plugin

package

v0.0.0-...-8f21e7d Latest Latest Go to latest Published: Nov 22, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/istio/istio

Documentation ¶

Index ¶

func SetTokenRotation(enable bool)
type GCEPlugin
- func CreateGCEPlugin(audience, jwtPath, identityProvider string) *GCEPlugin
type KubernetesTokenPlugin
- func CreateTokenPlugin(path string) *KubernetesTokenPlugin
type MetadataServer
- func StartMetadataServer() (*MetadataServer, error)
type MockPlugin
- func CreateMockPlugin(token string) *MockPlugin

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SetTokenRotation ¶

func SetTokenRotation(enable bool)

SetTokenRotation enable/disable periodic token rotation job. This is only for testing purpose, not thread safe.

Types ¶

func CreateGCEPlugin ¶

func CreateGCEPlugin(audience, jwtPath, identityProvider string) *GCEPlugin

CreateGCEPlugin creates a Google credential fetcher plugin. Return the pointer to the created plugin.

func (*GCEPlugin) GetIdentityProvider ¶

func (p *GCEPlugin) GetIdentityProvider() string

GetIdentityProvider returns the name of the identity provider that can authenticate the workload credential. GCE identity provider is named "GoogleComputeEngine".

func (*GCEPlugin) GetPlatformCredential ¶

func (p *GCEPlugin) GetPlatformCredential() (string, error)

GetPlatformCredential fetches the GCE VM identity jwt token from its metadata server, and write it to jwtPath. The local copy of the token in jwtPath is used by both Envoy STS client and istio agent to fetch certificate and access token. Note: this function only works in a GCE VM environment.

func (*GCEPlugin) Stop ¶

func (p *GCEPlugin) Stop()

type KubernetesTokenPlugin ¶

type KubernetesTokenPlugin struct {
	// contains filtered or unexported fields
}

func CreateTokenPlugin ¶

func CreateTokenPlugin(path string) *KubernetesTokenPlugin

func (KubernetesTokenPlugin) GetIdentityProvider ¶

func (t KubernetesTokenPlugin) GetIdentityProvider() string

func (KubernetesTokenPlugin) GetPlatformCredential ¶

func (t KubernetesTokenPlugin) GetPlatformCredential() (string, error)

func (KubernetesTokenPlugin) Stop ¶

func (t KubernetesTokenPlugin) Stop()

type MetadataServer ¶

type MetadataServer struct {
	// contains filtered or unexported fields
}

MetadataServer mocks GCE metadata server.

func StartMetadataServer ¶

func StartMetadataServer() (*MetadataServer, error)

StartMetadataServer starts a mock GCE metadata server.

func (*MetadataServer) NumGetTokenCall ¶

func (ms *MetadataServer) NumGetTokenCall() int

NumGetTokenCall returns the number of token fetching request.

func (*MetadataServer) Reset ¶

func (ms *MetadataServer) Reset()

Reset resets members to default values.

func (*MetadataServer) Stop ¶

func (ms *MetadataServer) Stop()

type MockPlugin ¶

type MockPlugin struct {
	// contains filtered or unexported fields
}

MockPlugin is the plugin object.

func CreateMockPlugin ¶

func CreateMockPlugin(token string) *MockPlugin

CreateMockPlugin creates a mock credential fetcher plugin. Return the pointer to the created plugin.

func (*MockPlugin) GetIdentityProvider ¶

func (p *MockPlugin) GetIdentityProvider() string

GetIdentityProvider returns the name of the identity provider that can authenticate the workload credential.

func (*MockPlugin) GetPlatformCredential ¶

func (p *MockPlugin) GetPlatformCredential() (string, error)

GetPlatformCredential returns a constant token string.

func (*MockPlugin) Stop ¶

func (p *MockPlugin) Stop()

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL