// UnimplementedConfigServer is embedded to satisfy gRPC
	// TODO: Remove if this plugin does not require configuration
	configv1.UnimplementedConfigServer
	// contains filtered or unexported fields
}

Plugin implements the CredentialComposer plugin

func (*Plugin) BrokerHostServices ¶

func (p *Plugin) BrokerHostServices(broker pluginsdk.ServiceBroker) error

BrokerHostServices is called by the framework when the plugin is loaded to give the plugin a chance to obtain clients to SPIRE host services. TODO: Remove if the plugin does not need host services.

func (*Plugin) ComposeAgentX509SVID ¶

func (p *Plugin) ComposeAgentX509SVID(ctx context.Context, req *credentialcomposerv1.ComposeAgentX509SVIDRequest) (*credentialcomposerv1.ComposeAgentX509SVIDResponse, error)

ComposeAgentX509SVID implements the CredentialComposer ComposeAgentX509SVID RPC. Composes the SPIRE Agent X509-SVID. The server will supply the default attributes it will apply to the agent X509-SVID. If the plugin returns an empty response or NOT_IMPLEMENTED, the server will apply the default attributes. Otherwise, the returned attributes are used. If an X509-SVID is produced that does not conform to the SPIFFE X509-SVID specification for leaf certificates, it will be rejected. This function cannot be used to modify the SPIFFE ID of the X509-SVID.

func (*Plugin) ComposeServerX509CA ¶

func (p *Plugin) ComposeServerX509CA(ctx context.Context, req *credentialcomposerv1.ComposeServerX509CARequest) (*credentialcomposerv1.ComposeServerX509CAResponse, error)

ComposeServerX509CA implements the CredentialComposer ComposeServerX509CA RPC. Composes the SPIRE Server X509 CA. The server will supply the default attributes it will apply to the CA. If the plugin returns an empty response or NOT_IMPLEMENTED, the server will apply the default attributes. Otherwise, the returned attributes are used. If a CA is produced that does not conform to the SPIFFE X509-SVID specification for signing certificates, it will be rejected.

func (*Plugin) ComposeServerX509SVID ¶

func (p *Plugin) ComposeServerX509SVID(ctx context.Context, req *credentialcomposerv1.ComposeServerX509SVIDRequest) (*credentialcomposerv1.ComposeServerX509SVIDResponse, error)

ComposeServerX509SVID implements the CredentialComposer ComposeServerX509SVID RPC. Composes the SPIRE Server X509-SVID. The server will supply the default attributes it will apply to the server X509-SVID. If the plugin returns an empty response or NOT_IMPLEMENTED, the server will apply the default attributes. Otherwise, the returned attributes are used. If an X509-SVID is produced that does not conform to the SPIFFE X509-SVID specification for leaf certificates, it will be rejected. This function cannot be used to modify the SPIFFE ID of the X509-SVID.

func (*Plugin) ComposeWorkloadJWTSVID ¶

func (p *Plugin) ComposeWorkloadJWTSVID(ctx context.Context, req *credentialcomposerv1.ComposeWorkloadJWTSVIDRequest) (*credentialcomposerv1.ComposeWorkloadJWTSVIDResponse, error)

ComposeWorkloadJWTSVID implements the CredentialComposer ComposeWorkloadJWTSVID RPC. Composes workload JWT-SVIDs. The server will supply the default attributes it will apply to the workload JWT-SVID. If the plugin returns an empty response or NOT_IMPLEMENTED, the server will apply the default attributes. Otherwise, the returned attributes are used. If a JWT-SVID is produced that does not conform to the SPIFFE JWT-SVID specification, it will be rejected. This function cannot be used to modify the SPIFFE ID of the JWT-SVID.

func (*Plugin) ComposeWorkloadX509SVID ¶

func (p *Plugin) ComposeWorkloadX509SVID(ctx context.Context, req *credentialcomposerv1.ComposeWorkloadX509SVIDRequest) (*credentialcomposerv1.ComposeWorkloadX509SVIDResponse, error)

ComposeWorkloadX509SVID implements the CredentialComposer ComposeWorkloadX509SVID RPC. Composes workload X509-SVIDs. The server will supply the default attributes it will apply to the workload X509-SVID. If the plugin returns an empty response or NOT_IMPLEMENTED, the server will apply the default attributes. Otherwise, the returned attributes are used. If an X509-SVID is produced that does not conform to the SPIFFE X509-SVID specification for leaf certificates, it will be rejected. This function cannot be used to modify the SPIFFE ID of the X509-SVID.

func (*Plugin) Configure ¶

func (p *Plugin) Configure(ctx context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)

Configure configures the plugin. This is invoked by SPIRE when the plugin is first loaded. In the future, it may be invoked to reconfigure the plugin. As such, it should replace the previous configuration atomically. TODO: Remove if no configuration is required

func (*Plugin) SetLogger ¶

func (p *Plugin) SetLogger(logger hclog.Logger)

SetLogger is called by the framework when the plugin is loaded and provides the plugin with a logger wired up to SPIRE's logging facilities. TODO: Remove if the plugin does not need the logger.

Source Files ¶

View all Source files

credentialcomposer.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL