svidstore

package

v1.6.3 Latest Latest Go to latest Published: Apr 12, 2023 License: Apache-2.0 Imports: 13 Imported by: 5

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Index ¶

func ParseMetadata(metaData []string) (map[string]string, error)
type Data
- func SecretFromProto(req *svidstorev1.PutX509SVIDRequest) (*Data, error)
type Repository
type SVID
type SVIDStore
type V1
- func (v1 *V1) DeleteX509SVID(ctx context.Context, metadata []string) error
- func (v1 *V1) PutX509SVID(ctx context.Context, x509SVID *X509SVID) error
type X509SVID

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ParseMetadata ¶

func ParseMetadata(metaData []string) (map[string]string, error)

ParseMetadata parses metadata from a slice of strings into a map that can be consumed by SVIDStore plugins

Types ¶

type Data ¶

type Data struct {
	// SPIFFEID is the SPIFFE ID of the SVID
	SPIFFEID string `json:"spiffeID,omitempty"`
	// X509SVID is the PEM encoded certificate chain. MAY include intermediates,
	// the leaf certificate (or SVID itself) MUST come first
	X509SVID string `json:"x509SVID,omitempty"`
	// X509SVIDKey is the PEM encoded PKCS#8 private key.
	X509SVIDKey string `json:"x509SVIDKey,omitempty"`
	// Bundle is the PEM encoded X.509 bundle for the trust domain
	Bundle string `json:"bundle,omitempty"`
	// FederatedBundles is the CA certificate bundles belonging to foreign trust domains that the workload should trust,
	// keyed by trust domain. Bundles are in encoded in PEM format.
	FederatedBundles map[string]string `json:"federatedBundles,omitempty"`
}

func SecretFromProto ¶

func SecretFromProto(req *svidstorev1.PutX509SVIDRequest) (*Data, error)

type Repository ¶

type Repository struct {
	SVIDStores map[string]SVIDStore
}

func (*Repository) Clear ¶

func (repo *Repository) Clear()

func (*Repository) GetSVIDStoreNamed ¶

func (repo *Repository) GetSVIDStoreNamed(name string) (SVIDStore, bool)

func (*Repository) SetSVIDStore ¶

func (repo *Repository) SetSVIDStore(svidStore SVIDStore)

type SVID ¶

type SVID struct {
	// SPIFFE ID of the SVID.
	SPIFFEID spiffeid.ID

	// Certificate and intermediates
	CertChain []*x509.Certificate

	// Private key
	PrivateKey crypto.PrivateKey

	// Bundle certificates
	Bundle []*x509.Certificate

	// Expiration timestamp
	ExpiresAt time.Time
}

type SVIDStore ¶

type SVIDStore interface {
	catalog.PluginInfo

	DeleteX509SVID(ctx context.Context, metadata []string) error
	PutX509SVID(context.Context, *X509SVID) error
}

type V1 ¶

type V1 struct {
	plugin.Facade

	svidstorev1.SVIDStorePluginClient
}

func (*V1) DeleteX509SVID ¶

func (v1 *V1) DeleteX509SVID(ctx context.Context, metadata []string) error

func (*V1) PutX509SVID ¶

func (v1 *V1) PutX509SVID(ctx context.Context, x509SVID *X509SVID) error

type X509SVID ¶

type X509SVID struct {
	// X509-SVID to be stored
	SVID *SVID

	// Metadata relevant for plugin to store the SVID
	Metadata []string

	// Federated bundles to store
	FederatedBundles map[string][]*x509.Certificate
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
awssecretsmanager
gcpsecretmanager

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL