workload

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 3, 2020 License: Apache-2.0 Imports: 8 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterSpiffeWorkloadAPIServer 

func RegisterSpiffeWorkloadAPIServer(s *grpc.Server, srv SpiffeWorkloadAPIServer)

Types

type JWTBundlesRequest 

type JWTBundlesRequest struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*JWTBundlesRequest) Descriptor 

func (*JWTBundlesRequest) Descriptor() ([]byte, []int)

func (*JWTBundlesRequest) ProtoMessage 

func (*JWTBundlesRequest) ProtoMessage()

func (*JWTBundlesRequest) Reset 

func (m *JWTBundlesRequest) Reset()

func (*JWTBundlesRequest) String 

func (m *JWTBundlesRequest) String() string

func (*JWTBundlesRequest) XXX_DiscardUnknown 

func (m *JWTBundlesRequest) XXX_DiscardUnknown()

func (*JWTBundlesRequest) XXX_Marshal 

func (m *JWTBundlesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*JWTBundlesRequest) XXX_Merge 

func (m *JWTBundlesRequest) XXX_Merge(src proto.Message)

func (*JWTBundlesRequest) XXX_Size 

func (m *JWTBundlesRequest) XXX_Size() int

func (*JWTBundlesRequest) XXX_Unmarshal 

func (m *JWTBundlesRequest) XXX_Unmarshal(b []byte) error

type JWTBundlesResponse 

type JWTBundlesResponse struct {
	// JWK sets, keyed by trust domain URI
	Bundles              map[string][]byte `` /* 155-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

func (*JWTBundlesResponse) Descriptor 

func (*JWTBundlesResponse) Descriptor() ([]byte, []int)

func (*JWTBundlesResponse) GetBundles 

func (m *JWTBundlesResponse) GetBundles() map[string][]byte

func (*JWTBundlesResponse) ProtoMessage 

func (*JWTBundlesResponse) ProtoMessage()

func (*JWTBundlesResponse) Reset 

func (m *JWTBundlesResponse) Reset()

func (*JWTBundlesResponse) String 

func (m *JWTBundlesResponse) String() string

func (*JWTBundlesResponse) XXX_DiscardUnknown 

func (m *JWTBundlesResponse) XXX_DiscardUnknown()

func (*JWTBundlesResponse) XXX_Marshal 

func (m *JWTBundlesResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*JWTBundlesResponse) XXX_Merge 

func (m *JWTBundlesResponse) XXX_Merge(src proto.Message)

func (*JWTBundlesResponse) XXX_Size 

func (m *JWTBundlesResponse) XXX_Size() int

func (*JWTBundlesResponse) XXX_Unmarshal 

func (m *JWTBundlesResponse) XXX_Unmarshal(b []byte) error

type JWTSVID 

type JWTSVID struct {
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// Encoded using JWS Compact Serialization
	Svid                 string   `protobuf:"bytes,2,opt,name=svid,proto3" json:"svid,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*JWTSVID) Descriptor 

func (*JWTSVID) Descriptor() ([]byte, []int)

func (*JWTSVID) GetSpiffeId 

func (m *JWTSVID) GetSpiffeId() string

func (*JWTSVID) GetSvid 

func (m *JWTSVID) GetSvid() string

func (*JWTSVID) ProtoMessage 

func (*JWTSVID) ProtoMessage()

func (*JWTSVID) Reset 

func (m *JWTSVID) Reset()

func (*JWTSVID) String 

func (m *JWTSVID) String() string

func (*JWTSVID) XXX_DiscardUnknown 

func (m *JWTSVID) XXX_DiscardUnknown()

func (*JWTSVID) XXX_Marshal 

func (m *JWTSVID) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*JWTSVID) XXX_Merge 

func (m *JWTSVID) XXX_Merge(src proto.Message)

func (*JWTSVID) XXX_Size 

func (m *JWTSVID) XXX_Size() int

func (*JWTSVID) XXX_Unmarshal 

func (m *JWTSVID) XXX_Unmarshal(b []byte) error

type JWTSVIDRequest 

type JWTSVIDRequest struct {
	Audience []string `protobuf:"bytes,1,rep,name=audience,proto3" json:"audience,omitempty"`
	// SPIFFE ID of the JWT being requested
	// If not set, all IDs will be returned
	SpiffeId             string   `protobuf:"bytes,2,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*JWTSVIDRequest) Descriptor 

func (*JWTSVIDRequest) Descriptor() ([]byte, []int)

func (*JWTSVIDRequest) GetAudience 

func (m *JWTSVIDRequest) GetAudience() []string

func (*JWTSVIDRequest) GetSpiffeId 

func (m *JWTSVIDRequest) GetSpiffeId() string

func (*JWTSVIDRequest) ProtoMessage 

func (*JWTSVIDRequest) ProtoMessage()

func (*JWTSVIDRequest) Reset 

func (m *JWTSVIDRequest) Reset()

func (*JWTSVIDRequest) String 

func (m *JWTSVIDRequest) String() string

func (*JWTSVIDRequest) XXX_DiscardUnknown 

func (m *JWTSVIDRequest) XXX_DiscardUnknown()

func (*JWTSVIDRequest) XXX_Marshal 

func (m *JWTSVIDRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*JWTSVIDRequest) XXX_Merge 

func (m *JWTSVIDRequest) XXX_Merge(src proto.Message)

func (*JWTSVIDRequest) XXX_Size 

func (m *JWTSVIDRequest) XXX_Size() int

func (*JWTSVIDRequest) XXX_Unmarshal 

func (m *JWTSVIDRequest) XXX_Unmarshal(b []byte) error

type JWTSVIDResponse 

type JWTSVIDResponse struct {
	Svids                []*JWTSVID `protobuf:"bytes,1,rep,name=svids,proto3" json:"svids,omitempty"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

func (*JWTSVIDResponse) Descriptor 

func (*JWTSVIDResponse) Descriptor() ([]byte, []int)

func (*JWTSVIDResponse) GetSvids 

func (m *JWTSVIDResponse) GetSvids() []*JWTSVID

func (*JWTSVIDResponse) ProtoMessage 

func (*JWTSVIDResponse) ProtoMessage()

func (*JWTSVIDResponse) Reset 

func (m *JWTSVIDResponse) Reset()

func (*JWTSVIDResponse) String 

func (m *JWTSVIDResponse) String() string

func (*JWTSVIDResponse) XXX_DiscardUnknown 

func (m *JWTSVIDResponse) XXX_DiscardUnknown()

func (*JWTSVIDResponse) XXX_Marshal 

func (m *JWTSVIDResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*JWTSVIDResponse) XXX_Merge 

func (m *JWTSVIDResponse) XXX_Merge(src proto.Message)

func (*JWTSVIDResponse) XXX_Size 

func (m *JWTSVIDResponse) XXX_Size() int

func (*JWTSVIDResponse) XXX_Unmarshal 

func (m *JWTSVIDResponse) XXX_Unmarshal(b []byte) error

type SpiffeWorkloadAPIClient 

type SpiffeWorkloadAPIClient interface {
	// JWT-SVID Profile
	FetchJWTSVID(ctx context.Context, in *JWTSVIDRequest, opts ...grpc.CallOption) (*JWTSVIDResponse, error)
	FetchJWTBundles(ctx context.Context, in *JWTBundlesRequest, opts ...grpc.CallOption) (SpiffeWorkloadAPI_FetchJWTBundlesClient, error)
	ValidateJWTSVID(ctx context.Context, in *ValidateJWTSVIDRequest, opts ...grpc.CallOption) (*ValidateJWTSVIDResponse, error)
	// X.509-SVID Profile
	// Fetch all SPIFFE identities the workload is entitled to, as
	// well as related information like trust bundles and CRLs. As
	// this information changes, subsequent messages will be sent.
	FetchX509SVID(ctx context.Context, in *X509SVIDRequest, opts ...grpc.CallOption) (SpiffeWorkloadAPI_FetchX509SVIDClient, error)
}

SpiffeWorkloadAPIClient is the client API for SpiffeWorkloadAPI service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewSpiffeWorkloadAPIClient 

func NewSpiffeWorkloadAPIClient(cc *grpc.ClientConn) SpiffeWorkloadAPIClient

type SpiffeWorkloadAPIServer 

type SpiffeWorkloadAPIServer interface {
	// JWT-SVID Profile
	FetchJWTSVID(context.Context, *JWTSVIDRequest) (*JWTSVIDResponse, error)
	FetchJWTBundles(*JWTBundlesRequest, SpiffeWorkloadAPI_FetchJWTBundlesServer) error
	ValidateJWTSVID(context.Context, *ValidateJWTSVIDRequest) (*ValidateJWTSVIDResponse, error)
	// X.509-SVID Profile
	// Fetch all SPIFFE identities the workload is entitled to, as
	// well as related information like trust bundles and CRLs. As
	// this information changes, subsequent messages will be sent.
	FetchX509SVID(*X509SVIDRequest, SpiffeWorkloadAPI_FetchX509SVIDServer) error
}

SpiffeWorkloadAPIServer is the server API for SpiffeWorkloadAPI service.

type SpiffeWorkloadAPI_FetchJWTBundlesClient 

type SpiffeWorkloadAPI_FetchJWTBundlesClient interface {
	Recv() (*JWTBundlesResponse, error)
	grpc.ClientStream
}

type SpiffeWorkloadAPI_FetchJWTBundlesServer 

type SpiffeWorkloadAPI_FetchJWTBundlesServer interface {
	Send(*JWTBundlesResponse) error
	grpc.ServerStream
}

type SpiffeWorkloadAPI_FetchX509SVIDClient 

type SpiffeWorkloadAPI_FetchX509SVIDClient interface {
	Recv() (*X509SVIDResponse, error)
	grpc.ClientStream
}

type SpiffeWorkloadAPI_FetchX509SVIDServer 

type SpiffeWorkloadAPI_FetchX509SVIDServer interface {
	Send(*X509SVIDResponse) error
	grpc.ServerStream
}

type UnimplementedSpiffeWorkloadAPIServer added in v1.1.0 

type UnimplementedSpiffeWorkloadAPIServer struct {
}

UnimplementedSpiffeWorkloadAPIServer can be embedded to have forward compatible implementations.

func (*UnimplementedSpiffeWorkloadAPIServer) FetchJWTBundles added in v1.1.0 

func (*UnimplementedSpiffeWorkloadAPIServer) FetchJWTBundles(req *JWTBundlesRequest, srv SpiffeWorkloadAPI_FetchJWTBundlesServer) error

func (*UnimplementedSpiffeWorkloadAPIServer) FetchJWTSVID added in v1.1.0 

func (*UnimplementedSpiffeWorkloadAPIServer) FetchJWTSVID(ctx context.Context, req *JWTSVIDRequest) (*JWTSVIDResponse, error)

func (*UnimplementedSpiffeWorkloadAPIServer) FetchX509SVID added in v1.1.0 

func (*UnimplementedSpiffeWorkloadAPIServer) FetchX509SVID(req *X509SVIDRequest, srv SpiffeWorkloadAPI_FetchX509SVIDServer) error

func (*UnimplementedSpiffeWorkloadAPIServer) ValidateJWTSVID added in v1.1.0 

func (*UnimplementedSpiffeWorkloadAPIServer) ValidateJWTSVID(ctx context.Context, req *ValidateJWTSVIDRequest) (*ValidateJWTSVIDResponse, error)

type ValidateJWTSVIDRequest 

type ValidateJWTSVIDRequest struct {
	Audience string `protobuf:"bytes,1,opt,name=audience,proto3" json:"audience,omitempty"`
	// Encoded using JWS Compact Serialization
	Svid                 string   `protobuf:"bytes,2,opt,name=svid,proto3" json:"svid,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ValidateJWTSVIDRequest) Descriptor 

func (*ValidateJWTSVIDRequest) Descriptor() ([]byte, []int)

func (*ValidateJWTSVIDRequest) GetAudience 

func (m *ValidateJWTSVIDRequest) GetAudience() string

func (*ValidateJWTSVIDRequest) GetSvid 

func (m *ValidateJWTSVIDRequest) GetSvid() string

func (*ValidateJWTSVIDRequest) ProtoMessage 

func (*ValidateJWTSVIDRequest) ProtoMessage()

func (*ValidateJWTSVIDRequest) Reset 

func (m *ValidateJWTSVIDRequest) Reset()

