Documentation
¶
Index ¶
- func AttestedNodeToProto(node *common.AttestedNode, selectors []*types.Selector) (*types.Agent, error)
- func BundleToProto(b *common.Bundle) (*types.Bundle, error)
- func CertificatesToProto(rootCas []*common.Certificate) []*types.X509Certificate
- func CreateStatus(code codes.Code, format string, a ...interface{}) *types.Status
- func FederationRelationshipToProto(f *datastore.FederationRelationship, mask *types.FederationRelationshipMask) (*types.FederationRelationship, error)
- func FieldsFromBundleProto(proto *types.Bundle, inputMask *types.BundleMask) logrus.Fields
- func FieldsFromJwtAuthoritiesProto(jwtAuthorities []*types.JWTKey) logrus.Fields
- func FieldsFromX509AuthoritiesProto(x509Authorities []*types.X509Certificate) logrus.Fields
- func HashByte(b []byte) string
- func IDFromProto(ctx context.Context, protoID *types.SPIFFEID) (spiffeid.ID, error)
- func MakeErr(log logrus.FieldLogger, code codes.Code, msg string, err error) error
- func MakeStatus(log logrus.FieldLogger, code codes.Code, msg string, err error) *types.Status
- func OK() *types.Status
- func ParseJWTAuthorities(keys []*types.JWTKey) ([]*common.PublicKey, error)
- func ParseX509Authorities(certs []*types.X509Certificate) ([]*common.Certificate, error)
- func ProtoFromAttestedNode(n *common.AttestedNode) (*types.Agent, error)
- func ProtoFromID(id spiffeid.ID) *types.SPIFFEID
- func ProtoFromSelectors(in []*common.Selector) []*types.Selector
- func ProtoToBundle(b *types.Bundle) (*common.Bundle, error)
- func ProtoToBundleMask(mask *types.BundleMask) *common.BundleMask
- func ProtoToFederationRelationship(f *types.FederationRelationship) (*datastore.FederationRelationship, error)
- func ProtoToFederationRelationshipWithMask(f *types.FederationRelationship, mask *types.FederationRelationshipMask) (*datastore.FederationRelationship, error)
- func ProtoToRegistrationEntry(ctx context.Context, td spiffeid.TrustDomain, e *types.Entry) (*common.RegistrationEntry, error)
- func ProtoToRegistrationEntryWithMask(ctx context.Context, td spiffeid.TrustDomain, e *types.Entry, ...) (_ *common.RegistrationEntry, err error)
- func PublicKeysToProto(keys []*common.PublicKey) []*types.JWTKey
- func RegistrationEntriesToProto(es []*common.RegistrationEntry) ([]*types.Entry, error)
- func RegistrationEntryToProto(e *common.RegistrationEntry) (*types.Entry, error)
- func SelectorFieldFromProto(proto []*types.Selector) string
- func SelectorsFromProto(proto []*types.Selector) ([]*common.Selector, error)
- func TrustDomainAgentIDFromProto(ctx context.Context, td spiffeid.TrustDomain, protoID *types.SPIFFEID) (spiffeid.ID, error)
- func TrustDomainMemberIDFromProto(ctx context.Context, td spiffeid.TrustDomain, protoID *types.SPIFFEID) (spiffeid.ID, error)
- func TrustDomainWorkloadIDFromProto(ctx context.Context, td spiffeid.TrustDomain, protoID *types.SPIFFEID) (spiffeid.ID, error)
- func VerifyTrustDomainAgentID(td spiffeid.TrustDomain, id spiffeid.ID) error
- func VerifyTrustDomainAgentIDForNodeAttestor(td spiffeid.TrustDomain, id spiffeid.ID, nodeAttestorName string) error
- func VerifyTrustDomainMemberID(td spiffeid.TrustDomain, id spiffeid.ID) error
- func VerifyTrustDomainWorkloadID(td spiffeid.TrustDomain, id spiffeid.ID) error
- type AuthorizedEntryFetcher
- type AuthorizedEntryFetcherFunc
- type RateLimiter
- type RateLimiterFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AttestedNodeToProto ¶
func AttestedNodeToProto(node *common.AttestedNode, selectors []*types.Selector) (*types.Agent, error)
AttestedNodeToProto converts an agent from the given *common.AttestedNode with the provided selectors to *types.Agent
func CertificatesToProto ¶
func CertificatesToProto(rootCas []*common.Certificate) []*types.X509Certificate
func CreateStatus ¶
CreateStatus creates a proto Status
func FederationRelationshipToProto ¶
func FederationRelationshipToProto(f *datastore.FederationRelationship, mask *types.FederationRelationshipMask) (*types.FederationRelationship, error)
FederationRelationshipToProto converts datastore federation relationship to types proto
func FieldsFromBundleProto ¶
func FieldsFromX509AuthoritiesProto ¶
func FieldsFromX509AuthoritiesProto(x509Authorities []*types.X509Certificate) logrus.Fields
func IDFromProto ¶
IDFromProto converts a SPIFFEID message into an ID type
func MakeErr ¶
MakeErr logs and returns an error composed of: msg, err and code. Errors are treated differently according to its gRPC code.
func MakeStatus ¶
MakeStatus logs and returns a status composed of: msg, err and code. Errors are treated differently according to its gRPC code.
func ParseJWTAuthorities ¶
func ParseX509Authorities ¶
func ParseX509Authorities(certs []*types.X509Certificate) ([]*common.Certificate, error)
func ProtoFromAttestedNode ¶
func ProtoFromAttestedNode(n *common.AttestedNode) (*types.Agent, error)
func ProtoFromID ¶
ProtoFromID converts a SPIFFE ID from the given spiffeid.ID to types.SPIFFEID
func ProtoToBundleMask ¶
func ProtoToBundleMask(mask *types.BundleMask) *common.BundleMask
func ProtoToFederationRelationship ¶
func ProtoToFederationRelationship(f *types.FederationRelationship) (*datastore.FederationRelationship, error)
ProtoToFederationRelationship convert and validate proto to datastore federated relationship
func ProtoToFederationRelationshipWithMask ¶
func ProtoToFederationRelationshipWithMask(f *types.FederationRelationship, mask *types.FederationRelationshipMask) (*datastore.FederationRelationship, error)
ProtoToFederationRelationshipWithMask convert and validate proto to datastore federated relationship, and apply mask
func ProtoToRegistrationEntry ¶
func ProtoToRegistrationEntry(ctx context.Context, td spiffeid.TrustDomain, e *types.Entry) (*common.RegistrationEntry, error)
ProtoToRegistrationEntry converts and validate entry into common registration entry
func ProtoToRegistrationEntryWithMask ¶
func ProtoToRegistrationEntryWithMask(ctx context.Context, td spiffeid.TrustDomain, e *types.Entry, mask *types.EntryMask) (_ *common.RegistrationEntry, err error)
ProtoToRegistrationEntryWithMask converts and validate entry into common registration entry, while allowing empty values for SpiffeId, ParentId, and Selectors IF their corresponding values in the mask are false. This allows the user to not specify these fields while updating using a mask. All other fields are allowed to be empty (with or without a mask).
func RegistrationEntriesToProto ¶
func RegistrationEntriesToProto(es []*common.RegistrationEntry) ([]*types.Entry, error)
RegistrationEntriesToProto converts RegistrationEntry's into Entry's
func RegistrationEntryToProto ¶
func RegistrationEntryToProto(e *common.RegistrationEntry) (*types.Entry, error)
RegistrationEntryToProto converts RegistrationEntry into types Entry
func SelectorFieldFromProto ¶
func SelectorsFromProto ¶
SelectorsFromProto converts a slice of types.Selector to a slice of common.Selector
func VerifyTrustDomainAgentID ¶
func VerifyTrustDomainAgentID(td spiffeid.TrustDomain, id spiffeid.ID) error
func VerifyTrustDomainMemberID ¶
func VerifyTrustDomainMemberID(td spiffeid.TrustDomain, id spiffeid.ID) error
func VerifyTrustDomainWorkloadID ¶
func VerifyTrustDomainWorkloadID(td spiffeid.TrustDomain, id spiffeid.ID) error
Types ¶
type AuthorizedEntryFetcher ¶
type AuthorizedEntryFetcher interface {
// FetchAuthorizedEntries fetches the entries that the specified
// SPIFFE ID is authorized for
FetchAuthorizedEntries(ctx context.Context, id spiffeid.ID) ([]*types.Entry, error)
}
AuthorizedEntryFetcher is the interface to fetch authorized entries
type AuthorizedEntryFetcherFunc ¶
AuthorizedEntryFetcherFunc is an implementation of AuthorizedEntryFetcher using a function.
func (AuthorizedEntryFetcherFunc) FetchAuthorizedEntries ¶
func (fn AuthorizedEntryFetcherFunc) FetchAuthorizedEntries(ctx context.Context, id spiffeid.ID) ([]*types.Entry, error)
FetchAuthorizedEntries fetches the entries that the specified SPIFFE ID is authorized for
type RateLimiter ¶
type RateLimiter = api.RateLimiter
type RateLimiterFunc ¶
type RateLimiterFunc = api.RateLimiterFunc
Source Files
Directories