Documentation
¶
Index ¶
- func AgentAuthorizer(log logrus.FieldLogger, ds datastore.DataStore, clk clock.Clock) middleware.AgentAuthorizer
- func Authorization(log logrus.FieldLogger, ds datastore.DataStore, clk clock.Clock) map[string]middleware.Authorizer
- func AuthorizedEntryFetcher(ds datastore.DataStore) api.AuthorizedEntryFetcher
- func AuthorizedEntryFetcherWithCache(ds datastore.DataStore) (api.AuthorizedEntryFetcher, error)
- func EntryFetcher(ds datastore.DataStore) middleware.EntryFetcher
- func Middleware(log logrus.FieldLogger, metrics telemetry.Metrics, ds datastore.DataStore, ...) middleware.Middleware
- func RateLimits(config RateLimitConfig) map[string]api.RateLimiter
- func UpstreamPublisher(manager *ca.Manager) bundle.UpstreamPublisher
- type APIServers
- type Config
- type Endpoints
- type OldAPIServers
- type RateLimitConfig
- type Server
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AgentAuthorizer ¶ added in v0.11.0
func AgentAuthorizer(log logrus.FieldLogger, ds datastore.DataStore, clk clock.Clock) middleware.AgentAuthorizer
func Authorization ¶ added in v0.11.0
func Authorization(log logrus.FieldLogger, ds datastore.DataStore, clk clock.Clock) map[string]middleware.Authorizer
func AuthorizedEntryFetcher ¶ added in v0.11.0
func AuthorizedEntryFetcher(ds datastore.DataStore) api.AuthorizedEntryFetcher
func AuthorizedEntryFetcherWithCache ¶ added in v0.11.0
func AuthorizedEntryFetcherWithCache(ds datastore.DataStore) (api.AuthorizedEntryFetcher, error)
func EntryFetcher ¶ added in v0.11.0
func EntryFetcher(ds datastore.DataStore) middleware.EntryFetcher
func Middleware ¶ added in v0.11.0
func Middleware(log logrus.FieldLogger, metrics telemetry.Metrics, ds datastore.DataStore, clk clock.Clock, rlConf RateLimitConfig) middleware.Middleware
func RateLimits ¶ added in v0.11.0
func RateLimits(config RateLimitConfig) map[string]api.RateLimiter
func UpstreamPublisher ¶ added in v0.11.0
func UpstreamPublisher(manager *ca.Manager) bundle.UpstreamPublisher
Types ¶
type APIServers ¶ added in v0.11.0
type APIServers struct {
AgentServer agentv1_pb.AgentServer
BundleServer bundlev1_pb.BundleServer
EntryServer entryv1_pb.EntryServer
SVIDServer svidv1_pb.SVIDServer
}
type Config ¶
type Config struct {
// TPCAddr is the address to bind the TCP listener to.
TCPAddr *net.TCPAddr
// UDSAddr is the address to bind the UDS listener to.
UDSAddr *net.UnixAddr
// The svid rotator used to obtain the latest server credentials
SVIDObserver svid.Observer
// The server's configured trust domain. Used for validation, server SVID, etc.
TrustDomain spiffeid.TrustDomain
// Plugin catalog
Catalog catalog.Catalog
// Server CA for signing SVIDs
ServerCA ca.ServerCA
// Allow agentless spiffeIds when doing node attestation
AllowAgentlessNodeAttestors bool
// Bundle endpoint configuration
BundleEndpoint bundle.EndpointConfig
// CA Manager
Manager *ca.Manager
Log logrus.FieldLogger
Metrics telemetry.Metrics
// RateLimit holds rate limiting configurations.
RateLimit RateLimitConfig
}
Config is a configuration for endpoints
type Endpoints ¶
type Endpoints struct {
TCPAddr *net.TCPAddr
UDSAddr *net.UnixAddr
SVIDObserver svid.Observer
TrustDomain spiffeid.TrustDomain
DataStore datastore.DataStore
OldAPIServers
APIServers APIServers
BundleEndpointServer Server
Log logrus.FieldLogger
Metrics telemetry.Metrics
RateLimit RateLimitConfig
}
func (*Endpoints) ListenAndServe ¶
ListenAndServe starts all endpoint servers and blocks until the context is canceled or any of the servers fails to run. If the context is canceled, the function returns nil. Otherwise, the error from the failed server is returned.
type OldAPIServers ¶ added in v0.11.0
type OldAPIServers struct {
RegistrationServer registration_pb.RegistrationServer
NodeServer node_pb.NodeServer
}
type RateLimitConfig ¶ added in v0.11.0
type RateLimitConfig struct {
// Attestation, if true, rate limits attestation
Attestation bool
}
RateLimitConfig holds rate limiting configurations.
type Server ¶
type Server interface {
// ListenAndServe starts all endpoint servers and blocks until the context
// is canceled or any of the servers fails to run. If the context is
// canceled, the function returns nil. Otherwise, the error from the failed
// server is returned.
ListenAndServe(ctx context.Context) error
}
Server manages gRPC and HTTP endpoint lifecycle
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
internal/acmetest
nolint // forked code
|
nolint // forked code |
|
internal/autocert
nolint // forked code nolint // forked code nolint // forked code
|
nolint // forked code nolint // forked code nolint // forked code |
Click to show internal directories.
Click to hide internal directories.