tls

package

v1.2.2 Latest Latest Go to latest Published: Feb 21, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/shipperizer/kilo-franz

Links

Open Source Insights

Documentation ¶

Index ¶

func DecodeP12(p12 []byte) ([]byte, []byte, error)
func DecodePEM(certPEM []byte) tls.Certificate
func GetSMValue(ctx context.Context, secretsManager SecretsManagerAPI, key string) ([]byte, error)
func GetTLS(cfg TLSConfig) (*tls.Config, error)
func MakeTLS(clientCert, key []byte, isP12 bool) (*tls.Config, error)
type SecretManagerConfig
- func NewSecretManagerConfig(cert, key, p12 string, vault VaultInterface) *SecretManagerConfig
type SecretsManagerAPI
- func SMClient(region, endpoint string) (SecretsManagerAPI, error)
type TLSConfig
- func NewTLSConfig(cert, key []byte, useTLS, useP12 bool, secretsConfig *SecretManagerConfig, ...) *TLSConfig
- func (c *TLSConfig) GetTLS() (*_tls.Config, error)
type VaultInterface

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DecodeP12 ¶ added in v1.2.0

func DecodeP12(p12 []byte) ([]byte, []byte, error)

func DecodePEM ¶

func DecodePEM(certPEM []byte) tls.Certificate

DecodePEM builds a PEM certificate object

func GetSMValue ¶

func GetSMValue(ctx context.Context, secretsManager SecretsManagerAPI, key string) ([]byte, error)

TODO @shipperizer mvoe this to be a method and enhance the SecretsManagerAPI or split it and wrap it

func GetTLS ¶

func GetTLS(cfg TLSConfig) (*tls.Config, error)

GetTLS produces a TLS object to be used by kafka consumer/producer

func MakeTLS ¶

func MakeTLS(clientCert, key []byte, isP12 bool) (*tls.Config, error)

MakeTLS generates a tls.Config, kindly stolen from https://github.com/discovery-digital/entitlements-collection/blob/master/kafkaclient/client.go#L230

Types ¶

type SecretManagerConfig ¶

type SecretManagerConfig struct {
	CertificateString string
	KeyString         string
	P12String         string
	SMClient          SecretsManagerAPI // TODO @shipperizer deprecate in favour of the one below
	Vault             VaultInterface
}

func NewSecretManagerConfig ¶ added in v1.2.0

func NewSecretManagerConfig(cert, key, p12 string, vault VaultInterface) *SecretManagerConfig

type SecretsManagerAPI ¶

type SecretsManagerAPI interface {
	GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetSecretValueOutput, error)
}

SecretsManagerAPI interface for AWS Secrets Manager Client.

func SMClient ¶

func SMClient(region, endpoint string) (SecretsManagerAPI, error)

SMClient returns SecretsManagerAPI interface that implements secretsmanager.Client. `endpoint` arg can be used when developing locally.

type TLSConfig ¶

type TLSConfig struct {
	UseTLS                  bool
	UseP12                  bool
	SMConfig                *SecretManagerConfig
	ClientSignedCertificate []byte
	ClientKey               []byte
	// contains filtered or unexported fields
}

TLSConfig holds core configuration to setup TLS for kafka

func NewTLSConfig ¶ added in v1.2.0

func NewTLSConfig(cert, key []byte, useTLS, useP12 bool, secretsConfig *SecretManagerConfig, logger logging.LoggerInterface) *TLSConfig

func (*TLSConfig) GetTLS ¶ added in v1.2.0

func (c *TLSConfig) GetTLS() (*_tls.Config, error)

type VaultInterface ¶ added in v1.2.0

type VaultInterface interface {
	GetValue(ctx context.Context, key string) ([]byte, error)
}

VaultInterface provides method(s) to fetch secrets

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL