Skip to content

Commit

Permalink
Adds support for X509 and JWT specific SVID TTLs
Browse files Browse the repository at this point in the history 
This change is in reference to a new SPIRE feature discussed in spiffe/spire#2700

Signed-off-by: Dennis Gove <[email protected]>
  • Loading branch information
@dennisgove @azdagron
dennisgove authored and azdagron committed Sep 21, 2022
1 parent fa0b17c commit 3c5e450
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 27 deletions.
99 changes: 72 additions & 27 deletions proto/spire/api/types/entry.pb.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions proto/spire/api/types/entry.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,12 @@ message Entry {

// Determines if the issued identity is exportable to a store
bool store_svid = 12;

// The time to live for X509-SVID identities issued for this entry (in seconds), overrides ttl if set.
int32 x509_svid_ttl = 13;

// The time to live for JWT-SVID identities issued for this entry (in seconds), overrides ttl if set.
int32 jwt_svid_ttl = 14;
}

// Field mask for Entry fields
Expand Down Expand Up @@ -89,4 +95,10 @@ message EntryMask {

// store_svid field mask
bool store_svid = 12;

// x509_svid_ttl field mask
bool x509_svid_ttl = 13;

// jwt_svid_ttl field mask
bool jwt_svid_ttl = 14;
}

0 comments on commit 3c5e450

Please sign in to comment.