Skip to content
This repository was archived by the owner on Sep 22, 2024. It is now read-only.

Commit f34c543

Browse files
author
Christoph Bühler
committed
docs: readme
1 parent ec9523d commit f34c543

File tree

2 files changed

+27
-3
lines changed

2 files changed

+27
-3
lines changed

README.md

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,26 @@
1-
# k8s-contract-provider
2-
Module for WirePact that continuously fetches all valid contracts for its own trust zone and stores them in a local file or a Kubernetes secret. The contracts are used for mTLS connections between mesh participants.
1+
# WirePact Contract Provider
2+
3+
The contract provider is a module for WirePact that continuously fetches the involved contracts of the
4+
"main" PKI. The fetched contracts contain public certificates of all participating parties and can
5+
be used to verify mTLS certificates of off-site services.
6+
7+
## Configuration
8+
9+
The provider can be configured via environment variables or command line arguments.
10+
11+
- `STORAGE` (`-s | --storage <STORAGE>`): The storage adapter to use (defaults to `local`)
12+
(possible values: `local`, `kubernetes`)
13+
- `SECRET_NAME` (`--secret-name <NAME>`): The name of the Kubernetes secret to use
14+
(defaults to `wirepact-contracts`)
15+
- `COMMON_NAME` (`--common-name <NAME>`): Defines the common name for the own private certificate
16+
(defaults to `wirepact-contract-provider`)
17+
- `PKI_ADDRESS` (`--pki-address <URL>`): The URL of the "main" PKI for this participant
18+
- `PKI_API_KEY` (`--pki-api-key <KEY>`): The API key to authorize calls against the PKI (optional)
19+
- `REPO_ADDRESS` (`--repo-address <URL>`): The URL of the WirePact contract repository
20+
- `REPO_API_KEY` (`--repo-api-key <KEY>`): The API key to authorize calls against the contract repository (optional)
21+
- `FETCH_INTERVAL` (`--fetch-interval <INTERVAL>`): The fetch interval to use, if omitted, the
22+
provider will fetch everything just once and terminate afterwards.
23+
Refer to the [Units Section](https://docs.rs/parse_duration/latest/parse_duration/#units) of the
24+
`parse_duration` crate for the possible units.
25+
This defaults to `5min` in the Docker image.
26+
- `DEBUG` (`-d | --debug`): Enables debug logging (defaults to `false`)

src/main.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ struct Cli {
3838
#[clap(arg_enum, short, long, env, default_value = "local")]
3939
storage: StorageAdapter,
4040

41-
/// Then name for the Kubernetes secret in case of kubernetes storage adapter.
41+
/// The name for the Kubernetes secret in case of kubernetes storage adapter.
4242
/// This secret contains three data entries:
4343
///
4444
/// - `ca`: the public certificate of the "main" PKI

0 commit comments

Comments
 (0)