pub trait InternalSandboxTokenService {
// Required method
fn issue_sandbox_token(
&self,
request: IssueSandboxTokenRequest,
shared_secret: String,
) -> Result<IssueSandboxTokenResponse, Error>;
}Expand description
Cluster-internal endpoint that mints short-lived access tokens for a preconfigured sandbox workspace + sandbox user. The intended caller is an in-cluster integration test Job; access is gated by a shared-secret header and a NetworkPolicy that restricts the source pods.
This service must not be exposed via the public ingress.
Required Methods§
Sourcefn issue_sandbox_token(
&self,
request: IssueSandboxTokenRequest,
shared_secret: String,
) -> Result<IssueSandboxTokenResponse, Error>
fn issue_sandbox_token( &self, request: IssueSandboxTokenRequest, shared_secret: String, ) -> Result<IssueSandboxTokenResponse, Error>
Issue a Nominal-signed bearer token bound to the configured sandbox user + org. The TTL is capped at 1 hour server-side regardless of the requested value. The shared-secret header must match the value configured on gatekeeper or the call is rejected.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".