tls

package

v1.2.2 Latest Latest Go to latest Published: Feb 21, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/shipperizer/kilo-franz

Links

Open Source Insights

Documentation ¶

Index ¶

func DecodeP12(p12 []byte) ([]byte, []byte, error)
func DecodePEM(certPEM []byte) tls.Certificate
func GetSMValue(ctx context.Context, secretsManager SecretsManagerAPI, key string) ([]byte, error)
func GetTLS(cfg TLSConfig) (*tls.Config, error)
func MakeTLS(clientCert, key []byte, isP12 bool) (*tls.Config, error)
type SecretManagerConfig
- func NewSecretManagerConfig(cert, key, p12 string, vault VaultInterface) *SecretManagerConfig
type SecretsManagerAPI
- func SMClient(region, endpoint string) (SecretsManagerAPI, error)
type TLSConfig
- func NewTLSConfig(cert, key []byte, useTLS, useP12 bool, secretsConfig *SecretManagerConfig, ...) *TLSConfig
- func (c *TLSConfig) GetTLS() (*_tls.Config, error)
type VaultInterface

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DecodeP12 ¶ added in v1.2.0

func DecodeP12(p12 []byte) ([]byte, []byte, error)

func DecodePEM ¶

func DecodePEM(certPEM []byte) tls.Certificate

DecodePEM builds a PEM certificate object

func GetSMValue ¶

func GetSMValue(ctx context.Context, secretsManager SecretsManagerAPI, key string) ([]byte, error)

TODO @shipperizer mvoe this to be a method and enhance the SecretsManagerAPI or split it and wrap it

func GetTLS ¶

func GetTLS(cfg TLSConfig) (*tls.Config, error)

GetTLS produces a TLS object to be used by kafka consumer/producer

func MakeTLS ¶

func MakeTLS(clientCert, key []byte, isP12 bool) (*tls.Config, error)

MakeTLS generates a tls.Config, kindly stolen from https://github.com/discovery-digital/entitlements-collection/blob/master/kafkaclient/client.go#L230

Types ¶

type SecretManagerConfig ¶

type SecretManagerConfig struct {
	CertificateString string
	KeyString         string
	P12String         string
	SMClient          SecretsManagerAPI // TODO @shipperizer deprecate in favour of the one below
	Vault             VaultInterface
}

func NewSecretManagerConfig ¶ added in v1.2.0

func NewSecretManagerConfig(cert, key, p12 string, vault VaultInterface) *SecretManagerConfig

type SecretsManagerAPI ¶

type SecretsManagerAPI interface {
	GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetSecretValueOutput, error)
}

SecretsManagerAPI interface for AWS Secrets Manager Client.

func SMClient ¶

func SMClient(region, endpoint string) (SecretsManagerAPI, error)

SMClient returns SecretsManagerAPI interface that implements secretsmanager.Client. `endpoint` arg can be used when developing locally.

type TLSConfig ¶

type TLSConfig struct {
	UseTLS                  bool
	UseP12                  bool
	SMConfig                *SecretManagerConfig
	ClientSignedCertificate []byte
	ClientKey               []byte
	// contains filtered or unexported fields
}

TLSConfig holds core configuration to setup TLS for kafka

func NewTLSConfig ¶ added in v1.2.0

func NewTLSConfig(cert, key []byte, useTLS, useP12 bool, secretsConfig *SecretManagerConfig, logger logging.LoggerInterface) *TLSConfig

func (*TLSConfig) GetTLS ¶ added in v1.2.0

func (c *TLSConfig) GetTLS() (*_tls.Config, error)

type VaultInterface ¶ added in v1.2.0

type VaultInterface interface {
	GetValue(ctx context.Context, key string) ([]byte, error)
}

VaultInterface provides method(s) to fetch secrets

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL