Documentation ¶
Overview ¶
Package credentials provides primitives for working with Porter credential sets, usually refered to as "credentials" as a shorthand.
Credential Sets define mappings from a credential needed by a bundle to where to look for it when the bundle is run. For example: Bundle needs Azure storage connection string and it should look for it in an environment variable named `AZURE_STORATE_CONNECTION_STRING` or a key named `dev-conn`.
Porter discourages storing the value of the credential directly, though it it is possible. Instead Porter encourages the best practice of defining mappings in the credential sets, and then storing the values in secret stores such as a key/value store like Hashicorp Vault, or Azure Key Vault. See the get.porter.sh/porter/pkg/secrets package for more on how Porter handles accessing secrets.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewCredentialsMigration ¶
Types ¶
type CredentialProvider ¶
type CredentialProvider interface { CredentialStore ResolveAll(creds credentials.CredentialSet) (credentials.Set, error) Validate(credentials.CredentialSet) error }
CredentialProvider interface for managing sets of credentials.
type CredentialStorage ¶
type CredentialStorage struct { *config.Config *CredentialsStore SecretsStore }
CredentialStorage provides access to credential sets by instantiating plugins that implement CRUD storage.
func NewCredentialStorage ¶
func NewCredentialStorage(c *config.Config, storagePlugin *crudplugins.Store) *CredentialStorage
func (CredentialStorage) ResolveAll ¶
func (s CredentialStorage) ResolveAll(creds credentials.CredentialSet) (credentials.Set, error)
func (CredentialStorage) Validate ¶
func (s CredentialStorage) Validate(creds credentials.CredentialSet) error
type CredentialStore ¶
type CredentialStore interface { List() ([]string, error) Save(credentials.CredentialSet) error Read(name string) (credentials.CredentialSet, error) ReadAll() ([]credentials.CredentialSet, error) Delete(name string) error }
CredentialStore is an interface representing cnab-go's credentials.Store
type CredentialsStore ¶
type CredentialsStore = credentials.Store
type SecretsStore ¶
type SecretsStore = cnabsecrets.Store
type TestCredentialProvider ¶
type TestCredentialProvider struct { T *testing.T TestConfig *config.TestConfig // TestSecrets allows you to set up secrets for unit testing TestSecrets *inmemorysecrets.Store *CredentialStorage }
func NewTestCredentialProvider ¶
func NewTestCredentialProvider(t *testing.T, tc *config.TestConfig) TestCredentialProvider
func (*TestCredentialProvider) AddTestCredentials ¶
func (p *TestCredentialProvider) AddTestCredentials(path string)
func (*TestCredentialProvider) AddTestCredentialsDirectory ¶
func (p *TestCredentialProvider) AddTestCredentialsDirectory(dir string)