-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make local spire more configurable #1274
Make local spire more configurable #1274
Conversation
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Others things are good. Please focus on non breaking changes
pkg/tools/spire/options.go
Outdated
@@ -49,11 +53,33 @@ func WithAgentID(agentID string) Option { | |||
} | |||
|
|||
// WithEntry - Option to add Entry to spire-server. May be used multiple times. | |||
func WithEntry(spiffeID, selector string) Option { | |||
func WithEntry(spiffeID, selector, federatesWith string) Option { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could break all cmd apps. Please consider about adding a new option WitthFederatesEntry
or something like that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
func AddEntry(ctx context.Context, parentID, spiffeID, selector string) error { | ||
cmdStr := "spire-server entry create -parentID %s -spiffeID %s -selector %s -socketPath %s/api.sock" | ||
cmdStr = fmt.Sprintf(cmdStr, parentID, spiffeID, selector, spireRoot) | ||
func AddEntry(ctx context.Context, parentID, spiffeID, selector, federatesWith string) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it using by docker tests in current apps?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes it is used
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we save backward compativlity?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I misunderstood you. AddEntry
- is not used directly in apps. Currently, we only use WithEntry
option for this purpose.
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
…k@main PR link: networkservicemesh/sdk#1274 Commit: 3a426c3 Author: Artem Glazychev Date: 2022-05-06 21:16:07 +0700 Message: - Make local spire more configurable (#1274) * Make local spire more configurable Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> * Add federated entry separately Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
Signed-off-by: Artem Glazychev artem.glazychev@xored.com
Description
With this PR we can customize the spire configuration.
Main things that have been added:
Issue link
networkservicemesh/cmd-nse-simple-vl3-docker#1
How Has This Been Tested?
Types of changes