gcpcas

package

v1.2.4 Latest Latest Go to latest Published: May 11, 2022 License: Apache-2.0 Imports: 24 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuiltIn ¶

func BuiltIn() catalog.BuiltIn

BuiltIn constructs a catalog Plugin using a new instance of this plugin.

Types ¶

type CAClient ¶

type CAClient interface {
	CreateCertificate(ctx context.Context, req *privatecapb.CreateCertificateRequest) (*privatecapb.Certificate, error)
	LoadCertificateAuthorities(ctx context.Context, spec CertificateAuthoritySpec) ([]*privatecapb.CertificateAuthority, error)
}

type CertificateAuthoritySpec ¶

type CertificateAuthoritySpec struct {
	Project    string `hcl:"project_name"`
	Location   string `hcl:"region_name"`
	CaPool     string `hcl:"ca_pool"`
	LabelKey   string `hcl:"label_key"`
	LabelValue string `hcl:"label_value"`
}

type Configuration ¶ added in v1.0.0

type Configuration struct {
	RootSpec CertificateAuthoritySpec `hcl:"root_cert_spec,block"`
}

type Plugin ¶

type Plugin struct {
	upstreamauthorityv1.UnsafeUpstreamAuthorityServer
	configv1.UnsafeConfigServer
	// contains filtered or unexported fields
}

func New ¶

func New() *Plugin

func (*Plugin) Configure ¶

func (p *Plugin) Configure(ctx context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)

func (*Plugin) MintX509CAAndSubscribe ¶ added in v1.0.0

func (p *Plugin) MintX509CAAndSubscribe(request *upstreamauthorityv1.MintX509CARequest, stream upstreamauthorityv1.UpstreamAuthority_MintX509CAAndSubscribeServer) error

Mints an X.509 CA and responds with the signed X.509 CA certificate chain and upstream X.509 roots. If supported by the implementation, subsequent responses on the stream contain upstream X.509 root updates, otherwise the RPC is completed after sending the initial response.

Implementation note: The stream should be kept open in the face of transient errors encountered while tracking changes to the upstream X.509 roots as SPIRE core will not reopen a closed stream until the next X.509 CA rotation.

func (*Plugin) PublishJWTKeyAndSubscribe ¶ added in v1.0.0

func (p *Plugin) PublishJWTKeyAndSubscribe(*upstreamauthorityv1.PublishJWTKeyRequest, upstreamauthorityv1.UpstreamAuthority_PublishJWTKeyAndSubscribeServer) error

PublishJWTKeyAndSubscribe is not yet supported. It will return with GRPC Unimplemented error

func (*Plugin) SetLogger ¶

func (p *Plugin) SetLogger(log hclog.Logger)

SetLogger will be called by the catalog system to provide the plugin with a logger when it is loaded. The logger is wired up to the SPIRE core logger

Source Files ¶

View all Source files

gcpcas.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL