security

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 16, 2020 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ClientAuth_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "NONE",
		2: "WANT",
		3: "NEED",
	}
	ClientAuth_value = map[string]int32{
		"UNSPECIFIED": 0,
		"NONE":        1,
		"WANT":        2,
		"NEED":        3,
	}
)

Enum value maps for ClientAuth.

View Source 
var File_security_security_proto protoreflect.FileDescriptor
View Source 
var File_security_ssl_proto protoreflect.FileDescriptor
View Source 
var File_security_trust_store_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type ApiSecurity 

type ApiSecurity struct {

	// If you have authentication enabled, are accessing Spinnaker remotely, and
	// are logging in from sources other than the UI, provide a regex matching all
	// URLs authentication redirects may come from.
	CorsAccessPattern string `protobuf:"bytes,1,opt,name=corsAccessPattern,proto3" json:"corsAccessPattern,omitempty"`
	// If you want the API server to do SSL termination, it must be enabled and
	// configured here. If you are doing your own SSL termination, leave this disabled.
	Ssl *ApiSsl `protobuf:"bytes,2,opt,name=ssl,proto3" json:"ssl,omitempty"`
	// If you are accessing the API server remotely, provide the full base URL of
	// whatever proxy or load balancer is fronting the API requests
	OverrideBaseUrl string `protobuf:"bytes,3,opt,name=overrideBaseUrl,proto3" json:"overrideBaseUrl,omitempty"`
	// contains filtered or unexported fields
}

Configuration for the API server's addressable URL and CORS policies.

func (*ApiSecurity) Descriptor deprecated 

func (*ApiSecurity) Descriptor() ([]byte, []int)

Deprecated: Use ApiSecurity.ProtoReflect.Descriptor instead.

func (*ApiSecurity) GetCorsAccessPattern 

func (x *ApiSecurity) GetCorsAccessPattern() string

func (*ApiSecurity) GetOverrideBaseUrl 

func (x *ApiSecurity) GetOverrideBaseUrl() string

func (*ApiSecurity) GetSsl 

func (x *ApiSecurity) GetSsl() *ApiSsl

func (*ApiSecurity) ProtoMessage 

func (*ApiSecurity) ProtoMessage()

func (*ApiSecurity) ProtoReflect 

func (x *ApiSecurity) ProtoReflect() protoreflect.Message

func (*ApiSecurity) Reset 

func (x *ApiSecurity) Reset()

func (*ApiSecurity) String 

func (x *ApiSecurity) String() string

type ApiSsl 

type ApiSsl struct {

	// Whether SSL is enabled.
	Enabled *wrapperspb.BoolValue `protobuf:"bytes,1,opt,name=enabled,proto3" json:"enabled,omitempty"`
	// Name of your keystore entry as generated with your keytool.
	KeyAlias string `protobuf:"bytes,2,opt,name=keyAlias,proto3" json:"keyAlias,omitempty"`
	// Path to the keystore holding your security certificates.
	KeyStore string `protobuf:"bytes,3,opt,name=keyStore,proto3" json:"keyStore,omitempty"`
	// The type of your keystore. Examples include JKS, and PKCS12.
	KeyStoreType string `protobuf:"bytes,4,opt,name=keyStoreType,proto3" json:"keyStoreType,omitempty"`
	// The password to unlock your keystore. Due to a limitation in Tomcat, this
	// must match your key's password in the keystore.
	KeyStorePassword string `protobuf:"bytes,5,opt,name=keyStorePassword,proto3" json:"keyStorePassword,omitempty"`
	// Path to the truststore holding your trusted certificates.
	TrustStore string `protobuf:"bytes,6,opt,name=trustStore,proto3" json:"trustStore,omitempty"`
	// The type of your truststore. Examples include JKS, and PKCS12.
	TrustStoreType string `protobuf:"bytes,7,opt,name=trustStoreType,proto3" json:"trustStoreType,omitempty"`
	// The password to unlock your truststore.
	TrustStorePassword string `protobuf:"bytes,8,opt,name=trustStorePassword,proto3" json:"trustStorePassword,omitempty"`
	// Whether to require or allow client authentication.
	ClientAuth ClientAuth `protobuf:"varint,9,opt,name=clientAuth,proto3,enum=proto.security.ClientAuth" json:"clientAuth,omitempty"`
	// contains filtered or unexported fields
}

Configuration for SSL termination by the API server.

func (*ApiSsl) Descriptor deprecated 

func (*ApiSsl) Descriptor() ([]byte, []int)

Deprecated: Use ApiSsl.ProtoReflect.Descriptor instead.

func (*ApiSsl) GetClientAuth 

func (x *ApiSsl) GetClientAuth() ClientAuth

func (*ApiSsl) GetEnabled 

func (x *ApiSsl) GetEnabled() *wrapperspb.BoolValue

func (*ApiSsl) GetKeyAlias 

func (x *ApiSsl) GetKeyAlias() string

func (*ApiSsl) GetKeyStore 

func (x *ApiSsl) GetKeyStore() string

func (*ApiSsl) GetKeyStorePassword 

func (x *ApiSsl) GetKeyStorePassword() string

func (*ApiSsl) GetKeyStoreType 

func (x *ApiSsl) GetKeyStoreType() string

func (*ApiSsl) GetTrustStore 

func (x *ApiSsl) GetTrustStore() string

func (*ApiSsl) GetTrustStorePassword 

func (x *ApiSsl) GetTrustStorePassword() string

func (*ApiSsl) GetTrustStoreType 

func (x *ApiSsl) GetTrustStoreType() string

func (*ApiSsl) ProtoMessage 

func (*ApiSsl) ProtoMessage()

func (*ApiSsl) ProtoReflect 

func (x *ApiSsl) ProtoReflect() protoreflect.Message

func (*ApiSsl) Reset 

func (x *ApiSsl) Reset()

func (*ApiSsl) String 

func (x *ApiSsl) String() string

type ClientAuth 

type ClientAuth int32

Setting for client authentication. 

const (
	// Unspecified. Do not directly use, instead omit the field.
	ClientAuth_UNSPECIFIED ClientAuth = 0
	// No client authentication.
	ClientAuth_NONE ClientAuth = 1
	// Client authentication is optional.
	ClientAuth_WANT ClientAuth = 2
	// Client authentication is required.
	ClientAuth_NEED ClientAuth = 3
)

func (ClientAuth) Descriptor 

func (ClientAuth) Descriptor() protoreflect.EnumDescriptor

func (ClientAuth) Enum 

func (x ClientAuth) Enum() *ClientAuth

func (ClientAuth) EnumDescriptor deprecated 

func (ClientAuth) EnumDescriptor() ([]byte, []int)

Deprecated: Use ClientAuth.Descriptor instead.

func (ClientAuth) Number 

func (x ClientAuth) Number() protoreflect.EnumNumber

func (ClientAuth) String 

func (x ClientAuth) String() string

func (ClientAuth) Type 

func (ClientAuth) Type() protoreflect.EnumType

type Security 

type Security struct {

	// Configuration for the API server's addressable URL and CORS policies.
	ApiSecurity *ApiSecurity `protobuf:"bytes,1,opt,name=apiSecurity,proto3" json:"apiSecurity,omitempty"`
	// Configuration for the UI server's addressable URL.
	UiSecurity *UiSecurity `protobuf:"bytes,2,opt,name=uiSecurity,proto3" json:"uiSecurity,omitempty"`
	// Configuration of how users authenticate against Spinnaker.
	Authn *authn.Authentication `protobuf:"bytes,3,opt,name=authn,proto3" json:"authn,omitempty"`
	// Configuration for what resources users of Spinnaker can read and modify.
	Authz *authz.Authorization `protobuf:"bytes,4,opt,name=authz,proto3" json:"authz,omitempty"`
	// contains filtered or unexported fields
}

Configuration for security settings.

func (*Security) Descriptor deprecated 

func (*Security) Descriptor() ([]byte, []int)

Deprecated: Use Security.ProtoReflect.Descriptor instead.

func (*Security) GetApiSecurity 

func (x *Security) GetApiSecurity() *ApiSecurity

func (*Security) GetAuthn 

func (x *Security) GetAuthn() *authn.Authentication

func (*Security) GetAuthz 

func (x *Security) GetAuthz() *authz.Authorization

func (*Security) GetUiSecurity 

func (x *Security) GetUiSecurity() *UiSecurity

func (*Security) ProtoMessage 

func (*Security) ProtoMessage()

func (*Security) ProtoReflect 

func (x *Security) ProtoReflect() protoreflect.Message

func (*Security) Reset 

func (x *Security) Reset()

func (*Security) String 

func (x *Security) String() string

type TrustStore 

type TrustStore struct {

	// Whether this custom trust store is enabled.
	Enabled *wrapperspb.BoolValue `protobuf:"bytes,1,opt,name=enabled,proto3" json:"enabled,omitempty"`
	// The path to a key store in JKS format containing certification authorities
	// that should be trusted.
	TrustStore string `protobuf:"bytes,2,opt,name=trustStore,proto3" json:"trustStore,omitempty"`
	// The password for the supplied trustStore.
	TrustStorePassword string `protobuf:"bytes,3,opt,name=trustStorePassword,proto3" json:"trustStorePassword,omitempty"`
	// contains filtered or unexported fields
}

Configuration for a custom trust store.

func (*TrustStore) Descriptor deprecated 

func (*TrustStore) Descriptor() ([]byte, []int)

Deprecated: Use TrustStore.ProtoReflect.Descriptor instead.

func (*TrustStore) GetEnabled 

func (x *TrustStore) GetEnabled() *wrapperspb.BoolValue

func (*TrustStore) GetTrustStore 

func (x *TrustStore) GetTrustStore() string

func (*TrustStore) GetTrustStorePassword 

func (x *TrustStore) GetTrustStorePassword() string

func (*TrustStore) ProtoMessage 

func (*TrustStore) ProtoMessage()

func (*TrustStore) ProtoReflect 

func (x *TrustStore) ProtoReflect() protoreflect.Message

func (*TrustStore) Reset 

func (x *TrustStore) Reset()

func (*TrustStore) String 

func (x *TrustStore) String() string

type UiSecurity 

type UiSecurity struct {

	// Configuration for SSL termination by the UI gateway.
	Ssl *UiSsl `protobuf:"bytes,1,opt,name=ssl,proto3" json:"ssl,omitempty"`
	// If you are accessing the UI server remotely, provide the full base URL of
	// whatever proxy or load balancer is fronting the UI requests.
	OverrideBaseUrl string `protobuf:"bytes,2,opt,name=overrideBaseUrl,proto3" json:"overrideBaseUrl,omitempty"`
	// contains filtered or unexported fields
}

Configuration for the UI server's addressable URL.

func (*UiSecurity) Descriptor deprecated 

func (*UiSecurity) Descriptor() ([]byte, []int)

Deprecated: Use UiSecurity.ProtoReflect.Descriptor instead.

func (*UiSecurity) GetOverrideBaseUrl 

func (x *UiSecurity) GetOverrideBaseUrl() string

func (*UiSecurity) GetSsl 

func (x *UiSecurity) GetSsl() *UiSsl

func (*UiSecurity) ProtoMessage 

func (*UiSecurity) ProtoMessage()

func (*UiSecurity) ProtoReflect 

func (x *UiSecurity) ProtoReflect() protoreflect.Message

func (*UiSecurity) Reset 

func (x *UiSecurity) Reset()

func (*UiSecurity) String 

func (x *UiSecurity) String() string

type UiSsl 

type UiSsl struct {

	// Whether SSL is enabled.
	Enabled *wrapperspb.BoolValue `protobuf:"bytes,1,opt,name=enabled,proto3" json:"enabled,omitempty"`
	// Path to your .crt file.
	SslCertificateFile string `protobuf:"bytes,2,opt,name=sslCertificateFile,proto3" json:"sslCertificateFile,omitempty"`
	// Path to your .key file.
	SslCertificateKeyFile string `protobuf:"bytes,3,opt,name=sslCertificateKeyFile,proto3" json:"sslCertificateKeyFile,omitempty"`
	// Path to the .crt file for the CA that issued your SSL certificate. This is
	// only needed for local git deployments that serve the UI using webpack dev server.
	SslCACertificateFile string `protobuf:"bytes,4,opt,name=sslCACertificateFile,proto3" json:"sslCACertificateFile,omitempty"`
	// The passphrase needed to unlock your SSL certificate. This will be provided
	// to Apache on startup.
	SslCertificatePassphrase string `protobuf:"bytes,5,opt,name=sslCertificatePassphrase,proto3" json:"sslCertificatePassphrase,omitempty"`
	// contains filtered or unexported fields
}

Configuration for SSL termination by the UI gateway.

func (*UiSsl) Descriptor deprecated 

func (*UiSsl) Descriptor() ([]byte, []int)

Deprecated: Use UiSsl.ProtoReflect.Descriptor instead.

func (*UiSsl) GetEnabled 

func (x *UiSsl) GetEnabled() *wrapperspb.BoolValue

func (*UiSsl) GetSslCACertificateFile 

func (x *UiSsl) GetSslCACertificateFile() string

func (*UiSsl) GetSslCertificateFile 

func (x *UiSsl) GetSslCertificateFile() string

func (*UiSsl) GetSslCertificateKeyFile 

func (x *UiSsl) GetSslCertificateKeyFile() string

func (*UiSsl) GetSslCertificatePassphrase 

func (x *UiSsl) GetSslCertificatePassphrase() string

func (*UiSsl) ProtoMessage 

func (*UiSsl) ProtoMessage()

func (*UiSsl) ProtoReflect 

func (x *UiSsl) ProtoReflect() protoreflect.Message

func (*UiSsl) Reset 

func (x *UiSsl) Reset()

func (*UiSsl) String 

func (x *UiSsl) String() string

type WebhookConfig 

type WebhookConfig struct {

	// A custom trust store to use for outgoing webhook connections.
	Trust *TrustStore `protobuf:"bytes,1,opt,name=trust,proto3" json:"trust,omitempty"`
	// contains filtered or unexported fields
}

Configuration for webhooks.

func (*WebhookConfig) Descriptor deprecated 

func (*WebhookConfig) Descriptor() ([]byte, []int)

Deprecated: Use WebhookConfig.ProtoReflect.Descriptor instead.

func (*WebhookConfig) GetTrust 

func (x *WebhookConfig) GetTrust() *TrustStore

func (*WebhookConfig) ProtoMessage 

func (*WebhookConfig) ProtoMessage()

func (*WebhookConfig) ProtoReflect 

func (x *WebhookConfig) ProtoReflect() protoreflect.Message

func (*WebhookConfig) Reset 

func (x *WebhookConfig) Reset()

func (*WebhookConfig) String 

func (x *WebhookConfig) String() string

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.