Documentation ¶
Index ¶
- type Cache
- func (c *Cache) CountX509SVIDs() int
- func (c *Cache) GetStaleEntries() []*cache.StaleEntry
- func (c *Cache) HandledRecord(handledEntry *common.RegistrationEntry, revision int64)
- func (c *Cache) ReadyToStore() []*Record
- func (c *Cache) Records() []*Record
- func (c *Cache) TaintJWTSVIDs(ctx context.Context, taintedJWTAuthorities map[string]struct{})
- func (c *Cache) TaintX509SVIDs(ctx context.Context, taintedX509Authorities []*x509.Certificate)
- func (c *Cache) UpdateEntries(update *cache.UpdateEntries, ...)
- func (c *Cache) UpdateSVIDs(update *cache.UpdateSVIDs)
- type Config
- type Record
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Cache ¶
type Cache struct {
// contains filtered or unexported fields
}
func (*Cache) CountX509SVIDs ¶ added in v1.10.2
func (*Cache) GetStaleEntries ¶
func (c *Cache) GetStaleEntries() []*cache.StaleEntry
GetStaleEntries obtains a list of stale entries, that needs new SVIDs
func (*Cache) HandledRecord ¶
func (c *Cache) HandledRecord(handledEntry *common.RegistrationEntry, revision int64)
HandledRecord updates handled revision, and sets the latest processed entry
func (*Cache) ReadyToStore ¶
ReadyToStore returns all records that are ready to be stored
func (*Cache) Records ¶
Records returns all the records in the cache. This function exists only to facilitate testing.
func (*Cache) TaintJWTSVIDs ¶ added in v1.11.0
func (*Cache) TaintX509SVIDs ¶ added in v1.11.0
func (c *Cache) TaintX509SVIDs(ctx context.Context, taintedX509Authorities []*x509.Certificate)
func (*Cache) UpdateEntries ¶
func (c *Cache) UpdateEntries(update *cache.UpdateEntries, checkSVID func(*common.RegistrationEntry, *common.RegistrationEntry, *cache.X509SVID) bool)
UpdateEntries using `UpdateEntries` updates and validates latest entries, record's revision number is incremented on each record based on: - Knowledge or when the SVID for that entry changes - Knowledge when the bundle changes - Knowledge when a federated bundle related to a storable entry changes
func (*Cache) UpdateSVIDs ¶
func (c *Cache) UpdateSVIDs(update *cache.UpdateSVIDs)
UpdateSVIDs updates cache with latest SVIDs
type Config ¶
type Config struct { Log logrus.FieldLogger TrustDomain spiffeid.TrustDomain Metrics telemetry.Metrics }
Config is the store cache configuration
type Record ¶
type Record struct { // ID holds entry ID ID string // Entry holds registration entry for record Entry *common.RegistrationEntry // ExpiresAt is the expiration time for SVID ExpiresAt time.Time // Svid holds a valid X509-SVID Svid *cache.X509SVID // Revision is the current cache record version Revision int64 // Bundles holds trust domain bundle together with federated bundle Bundles map[spiffeid.TrustDomain]*spiffebundle.Bundle // HandledEntry holds the previous entry revision. It is useful to define // what changed between versions. HandledEntry *common.RegistrationEntry }
Record holds the latest cached SVID with its context