SPIKE Go SDK

This library is a convenient Go library for working with SPIKE.

It leverages the SPIFFE Workload API, providing high level functionality that includes:

• Establishing mutually authenticated TLS (mTLS) between workloads powered by SPIFFE.
• Abstracting SPIKE REST API calls.

Documentation

See the Go Package documentation.

Quick Start

Prerequisites:

1. Running SPIRE or another SPIFFE Workload API implementation.
2. SPIFFE_ENDPOINT_SOCKET environment variable set to address of the Workload API (e.g. unix:///tmp/agent.sock).

Usage Example

package main

import (
	"fmt"

	spike "github.com/spiffe/spike-sdk-go/api"
)

func main() {
	api := spike.New() // Use the default Workload API Socket
	defer api.Close()  // Close the connection when done

	path := "/tenants/demo/db/creds"

	// Create a Secret
	err := api.PutSecret(path, map[string]string{
		"username": "SPIKE",
		"password": "SPIKE_Rocks",
	})
	if err != nil {
		fmt.Println("Error writing secret:", err.Error())
		return
	}

	// Read the Secret
	secret, err := api.GetSecret(path)
	if err != nil {
		fmt.Println("Error reading secret:", err.Error())
		return
	}

	if secret == nil {
		fmt.Println("Secret not found.")
		return
	}

	fmt.Println("Secret found:")

	data := secret.Data
	for k, v := range data {
		fmt.Printf("%s: %s\n", k, v)
	}
}

A Note on Security

We take SPIKE's security seriously. If you believe you have found a vulnerability, please responsibily disclose it to [email protected].

See SECURITY.md for additional details.

Community

Open Source is better together.

If you are a security enthusiast, join SPIFFE's Slack Workspace and let us change the world together 🤘.

Contributing

To contribute to SPIKE, follow the contributing guidelines to get started.

Use GitHub issues to request features or file bugs.

Communications

• SPIFFE Slack is where the community hangs out.
• Send comments and suggestions to [email protected].

License

Mozilla Public License v2.0.