secrets

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 11, 2022 License: Apache-2.0 Imports: 9 Imported by: 3

Documentation

Overview

Package secrets provides primitives for resolving secrets from external sources, such as Hashicorp Vault or Azure Key Vault, into Credential Sets and injecting them into bundle runtimes.

Index

Constants

View Source 
const SourceSecret = "secret"

Variables

This section is empty.

Functions

This section is empty.

Types

type PluginAdapter added in v1.0.1 

type PluginAdapter struct {
	// contains filtered or unexported fields
}

PluginAdapter converts between the low-level plugins.SecretsProtocol and the secrets.Store interface.

func NewPluginAdapter added in v1.0.1 

func NewPluginAdapter(plugin plugins.SecretsProtocol) PluginAdapter

NewPluginAdapter wraps the specified storage plugin.

func (PluginAdapter) Close added in v1.0.1 

func (a PluginAdapter) Close() error

func (PluginAdapter) Create added in v1.0.1 

func (a PluginAdapter) Create(ctx context.Context, keyName string, keyValue string, value string) error

func (PluginAdapter) Resolve added in v1.0.1 

func (a PluginAdapter) Resolve(ctx context.Context, keyName string, keyValue string) (string, error)

type Set added in v1.0.1 

type Set map[string]string

Set is an actual set of resolved values. This is the output of resolving a parameter or credential set file.

func (Set) IsValid added in v1.0.1 

func (s Set) IsValid(key string) bool

IsValid determines if the provided key (designating a name of a parameter or credential) is included in the provided set

func (Set) Merge added in v1.0.1 

func (s Set) Merge(s2 Set) error

Merge merges a second Set into the base.

Duplicate names are not allow and will result in an error, this is the case even if the values are identical.

func (Set) ToCNAB added in v1.0.1 

func (s Set) ToCNAB() valuesource.Set

ToCNAB converts this to a type accepted by the cnab-go runtime.

type Source added in v1.0.1 

type Source struct {
	Key   string
	Value string
}

Source represents a strategy for loading a value from local host.

func (Source) MarshalJSON added in v1.0.1 

func (s Source) MarshalJSON() ([]byte, error)

func (Source) MarshalRaw added in v1.0.1 

func (s Source) MarshalRaw() interface{}

func (Source) MarshalYAML added in v1.0.1 

func (s Source) MarshalYAML() (interface{}, error)

func (*Source) UnmarshalJSON added in v1.0.1 

func (s *Source) UnmarshalJSON(data []byte) error

func (*Source) UnmarshalRaw added in v1.0.1 

func (s *Source) UnmarshalRaw(raw map[string]interface{}) error

func (*Source) UnmarshalYAML added in v1.0.1 

func (s *Source) UnmarshalYAML(value *yaml.Node) error

type Store added in v1.0.1 

type Store interface {
	Close() error

	// Resolve a credential's value from a secret store
	// - keyName is name of the key where the secret can be found.
	// - keyValue is the value of the key.
	// Examples:
	// - keyName=env, keyValue=CONN_STRING
	// - keyName=key, keyValue=conn-string
	// - keyName=path, keyValue=/tmp/connstring.txt
	Resolve(ctx context.Context, keyName string, keyValue string) (string, error)

	// Create stores a secret value in a secret store.
	// - keyName is name of the key where the secret can be found.
	// - keyValue is the value of the key.
	// Examples:
	// - keyName=env, keyValue=CONN_STRING, value=redis://foo
	// - keyName=key, keyValue=conn-string, value=redis://foo
	// - keyName=path, keyValue=/tmp/connstring.txt, value=redis://foo
	Create(ctx context.Context, keyName string, keyValue string, value string) error
}

Store is the interface that Porter uses to interact with secrets.

type Strategy added in v1.0.1 

type Strategy struct {
	// Name is the name of the parameter or credential.
	Name string `json:"name" yaml:"name"`
	// Source is the location of the value.
	// During resolution, the source will be loaded, and the result temporarily placed
	// into Value.
	Source Source `json:"source,omitempty" yaml:"source,omitempty"`
	// Value holds the parameter or credential value.
	// When a parameter or credential is loaded, it is loaded into this field. In all
	// other cases, it is empty. This field is omitted during serialization.
	Value string `json:"-" yaml:"-"`
}

Strategy represents a strategy for determining the value of a parameter or credential

type TestSecretsProvider added in v1.0.1 

type TestSecretsProvider struct {
	PluginAdapter
	// contains filtered or unexported fields
}

func NewTestSecretsProvider added in v1.0.1 

func NewTestSecretsProvider() TestSecretsProvider

func (TestSecretsProvider) Close added in v1.0.1 

func (s TestSecretsProvider) Close() error

Source Files

View all Source files

Directories

Path Synopsis
filesystem
Package filesystem provides a plugin implementing the secret plugin protocol for creating/resolving secrets from the local filesystem.
 Package filesystem provides a plugin implementing the secret plugin protocol for creating/resolving secrets from the local filesystem.
host
Package host provides a plugin implementing the original behavior of resolving secrets from the local host: environment variables, paths, commands and static values.
 Package host provides a plugin implementing the original behavior of resolving secrets from the local host: environment variables, paths, commands and static values.
in-memory
Package inmemory provides an in-memory implementation of a secret store suitable for unit testing.
 Package inmemory provides an in-memory implementation of a secret store suitable for unit testing.
proto
Package proto is the protobuf definition for the SecretsProtocol
 Package proto is the protobuf definition for the SecretsProtocol
Package pluginstore is an internal Porter package that implements the plugins.SecretsPlugin interface.
 Package pluginstore is an internal Porter package that implements the plugins.SecretsPlugin interface.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.