Documentation
¶
Index ¶
- type CertManagerSecurity
- func (cm *CertManagerSecurity) BackingTechnology() inter.SecurityTechnology
- func (cm *CertManagerSecurity) CallerIdentity(caller string) (string, error)
- func (cm *CertManagerSecurity) CallerName() string
- func (cm *CertManagerSecurity) ChecksumBytes(data []byte) []byte
- func (cm *CertManagerSecurity) ClientTLSConfig() (*tls.Config, error)
- func (cm *CertManagerSecurity) Enroll(ctx context.Context, wait time.Duration, cb func(digest string, try int)) error
- func (cm *CertManagerSecurity) HTTPClient(secure bool) (*http.Client, error)
- func (cm *CertManagerSecurity) Identity() string
- func (cm *CertManagerSecurity) IsRemoteSigning() bool
- func (cm *CertManagerSecurity) Provider() string
- func (cm *CertManagerSecurity) PublicCert() (*x509.Certificate, error)
- func (cm *CertManagerSecurity) PublicCertBytes() ([]byte, error)
- func (cm *CertManagerSecurity) RemoteSignRequest(ctx context.Context, str []byte) (signed []byte, err error)
- func (cm *CertManagerSecurity) SSLContext() (*http.Transport, error)
- func (cm *CertManagerSecurity) ShouldAllowCaller(name string, callers ...[]byte) (privileged bool, err error)
- func (cm *CertManagerSecurity) ShouldSignReplies() bool
- func (cm *CertManagerSecurity) SignBytes(b []byte) (signature []byte, err error)
- func (cm *CertManagerSecurity) TLSConfig() (*tls.Config, error)
- func (cm *CertManagerSecurity) TokenBytes() ([]byte, error)
- func (cm *CertManagerSecurity) Validate() (errs []string, ok bool)
- func (cm *CertManagerSecurity) VerifyCertificate(certpem []byte, identity string) error
- func (cm *CertManagerSecurity) VerifySignatureBytes(dat []byte, sig []byte, public ...[]byte) (should bool, signer string)
- type Config
- type Option
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertManagerSecurity ¶
type CertManagerSecurity struct {
// contains filtered or unexported fields
}
CertManagerSecurity implements a security provider that auto enrolls with Kubernetes Cert Manager
It only supports being used inside a cluster and does not use the kubernetes API client libraries due to dependencies and just awfulness with go mod
func New ¶
func New(opts ...Option) (*CertManagerSecurity, error)
func (*CertManagerSecurity) BackingTechnology ¶ added in v0.26.2
func (cm *CertManagerSecurity) BackingTechnology() inter.SecurityTechnology
func (*CertManagerSecurity) CallerIdentity ¶
func (cm *CertManagerSecurity) CallerIdentity(caller string) (string, error)
func (*CertManagerSecurity) CallerName ¶
func (cm *CertManagerSecurity) CallerName() string
func (*CertManagerSecurity) ChecksumBytes ¶
func (cm *CertManagerSecurity) ChecksumBytes(data []byte) []byte
func (*CertManagerSecurity) ClientTLSConfig ¶ added in v0.21.0
func (cm *CertManagerSecurity) ClientTLSConfig() (*tls.Config, error)
func (*CertManagerSecurity) HTTPClient ¶
func (cm *CertManagerSecurity) HTTPClient(secure bool) (*http.Client, error)
func (*CertManagerSecurity) Identity ¶
func (cm *CertManagerSecurity) Identity() string
func (*CertManagerSecurity) IsRemoteSigning ¶ added in v0.24.0
func (cm *CertManagerSecurity) IsRemoteSigning() bool
func (*CertManagerSecurity) Provider ¶
func (cm *CertManagerSecurity) Provider() string
func (*CertManagerSecurity) PublicCert ¶ added in v0.23.0
func (cm *CertManagerSecurity) PublicCert() (*x509.Certificate, error)
func (*CertManagerSecurity) PublicCertBytes ¶ added in v0.26.2
func (cm *CertManagerSecurity) PublicCertBytes() ([]byte, error)
func (*CertManagerSecurity) RemoteSignRequest ¶
func (*CertManagerSecurity) SSLContext ¶
func (cm *CertManagerSecurity) SSLContext() (*http.Transport, error)
func (*CertManagerSecurity) ShouldAllowCaller ¶ added in v0.26.2
func (cm *CertManagerSecurity) ShouldAllowCaller(name string, callers ...[]byte) (privileged bool, err error)
func (*CertManagerSecurity) ShouldSignReplies ¶ added in v0.27.0
func (cm *CertManagerSecurity) ShouldSignReplies() bool
func (*CertManagerSecurity) SignBytes ¶
func (cm *CertManagerSecurity) SignBytes(b []byte) (signature []byte, err error)
func (*CertManagerSecurity) TLSConfig ¶
func (cm *CertManagerSecurity) TLSConfig() (*tls.Config, error)
func (*CertManagerSecurity) TokenBytes ¶ added in v0.27.0
func (cm *CertManagerSecurity) TokenBytes() ([]byte, error)
func (*CertManagerSecurity) Validate ¶
func (cm *CertManagerSecurity) Validate() (errs []string, ok bool)
func (*CertManagerSecurity) VerifyCertificate ¶
func (cm *CertManagerSecurity) VerifyCertificate(certpem []byte, identity string) error
func (*CertManagerSecurity) VerifySignatureBytes ¶ added in v0.26.2
Source Files
Click to show internal directories.
Click to hide internal directories.