plugin

package
v0.0.0-...-83b842d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 8, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SetTokenRotation

func SetTokenRotation(enable bool)

SetTokenRotation enable/disable periodic token rotation job. This is only for testing purpose, not thread safe.

Types

type GCEPlugin

type GCEPlugin struct {
	// contains filtered or unexported fields
}

GCEPlugin is the plugin object.

func CreateGCEPlugin

func CreateGCEPlugin(audience, jwtPath, identityProvider string) *GCEPlugin

CreateGCEPlugin creates a Google credential fetcher plugin. Return the pointer to the created plugin.

func (*GCEPlugin) GetIdentityProvider

func (p *GCEPlugin) GetIdentityProvider() string

GetIdentityProvider returns the name of the identity provider that can authenticate the workload credential. GCE identity provider is named "GoogleComputeEngine".

func (*GCEPlugin) GetPlatformCredential

func (p *GCEPlugin) GetPlatformCredential() (string, error)

GetPlatformCredential fetches the GCE VM identity jwt token from its metadata server, and write it to jwtPath. The local copy of the token in jwtPath is used by both Envoy STS client and istio agent to fetch certificate and access token. Note: this function only works in a GCE VM environment.

func (*GCEPlugin) Stop

func (p *GCEPlugin) Stop()

type KubernetesTokenPlugin

type KubernetesTokenPlugin struct {
	// contains filtered or unexported fields
}

func CreateTokenPlugin

func CreateTokenPlugin(path string) *KubernetesTokenPlugin

func (KubernetesTokenPlugin) GetIdentityProvider

func (t KubernetesTokenPlugin) GetIdentityProvider() string

func (KubernetesTokenPlugin) GetPlatformCredential

func (t KubernetesTokenPlugin) GetPlatformCredential() (string, error)

func (KubernetesTokenPlugin) Stop

func (t KubernetesTokenPlugin) Stop()

type MetadataServer

type MetadataServer struct {
	// contains filtered or unexported fields
}

MetadataServer mocks GCE metadata server.

func StartMetadataServer

func StartMetadataServer() (*MetadataServer, error)

StartMetadataServer starts a mock GCE metadata server.

func (*MetadataServer) NumGetTokenCall

func (ms *MetadataServer) NumGetTokenCall() int

NumGetTokenCall returns the number of token fetching request.

func (*MetadataServer) Reset

func (ms *MetadataServer) Reset()

Reset resets members to default values.

func (*MetadataServer) Stop

func (ms *MetadataServer) Stop()

type MockPlugin

type MockPlugin struct {
	// contains filtered or unexported fields
}

MockPlugin is the plugin object.

func CreateMockPlugin

func CreateMockPlugin(token string) *MockPlugin

CreateMockPlugin creates a mock credential fetcher plugin. Return the pointer to the created plugin.

func (*MockPlugin) GetIdentityProvider

func (p *MockPlugin) GetIdentityProvider() string

GetIdentityProvider returns the name of the identity provider that can authenticate the workload credential.

func (*MockPlugin) GetPlatformCredential

func (p *MockPlugin) GetPlatformCredential() (string, error)

GetPlatformCredential returns a constant token string.

func (*MockPlugin) Stop

func (p *MockPlugin) Stop()

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL