identityfile

package

v11.3.3 Latest Latest Go to latest Published: Dec 13, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/zmb3/teleport

Documentation ¶

Overview ¶

Package identityfile handles formatting and parsing of identity files.

Index ¶

Variables
func Write(cfg WriteConfig) (filesWritten []string, err error)
type ConfigWriter
type Format
type FormatList
- func (f FormatList) String() string
type InMemoryConfigWriter
- func NewInMemoryConfigWriter() *InMemoryConfigWriter
type StandardConfigWriter
type WriteConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var KnownFileFormats = FormatList{
	FormatFile, FormatOpenSSH, FormatTLS, FormatKubernetes, FormatDatabase, FormatMongo,
	FormatCockroach, FormatRedis, FormatSnowflake, FormatElasticsearch, FormatCassandra, FormatScylla,
}

KnownFileFormats is a list of all above formats.

Functions ¶

func Write ¶

func Write(cfg WriteConfig) (filesWritten []string, err error)

Write writes user credentials to disk in a specified format. It returns the names of the files successfully written.

Types ¶

type ConfigWriter ¶

type ConfigWriter interface {
	// WriteFile writes the given data to path `name`, using the specified
	// permissions if the file is new.
	WriteFile(name string, data []byte, perm os.FileMode) error

	// Remove removes a file.
	Remove(name string) error

	// Stat fetches information about a file.
	Stat(name string) (fs.FileInfo, error)
}

ConfigWriter is a simple filesystem abstraction to allow alternative simple read/write for this package.

type Format ¶

type Format string

Format describes possible file formats how a user identity can be stored.

const (
	// FormatFile is when a key + cert are stored concatenated into a single file
	FormatFile Format = "file"

	// FormatOpenSSH is OpenSSH-compatible format, when a key and a cert are stored in
	// two different files (in the same directory)
	FormatOpenSSH Format = "openssh"

	// FormatTLS is a standard TLS format used by common TLS clients (e.g. GRPC) where
	// certificate and key are stored in separate files.
	FormatTLS Format = "tls"

	// FormatKubernetes is a standard Kubernetes format, with all credentials
	// stored in a "kubeconfig" file.
	FormatKubernetes Format = "kubernetes"

	// FormatDatabase produces CA and key pair suitable for configuring a
	// database instance for mutual TLS.
	FormatDatabase Format = "db"

	// FormatMongo produces CA and key pair in the format suitable for
	// configuring a MongoDB database for mutual TLS authentication.
	FormatMongo Format = "mongodb"

	// FormatCockroach produces CA and key pair in the format suitable for
	// configuring a CockroachDB database for mutual TLS.
	FormatCockroach Format = "cockroachdb"

	// FormatRedis produces CA and key pair in the format suitable for
	// configuring a Redis database for mutual TLS.
	FormatRedis Format = "redis"

	// FormatSnowflake produces public key in the format suitable for
	// configuration Snowflake JWT access.
	FormatSnowflake Format = "snowflake"
	// FormatCassandra produces CA and key pair in the format suitable for
	// configuring a Cassandra database for mutual TLS.
	FormatCassandra Format = "cassandra"
	// FormatScylla produces CA and key pair in the format suitable for
	// configuring a Scylla database for mutual TLS.
	FormatScylla Format = "scylla"

	// FormatElasticsearch produces CA and key pair in the format suitable for
	// configuring Elasticsearch for mutual TLS authentication.
	FormatElasticsearch Format = "elasticsearch"

	// DefaultFormat is what Teleport uses by default
	DefaultFormat = FormatFile
)

type FormatList ¶

type FormatList []Format

FormatList is a list of all possible FormatList.

func (FormatList) String ¶

func (f FormatList) String() string

String returns human-readable version of FormatList, ex: file, openssh, tls, kubernetes

type InMemoryConfigWriter ¶

type InMemoryConfigWriter struct {
	// contains filtered or unexported fields
}

InMemoryConfigWriter is a basic virtual file system abstraction that writes into memory

instead of writing to a more persistent storage.

func NewInMemoryConfigWriter ¶

func NewInMemoryConfigWriter() *InMemoryConfigWriter

NewInMemoryConfigWriter creates a new virtual file system It stores the files contents and their properties in memory

func (*InMemoryConfigWriter) Open ¶

func (m *InMemoryConfigWriter) Open(name string) (fs.File, error)

Open is not implemented but exists here to satisfy the io/fs.ReadFileFS interface.

func (*InMemoryConfigWriter) ReadFile ¶

func (m *InMemoryConfigWriter) ReadFile(name string) ([]byte, error)

ReadFile returns the file contents. Returns fs.ErrNotExists if the file is not present

func (*InMemoryConfigWriter) Remove ¶

func (m *InMemoryConfigWriter) Remove(name string) error

Remove the file. If the file does not exist, Remove is a no-op

func (*InMemoryConfigWriter) Stat ¶

func (m *InMemoryConfigWriter) Stat(name string) (fs.FileInfo, error)

Stat returns the FileInfo of the given file. Returns fs.ErrNotExists if the file is not present

func (*InMemoryConfigWriter) WriteFile ¶

func (m *InMemoryConfigWriter) WriteFile(name string, data []byte, perm os.FileMode) error

WriteFile writes the given data to path `name` It replaces the file if it already exists

type StandardConfigWriter ¶

type StandardConfigWriter struct{}

StandardConfigWriter is a trivial ConfigWriter that wraps the relevant `os` functions.

func (*StandardConfigWriter) Remove ¶

func (s *StandardConfigWriter) Remove(name string) error

Remove removes the named file or (empty) directory. If there is an error, it will be of type *PathError.

func (*StandardConfigWriter) Stat ¶

func (s *StandardConfigWriter) Stat(name string) (fs.FileInfo, error)

Stat returns a FileInfo describing the named file. If there is an error, it will be of type *PathError.

func (*StandardConfigWriter) WriteFile ¶

func (s *StandardConfigWriter) WriteFile(name string, data []byte, perm os.FileMode) error

WriteFile writes data to the named file, creating it if necessary.

type WriteConfig ¶

type WriteConfig struct {
	// OutputPath is the output path for the identity file. Note that some
	// formats (like FormatOpenSSH and FormatTLS) write multiple output files
	// and use OutputPath as a prefix.
	OutputPath string
	// Key contains the credentials to write to the identity file.
	Key *client.Key
	// Format is the output format for the identity file.
	Format Format
	// KubeProxyAddr is the public address of the proxy with its kubernetes
	// port. KubeProxyAddr is only used when Format is FormatKubernetes.
	KubeProxyAddr string
	// KubeClusterName is the Kubernetes Cluster name.
	// KubeClusterName is only used when Format is FormatKubernetes.
	KubeClusterName string
	// KubeTLSServerName is the SNI host value passed to the server.
	KubeTLSServerName string
	// KubeStoreAllCAs stores the CAs of all clusters in kubeconfig, instead
	// of just the root cluster's CA.
	KubeStoreAllCAs bool
	// OverwriteDestination forces all existing destination files to be
	// overwritten. When false, user will be prompted for confirmation of
	// overwrite first.
	OverwriteDestination bool
	// Writer is the filesystem implementation.
	Writer ConfigWriter
	// JKSPassword is the password for the JKS keystore used by Cassandra format.
	JKSPassword string
}

WriteConfig holds the necessary information to write an identity file.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL