client

package
v0.12.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 14, 2021 License: Apache-2.0 Imports: 18 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BundleUpdater

type BundleUpdater interface {
	// UpdateBundle fetches the local bundle from the datastore and the
	// endpoint bundle from the endpoint. The function will return an error if
	// the local bundle cannot be fetched, the endpoint bundle cannot be
	// downloaded, or there is a problem persisting the bundle. The local
	// bundle will always be returned if it was fetched, independent of any
	// other failures performing the update. The endpoint bundle is ONLY
	// returned if it can be successfully downloaded, is different from the
	// local bundle, and is successfully stored.
	UpdateBundle(ctx context.Context) (*bundleutil.Bundle, *bundleutil.Bundle, error)
}

func NewBundleUpdater

func NewBundleUpdater(config BundleUpdaterConfig) BundleUpdater

type BundleUpdaterConfig

type BundleUpdaterConfig struct {
	TrustDomainConfig

	TrustDomain string
	DataStore   datastore.DataStore
	// contains filtered or unexported fields
}

type Client

type Client interface {
	FetchBundle(context.Context) (*bundleutil.Bundle, error)
}

Client is used to fetch a bundle and metadata from a bundle endpoint

func NewClient

func NewClient(config ClientConfig) (Client, error)

type ClientConfig

type ClientConfig struct {
	// TrustDomain is the federated trust domain (i.e. domain.test)
	TrustDomain string

	// EndpointAddress is the bundle endpoint for the trust domain.
	EndpointAddress string

	// SPIFFEAuth contains required configuration to authenticate the endpoint
	// using SPIFFE authentication. If unset, it is assumed that the endpoint
	// is authenticated via Web PKI.
	SPIFFEAuth *SPIFFEAuthConfig
}

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

func NewManager

func NewManager(config ManagerConfig) *Manager

func (*Manager) Run

func (m *Manager) Run(ctx context.Context) error

type ManagerConfig

type ManagerConfig struct {
	Log          logrus.FieldLogger
	Metrics      telemetry.Metrics
	DataStore    datastore.DataStore
	Clock        clock.Clock
	TrustDomains map[string]TrustDomainConfig
	// contains filtered or unexported fields
}

type SPIFFEAuthConfig

type SPIFFEAuthConfig struct {
	// EndpointSpiffeID is the expected SPIFFE ID of the endpoint server. If unset, it
	// defaults to the SPIRE server ID within the trust domain.
	EndpointSpiffeID string

	// RootCAs is the set of root CA certificates used to authenticate the
	// endpoint server.
	RootCAs []*x509.Certificate
}

type TrustDomainConfig

type TrustDomainConfig struct {
	// EndpointAddress is the bundle endpoint for the trust domain.
	EndpointAddress string

	// EndpointSpiffeID is the expected SPIFFE ID of the endpoint server. If
	// unset, it defaults to the SPIRE server ID within the trust domain.
	EndpointSpiffeID string

	// UseWebPKI is true if the endpoint should be authenticated with Web PKI.
	// Otherwise, SPIFFE authentication is assumed.
	UseWebPKI bool
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL