Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ValidateConfig ¶
Types ¶
type Config ¶
type Config struct { AgentAddress string `hcl:"agent_address"` AgentAddressDeprecated string `hcl:"agentAddress"` Cmd string `hcl:"cmd"` CmdArgs string `hcl:"cmd_args"` CmdArgsDeprecated string `hcl:"cmdArgs"` CertDir string `hcl:"cert_dir"` CertDirDeprecated string `hcl:"certDir"` // Merge intermediate certificates into Bundle file instead of SVID file, // it is useful is some scenarios like MySQL, // where this is the expected format for presented certificates and bundles AddIntermediatesToBundle bool `hcl:"add_intermediates_to_bundle"` AddIntermediatesToBundleDeprecated bool `hcl:"addIntermediatesToBundle"` SvidFileName string `hcl:"svid_file_name"` SvidFileNameDeprecated string `hcl:"svidFileName"` SvidKeyFileName string `hcl:"svid_key_file_name"` SvidKeyFileNameDeprecated string `hcl:"svidKeyFileName"` SvidBundleFileName string `hcl:"svid_bundle_file_name"` SvidBundleFileNameDeprecated string `hcl:"svidBundleFileName"` RenewSignal string `hcl:"renew_signal"` RenewSignalDeprecated string `hcl:"renewSignal"` // TODO: is there a reason for this to be exposed? and inside of config? ReloadExternalProcess func() error // TODO: is there a reason for this to be exposed? and inside of config? Log logrus.FieldLogger }
Config contains config variables when creating a SPIFFE Sidecar.
func ParseConfig ¶
ParseConfig parses the given HCL file into a SidecarConfig struct
type Sidecar ¶
type Sidecar struct {
// contains filtered or unexported fields
}
Sidecar is the component that consumes the Workload API and renews certs implements the interface Sidecar
func New ¶
func New(configPath string, log logrus.FieldLogger) (*Sidecar, error)
New creates a new SPIFFE sidecar
func (*Sidecar) CertReadyChan ¶
func (s *Sidecar) CertReadyChan() <-chan struct{}
CertReadyChan returns a channel to know when the certificates are ready
func (*Sidecar) RunDaemon ¶
RunDaemon starts the main loop Starts the workload API client to listen for new SVID updates When a new SVID is received on the updateChan, the SVID certificates are stored in disk and a restart signal is sent to the proxy's process
func (*Sidecar) SignalProcess ¶ added in v0.7.0
Click to show internal directories.
Click to hide internal directories.