gcpcas

package

v0.12.2 Latest Latest Go to latest Published: Apr 14, 2021 License: Apache-2.0 Imports: 21 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Index ¶

func BuiltIn() catalog.Plugin
type CAClient
type CertificateAuthoritySpec
type Config
type Plugin
- func New() *Plugin

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuiltIn ¶

func BuiltIn() catalog.Plugin

BuiltIn constructs a catalog Plugin using a new instance of this plugin.

Types ¶

type CAClient ¶

type CAClient interface {
	CreateCertificate(ctx context.Context, req *privatecapb.CreateCertificateRequest) (*privatecapb.Certificate, error)
	LoadCertificateAuthorities(ctx context.Context, spec CertificateAuthoritySpec) ([]*privatecapb.CertificateAuthority, error)
}

type CertificateAuthoritySpec ¶

type CertificateAuthoritySpec struct {
	Project    string `hcl:"project_name"`
	Location   string `hcl:"region_name"`
	LabelKey   string `hcl:"label_key"`
	LabelValue string `hcl:"label_value"`
}

type Config ¶

type Config struct {
	RootSpec CertificateAuthoritySpec `hcl:"root_cert_spec,block"`
}

type Plugin ¶

type Plugin struct {
	// gRPC requires embedding either the "Unimplemented" or "Unsafe" stub as
	// a way of opting in or out of forward build compatibility.
	upstreamauthority.UnimplementedUpstreamAuthorityServer
	// contains filtered or unexported fields
}

func New ¶

func New() *Plugin

func (*Plugin) Configure ¶

func (p *Plugin) Configure(ctx context.Context, req *plugin.ConfigureRequest) (*plugin.ConfigureResponse, error)

func (*Plugin) GetPluginInfo ¶

func (p *Plugin) GetPluginInfo(ctx context.Context, req *plugin.GetPluginInfoRequest) (*plugin.GetPluginInfoResponse, error)

func (*Plugin) MintX509CA ¶

func (p *Plugin) MintX509CA(request *upstreamauthority.MintX509CARequest, stream upstreamauthority.UpstreamAuthority_MintX509CAServer) error

Mints an X.509 CA and responds with the signed X.509 CA certificate chain and upstream X.509 roots. If supported by the implementation, subsequent responses on the stream contain upstream X.509 root updates, otherwise the RPC is completed after sending the initial response.

Implementation note: The stream should be kept open in the face of transient errors encountered while tracking changes to the upstream X.509 roots as SPIRE core will not reopen a closed stream until the next X.509 CA rotation.

func (*Plugin) PublishJWTKey ¶

func (p *Plugin) PublishJWTKey(*upstreamauthority.PublishJWTKeyRequest, upstreamauthority.UpstreamAuthority_PublishJWTKeyServer) error

PublishJWTKey is not yet supported. It will return with GRPC Unimplemented error

func (*Plugin) SetLogger ¶

func (p *Plugin) SetLogger(log hclog.Logger)

SetLogger will be called by the catalog system to provide the plugin with a logger when it is loaded. The logger is wired up to the SPIRE core logger

Source Files ¶

View all Source files

gcpcas.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL