Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

spiffe

package

Go to main page

Versions in this module

v1

v1.7.0

Feb 14, 2023

Changes in this version

+ const CABundleFileMode

+ var ErrCertTimeout = errors.New("timed out waiting for trust bundle")

+ var ErrNoCertificates = errors.New("no certificates in svid response")

+ func ParseCABundle(svidResponse *workloadapi.X509Context) (*x509bundle.Bundle, error)

+ type CABundleManager struct

+ CABundleFilepath string

+ TaskQueue *taskqueue.TaskQueue

+ func (manager *CABundleManager) CABundleBytesFromSVIDResponse(svidResponse *workloadapi.X509Context) ([]byte, bool, error)

+ func (manager *CABundleManager) CertKeyBytesFromSVIDResponse(svidResponse *workloadapi.X509Context) ([]byte, []byte, error)

+ func (manager *CABundleManager) NewCertificateGetter() func(*tls.CertificateRequestInfo) (*tls.Certificate, error)

+ func (manager *CABundleManager) SerialNumberFromSVIDResponse(svidResponse *workloadapi.X509Context) ([]byte, error)

+ func (manager *CABundleManager) TestAndUpdateCABundle(caBundle []byte) bool

+ func (manager *CABundleManager) WaitForCABundle(maxSeconds int) error

+ func (manager *CABundleManager) Write(svidResponse *workloadapi.X509Context) error

+ type CertFetcher interface

+ Start func(context.Context) (<-chan *workloadapi.X509Context, <-chan error, error)

+ Stop func() error

+ type CertManager struct

+ ErrCh chan error

+ func NewCertManager(svidWriter SVIDWriter, fetcher CertFetcher, timeout time.Duration) *CertManager

+ func NewCertManagerWithReloader(reloader Reloader, svidWriter SVIDWriter, fetcher CertFetcher, ...) *CertManager

+ func (c *CertManager) Run(ctx context.Context) error

+ func (c *CertManager) Stop() error

+ type Client interface

+ Close func() error

+ WatchX509Context func(context.Context, workloadapi.X509ContextWatcher) error

+ type DiskSVIDConfig struct

+ CABundleFilename string

+ CertDir string

+ CertFilename string

+ KeyFilename string

+ type DiskSVIDWriter struct

+ CaBundleFile string

+ CertFile string

+ KeyFile string

+ func NewDiskSVIDWriter(config DiskSVIDConfig) (*DiskSVIDWriter, error)

+ func (d *DiskSVIDWriter) Write(svidResponse *workloadapi.X509Context) error

+ type Reloader interface

+ Reload func() error

+ type SVIDWriter interface

+ Write func(svidResponse *workloadapi.X509Context) error

+ type X509CertFetcher struct

+ CertCh chan *workloadapi.X509Context

+ WatchErrCh chan error

+ func NewX509CertFetcher(spireAddr string, client Client) (*X509CertFetcher, error)

+ func (c *X509CertFetcher) Start(ctx context.Context) (<-chan *workloadapi.X509Context, <-chan error, error)

+ func (c *X509CertFetcher) Stop() error