upstreamauthority

package
v1.9.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
}

Config defines the configuration for the plugin. TODO: Add relevant configurables or remove if no configuration is required.

type Plugin 

type Plugin struct {
	// UnimplementedUpstreamAuthorityServer is embedded to satisfy gRPC
	upstreamauthorityv1.UnimplementedUpstreamAuthorityServer

	// UnimplementedConfigServer is embedded to satisfy gRPC
	// TODO: Remove if this plugin does not require configuration
	configv1.UnimplementedConfigServer
	// contains filtered or unexported fields
}

Plugin implements the UpstreamAuthority plugin

func (*Plugin) BrokerHostServices 

func (p *Plugin) BrokerHostServices(broker pluginsdk.ServiceBroker) error

BrokerHostServices is called by the framework when the plugin is loaded to give the plugin a chance to obtain clients to SPIRE host services. TODO: Remove if the plugin does not need host services.

func (*Plugin) Configure 

func (p *Plugin) Configure(ctx context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)

Configure configures the plugin. This is invoked by SPIRE when the plugin is first loaded. In the future, it may be invoked to reconfigure the plugin. As such, it should replace the previous configuration atomically. TODO: Remove if no configuration is required

func (*Plugin) MintX509CAAndSubscribe 

func (p *Plugin) MintX509CAAndSubscribe(req *upstreamauthorityv1.MintX509CARequest, stream upstreamauthorityv1.UpstreamAuthority_MintX509CAAndSubscribeServer) error

MintX509CAAndSubscribe implements the UpstreamAuthority MintX509CAAndSubscribe RPC. Mints an X.509 CA and responds with the signed X.509 CA certificate chain and upstream X.509 roots. If supported by the implementation, subsequent responses on the stream contain upstream X.509 root updates, otherwise the stream is closed after the initial response.

Implementation note: The stream should be kept open in the face of transient errors encountered while tracking changes to the upstream X.509 roots as SPIRE Server will not reopen a closed stream until the next X.509 CA rotation.

func (*Plugin) PublishJWTKeyAndSubscribe 

func (p *Plugin) PublishJWTKeyAndSubscribe(req *upstreamauthorityv1.PublishJWTKeyRequest, stream upstreamauthorityv1.UpstreamAuthority_PublishJWTKeyAndSubscribeServer) error

PublishJWTKeyAndSubscribe implements the UpstreamAuthority PublishJWTKeyAndSubscribe RPC. Publishes a JWT signing key upstream and responds with the upstream JWT keys. If supported by the implementation, subsequent responses on the stream contain upstream JWT key updates, otherwise the stream is closed after the initial response.

This RPC is optional and will return NotImplemented if unsupported.

Implementation note: The stream should be kept open in the face of transient errors encountered while tracking changes to the upstream JWT keys as SPIRE Server will not reopen a closed stream until the next JWT key rotation.

func (*Plugin) SetLogger 

func (p *Plugin) SetLogger(logger hclog.Logger)

SetLogger is called by the framework when the plugin is loaded and provides the plugin with a logger wired up to SPIRE's logging facilities. TODO: Remove if the plugin does not need the logger.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.