istio: istio.io/istio/istioctl/pkg/writer/compare/sds Index | Files

package sdscompare

import "istio.io/istio/istioctl/pkg/writer/compare/sds"

Index

Package Files

sds_comparator.go util.go writer.go

type Format Uses

type Format int
const (
    JSON Format = iota
    TABULAR
)

type SDSComparator Uses

type SDSComparator struct {
    // contains filtered or unexported fields
}

SDSComparator diffs secrets between a config dump from target envoy and its corresponding node agent's debug endpoints

func NewSDSComparator Uses

func NewSDSComparator(
    w SDSWriter, nodeAgentResponses map[string]sds.Debug, envoyResponse []byte, targetPod string) (*SDSComparator, error)

NewSDSComparator generates an SDSComparator

func (*SDSComparator) Diff Uses

func (c *SDSComparator) Diff() error

Diff will perform the diffing between node agent and envoy secrets, and display the results

type SDSWriter Uses

type SDSWriter interface {
    PrintSecretItems([]SecretItem) error
    PrintDiffs([]SecretItemDiff) error
}

SDSWriter takes lists of SecretItem or SecretItemDiff and prints them through supplied output writer

func NewSDSWriter Uses

func NewSDSWriter(w io.Writer, format Format) SDSWriter

NewSDSWriter generates a new instance which conforms to SDSWriter interface

type SecretItem Uses

type SecretItem struct {
    Name        string `json:"resource_name"`
    Data        string `json:"cert"`
    Source      string `json:"source"`
    Destination string `json:"destination"`
    State       string `json:"state"`
    SecretMeta
}

SecretItem is an intermediate representation of secrets, used to provide a common format between the envoy proxy secrets and node agent output which can be diffed

func GetEnvoySecrets Uses

func GetEnvoySecrets(
    wrapper *configdump.Wrapper) ([]SecretItem, error)

GetEnvoySecrets parses the secrets section of the config dump into []SecretItem

func GetNodeAgentSecrets Uses

func GetNodeAgentSecrets(
    agentResponses map[string]sds.Debug, connFilter connNameFilter) ([]SecretItem, error)

GetNodeAgentSecrets takes the sds.Debug results provided to the comparator and parses them into []SecretItem

type SecretItemBuilder Uses

type SecretItemBuilder interface {
    Name(string) SecretItemBuilder
    Data(string) SecretItemBuilder
    Source(string) SecretItemBuilder
    Destination(string) SecretItemBuilder
    State(string) SecretItemBuilder
    Build() (SecretItem, error)
}

SecretItemBuilder wraps the process of setting fields for the SecretItem and builds the Metadata fields from the cert contents behind the scenes

func NewSecretItemBuilder Uses

func NewSecretItemBuilder() SecretItemBuilder

NewSecretItemBuilder returns a new builder to create a secret item

type SecretItemDiff Uses

type SecretItemDiff struct {
    Agent string `json:"agent"`
    Proxy string `json:"proxy"`
    SecretItem
}

SecretItemDiff represents a secret that has been diffed between nodeagent and proxy

type SecretMeta Uses

type SecretMeta struct {
    Valid        bool   `json:"cert_valid"`
    SerialNumber string `json:"serial_number"`
    NotAfter     string `json:"not_after"`
    NotBefore    string `json:"not_before"`
    Type         string `json:"type"`
}

SecretMeta holds selected fields which can be extracted from parsed x509 cert

Package sdscompare imports 13 packages (graph) and is imported by 3 packages. Updated 2019-10-22. Refresh now. Tools for package owners.