]> go.fuhry.dev Git - runtime.git/commit
projects / runtime.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 27e89f2) | patch
[mtls] support configs for different environments, embed default configs
authorDan Fuhry <dan@fuhry.com>
Sun, 15 Mar 2026 00:04:24 +0000 (20:04 -0400)
committerDan Fuhry <dan@fuhry.com>
Sun, 15 Mar 2026 01:17:54 +0000 (21:17 -0400)
commit61929de458bb3568312c0c95bad1126d9c5013b4
treec10f78a833a5335eafb2d867e12d9cc89aaf9d1ftree | snapshot (tar.gz zip)
parent27e89f2291f43c0a0a4726e3215bd3ab84878a5bcommit | diff
[mtls] support configs for different environments, embed default configs

- Only try the identity drivers and paths listed in the config
- Use different default config based on environment heuristics
- Remove all hardcoded file paths, make file provider paths fully configurable

Supporting changes:
- Make IdentityLoaderFunc public
- Rename type: `IdentityClass` -> `VerifyMatchBy`
12 files changed:
cmd/echo_client/main.go diff | blob | history
mtls/BUILD.bazel diff | blob | history
mtls/config.go [new file with mode: 0644] blob
mtls/configs/prod.yaml [new file with mode: 0644] blob
mtls/configs/user.yaml [new file with mode: 0644] blob
mtls/identity.go diff | blob | history
mtls/lazy_identity.go diff | blob | history
mtls/provider_file.go diff | blob | history
mtls/provider_keychain_macos.go diff | blob | history
mtls/provider_tpm2_pkcs11.go diff | blob | history
mtls/verify_names.go diff | blob | history
mtls/verify_roots.go diff | blob | history