func (*ValidateJWTSVIDRequest) String 

func (m *ValidateJWTSVIDRequest) String() string

func (*ValidateJWTSVIDRequest) XXX_DiscardUnknown 

func (m *ValidateJWTSVIDRequest) XXX_DiscardUnknown()

func (*ValidateJWTSVIDRequest) XXX_Marshal 

func (m *ValidateJWTSVIDRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ValidateJWTSVIDRequest) XXX_Merge 

func (m *ValidateJWTSVIDRequest) XXX_Merge(src proto.Message)

func (*ValidateJWTSVIDRequest) XXX_Size 

func (m *ValidateJWTSVIDRequest) XXX_Size() int

func (*ValidateJWTSVIDRequest) XXX_Unmarshal 

func (m *ValidateJWTSVIDRequest) XXX_Unmarshal(b []byte) error

type ValidateJWTSVIDResponse 

type ValidateJWTSVIDResponse struct {
	SpiffeId             string          `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	Claims               *_struct.Struct `protobuf:"bytes,2,opt,name=claims,proto3" json:"claims,omitempty"`
	XXX_NoUnkeyedLiteral struct{}        `json:"-"`
	XXX_unrecognized     []byte          `json:"-"`
	XXX_sizecache        int32           `json:"-"`
}

func (*ValidateJWTSVIDResponse) Descriptor 

func (*ValidateJWTSVIDResponse) Descriptor() ([]byte, []int)

func (*ValidateJWTSVIDResponse) GetClaims 

func (m *ValidateJWTSVIDResponse) GetClaims() *_struct.Struct

func (*ValidateJWTSVIDResponse) GetSpiffeId 

func (m *ValidateJWTSVIDResponse) GetSpiffeId() string

func (*ValidateJWTSVIDResponse) ProtoMessage 

func (*ValidateJWTSVIDResponse) ProtoMessage()

func (*ValidateJWTSVIDResponse) Reset 

func (m *ValidateJWTSVIDResponse) Reset()

func (*ValidateJWTSVIDResponse) String 

func (m *ValidateJWTSVIDResponse) String() string

func (*ValidateJWTSVIDResponse) XXX_DiscardUnknown 

func (m *ValidateJWTSVIDResponse) XXX_DiscardUnknown()

func (*ValidateJWTSVIDResponse) XXX_Marshal 

func (m *ValidateJWTSVIDResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ValidateJWTSVIDResponse) XXX_Merge 

func (m *ValidateJWTSVIDResponse) XXX_Merge(src proto.Message)

func (*ValidateJWTSVIDResponse) XXX_Size 

func (m *ValidateJWTSVIDResponse) XXX_Size() int

func (*ValidateJWTSVIDResponse) XXX_Unmarshal 

func (m *ValidateJWTSVIDResponse) XXX_Unmarshal(b []byte) error

type X509SVID 

type X509SVID struct {
	// The SPIFFE ID of the SVID in this entry
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// ASN.1 DER encoded certificate chain. MAY include intermediates,
	// the leaf certificate (or SVID itself) MUST come first.
	X509Svid []byte `protobuf:"bytes,2,opt,name=x509_svid,json=x509Svid,proto3" json:"x509_svid,omitempty"`
	// ASN.1 DER encoded PKCS#8 private key. MUST be unencrypted.
	X509SvidKey []byte `protobuf:"bytes,3,opt,name=x509_svid_key,json=x509SvidKey,proto3" json:"x509_svid_key,omitempty"`
	// CA certificates belonging to the Trust Domain
	// ASN.1 DER encoded
	Bundle               []byte   `protobuf:"bytes,4,opt,name=bundle,proto3" json:"bundle,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The X509SVID message carries a single SVID and all associated information, including CA bundles.

func (*X509SVID) Descriptor 

func (*X509SVID) Descriptor() ([]byte, []int)

func (*X509SVID) GetBundle 

func (m *X509SVID) GetBundle() []byte

func (*X509SVID) GetSpiffeId 

func (m *X509SVID) GetSpiffeId() string

func (*X509SVID) GetX509Svid 

func (m *X509SVID) GetX509Svid() []byte

func (*X509SVID) GetX509SvidKey 

func (m *X509SVID) GetX509SvidKey() []byte

func (*X509SVID) ProtoMessage 

func (*X509SVID) ProtoMessage()

func (*X509SVID) Reset 

func (m *X509SVID) Reset()

func (*X509SVID) String 

func (m *X509SVID) String() string

func (*X509SVID) XXX_DiscardUnknown 

func (m *X509SVID) XXX_DiscardUnknown()

func (*X509SVID) XXX_Marshal 

func (m *X509SVID) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*X509SVID) XXX_Merge 

func (m *X509SVID) XXX_Merge(src proto.Message)

func (*X509SVID) XXX_Size 

func (m *X509SVID) XXX_Size() int

func (*X509SVID) XXX_Unmarshal 

func (m *X509SVID) XXX_Unmarshal(b []byte) error

type X509SVIDRequest 

type X509SVIDRequest struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*X509SVIDRequest) Descriptor 

func (*X509SVIDRequest) Descriptor() ([]byte, []int)

func (*X509SVIDRequest) ProtoMessage 

func (*X509SVIDRequest) ProtoMessage()

func (*X509SVIDRequest) Reset 

func (m *X509SVIDRequest) Reset()

func (*X509SVIDRequest) String 

func (m *X509SVIDRequest) String() string

func (*X509SVIDRequest) XXX_DiscardUnknown 

func (m *X509SVIDRequest) XXX_DiscardUnknown()

func (*X509SVIDRequest) XXX_Marshal 

func (m *X509SVIDRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*X509SVIDRequest) XXX_Merge 

func (m *X509SVIDRequest) XXX_Merge(src proto.Message)

func (*X509SVIDRequest) XXX_Size 

func (m *X509SVIDRequest) XXX_Size() int

func (*X509SVIDRequest) XXX_Unmarshal 

func (m *X509SVIDRequest) XXX_Unmarshal(b []byte) error

type X509SVIDResponse 

type X509SVIDResponse struct {
	// A list of X509SVID messages, each of which includes a single
	// SPIFFE Verifiable Identity Document, along with its private key
	// and bundle.
	Svids []*X509SVID `protobuf:"bytes,1,rep,name=svids,proto3" json:"svids,omitempty"`
	// ASN.1 DER encoded
	Crl [][]byte `protobuf:"bytes,2,rep,name=crl,proto3" json:"crl,omitempty"`
	// CA certificate bundles belonging to foreign Trust Domains that the
	// workload should trust, keyed by the SPIFFE ID of the foreign
	// domain. Bundles are ASN.1 DER encoded.
	FederatedBundles     map[string][]byte `` /* 197-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

The X509SVIDResponse message carries a set of X.509 SVIDs and their associated information. It also carries a set of global CRLs, and a TTL to inform the workload when it should check back next.

func (*X509SVIDResponse) Descriptor 

func (*X509SVIDResponse) Descriptor() ([]byte, []int)

func (*X509SVIDResponse) GetCrl 

func (m *X509SVIDResponse) GetCrl() [][]byte

func (*X509SVIDResponse) GetFederatedBundles 

func (m *X509SVIDResponse) GetFederatedBundles() map[string][]byte

func (*X509SVIDResponse) GetSvids 

func (m *X509SVIDResponse) GetSvids() []*X509SVID

func (*X509SVIDResponse) ProtoMessage 

func (*X509SVIDResponse) ProtoMessage()

func (*X509SVIDResponse) Reset 

func (m *X509SVIDResponse) Reset()

func (*X509SVIDResponse) String 

func (m *X509SVIDResponse) String() string

func (*X509SVIDResponse) XXX_DiscardUnknown 

func (m *X509SVIDResponse) XXX_DiscardUnknown()

func (*X509SVIDResponse) XXX_Marshal 

func (m *X509SVIDResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*X509SVIDResponse) XXX_Merge 

func (m *X509SVIDResponse) XXX_Merge(src proto.Message)

func (*X509SVIDResponse) XXX_Size 

func (m *X509SVIDResponse) XXX_Size() int

func (*X509SVIDResponse) XXX_Unmarshal 

func (m *X509SVIDResponse) XXX_Unmarshal(b []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.