This library is a convenient Go library for working with SPIKE.
It leverages the SPIFFE Workload API, providing high level functionality that includes:
- Establishing mutually authenticated TLS (mTLS) between workloads powered by SPIFFE.
- Abstracting SPIKE REST API calls.
See the Go Package documentation.
Prerequisites:
- Running SPIRE or another SPIFFE Workload API implementation.
SPIFFE_ENDPOINT_SOCKET
environment variable set to address of the Workload API (e.g.unix:///tmp/agent.sock
).
package main
import (
"fmt"
spike "github.com/spiffe/spike-sdk-go/api"
)
func main() {
api := spike.New() // Use the default Workload API Socket
defer api.Close() // Close the connection when done
path := "/tenants/demo/db/creds"
// Create a Secret
err := api.PutSecret(path, map[string]string{
"username": "SPIKE",
"password": "SPIKE_Rocks",
})
if err != nil {
fmt.Println("Error writing secret:", err.Error())
return
}
// Read the Secret
secret, err := api.GetSecret(path)
if err != nil {
fmt.Println("Error reading secret:", err.Error())
return
}
if secret == nil {
fmt.Println("Secret not found.")
return
}
fmt.Println("Secret found:")
data := secret.Data
for k, v := range data {
fmt.Printf("%s: %s\n", k, v)
}
}
We take SPIKE's security seriously. If you believe you have found a vulnerability, please responsibily disclose it to [email protected].
See SECURITY.md for additional details.
Open Source is better together.
If you are a security enthusiast, join SPIFFE's Slack Workspace and let us change the world together 🤘.
To contribute to SPIKE, follow the contributing guidelines to get started.
Use GitHub issues to request features or file bugs.