manager

package
v1.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 6, 2022 License: Apache-2.0 Imports: 28 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Cache added in v1.1.0 

type Cache interface {
	// UpdateEntries updates entries on cache
	UpdateEntries(update *cache.UpdateEntries, checkSVID func(*common.RegistrationEntry, *common.RegistrationEntry, *cache.X509SVID) bool)

	// UpdateSVIDs updates SVIDs on provided records
	UpdateSVIDs(update *cache.UpdateSVIDs)

	// GetStaleEntries gets a list of records that need update SVIDs
	GetStaleEntries() []*cache.StaleEntry
}

type Config 

type Config struct {
	// Agent SVID and key resulting from successful attestation.
	SVID             []*x509.Certificate
	SVIDKey          keymanager.Key
	Bundle           *cache.Bundle
	Catalog          catalog.Catalog
	TrustDomain      spiffeid.TrustDomain
	Log              logrus.FieldLogger
	Metrics          telemetry.Metrics
	ServerAddr       string
	Storage          storage.Storage
	WorkloadKeyType  workloadkey.KeyType
	SyncInterval     time.Duration
	RotationInterval time.Duration
	SVIDStoreCache   *storecache.Cache

	// Clk is the clock the manager will use to get time
	Clk clock.Clock
}

Config holds a cache manager configuration

type Manager 

type Manager interface {
	// Initialize initializes the manager.
	Initialize(ctx context.Context) error

	// Run runs the manager. It will block until the context is cancelled.
	Run(ctx context.Context) error

	// SubscribeToCacheChanges returns a Subscriber on which cache entry updates are sent
	// for a particular set of selectors.
	SubscribeToCacheChanges(key cache.Selectors) cache.Subscriber

	// SubscribeToSVIDChanges returns a new observer.Stream on which svid.State instances are received
	// each time an SVID rotation finishes.
	SubscribeToSVIDChanges() observer.Stream

	// SubscribeToBundleChanges returns a new bundle stream on which
	// map[string][]*x509.Certificate instances are received each time the
	// bundle changes.
	SubscribeToBundleChanges() *cache.BundleStream

	// GetRotationMtx returns a mutex that locks in SVIDs rotations
	GetRotationMtx() *sync.RWMutex

	// GetCurrentCredentials returns the current SVID and key
	GetCurrentCredentials() svid.State

	// SetRotationFinishedHook sets a hook that will be called when a rotation finished
	SetRotationFinishedHook(func())

	// MatchingIdentities returns all of the cached identities whose
	// registration entry selectors are a subset of the passed selectors.
	MatchingIdentities(selectors []*common.Selector) []cache.Identity

	// FetchWorkloadUpdates gets the latest workload update for the selectors
	FetchWorkloadUpdate(selectors []*common.Selector) *cache.WorkloadUpdate

	// FetchJWTSVID returns a JWT SVID for the specified SPIFFEID and audience. If there
	// is no JWT cached, the manager will get one signed upstream.
	FetchJWTSVID(ctx context.Context, spiffeID spiffeid.ID, audience []string) (*client.JWTSVID, error)

	// CountSVIDs returns the amount of X509 SVIDs on memory
	CountSVIDs() int

	// GetLastSync returns the last successful rotation timestamp
	GetLastSync() time.Time

	// GetBundle get latest cached bundle
	GetBundle() *cache.Bundle
}

Manager provides cache management functionalities for agents.

func New 

func New(c *Config) Manager

New creates a cache manager based on c's configuration

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.