Expand description
§X509Source Module
This module provides a source of X.509 SVIDs and X.509 bundles, backed by a workload API client
that continuously fetches the X.509 context (SVIDs and bundles) behind the scenes.
This ensures that the X509Source is always up to date.
It allows for fetching and managing X.509 SVIDs and bundles, and includes functionality for updating
the context and closing the source. Users can utilize the X509Source to obtain SVIDs and bundles,
listen for updates, and manage the lifecycle of the source.
§Usage
The X509Source can be created and configured to fetch SVIDs and bundles, respond to updates, and
handle closing. It provides a seamless interface for working with X.509 SVIDs and bundles.
§Example
use spiffe::{BundleSource, SvidSource, TrustDomain, X509Source};
let source = X509Source::default().await?;
let svid = source.get_svid()?;
let trust_domain = TrustDomain::new("example.org").unwrap();
let bundle = source
.get_bundle_for_trust_domain(&trust_domain)
.map_err(|e| {
format!(
"Failed to get bundle for trust domain {}: {}",
trust_domain, e
)
})?;
§Error Handling
The X509SourceError enum provides detailed error information, including errors related to GRPC client failures,
lock issues, and other non-specific errors.
§Update Handling
The X509Source provides a method to listen for updates, allowing parts of your system to respond to changes.
The updated method returns a watch::Receiver<()> that can be used to listen for notifications when the X509Source is updated.
§Closing the Source
The close method can be used to close the X509Source, canceling all spawned tasks and stopping updates.
Structs§
- X509
Source - Represents a source of X.509 SVIDs and X.509 bundles.
- X509
Source Builder - Builder for
X509Source.
Enums§
- X509
Source Error - Enumerates errors that can occur within the X509Source.
Traits§
- Svid
Picker SvidPickeris a trait defining the behavior for selecting anX509Svid.