Back to godoc.org

Package secretsproxy

v10.286.1+incompatible
Latest Go to latest

The latest major version is .

Published: Jul 8, 2020 | License: Apache-2.0 | Module: go.aporeto.io/trireme-lib

Index

func ValidateOriginProcess

func ValidateOriginProcess(pid string) (string, error)

ValidateOriginProcess implements a strict validation of the origin process. We might add later.

type GenericSecretsDriver

type GenericSecretsDriver struct {
	// contains filtered or unexported fields
}

GenericSecretsDriver holds the configuration information for the driver and implements the SecretsDriver interface.

func (*GenericSecretsDriver) Transform

func (k *GenericSecretsDriver) Transform(r *http.Request) error

Transform transforms the request of the SecretsDriver

func (*GenericSecretsDriver) Transport

func (k *GenericSecretsDriver) Transport() http.RoundTripper

Transport implements the transport interface of the SecretsDriver.

type SecretsDriver

type SecretsDriver interface {
	Transport() http.RoundTripper
	Transform(r *http.Request) error
}

SecretsDriver is a generic interface that the secrets driver must implement.

func NewGenericSecretsDriver

func NewGenericSecretsDriver(ca []byte, token string, network *common.Service) (SecretsDriver, error)

NewGenericSecretsDriver creates a new Kubernetes Secrets Driver. It always uses the incluster config to automatically derive all the necessary values.

type SecretsProxy

type SecretsProxy struct {
	sync.Mutex
	// contains filtered or unexported fields
}

SecretsProxy holds all state information for applying policy in the secrets socket API.

func NewSecretsProxy

func NewSecretsProxy() *SecretsProxy

NewSecretsProxy creates a new secrets proxy.

func (*SecretsProxy) Enforce

func (s *SecretsProxy) Enforce(puInfo *policy.PUInfo) error

Enforce implements the corresponding interface of enforcers.

func (*SecretsProxy) GetFilterQueue

func (s *SecretsProxy) GetFilterQueue() *fqconfig.FilterQueue

GetFilterQueue is a stub for TCP proxy

func (*SecretsProxy) Run

func (s *SecretsProxy) Run(ctx context.Context) error

Run implements the run method of the CtrlInterface. It starts the proxy server and initializes the data structures.

func (*SecretsProxy) Unenforce

func (s *SecretsProxy) Unenforce(contextID string) error

Unenforce implements the corresponding interface of the enforcers.

func (*SecretsProxy) UpdateSecrets

func (s *SecretsProxy) UpdateSecrets(secret secrets.Secrets) error

UpdateSecrets updates the secrets of running enforcers managed by trireme. Remote enforcers will get the secret updates with the next policy push.

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier