https://github.com/wirepact/k8s-contract-provider

Module for WirePact that continuously fetches all valid contracts for its own trust zone and stores them in a local file or a Kubernetes secret. The contracts are used for mTLS connections between mesh participants.
https://github.com/wirepact/k8s-contract-provider

Last synced: 5 months ago
JSON representation

Module for WirePact that continuously fetches all valid contracts for its own trust zone and stores them in a local file or a Kubernetes secret. The contracts are used for mTLS connections between mesh participants.

• Host: GitHub
• URL: https://github.com/wirepact/k8s-contract-provider
• Owner: WirePact
• License: apache-2.0
• Created: 2022-06-13T12:50:14.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2024-05-23T01:10:06.000Z (about 2 years ago)
• Last Synced: 2024-05-23T03:04:30.905Z (about 2 years ago)
• Language: Rust
• Size: 55.7 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# WirePact Contract Provider

The contract provider is a module for WirePact that continuously fetches the involved contracts of the

"main" PKI. The fetched contracts contain public certificates of all participating parties and can

be used to verify mTLS certificates of off-site services.

## Configuration

The provider can be configured via environment variables or command line arguments.

- `STORAGE` (`-s | --storage `): The storage adapter to use (defaults to `local`)

  (possible values: `local`, `kubernetes`)

- `SECRET_NAME` (`--secret-name `): The name of the Kubernetes secret to use

  (defaults to `wirepact-contracts`)

- `COMMON_NAME` (`--common-name `): Defines the common name for the own private certificate

  (defaults to `wirepact-contract-provider`)

- `PKI_ADDRESS` (`--pki-address `): The URL of the "main" PKI for this participant

- `PKI_API_KEY` (`--pki-api-key `): The API key to authorize calls against the PKI (optional)

- `REPO_ADDRESS` (`--repo-address `): The URL of the WirePact contract repository

- `REPO_API_KEY` (`--repo-api-key `): The API key to authorize calls against the contract repository (optional)

- `FETCH_INTERVAL` (`--fetch-interval `): The fetch interval to use, if omitted, the

  provider will fetch everything just once and terminate afterwards.

  Refer to the [Units Section](https://docs.rs/parse_duration/latest/parse_duration/#units) of the

  `parse_duration` crate for the possible units.

  This defaults to `5min` in the Docker image.

- `DEBUG` (`-d | --debug`): Enables debug logging (defaults to `false`)