SPIRE(the SPIFFE Runtime Environment) is a tool-chain for establishing trust between software systems across a wide variety of hosting platforms.
The configuration files included in this release are intended for evaluation purposes only and are NOT production ready.
One can find additional example configurations for SPIRE here.
This repository builds the published releases from SPIRE into OS distributable packages.
The spire configuration files are installed under /var/lib/spire.
When writing the configuration file, the join token should be specified as:
agent {
join_token = "$join_token"
}The spire startup script will read the token from the
environment variable join_token. This environment
variable is set by systemd reading
/root/spire/conf/join_token before calling spire-client.
The format of the join_token file is:
join_token=<token from spire-server>This repository uses git-vendoring for managing spire.
git vendor listspire@v1.6.1:
name: spire
dir: vendor/github.com/spiffe/spire
repo: git@github.com:spiffe/spire.git
ref: v1.6.1
commit: 89dd75c44da94cf6d319e2ca563172a68d0737f2Updating spire can be done by updating the vendor directory against a git-tag. Do not update vendoring against a branch, choose a stable release of spire in the form of a git-tag.
git vendor update spire v1.6.1The RPM version keys off of the ref in git vendor list, the ref will only show a git-tag when vendoring is
updated against a git-tag.