Skip to content

Commit

Permalink
Getting svid
Browse files Browse the repository at this point in the history 
Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com>
  • Loading branch information
@PrimalPimmy
PrimalPimmy committed Jul 18, 2024
1 parent 388f9bb commit 3a2ce0a
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 0 deletions.
14 changes: 14 additions & 0 deletions controllers/pkg/reconcilers/spire-bootstrap/reconciler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ package spirebootstrap
import (
"context"
"encoding/base64"
"flag"
"fmt"
"strings"
"time"
Expand All @@ -27,6 +28,7 @@ import (
reconcilerinterface "github.com/nephio-project/nephio/controllers/pkg/reconcilers/reconciler-interface"
"github.com/nephio-project/nephio/controllers/pkg/resource"
vaultClient "github.com/nephio-project/nephio/controllers/pkg/vault-client"
"github.com/spiffe/go-spiffe/v2/workloadapi"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/types"
"k8s.io/client-go/kubernetes"
Expand Down Expand Up @@ -128,6 +130,18 @@ func (r *reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu

vaultAddr := "http://10.146.0.21:8200"

workloadAPIAddr := flag.String("workload-api-addr", "", "Workload API Address")
flag.Parse()

var opts []workloadapi.ClientOption
if *workloadAPIAddr != "" {
opts = append(opts, workloadapi.WithAddr(*workloadAPIAddr))
}

fmt.Println("Watching...")
err = workloadapi.WatchX509Context(context.Background(), resource.Watcher{}, opts...)
log.Error(err, "Error: ")

jwtSVID, err := resource.GetJWT(ctx)
if err != nil {
log.Error(err, "Unable to get jwtSVID")
Expand Down
18 changes: 18 additions & 0 deletions controllers/pkg/resource/workloadapi.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,3 +40,21 @@ func GetJWT(ctx context.Context) (*jwtsvid.SVID, error) {

return jwtSVID, err
}

type Watcher struct{}

func (Watcher) OnX509ContextUpdate(x509Context *workloadapi.X509Context) {
fmt.Println("Update:")
fmt.Println(" SVIDs:")
for _, svid := range x509Context.SVIDs {
fmt.Printf(" %s\n", svid.ID)
}
fmt.Println(" Bundles:")
for _, bundle := range x509Context.Bundles.Bundles() {
fmt.Printf(" %s (%d authorities)\n", bundle.TrustDomain(), len(bundle.X509Authorities()))
}
}

func (Watcher) OnX509ContextWatchError(err error) {
fmt.Println("Error:", err)
}

0 comments on commit 3a2ce0a

Please sign in to comment.