endpoints

package

v1.0.4 Latest Latest Go to latest Published: May 13, 2022 License: Apache-2.0 Imports: 55 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Index ¶

func AgentAuthorizer(log logrus.FieldLogger, ds datastore.DataStore, clk clock.Clock) middleware.AgentAuthorizer
func EntryFetcher(ds datastore.DataStore) middleware.EntryFetcher
func Middleware(log logrus.FieldLogger, metrics telemetry.Metrics, ds datastore.DataStore, ...) middleware.Middleware
func RateLimits(config RateLimitConfig) map[string]api.RateLimiter
func UpstreamPublisher(manager *ca.Manager) bundle.UpstreamPublisher
type APIServers
type AuthorizedEntryFetcherWithFullCache
- func NewAuthorizedEntryFetcherWithFullCache(ctx context.Context, buildCache entryCacheBuilderFn, log logrus.FieldLogger, ...) (*AuthorizedEntryFetcherWithFullCache, error)
- func (a *AuthorizedEntryFetcherWithFullCache) FetchAuthorizedEntries(ctx context.Context, agentID spiffeid.ID) ([]*types.Entry, error)
- func (a *AuthorizedEntryFetcherWithFullCache) RunRebuildCacheTask(ctx context.Context) error
type Config
type Endpoints
- func New(ctx context.Context, c Config) (*Endpoints, error)
- func (e *Endpoints) ListenAndServe(ctx context.Context) error
type OldAPIServers
type RateLimitConfig
type Server

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AgentAuthorizer ¶ added in v0.11.0

func AgentAuthorizer(log logrus.FieldLogger, ds datastore.DataStore, clk clock.Clock) middleware.AgentAuthorizer

func EntryFetcher ¶ added in v0.11.0

func EntryFetcher(ds datastore.DataStore) middleware.EntryFetcher

func Middleware ¶ added in v0.11.0

func Middleware(log logrus.FieldLogger, metrics telemetry.Metrics, ds datastore.DataStore, clk clock.Clock, rlConf RateLimitConfig, policyEngine *authpolicy.Engine, auditLogEnabled bool) middleware.Middleware

func RateLimits ¶ added in v0.11.0

func RateLimits(config RateLimitConfig) map[string]api.RateLimiter

func UpstreamPublisher ¶ added in v0.11.0

func UpstreamPublisher(manager *ca.Manager) bundle.UpstreamPublisher

Types ¶

type APIServers ¶ added in v0.11.0

type APIServers struct {
	AgentServer  agentv1.AgentServer
	BundleServer bundlev1.BundleServer
	DebugServer  debugv1_pb.DebugServer
	EntryServer  entryv1.EntryServer
	HealthServer grpc_health_v1.HealthServer
	SVIDServer   svidv1.SVIDServer
}

type AuthorizedEntryFetcherWithFullCache ¶ added in v0.12.0

type AuthorizedEntryFetcherWithFullCache struct {
	// contains filtered or unexported fields
}

func NewAuthorizedEntryFetcherWithFullCache ¶ added in v0.12.0

func NewAuthorizedEntryFetcherWithFullCache(ctx context.Context, buildCache entryCacheBuilderFn, log logrus.FieldLogger, clk clock.Clock, cacheReloadInterval time.Duration) (*AuthorizedEntryFetcherWithFullCache, error)

func (*AuthorizedEntryFetcherWithFullCache) FetchAuthorizedEntries ¶ added in v0.12.0

func (a *AuthorizedEntryFetcherWithFullCache) FetchAuthorizedEntries(ctx context.Context, agentID spiffeid.ID) ([]*types.Entry, error)

func (*AuthorizedEntryFetcherWithFullCache) RunRebuildCacheTask ¶ added in v0.12.0

func (a *AuthorizedEntryFetcherWithFullCache) RunRebuildCacheTask(ctx context.Context) error

RunRebuildCacheTask starts a ticker which rebuilds the in-memory entry cache.

type Endpoints ¶

type Endpoints struct {
	OldAPIServers

	TCPAddr                      *net.TCPAddr
	UDSAddr                      *net.UnixAddr
	SVIDObserver                 svid.Observer
	TrustDomain                  spiffeid.TrustDomain
	DataStore                    datastore.DataStore
	APIServers                   APIServers
	BundleEndpointServer         Server
	Log                          logrus.FieldLogger
	Metrics                      telemetry.Metrics
	RateLimit                    RateLimitConfig
	EntryFetcherCacheRebuildTask func(context.Context) error
	AuditLogEnabled              bool
	AuthPolicyEngine             *authpolicy.Engine
}

func New ¶

func New(ctx context.Context, c Config) (*Endpoints, error)

New creates new endpoints struct

func (*Endpoints) ListenAndServe ¶

func (e *Endpoints) ListenAndServe(ctx context.Context) error

ListenAndServe starts all endpoint servers and blocks until the context is canceled or any of the servers fails to run. If the context is canceled, the function returns nil. Otherwise, the error from the failed server is returned.

type OldAPIServers ¶ added in v0.11.0

type OldAPIServers struct {
	RegistrationServer registration_pb.RegistrationServer
}

type RateLimitConfig ¶ added in v0.11.0

type RateLimitConfig struct {
	// Attestation, if true, rate limits attestation
	Attestation bool

	// Signing, if true, rate limits JWT and X509 signing requests
	Signing bool
}

RateLimitConfig holds rate limiting configurations.

type Server ¶

type Server interface {
	// ListenAndServe starts all endpoint servers and blocks until the context
	// is canceled or any of the servers fails to run. If the context is
	// canceled, the function returns nil. Otherwise, the error from the failed
	// server is returned.
	ListenAndServe(ctx context.Context) error
}

Server manages gRPC and HTTP endpoint lifecycle

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
bundle
internal/acmetest nolint // forked code	nolint // forked code
internal/autocert nolint // forked code nolint // forked code nolint // forked code	nolint // forked code nolint // forked code nolint // forked code
registration

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL