https://github.com/strideynet/spiffe-pinger

Small utility for testing SPIFFE-powered gRPC and mTLS.
https://github.com/strideynet/spiffe-pinger

grpc mtls spiffe

Last synced: 8 months ago
JSON representation

Small utility for testing SPIFFE-powered gRPC and mTLS.

• Host: GitHub
• URL: https://github.com/strideynet/spiffe-pinger
• Owner: strideynet
• License: mit
• Created: 2024-08-30T12:18:42.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2024-08-30T12:50:04.000Z (about 1 year ago)
• Last Synced: 2024-09-29T10:47:22.533Z (about 1 year ago)
• Topics: grpc, mtls, spiffe
• Language: Go
• Homepage:
• Size: 9.77 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# spiffe-pinger

Small utility for testing SPIFFE-powered gRPC and mTLS.

The service:

- Connects to a SPIFFE Workload API to retrieve an X509 SVID

- Spins up a gRPC server that listens on a TCP address, and is protected by TLS

  using the X509 SVID

- Spins up a loop that pings a gRPC server using the X509 SVID as a client

  certificate

It requires three environment variables be set:

- `SPIFFE_ENDPOINT_SOCKET`: The path to the SPIFFE Workload API socket.

- `LISTEN`: The address to listen on for incoming gRPC connections.

- `TARGET`: The address to connect to for outgoing gRPC connections.

Spin up two of these and point them at one another e.g

```shell

SPIFFE_ENDPOINT_SOCKET=unix:///tmp/workload-socket-a.sock LISTEN=127.0.0.1:1338 TARGET=127.0.0.1:1337 go run ./main.go

```

```shell

SPIFFE_ENDPOINT_SOCKET=unix:///tmp/workload-socket-b.sock LISTEN=127.0.0.1:1337 TARGET=127.0.0.1:1338 go run ./main.go

```

The logs will indicate the identity of the service itself, and the identity of

any client which connects to it:

```shell

2024/08/30 13:12:36 INFO Sent message me=spiffe://leaf.tele.ottr.sh/example component=client

2024/08/30 13:12:37 INFO Received request me=spiffe://leaf.tele.ottr.sh/example component=server from=spiffe://spire.tele.ottr.sh/macbook/noah

2024/08/30 13:12:41 INFO Sent message me=spiffe://leaf.tele.ottr.sh/example component=client

2024/08/30 13:12:42 INFO Received request me=spiffe://leaf.tele.ottr.sh/example component=server from=spiffe://spire.tele.ottr.sh/macbook/noah

2024/08/30 13:12:46 INFO Sent message me=spiffe://leaf.tele.ottr.sh/example component=client

2024/08/30 13:12:47 INFO Received request me=spiffe://leaf.tele.ottr.sh/example component=server from=spiffe://spire.tele.ottr.sh/macbook/noah

```