Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var (
ErrUnableToGetStream = errors.New("unable to get a stream")
)
Functions ¶
func DialServer ¶
func DialServer(ctx context.Context, config DialServerConfig) (*grpc.ClientConn, error)
Types ¶
type Client ¶
type Client interface {
FetchUpdates(ctx context.Context) (*Update, error)
RenewSVID(ctx context.Context, csr []byte) (*X509SVID, error)
NewX509SVIDs(ctx context.Context, csrs map[string][]byte) (map[string]*X509SVID, error)
NewJWTSVID(ctx context.Context, entryID string, audience []string) (*JWTSVID, error)
// Release releases any resources that were held by this Client, if any.
Release()
}
type Config ¶
type Config struct {
Addr string
Log logrus.FieldLogger
TrustDomain spiffeid.TrustDomain
// KeysAndBundle is a callback that must return the keys and bundle used by the client
// to connect via mTLS to Addr.
KeysAndBundle func() ([]*x509.Certificate, crypto.Signer, []*x509.Certificate)
// RotMtx is used to prevent the creation of new connections during SVID rotations
RotMtx *sync.RWMutex
}
Config holds a client configuration
type DialServerConfig ¶
type DialServerConfig struct {
// Address is the SPIRE server address
Address string
TrustDomain spiffeid.TrustDomain
// GetBundle is a required callback that returns the current trust bundle
// for used to authenticate the server certificate.
GetBundle func() []*x509.Certificate
// GetAgentCertificate is an optional callback used to return the agent
// certificate to present to the server during the TLS handshake.
GetAgentCertificate func() *tls.Certificate
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.