{"id":13668684,"url":"https://github.com/spiffe/go-spiffe","last_synced_at":"2025-05-14T13:07:44.802Z","repository":{"id":23486709,"uuid":"90563651","full_name":"spiffe/go-spiffe","owner":"spiffe","description":"Golang library for SPIFFE support","archived":false,"fork":false,"pushed_at":"2025-05-08T13:47:49.000Z","size":653,"stargazers_count":162,"open_issues_count":10,"forks_count":80,"subscribers_count":20,"default_branch":"main","last_synced_at":"2025-05-12T23:39:00.419Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/spiffe.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-05-07T21:42:11.000Z","updated_at":"2025-05-08T13:47:51.000Z","dependencies_parsed_at":"2023-02-17T06:31:13.399Z","dependency_job_id":"b7f8e00e-0b32-4645-8429-e0ce8652b39d","html_url":"https://github.com/spiffe/go-spiffe","commit_stats":{"total_commits":209,"total_committers":46,"mean_commits":4.543478260869565,"dds":0.8516746411483254,"last_synced_commit":"87cfecf6c092ad3c94862bf21c34bf72074d118a"},"previous_names":[],"tags_count":32,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spiffe%2Fgo-spiffe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spiffe%2Fgo-spiffe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spiffe%2Fgo-spiffe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spiffe%2Fgo-spiffe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/spiffe","download_url":"https://codeload.github.com/spiffe/go-spiffe/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254149958,"owners_count":22022851,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T08:00:46.738Z","updated_at":"2025-05-14T13:07:39.789Z","avatar_url":"https://github.com/spiffe.png","language":"Go","funding_links":[],"categories":["Blogs","SPIFFE Libraries","Go"],"sub_categories":["SDK"],"readme":"#  go-spiffe (v2)\n\nThis library is a convenient Go library for working with [SPIFFE](https://spiffe.io/).\n\nIt leverages the [SPIFFE Workload API](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE_Workload_API.md), providing high level functionality that includes:\n* Establishing mutually authenticated TLS (__mTLS__) between workloads powered by SPIFFE.\n* Obtaining and validating [X509-SVIDs](https://github.com/spiffe/spiffe/blob/main/standards/X509-SVID.md) and [JWT-SVIDs](https://github.com/spiffe/spiffe/blob/main/standards/JWT-SVID.md).\n* Federating trust between trust domains using [SPIFFE bundles](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE_Trust_Domain_and_Bundle.md#3-spiffe-bundles).\n* Bundle management.\n\n## Documentation\n\nSee the [Go Package](https://pkg.go.dev/github.com/spiffe/go-spiffe/v2) documentation.\n\n## Quick Start\n\nPrerequisites:\n1. Running [SPIRE](https://spiffe.io/spire/) or another SPIFFE Workload API\n   implementation.\n2. `SPIFFE_ENDPOINT_SOCKET` environment variable set to address of the Workload\n   API (e.g. `unix:///tmp/agent.sock`). Alternatively the socket address can be\n   provided programatically.\n\nTo create an mTLS server:\n\n```go\nlistener, err := spiffetls.Listen(ctx, \"tcp\", \"127.0.0.1:8443\", tlsconfig.AuthorizeAny())\n```\n\nTo dial an mTLS server:\n\n```go\nconn, err := spiffetls.Dial(ctx, \"tcp\", \"127.0.0.1:8443\", tlsconfig.AuthorizeAny())\n```\n\nThe client and server obtain\n[X509-SVIDs](https://github.com/spiffe/spiffe/blob/main/standards/X509-SVID.md)\nand X.509 bundles from the [SPIFFE Workload\nAPI](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE_Workload_API.md).\nThe X509-SVIDs are presented by each peer and authenticated against the X.509\nbundles. Both sides continue to be updated with X509-SVIDs and X.509 bundles\nstreamed from the Workload API (e.g. secret rotation).\n\n## Examples\n\nThe [examples](./v2/examples) directory contains rich examples for a variety of circumstances.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspiffe%2Fgo-spiffe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspiffe%2Fgo-spiffe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspiffe%2Fgo-spiffe/lists"}