spire

package

v1.17.13 Latest Latest Go to latest Published: Feb 12, 2026 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cilium/cilium

Links

Documentation ¶

Index ¶

Variables
func NewClient(params params, lc cell.Lifecycle, authCfg MutualAuthConfig, cfg ClientConfig, ...) identity.Provider
func NewFakeClient() identity.Provider
type Client
type ClientConfig
- func (cfg ClientConfig) Flags(flags *pflag.FlagSet)
type MutualAuthConfig
- func (cfg MutualAuthConfig) Flags(flags *pflag.FlagSet)

Constants ¶

This section is empty.

Variables ¶

View Source

var Cell = cell.Module(
	"spire-client",
	"Spire Server API Client",
	cell.Config(defaultMutualAuthConfig),
	cell.Config(ClientConfig{}),
	cell.Provide(NewClient),
)

Cell is the cell for the SPIRE client.

View Source

var FakeCellClient = cell.Module(
	"fake-spire-client",
	"Fake Spire Server API Client",
	cell.Config(defaultMutualAuthConfig),
	cell.Config(ClientConfig{}),
	cell.Provide(NewFakeClient),
)

Functions ¶

func NewClient ¶

func NewClient(params params, lc cell.Lifecycle, authCfg MutualAuthConfig, cfg ClientConfig, log *slog.Logger) identity.Provider

NewClient creates a new SPIRE client. If the mutual authentication is not enabled, it returns a noop client.

func NewFakeClient ¶

func NewFakeClient() identity.Provider

NewFakeClient creates a new fake SPIRE client.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

func (*Client) Delete ¶

func (c *Client) Delete(ctx context.Context, id string) error

Delete deletes the SPIFFE ID for the given ID. The SPIFFE ID is in the form of spiffe://<trust-domain>/identity/<id>.

func (*Client) List ¶

func (c *Client) List(ctx context.Context) ([]string, error)

func (*Client) Upsert ¶

func (c *Client) Upsert(ctx context.Context, id string) error

Upsert creates or updates the SPIFFE ID for the given ID. The SPIFFE ID is in the form of spiffe://<trust-domain>/identity/<id>.

type ClientConfig ¶

type ClientConfig struct {
	SpireAgentSocketPath         string        `mapstructure:"mesh-auth-spire-agent-socket"`
	SpireServerAddress           string        `mapstructure:"mesh-auth-spire-server-address"`
	SpireServerConnectionTimeout time.Duration `mapstructure:"mesh-auth-spire-server-connection-timeout"`
	SpiffeTrustDomain            string        `mapstructure:"mesh-auth-spiffe-trust-domain"`
}

ClientConfig contains the configuration for the SPIRE client.

func (ClientConfig) Flags ¶

func (cfg ClientConfig) Flags(flags *pflag.FlagSet)

Flags adds the flags used by ClientConfig.

type MutualAuthConfig ¶ added in v1.17.2

type MutualAuthConfig struct {
	Enabled bool `mapstructure:"mesh-auth-mutual-enabled"`
}

MutualAuthConfig contains general configuration for mutual authentication.

func (MutualAuthConfig) Flags ¶ added in v1.17.2

func (cfg MutualAuthConfig) Flags(flags *pflag.FlagSet)

Flags adds the flags used by ClientConfig.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL