svidstore

package
v1.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 12, 2024 License: Apache-2.0 Imports: 13 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ParseMetadata

func ParseMetadata(metaData []string) (map[string]string, error)

ParseMetadata parses metadata from a slice of strings into a map that can be consumed by SVIDStore plugins

Types

type Data

type Data struct {
	// SPIFFEID is the SPIFFE ID of the SVID
	SPIFFEID string `json:"spiffeID,omitempty"`
	// X509SVID is the PEM encoded certificate chain. MAY include intermediates,
	// the leaf certificate (or SVID itself) MUST come first
	X509SVID string `json:"x509SVID,omitempty"`
	// X509SVIDKey is the PEM encoded PKCS#8 private key.
	X509SVIDKey string `json:"x509SVIDKey,omitempty"`
	// Bundle is the PEM encoded X.509 bundle for the trust domain
	Bundle string `json:"bundle,omitempty"`
	// FederatedBundles is the CA certificate bundles belonging to foreign trust domains that the workload should trust,
	// keyed by trust domain. Bundles are in encoded in PEM format.
	FederatedBundles map[string]string `json:"federatedBundles,omitempty"`
}

func SecretFromProto

func SecretFromProto(req *svidstorev1.PutX509SVIDRequest) (*Data, error)

type Repository

type Repository struct {
	SVIDStores map[string]SVIDStore
}

func (*Repository) Clear

func (repo *Repository) Clear()

func (*Repository) GetSVIDStoreNamed

func (repo *Repository) GetSVIDStoreNamed(name string) (SVIDStore, bool)

func (*Repository) SetSVIDStore

func (repo *Repository) SetSVIDStore(svidStore SVIDStore)

type SVID

type SVID struct {
	// SPIFFE ID of the SVID.
	SPIFFEID spiffeid.ID

	// Certificate and intermediates
	CertChain []*x509.Certificate

	// Private key
	PrivateKey crypto.PrivateKey

	// Bundle certificates
	Bundle []*x509.Certificate

	// Expiration timestamp
	ExpiresAt time.Time
}

type SVIDStore

type SVIDStore interface {
	catalog.PluginInfo

	DeleteX509SVID(ctx context.Context, metadata []string) error
	PutX509SVID(context.Context, *X509SVID) error
}

type V1

func (*V1) DeleteX509SVID

func (v1 *V1) DeleteX509SVID(ctx context.Context, metadata []string) error

func (*V1) PutX509SVID

func (v1 *V1) PutX509SVID(ctx context.Context, x509SVID *X509SVID) error

type X509SVID

type X509SVID struct {
	// X509-SVID to be stored
	SVID *SVID

	// Metadata relevant for plugin to store the SVID
	Metadata []string

	// Federated bundles to store
	FederatedBundles map[string][]*x509.Certificate
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL