registration

package
v1.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 7, 2022 License: Apache-2.0 Imports: 9 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	DeleteFederatedBundleRequest_Mode_name = map[int32]string{
		0: "RESTRICT",
		1: "DELETE",
		2: "DISSOCIATE",
	}
	DeleteFederatedBundleRequest_Mode_value = map[string]int32{
		"RESTRICT":   0,
		"DELETE":     1,
		"DISSOCIATE": 2,
	}
)

Enum value maps for DeleteFederatedBundleRequest_Mode.

View Source 
var File_spire_api_registration_registration_proto protoreflect.FileDescriptor
View Source 
var Registration_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "spire.api.registration.Registration",
	HandlerType: (*RegistrationServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "CreateEntry",
			Handler:    _Registration_CreateEntry_Handler,
		},
		{
			MethodName: "CreateEntryIfNotExists",
			Handler:    _Registration_CreateEntryIfNotExists_Handler,
		},
		{
			MethodName: "DeleteEntry",
			Handler:    _Registration_DeleteEntry_Handler,
		},
		{
			MethodName: "FetchEntry",
			Handler:    _Registration_FetchEntry_Handler,
		},
		{
			MethodName: "FetchEntries",
			Handler:    _Registration_FetchEntries_Handler,
		},
		{
			MethodName: "UpdateEntry",
			Handler:    _Registration_UpdateEntry_Handler,
		},
		{
			MethodName: "ListByParentID",
			Handler:    _Registration_ListByParentID_Handler,
		},
		{
			MethodName: "ListBySelector",
			Handler:    _Registration_ListBySelector_Handler,
		},
		{
			MethodName: "ListBySelectors",
			Handler:    _Registration_ListBySelectors_Handler,
		},
		{
			MethodName: "ListBySpiffeID",
			Handler:    _Registration_ListBySpiffeID_Handler,
		},
		{
			MethodName: "ListAllEntriesWithPages",
			Handler:    _Registration_ListAllEntriesWithPages_Handler,
		},
		{
			MethodName: "CreateFederatedBundle",
			Handler:    _Registration_CreateFederatedBundle_Handler,
		},
		{
			MethodName: "FetchFederatedBundle",
			Handler:    _Registration_FetchFederatedBundle_Handler,
		},
		{
			MethodName: "UpdateFederatedBundle",
			Handler:    _Registration_UpdateFederatedBundle_Handler,
		},
		{
			MethodName: "DeleteFederatedBundle",
			Handler:    _Registration_DeleteFederatedBundle_Handler,
		},
		{
			MethodName: "CreateJoinToken",
			Handler:    _Registration_CreateJoinToken_Handler,
		},
		{
			MethodName: "FetchBundle",
			Handler:    _Registration_FetchBundle_Handler,
		},
		{
			MethodName: "EvictAgent",
			Handler:    _Registration_EvictAgent_Handler,
		},
		{
			MethodName: "ListAgents",
			Handler:    _Registration_ListAgents_Handler,
		},
		{
			MethodName: "MintX509SVID",
			Handler:    _Registration_MintX509SVID_Handler,
		},
		{
			MethodName: "MintJWTSVID",
			Handler:    _Registration_MintJWTSVID_Handler,
		},
		{
			MethodName: "GetNodeSelectors",
			Handler:    _Registration_GetNodeSelectors_Handler,
		},
	},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "ListFederatedBundles",
			Handler:       _Registration_ListFederatedBundles_Handler,
			ServerStreams: true,
		},
	},
	Metadata: "spire/api/registration/registration.proto",
}

Registration_ServiceDesc is the grpc.ServiceDesc for Registration service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func RegisterRegistrationServer 

func RegisterRegistrationServer(s grpc.ServiceRegistrar, srv RegistrationServer)

Types

type Bundle 

type Bundle struct {

	// Common bundle format
	Bundle *common.Bundle `protobuf:"bytes,2,opt,name=bundle,proto3" json:"bundle,omitempty"`
	// contains filtered or unexported fields
}

CA Bundle of the server

func (*Bundle) Descriptor deprecated 

func (*Bundle) Descriptor() ([]byte, []int)

Deprecated: Use Bundle.ProtoReflect.Descriptor instead.

func (*Bundle) GetBundle 

func (x *Bundle) GetBundle() *common.Bundle

func (*Bundle) ProtoMessage 

func (*Bundle) ProtoMessage()

func (*Bundle) ProtoReflect 

func (x *Bundle) ProtoReflect() protoreflect.Message

func (*Bundle) Reset 

func (x *Bundle) Reset()

func (*Bundle) String 

func (x *Bundle) String() string

type CreateEntryIfNotExistsResponse 

type CreateEntryIfNotExistsResponse struct {
	Entry       *common.RegistrationEntry `protobuf:"bytes,1,opt,name=entry,proto3" json:"entry,omitempty"`
	Preexisting bool                      `protobuf:"varint,2,opt,name=preexisting,proto3" json:"preexisting,omitempty"`
	// contains filtered or unexported fields
}

A type that represents a CreateEntryIfNotExists response If an entry already exists, the existing entry will be returned and `existing` will be set to true.

func (*CreateEntryIfNotExistsResponse) Descriptor deprecated 

func (*CreateEntryIfNotExistsResponse) Descriptor() ([]byte, []int)

Deprecated: Use CreateEntryIfNotExistsResponse.ProtoReflect.Descriptor instead.

func (*CreateEntryIfNotExistsResponse) GetEntry 

func (x *CreateEntryIfNotExistsResponse) GetEntry() *common.RegistrationEntry

func (*CreateEntryIfNotExistsResponse) GetPreexisting 

func (x *CreateEntryIfNotExistsResponse) GetPreexisting() bool

func (*CreateEntryIfNotExistsResponse) ProtoMessage 

func (*CreateEntryIfNotExistsResponse) ProtoMessage()

func (*CreateEntryIfNotExistsResponse) ProtoReflect 

func (x *CreateEntryIfNotExistsResponse) ProtoReflect() protoreflect.Message

func (*CreateEntryIfNotExistsResponse) Reset 

func (x *CreateEntryIfNotExistsResponse) Reset()

func (*CreateEntryIfNotExistsResponse) String 

func (x *CreateEntryIfNotExistsResponse) String() string

type DeleteFederatedBundleRequest 

type DeleteFederatedBundleRequest struct {
	Id   string                            `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Mode DeleteFederatedBundleRequest_Mode `protobuf:"varint,2,opt,name=mode,proto3,enum=spire.api.registration.DeleteFederatedBundleRequest_Mode" json:"mode,omitempty"`
	// contains filtered or unexported fields
}

func (*DeleteFederatedBundleRequest) Descriptor deprecated 

func (*DeleteFederatedBundleRequest) Descriptor() ([]byte, []int)

Deprecated: Use DeleteFederatedBundleRequest.ProtoReflect.Descriptor instead.

func (*DeleteFederatedBundleRequest) GetId 

func (x *DeleteFederatedBundleRequest) GetId() string

func (*DeleteFederatedBundleRequest) GetMode 

func (x *DeleteFederatedBundleRequest) GetMode() DeleteFederatedBundleRequest_Mode

func (*DeleteFederatedBundleRequest) ProtoMessage 

func (*DeleteFederatedBundleRequest) ProtoMessage()

func (*DeleteFederatedBundleRequest) ProtoReflect 

func (x *DeleteFederatedBundleRequest) ProtoReflect() protoreflect.Message

func (*DeleteFederatedBundleRequest) Reset 

func (x *DeleteFederatedBundleRequest) Reset()

func (*DeleteFederatedBundleRequest) String 

func (x *DeleteFederatedBundleRequest) String() string

type DeleteFederatedBundleRequest_Mode 

type DeleteFederatedBundleRequest_Mode int32

Mode controls the delete behavior if there are other records associated with the bundle (e.g. registration entries). 

const (
	// RESTRICT prevents the bundle from being deleted in the presence of associated entries
	DeleteFederatedBundleRequest_RESTRICT DeleteFederatedBundleRequest_Mode = 0
	// DELETE deletes the bundle and associated entries
	DeleteFederatedBundleRequest_DELETE DeleteFederatedBundleRequest_Mode = 1
	// DISSOCIATE deletes the bundle and dissociates associated entries
	DeleteFederatedBundleRequest_DISSOCIATE DeleteFederatedBundleRequest_Mode = 2
)

func (DeleteFederatedBundleRequest_Mode) Descriptor 

func (DeleteFederatedBundleRequest_Mode) Descriptor() protoreflect.EnumDescriptor

func (DeleteFederatedBundleRequest_Mode) Enum 

func (x DeleteFederatedBundleRequest_Mode) Enum() *DeleteFederatedBundleRequest_Mode

func (DeleteFederatedBundleRequest_Mode) EnumDescriptor deprecated 

func (DeleteFederatedBundleRequest_Mode) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeleteFederatedBundleRequest_Mode.Descriptor instead.

func (DeleteFederatedBundleRequest_Mode) Number 

func (x DeleteFederatedBundleRequest_Mode) Number() protoreflect.EnumNumber

func (DeleteFederatedBundleRequest_Mode) String 

func (x DeleteFederatedBundleRequest_Mode) String() string

func (DeleteFederatedBundleRequest_Mode) Type 

func (DeleteFederatedBundleRequest_Mode) Type() protoreflect.EnumType

type EvictAgentRequest 

type EvictAgentRequest struct {

	// Agent identity of the node to be evicted.
	// For example: "spiffe://example.org/spire/agent/join_token/feea6adc-3254-4052-9a18-5eeb74bf214f"
	SpiffeID string `protobuf:"bytes,1,opt,name=spiffeID,proto3" json:"spiffeID,omitempty"`
	// contains filtered or unexported fields
}

Represents an evict request

func (*EvictAgentRequest) Descriptor deprecated 

func (*EvictAgentRequest) Descriptor() ([]byte, []int)

Deprecated: Use EvictAgentRequest.ProtoReflect.Descriptor instead.

func (*EvictAgentRequest) GetSpiffeID 

func (x *EvictAgentRequest) GetSpiffeID() string

func (*EvictAgentRequest) ProtoMessage 

func (*EvictAgentRequest) ProtoMessage()

func (*EvictAgentRequest) ProtoReflect 

func (x *EvictAgentRequest) ProtoReflect() protoreflect.Message

func (*EvictAgentRequest) Reset 

func (x *EvictAgentRequest) Reset()

func (*EvictAgentRequest) String 

func (x *EvictAgentRequest) String() string

type EvictAgentResponse 

type EvictAgentResponse struct {

	// Node contains the evicted node
	Node *common.AttestedNode `protobuf:"bytes,1,opt,name=node,proto3" json:"node,omitempty"`
	// contains filtered or unexported fields
}

Represents an evict response

func (*EvictAgentResponse) Descriptor deprecated 

func (*EvictAgentResponse) Descriptor() ([]byte, []int)

Deprecated: Use EvictAgentResponse.ProtoReflect.Descriptor instead.

func (*EvictAgentResponse) GetNode 

func (x *EvictAgentResponse) GetNode() *common.AttestedNode

func (*EvictAgentResponse) ProtoMessage 

func (*EvictAgentResponse) ProtoMessage()

func (*EvictAgentResponse) ProtoReflect 

func (x *EvictAgentResponse) ProtoReflect() protoreflect.Message

func (*EvictAgentResponse) Reset 

func (x *EvictAgentResponse) Reset()

func (*EvictAgentResponse) String 

func (x *EvictAgentResponse) String() string

type FederatedBundle 

type FederatedBundle struct {

	// Common bundle format
	Bundle *common.Bundle `protobuf:"bytes,3,opt,name=bundle,proto3" json:"bundle,omitempty"`
	// contains filtered or unexported fields
}

A CA bundle for a different Trust Domain than the one used and managed by the Server.

func (*FederatedBundle) Descriptor deprecated 

func (*FederatedBundle) Descriptor() ([]byte, []int)

Deprecated: Use FederatedBundle.ProtoReflect.Descriptor instead.

func (*FederatedBundle) GetBundle 

func (x *FederatedBundle) GetBundle() *common.Bundle

func (*FederatedBundle) ProtoMessage 

func (*FederatedBundle) ProtoMessage()

func (*FederatedBundle) ProtoReflect 

func (x *FederatedBundle) ProtoReflect() protoreflect.Message

func (*FederatedBundle) Reset 

func (x *FederatedBundle) Reset()

func (*FederatedBundle) String 

func (x *FederatedBundle) String() string

type FederatedBundleID 

type FederatedBundleID struct {

	// SPIFFE ID of the federated bundle
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

A type that represents a federated bundle id.

func (*FederatedBundleID) Descriptor deprecated 

func (*FederatedBundleID) Descriptor() ([]byte, []int)

Deprecated: Use FederatedBundleID.ProtoReflect.Descriptor instead.

func (*FederatedBundleID) GetId 

func (x *FederatedBundleID) GetId() string

func (*FederatedBundleID) ProtoMessage 

func (*FederatedBundleID) ProtoMessage()

func (*FederatedBundleID) ProtoReflect 

func (x *FederatedBundleID) ProtoReflect() protoreflect.Message

func (*FederatedBundleID) Reset 

func (x *FederatedBundleID) Reset()

func (*FederatedBundleID) String 

func (x *FederatedBundleID) String() string

type GetNodeSelectorsRequest 

type GetNodeSelectorsRequest struct {
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// contains filtered or unexported fields
}

Represents a GetNodeSelectors request

func (*GetNodeSelectorsRequest) Descriptor deprecated 

func (*GetNodeSelectorsRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetNodeSelectorsRequest.ProtoReflect.Descriptor instead.

func (*GetNodeSelectorsRequest) GetSpiffeId 

func (x *GetNodeSelectorsRequest) GetSpiffeId() string

func (*GetNodeSelectorsRequest) ProtoMessage 

func (*GetNodeSelectorsRequest) ProtoMessage()

func (*GetNodeSelectorsRequest) ProtoReflect 

func (x *GetNodeSelectorsRequest) ProtoReflect() protoreflect.Message

func (*GetNodeSelectorsRequest) Reset 

func (x *GetNodeSelectorsRequest) Reset()

func (*GetNodeSelectorsRequest) String 

func (x *GetNodeSelectorsRequest) String() string

type GetNodeSelectorsResponse 

type GetNodeSelectorsResponse struct {
	Selectors *NodeSelectors `protobuf:"bytes,1,opt,name=selectors,proto3" json:"selectors,omitempty"`
	// contains filtered or unexported fields
}

Represents a GetNodeSelectors response

func (*GetNodeSelectorsResponse) Descriptor deprecated 

func (*GetNodeSelectorsResponse) Descriptor() ([]byte, []int)

Deprecated: Use GetNodeSelectorsResponse.ProtoReflect.Descriptor instead.

func (*GetNodeSelectorsResponse) GetSelectors 

func (x *GetNodeSelectorsResponse) GetSelectors() *NodeSelectors

func (*GetNodeSelectorsResponse) ProtoMessage 

func (*GetNodeSelectorsResponse) ProtoMessage()

func (*GetNodeSelectorsResponse) ProtoReflect 

func (x *GetNodeSelectorsResponse) ProtoReflect() protoreflect.Message

func (*GetNodeSelectorsResponse) Reset 

func (x *GetNodeSelectorsResponse) Reset()

func (*GetNodeSelectorsResponse) String 

func (x *GetNodeSelectorsResponse) String() string

type JoinToken 

type JoinToken struct {

	// The join token. If not set, one will be generated
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// TTL in seconds
	Ttl int32 `protobuf:"varint,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
	// contains filtered or unexported fields
}

JoinToken message is used for registering a new token

func (*JoinToken) Descriptor deprecated 

func (*JoinToken) Descriptor() ([]byte, []int)

Deprecated: Use JoinToken.ProtoReflect.Descriptor instead.

func (*JoinToken) GetToken 

func (x *JoinToken) GetToken() string

func (*JoinToken) GetTtl 

func (x *JoinToken) GetTtl() int32

func (*JoinToken) ProtoMessage 

func (*JoinToken) ProtoMessage()

func (*JoinToken) ProtoReflect 

func (x *JoinToken) ProtoReflect() protoreflect.Message

func (*JoinToken) Reset 

func (x *JoinToken) Reset()

func (*JoinToken) String 

func (x *JoinToken) String() string

type ListAgentsRequest 

type ListAgentsRequest struct {
	// contains filtered or unexported fields
}

Represents a ListAgents request

func (*ListAgentsRequest) Descriptor deprecated 

func (*ListAgentsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListAgentsRequest.ProtoReflect.Descriptor instead.

func (*ListAgentsRequest) ProtoMessage 

func (*ListAgentsRequest) ProtoMessage()

func (*ListAgentsRequest) ProtoReflect 

func (x *ListAgentsRequest) ProtoReflect() protoreflect.Message

func (*ListAgentsRequest) Reset 

func (x *ListAgentsRequest) Reset()

func (*ListAgentsRequest) String 

func (x *ListAgentsRequest) String() string

type ListAgentsResponse 

type ListAgentsResponse struct {

	// List of all attested agents
	Nodes []*common.AttestedNode `protobuf:"bytes,1,rep,name=nodes,proto3" json:"nodes,omitempty"`
	// contains filtered or unexported fields
}

Represents a ListAgents response

func (*ListAgentsResponse) Descriptor deprecated 

func (*ListAgentsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListAgentsResponse.ProtoReflect.Descriptor instead.

func (*ListAgentsResponse) GetNodes 

func (x *ListAgentsResponse) GetNodes() []*common.AttestedNode

func (*ListAgentsResponse) ProtoMessage 

func (*ListAgentsResponse) ProtoMessage()

func (*ListAgentsResponse) ProtoReflect 

func (x *ListAgentsResponse) ProtoReflect() protoreflect.Message

func (*ListAgentsResponse) Reset 

func (x *ListAgentsResponse) Reset()

func (*ListAgentsResponse) String 

func (x *ListAgentsResponse) String() string

type ListAllEntriesRequest 

type ListAllEntriesRequest struct {
	Pagination *Pagination `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"`
	// contains filtered or unexported fields
}

It is used to request a list of all registration entries

func (*ListAllEntriesRequest) Descriptor deprecated 

func (*ListAllEntriesRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListAllEntriesRequest.ProtoReflect.Descriptor instead.

func (*ListAllEntriesRequest) GetPagination 

func (x *ListAllEntriesRequest) GetPagination() *Pagination

func (*ListAllEntriesRequest) ProtoMessage 

func (*ListAllEntriesRequest) ProtoMessage()

func (*ListAllEntriesRequest) ProtoReflect 

func (x *ListAllEntriesRequest) ProtoReflect() protoreflect.Message

func (*ListAllEntriesRequest) Reset 

func (x *ListAllEntriesRequest) Reset()

func (*ListAllEntriesRequest) String 

func (x *ListAllEntriesRequest) String() string

type ListAllEntriesResponse 

type ListAllEntriesResponse struct {
	Entries    []*common.RegistrationEntry `protobuf:"bytes,1,rep,name=entries,proto3" json:"entries,omitempty"`
	Pagination *Pagination                 `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"`
	// contains filtered or unexported fields
}

It is used to list all registration entries with pagination

func (*ListAllEntriesResponse) Descriptor deprecated 

func (*ListAllEntriesResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListAllEntriesResponse.ProtoReflect.Descriptor instead.

func (*ListAllEntriesResponse) GetEntries 

func (x *ListAllEntriesResponse) GetEntries() []*common.RegistrationEntry

func (*ListAllEntriesResponse) GetPagination 

func (x *ListAllEntriesResponse) GetPagination() *Pagination

func (*ListAllEntriesResponse) ProtoMessage 

func (*ListAllEntriesResponse) ProtoMessage()

func (*ListAllEntriesResponse) ProtoReflect 

func (x *ListAllEntriesResponse) ProtoReflect() protoreflect.Message

func (*ListAllEntriesResponse) Reset 

func (x *ListAllEntriesResponse) Reset()

func (*ListAllEntriesResponse) String 

func (x *ListAllEntriesResponse) String() string

type MintJWTSVIDRequest 

type MintJWTSVIDRequest struct {

	// SPIFFE ID of the JWT-SVID
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// TTL of the JWT-SVID, in seconds. The server default will be used if
	// unset. The TTL is advisory only. The actual lifetime of the JWT-SVID may
	// be lower depending on the remaining lifetime of the active SPIRE Server
	// CA.
	Ttl int32 `protobuf:"varint,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
	// List of audience claims to include in the JWT-SVID. At least one must
	// be set.
	Audience []string `protobuf:"bytes,3,rep,name=audience,proto3" json:"audience,omitempty"`
	// contains filtered or unexported fields
}

func (*MintJWTSVIDRequest) Descriptor deprecated 

func (*MintJWTSVIDRequest) Descriptor() ([]byte, []int)

Deprecated: Use MintJWTSVIDRequest.ProtoReflect.Descriptor instead.

func (*MintJWTSVIDRequest) GetAudience 

func (x *MintJWTSVIDRequest) GetAudience() []string

func (*MintJWTSVIDRequest) GetSpiffeId 

func (x *MintJWTSVIDRequest) GetSpiffeId() string

func (*MintJWTSVIDRequest) GetTtl 

func (x *MintJWTSVIDRequest) GetTtl() int32

func (*MintJWTSVIDRequest) ProtoMessage 

func (*MintJWTSVIDRequest) ProtoMessage()

func (*MintJWTSVIDRequest) ProtoReflect 

func (x *MintJWTSVIDRequest) ProtoReflect() protoreflect.Message

func (*MintJWTSVIDRequest) Reset 

func (x *MintJWTSVIDRequest) Reset()

func (*MintJWTSVIDRequest) String 

func (x *MintJWTSVIDRequest) String() string

type MintJWTSVIDResponse 

type MintJWTSVIDResponse struct {

	// JWT-SVID token
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// contains filtered or unexported fields
}

func (*MintJWTSVIDResponse) Descriptor deprecated 

func (*MintJWTSVIDResponse) Descriptor() ([]byte, []int)

Deprecated: Use MintJWTSVIDResponse.ProtoReflect.Descriptor instead.

func (*MintJWTSVIDResponse) GetToken 

func (x *MintJWTSVIDResponse) GetToken() string

func (*MintJWTSVIDResponse) ProtoMessage 

func (*MintJWTSVIDResponse) ProtoMessage()

func (*MintJWTSVIDResponse) ProtoReflect 

func (x *MintJWTSVIDResponse) ProtoReflect() protoreflect.Message

func (*MintJWTSVIDResponse) Reset 

func (x *MintJWTSVIDResponse) Reset()

func (*MintJWTSVIDResponse) String 

func (x *MintJWTSVIDResponse) String() string

type MintX509SVIDRequest 

type MintX509SVIDRequest struct {

	// SPIFFE ID of the X509-SVID
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// ASN.1 encoded CSR. The CSR is only used to convey the public key and
	// prove possession of the private key. The rest of the CSR is ignored.
	Csr []byte `protobuf:"bytes,2,opt,name=csr,proto3" json:"csr,omitempty"`
	// TTL of the X509-SVID, in seconds. The server default will be used if
	// unset. The TTL is advisory only. The actual lifetime of the X509-SVID
	// may be lower depending on the remaining lifetime of the active SPIRE
	// Server CA.
	Ttl int32 `protobuf:"varint,3,opt,name=ttl,proto3" json:"ttl,omitempty"`
	// DNS names to include as DNS SANs in the X509-SVID. If set, the first
	// in the list is also set as the X509-SVID common name.
	DnsNames []string `protobuf:"bytes,4,rep,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"`
	// contains filtered or unexported fields
}

func (*MintX509SVIDRequest) Descriptor deprecated 

func (*MintX509SVIDRequest) Descriptor() ([]byte, []int)

Deprecated: Use MintX509SVIDRequest.ProtoReflect.Descriptor instead.

func (*MintX509SVIDRequest) GetCsr 

func (x *MintX509SVIDRequest) GetCsr() []byte

func (*MintX509SVIDRequest) GetDnsNames 

func (x *MintX509SVIDRequest) GetDnsNames() []string

func (*MintX509SVIDRequest) GetSpiffeId 

func (x *MintX509SVIDRequest) GetSpiffeId() string

func (*MintX509SVIDRequest) GetTtl 

func (x *MintX509SVIDRequest) GetTtl() int32

func (*MintX509SVIDRequest) ProtoMessage 

func (*MintX509SVIDRequest) ProtoMessage()

func (*MintX509SVIDRequest) ProtoReflect 

func (x *MintX509SVIDRequest) ProtoReflect() protoreflect.Message

func (*MintX509SVIDRequest) Reset 

func (x *MintX509SVIDRequest) Reset()

func (*MintX509SVIDRequest) String 

func (x *MintX509SVIDRequest) String() string

type MintX509SVIDResponse 

type MintX509SVIDResponse struct {

	// X509-SVID chain. This includes the X509-SVID itself and any
	// intermediates necessary to chain back to certificates in the root_cas.
	SvidChain [][]byte `protobuf:"bytes,1,rep,name=svid_chain,json=svidChain,proto3" json:"svid_chain,omitempty"`
	// X.509 root certificates
	RootCas [][]byte `protobuf:"bytes,2,rep,name=root_cas,json=rootCas,proto3" json:"root_cas,omitempty"`
	// contains filtered or unexported fields
}

func (*MintX509SVIDResponse) Descriptor deprecated 

func (*MintX509SVIDResponse) Descriptor() ([]byte, []int)

Deprecated: Use MintX509SVIDResponse.ProtoReflect.Descriptor instead.

func (*MintX509SVIDResponse) GetRootCas 

func (x *MintX509SVIDResponse) GetRootCas() [][]byte

func (*MintX509SVIDResponse) GetSvidChain 

func (x *MintX509SVIDResponse) GetSvidChain() [][]byte

func (*MintX509SVIDResponse) ProtoMessage 

func (*MintX509SVIDResponse) ProtoMessage()

func (*MintX509SVIDResponse) ProtoReflect 

func (x *MintX509SVIDResponse) ProtoReflect() protoreflect.Message

func (*MintX509SVIDResponse) Reset 

func (x *MintX509SVIDResponse) Reset()

func (*MintX509SVIDResponse) String 

func (x *MintX509SVIDResponse) String() string

type NodeSelectors 

type NodeSelectors struct {

	// Node SPIFFE ID
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// Node selectors
	Selectors []*common.Selector `protobuf:"bytes,2,rep,name=selectors,proto3" json:"selectors,omitempty"`
	// contains filtered or unexported fields
}

func (*NodeSelectors) Descriptor deprecated 

func (*NodeSelectors) Descriptor() ([]byte, []int)

Deprecated: Use NodeSelectors.ProtoReflect.Descriptor instead.

func (*NodeSelectors) GetSelectors 

func (x *NodeSelectors) GetSelectors() []*common.Selector

func (*NodeSelectors) GetSpiffeId 

func (x *NodeSelectors) GetSpiffeId() string

func (*NodeSelectors) ProtoMessage 

func (*NodeSelectors) ProtoMessage()

func (*NodeSelectors) ProtoReflect 

func (x *NodeSelectors) ProtoReflect() protoreflect.Message

func (*NodeSelectors) Reset 

func (x *NodeSelectors) Reset()

func (*NodeSelectors) String 

func (x *NodeSelectors) String() string

type Pagination 

type Pagination struct {
	Token    string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	PageSize int32  `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// contains filtered or unexported fields
}

A type that represents pagination for list responses

func (*Pagination) Descriptor deprecated 

func (*Pagination) Descriptor() ([]byte, []int)

Deprecated: Use Pagination.ProtoReflect.Descriptor instead.

func (*Pagination) GetPageSize 

func (x *Pagination) GetPageSize() int32

func (*Pagination) GetToken 

func (x *Pagination) GetToken() string

func (*Pagination) ProtoMessage 

func (*Pagination) ProtoMessage()

func (*Pagination) ProtoReflect 

func (x *Pagination) ProtoReflect() protoreflect.Message

func (*Pagination) Reset 

func (x *Pagination) Reset()

func (*Pagination) String 

func (x *Pagination) String() string

type ParentID 

type ParentID struct {

	// ParentId.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

A type that represents a parent Id.

func (*ParentID) Descriptor deprecated 

func (*ParentID) Descriptor() ([]byte, []int)

Deprecated: Use ParentID.ProtoReflect.Descriptor instead.

func (*ParentID) GetId 

func (x *ParentID) GetId() string

func (*ParentID) ProtoMessage 

func (*ParentID) ProtoMessage()

func (*ParentID) ProtoReflect 

func (x *ParentID) ProtoReflect() protoreflect.Message

func (*ParentID) Reset 

func (x *ParentID) Reset()

func (*ParentID) String 

func (x *ParentID) String() string

type RegistrationClient 

type RegistrationClient interface {
	// Creates an entry in the Registration table, used to assign SPIFFE IDs to nodes and workloads.
	CreateEntry(ctx context.Context, in *common.RegistrationEntry, opts ...grpc.CallOption) (*RegistrationEntryID, error)
	// Creates an entry in the Registration table if one like it doesn't already exist
	CreateEntryIfNotExists(ctx context.Context, in *common.RegistrationEntry, opts ...grpc.CallOption) (*CreateEntryIfNotExistsResponse, error)
	// Deletes an entry and returns the deleted entry.
	DeleteEntry(ctx context.Context, in *RegistrationEntryID, opts ...grpc.CallOption) (*common.RegistrationEntry, error)
	// Retrieve a specific registered entry.
	FetchEntry(ctx context.Context, in *RegistrationEntryID, opts ...grpc.CallOption) (*common.RegistrationEntry, error)
	// Retrieve all registered entries.
	FetchEntries(ctx context.Context, in *common.Empty, opts ...grpc.CallOption) (*common.RegistrationEntries, error)
	// Updates a specific registered entry.
	UpdateEntry(ctx context.Context, in *UpdateEntryRequest, opts ...grpc.CallOption) (*common.RegistrationEntry, error)
	// Returns all the Entries associated with the ParentID value.
	ListByParentID(ctx context.Context, in *ParentID, opts ...grpc.CallOption) (*common.RegistrationEntries, error)
	// Returns all the entries associated with a selector value.
	ListBySelector(ctx context.Context, in *common.Selector, opts ...grpc.CallOption) (*common.RegistrationEntries, error)
	// Returns all the entries matching the set of selectors
	ListBySelectors(ctx context.Context, in *common.Selectors, opts ...grpc.CallOption) (*common.RegistrationEntries, error)
	// Return all registration entries for which SPIFFE ID matches.
	ListBySpiffeID(ctx context.Context, in *SpiffeID, opts ...grpc.CallOption) (*common.RegistrationEntries, error)
	// Return all registration entries with pagination of default page size of 50.
	ListAllEntriesWithPages(ctx context.Context, in *ListAllEntriesRequest, opts ...grpc.CallOption) (*ListAllEntriesResponse, error)
	// Creates an entry in the Federated bundle table to store the mappings of Federated SPIFFE IDs and their associated CA bundle.
	CreateFederatedBundle(ctx context.Context, in *FederatedBundle, opts ...grpc.CallOption) (*common.Empty, error)
	// Retrieves a single federated bundle
	FetchFederatedBundle(ctx context.Context, in *FederatedBundleID, opts ...grpc.CallOption) (*FederatedBundle, error)
	// Retrieves Federated bundles for all the Federated SPIFFE IDs.
	ListFederatedBundles(ctx context.Context, in *common.Empty, opts ...grpc.CallOption) (Registration_ListFederatedBundlesClient, error)
	// Updates a particular Federated Bundle. Useful for rotation.
	UpdateFederatedBundle(ctx context.Context, in *FederatedBundle, opts ...grpc.CallOption) (*common.Empty, error)
	// Delete a particular Federated Bundle. Used to destroy inter-domain trust.
	DeleteFederatedBundle(ctx context.Context, in *DeleteFederatedBundleRequest, opts ...grpc.CallOption) (*common.Empty, error)
	// Create a new join token
	CreateJoinToken(ctx context.Context, in *JoinToken, opts ...grpc.CallOption) (*JoinToken, error)
	// Retrieves the CA bundle.
	FetchBundle(ctx context.Context, in *common.Empty, opts ...grpc.CallOption) (*Bundle, error)
	// EvictAgent removes an attestation entry from the attested nodes store
	EvictAgent(ctx context.Context, in *EvictAgentRequest, opts ...grpc.CallOption) (*EvictAgentResponse, error)
	// ListAgents will list all attested nodes
	ListAgents(ctx context.Context, in *ListAgentsRequest, opts ...grpc.CallOption) (*ListAgentsResponse, error)
	// MintX509SVID mints an X509-SVID directly with the SPIRE server CA.
	MintX509SVID(ctx context.Context, in *MintX509SVIDRequest, opts ...grpc.CallOption) (*MintX509SVIDResponse, error)
	// MintJWTSVID mints a JWT-SVID directly with the SPIRE server CA.
	MintJWTSVID(ctx context.Context, in *MintJWTSVIDRequest, opts ...grpc.CallOption) (*MintJWTSVIDResponse, error)
	// GetNodeSelectors gets node (agent) selectors
	GetNodeSelectors(ctx context.Context, in *GetNodeSelectorsRequest, opts ...grpc.CallOption) (*GetNodeSelectorsResponse, error)
}

RegistrationClient is the client API for Registration service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewRegistrationClient 

func NewRegistrationClient(cc grpc.ClientConnInterface) RegistrationClient

type RegistrationEntryID 

type RegistrationEntryID struct {

	// RegistrationEntryID.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

A type that represents the id of an entry.

func (*RegistrationEntryID) Descriptor deprecated 

func (*RegistrationEntryID) Descriptor() ([]byte, []int)

Deprecated: Use RegistrationEntryID.ProtoReflect.Descriptor instead.

func (*RegistrationEntryID) GetId 

func (x *RegistrationEntryID) GetId() string

func (*RegistrationEntryID) ProtoMessage 

func (*RegistrationEntryID) ProtoMessage()

func (*RegistrationEntryID) ProtoReflect 

func (x *RegistrationEntryID) ProtoReflect() protoreflect.Message

func (*RegistrationEntryID) Reset 

func (x *RegistrationEntryID) Reset()

func (*RegistrationEntryID) String 

func (x *RegistrationEntryID) String() string

type RegistrationServer 

type RegistrationServer interface {
	// Creates an entry in the Registration table, used to assign SPIFFE IDs to nodes and workloads.
	CreateEntry(context.Context, *common.RegistrationEntry) (*RegistrationEntryID, error)
	// Creates an entry in the Registration table if one like it doesn't already exist
	CreateEntryIfNotExists(context.Context, *common.RegistrationEntry) (*CreateEntryIfNotExistsResponse, error)
	// Deletes an entry and returns the deleted entry.
	DeleteEntry(context.Context, *RegistrationEntryID) (*common.RegistrationEntry, error)
	// Retrieve a specific registered entry.
	FetchEntry(context.Context, *RegistrationEntryID) (*common.RegistrationEntry, error)
	// Retrieve all registered entries.
	FetchEntries(context.Context, *common.Empty) (*common.RegistrationEntries, error)
	// Updates a specific registered entry.
	UpdateEntry(context.Context, *UpdateEntryRequest) (*common.RegistrationEntry, error)
	// Returns all the Entries associated with the ParentID value.
	ListByParentID(context.Context, *ParentID) (*common.RegistrationEntries, error)
	// Returns all the entries associated with a selector value.
	ListBySelector(context.Context, *common.Selector) (*common.RegistrationEntries, error)
	// Returns all the entries matching the set of selectors
	ListBySelectors(context.Context, *common.Selectors) (*common.RegistrationEntries, error)
	// Return all registration entries for which SPIFFE ID matches.
	ListBySpiffeID(context.Context, *SpiffeID) (*common.RegistrationEntries, error)
	// Return all registration entries with pagination of default page size of 50.
	ListAllEntriesWithPages(context.Context, *ListAllEntriesRequest) (*ListAllEntriesResponse, error)
	// Creates an entry in the Federated bundle table to store the mappings of Federated SPIFFE IDs and their associated CA bundle.
	CreateFederatedBundle(context.Context, *FederatedBundle) (*common.Empty, error)
	// Retrieves a single federated bundle
	FetchFederatedBundle(context.Context, *FederatedBundleID) (*FederatedBundle, error)
	// Retrieves Federated bundles for all the Federated SPIFFE IDs.
	ListFederatedBundles(*common.Empty, Registration_ListFederatedBundlesServer) error
	// Updates a particular Federated Bundle. Useful for rotation.
	UpdateFederatedBundle(context.Context, *FederatedBundle) (*common.Empty, error)
	// Delete a particular Federated Bundle. Used to destroy inter-domain trust.
	DeleteFederatedBundle(context.Context, *DeleteFederatedBundleRequest) (*common.Empty, error)
	// Create a new join token
	CreateJoinToken(context.Context, *JoinToken) (*JoinToken, error)
	// Retrieves the CA bundle.
	FetchBundle(context.Context, *common.Empty) (*Bundle, error)
	// EvictAgent removes an attestation entry from the attested nodes store
	EvictAgent(context.Context, *EvictAgentRequest) (*EvictAgentResponse, error)
	// ListAgents will list all attested nodes
	ListAgents(context.Context, *ListAgentsRequest) (*ListAgentsResponse, error)
	// MintX509SVID mints an X509-SVID directly with the SPIRE server CA.
	MintX509SVID(context.Context, *MintX509SVIDRequest) (*MintX509SVIDResponse, error)
	// MintJWTSVID mints a JWT-SVID directly with the SPIRE server CA.
	MintJWTSVID(context.Context, *MintJWTSVIDRequest) (*MintJWTSVIDResponse, error)
	// GetNodeSelectors gets node (agent) selectors
	GetNodeSelectors(context.Context, *GetNodeSelectorsRequest) (*GetNodeSelectorsResponse, error)
	// contains filtered or unexported methods
}

RegistrationServer is the server API for Registration service. All implementations must embed UnimplementedRegistrationServer for forward compatibility

type Registration_ListFederatedBundlesClient 

type Registration_ListFederatedBundlesClient interface {
	Recv() (*FederatedBundle, error)
	grpc.ClientStream
}

type Registration_ListFederatedBundlesServer 

type Registration_ListFederatedBundlesServer interface {
	Send(*FederatedBundle) error
	grpc.ServerStream
}

type SpiffeID 

type SpiffeID struct {

	// SpiffeId.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

A type that represents a SPIFFE Id.

func (*SpiffeID) Descriptor deprecated 

func (*SpiffeID) Descriptor() ([]byte, []int)

Deprecated: Use SpiffeID.ProtoReflect.Descriptor instead.

func (*SpiffeID) GetId 

func (x *SpiffeID) GetId() string

func (*SpiffeID) ProtoMessage 

func (*SpiffeID) ProtoMessage()

func (*SpiffeID) ProtoReflect 

func (x *SpiffeID) ProtoReflect() protoreflect.Message

func (*SpiffeID) Reset 

func (x *SpiffeID) Reset()

func (*SpiffeID) String 

func (x *SpiffeID) String() string

type UnimplementedRegistrationServer 

type UnimplementedRegistrationServer struct {
}

UnimplementedRegistrationServer must be embedded to have forward compatible implementations.

func (UnimplementedRegistrationServer) CreateEntry 

func (UnimplementedRegistrationServer) CreateEntry(context.Context, *common.RegistrationEntry) (*RegistrationEntryID, error)

func (UnimplementedRegistrationServer) CreateEntryIfNotExists 

func (UnimplementedRegistrationServer) CreateEntryIfNotExists(context.Context, *common.RegistrationEntry) (*CreateEntryIfNotExistsResponse, error)

func (UnimplementedRegistrationServer) CreateFederatedBundle 

func (UnimplementedRegistrationServer) CreateFederatedBundle(context.Context, *FederatedBundle) (*common.Empty, error)

func (UnimplementedRegistrationServer) CreateJoinToken 

func (UnimplementedRegistrationServer) CreateJoinToken(context.Context, *JoinToken) (*JoinToken, error)

func (UnimplementedRegistrationServer) DeleteEntry 

func (UnimplementedRegistrationServer) DeleteEntry(context.Context, *RegistrationEntryID) (*common.RegistrationEntry, error)

func (UnimplementedRegistrationServer) DeleteFederatedBundle 

func (UnimplementedRegistrationServer) DeleteFederatedBundle(context.Context, *DeleteFederatedBundleRequest) (*common.Empty, error)

func (UnimplementedRegistrationServer) EvictAgent 

func (UnimplementedRegistrationServer) EvictAgent(context.Context, *EvictAgentRequest) (*EvictAgentResponse, error)

func (UnimplementedRegistrationServer) FetchBundle 

func (UnimplementedRegistrationServer) FetchBundle(context.Context, *common.Empty) (*Bundle, error)

func (UnimplementedRegistrationServer) FetchEntries 

func (UnimplementedRegistrationServer) FetchEntries(context.Context, *common.Empty) (*common.RegistrationEntries, error)

func (UnimplementedRegistrationServer) FetchEntry 

func (UnimplementedRegistrationServer) FetchEntry(context.Context, *RegistrationEntryID) (*common.RegistrationEntry, error)

func (UnimplementedRegistrationServer) FetchFederatedBundle 

func (UnimplementedRegistrationServer) FetchFederatedBundle(context.Context, *FederatedBundleID) (*FederatedBundle, error)

func (UnimplementedRegistrationServer) GetNodeSelectors 

func (UnimplementedRegistrationServer) GetNodeSelectors(context.Context, *GetNodeSelectorsRequest) (*GetNodeSelectorsResponse, error)

func (UnimplementedRegistrationServer) ListAgents 

func (UnimplementedRegistrationServer) ListAgents(context.Context, *ListAgentsRequest) (*ListAgentsResponse, error)

func (UnimplementedRegistrationServer) ListAllEntriesWithPages 

func (UnimplementedRegistrationServer) ListAllEntriesWithPages(context.Context, *ListAllEntriesRequest) (*ListAllEntriesResponse, error)

func (UnimplementedRegistrationServer) ListByParentID 

func (UnimplementedRegistrationServer) ListByParentID(context.Context, *ParentID) (*common.RegistrationEntries, error)

func (UnimplementedRegistrationServer) ListBySelector 

func (UnimplementedRegistrationServer) ListBySelector(context.Context, *common.Selector) (*common.RegistrationEntries, error)

func (UnimplementedRegistrationServer) ListBySelectors 

func (UnimplementedRegistrationServer) ListBySelectors(context.Context, *common.Selectors) (*common.RegistrationEntries, error)

func (UnimplementedRegistrationServer) ListBySpiffeID 

func (UnimplementedRegistrationServer) ListBySpiffeID(context.Context, *SpiffeID) (*common.RegistrationEntries, error)

func (UnimplementedRegistrationServer) ListFederatedBundles 

func (UnimplementedRegistrationServer) ListFederatedBundles(*common.Empty, Registration_ListFederatedBundlesServer) error

func (UnimplementedRegistrationServer) MintJWTSVID 

func (UnimplementedRegistrationServer) MintJWTSVID(context.Context, *MintJWTSVIDRequest) (*MintJWTSVIDResponse, error)

func (UnimplementedRegistrationServer) MintX509SVID 

func (UnimplementedRegistrationServer) MintX509SVID(context.Context, *MintX509SVIDRequest) (*MintX509SVIDResponse, error)

func (UnimplementedRegistrationServer) UpdateEntry 

func (UnimplementedRegistrationServer) UpdateEntry(context.Context, *UpdateEntryRequest) (*common.RegistrationEntry, error)

func (UnimplementedRegistrationServer) UpdateFederatedBundle 

func (UnimplementedRegistrationServer) UpdateFederatedBundle(context.Context, *FederatedBundle) (*common.Empty, error)

type UnsafeRegistrationServer 

type UnsafeRegistrationServer interface {
	// contains filtered or unexported methods
}

UnsafeRegistrationServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to RegistrationServer will result in compilation errors.

type UpdateEntryRequest 

type UpdateEntryRequest struct {

	// Registration entry to update
	Entry *common.RegistrationEntry `protobuf:"bytes,1,opt,name=entry,proto3" json:"entry,omitempty"`
	// contains filtered or unexported fields
}

A type used to update registration entries

func (*UpdateEntryRequest) Descriptor deprecated 

func (*UpdateEntryRequest) Descriptor() ([]byte, []int)

Deprecated: Use UpdateEntryRequest.ProtoReflect.Descriptor instead.

func (*UpdateEntryRequest) GetEntry 

func (x *UpdateEntryRequest) GetEntry() *common.RegistrationEntry

func (*UpdateEntryRequest) ProtoMessage 

func (*UpdateEntryRequest) ProtoMessage()

func (*UpdateEntryRequest) ProtoReflect 

func (x *UpdateEntryRequest) ProtoReflect() protoreflect.Message

func (*UpdateEntryRequest) Reset 

func (x *UpdateEntryRequest) Reset()

func (*UpdateEntryRequest) String 

func (x *UpdateEntryRequest) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.