trireme-lib: go.aporeto.io/trireme-lib/controller/internal/enforcer/secretsproxy Index | Files

package secretsproxy

import "go.aporeto.io/trireme-lib/controller/internal/enforcer/secretsproxy"

Index

Package Files

secretsproxy.go transformer.go

func ValidateOriginProcess Uses

func ValidateOriginProcess(pid string) (string, error)

ValidateOriginProcess implements a strict validation of the origin process. We might add later.

type GenericSecretsDriver Uses

type GenericSecretsDriver struct {
    // contains filtered or unexported fields
}

GenericSecretsDriver holds the configuration information for the driver and implements the SecretsDriver interface.

func (*GenericSecretsDriver) Transform Uses

func (k *GenericSecretsDriver) Transform(r *http.Request) error

Transform transforms the request of the SecretsDriver

func (*GenericSecretsDriver) Transport Uses

func (k *GenericSecretsDriver) Transport() http.RoundTripper

Transport implements the transport interface of the SecretsDriver.

type SecretsDriver Uses

type SecretsDriver interface {
    Transport() http.RoundTripper
    Transform(r *http.Request) error
}

SecretsDriver is a generic interface that the secrets driver must implement.

func NewGenericSecretsDriver Uses

func NewGenericSecretsDriver(ca []byte, token string, network *common.Service) (SecretsDriver, error)

NewGenericSecretsDriver creates a new Kubernetes Secrets Driver. It always uses the incluster config to automatically derive all the necessary values.

type SecretsProxy Uses

type SecretsProxy struct {
    sync.Mutex
    // contains filtered or unexported fields
}

SecretsProxy holds all state information for applying policy in the secrets socket API.

func NewSecretsProxy Uses

func NewSecretsProxy() *SecretsProxy

NewSecretsProxy creates a new secrets proxy.

func (*SecretsProxy) Enforce Uses

func (s *SecretsProxy) Enforce(puInfo *policy.PUInfo) error

Enforce implements the corresponding interface of enforcers.

func (*SecretsProxy) GetFilterQueue Uses

func (s *SecretsProxy) GetFilterQueue() *fqconfig.FilterQueue

GetFilterQueue is a stub for TCP proxy

func (*SecretsProxy) Run Uses

func (s *SecretsProxy) Run(ctx context.Context) error

Run implements the run method of the CtrlInterface. It starts the proxy server and initializes the data structures.

func (*SecretsProxy) Unenforce Uses

func (s *SecretsProxy) Unenforce(contextID string) error

Unenforce implements the corresponding interface of the enforcers.

func (*SecretsProxy) UpdateSecrets Uses

func (s *SecretsProxy) UpdateSecrets(secret secrets.Secrets) error

UpdateSecrets updates the secrets of running enforcers managed by trireme. Remote enforcers will get the secret updates with the next policy push.

Package secretsproxy imports 23 packages (graph) and is imported by 2 packages. Updated 2019-04-09. Refresh now. Tools for package owners.