galadriel

module
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 7, 2023 License: Apache-2.0

README

Galadriel

CodeQL PR Build Scorecards supply-chain security trivy

Project Galadriel is an open-source project that streamlines the configuration of Federation relationships among SPIRE Servers and manages the secure exchange of Trust Bundles based on the registered and approved relationships. It functions as a central hub for the management and auditing of these Federation relationships.

What is Galadriel?
  • Alternative approach to SPIRE Federation: Galadriel is built on top of SPIRE APIs to streamline the management of foreign Trust Bundles.
  • Federation at scale: Galadriel simplifies the configuration of multiple SPIRE Server federations while prioritizing security.
  • Central hub: Galadriel provides a centralized platform where federation relationships can be defined and audited.
What Galadriel is not?
  • A replacement for SPIRE/SPIFFE Federation: Galadriel does not replace SPIRE Federation, instead, it leverages existing SPIRE capabilities.
  • A SPIRE plugin: Galadriel is deployed as a standalone component, not as a SPIRE plugin.

Getting Started

  • TBD

Contributing

Project Galadriel is an open-source project under the Apache 2 license. We welcome any form of contribution, whether it's documentation, new features, bug fixes, or issues. Check out our Contributing guidelines to learn about our contribution management, and the Governance policy to understand the various roles within the project.

Roadmap

Project Galadriel has currently reached the Proof of Concept milestone (v0.1.0). Refer to the Roadmap to learn about our future plans.

Want to Know More?

Design Document

Feel free to explore our Design Document, which provides more information about Galadriel's architecture and future plans. Your comments and suggestions are welcome and highly appreciated.

Community Presentations & Blog Posts

Encountered a Security Issue?

Please refer to our Security policy for more information about security updates and how to report potential vulnerabilities.

Directories

Path Synopsis
cmd
common/cli
common/http
harvester
harvester/cli
harvester/util
server
server/cli
server/util
pkg
common
common/api
Package api provides primitives to interact with the openapi HTTP API.
 Package api provides primitives to interact with the openapi HTTP API.
common/constants
common/cryptoutil
common/diskutil
common/entity
common/http
common/jwt
common/keymanager
common/random
common/telemetry
common/util
common/util/encoding
common/util/fileutil
common/x509ca
common/x509ca/disk
harvester
harvester/api/admin
Package admin provides primitives to interact with the openapi HTTP API.
 Package admin provides primitives to interact with the openapi HTTP API.
harvester/bundlemanager
harvester/catalog
harvester/endpoints
harvester/galadrielclient
harvester/integrity
harvester/models
harvester/spireclient
server
server/api/admin
Package admin provides primitives to interact with the openapi HTTP API.
 Package admin provides primitives to interact with the openapi HTTP API.
server/api/harvester
Package harvester provides primitives to interact with the openapi HTTP API.
 Package harvester provides primitives to interact with the openapi HTTP API.
server/catalog
server/db
server/db/criteria
server/db/postgres
server/db/sqlite
server/db/tests
server/endpoints
test
certtest
fakes/fakedatastore
fakes/fakejwtissuer
fakes/fakekeymanager
jwttest
keytest

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.