vault

Documentation

Index

• type Client
  • func New(options ...Option) (*Client, error)
  • func (c *Client) AddPKI2Clean(pkiPath string)
  • func (c *Client) Address() string
  • func (c *Client) CreateSecret(fullPath string, data map[string]interface{}) error
  • func (c *Client) DeleteSecret(fullPath string) error
  • func (c *Client) GetRawSecret(fullPath string) (*api.Secret, error)
  • func (c *Client) GetSecret(secretPath string) (string, bool, error)
  • func (c *Client) GetSecretData(secret *api.Secret, dataPath string) (string, error)
  • func (c *Client) GetSecretWithPrefix(prefix, secretPath string) (string, bool, error)
  • func (c *Client) Logical() *api.Logical
  • func (c *Client) SkipVerify() bool
• type Option
  • func Addr(addr string, skipVerify bool) Option
  • func AuthMethod(authMethod string) Option
  • func Config(config *api.Config) Option
  • func ContextWithCancelFN(ctx context.Context, cancelFn context.CancelFunc) Option
  • func Logger(logger logr.Logger) Option
  • func Role(role string) Option
  • func SecretsPathPrefix(prefix string) Option
  • func Timeout(timeout int) Option

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client struct would hold connection to Vault

func New

func New(options ...Option) (*Client, error)

New would create Vault Client

func (*Client) AddPKI2Clean

func (c *Client) AddPKI2Clean(pkiPath string)

AddPKI2Clean would add your PKI to cleanup

func (*Client) Address

func (c *Client) Address() string

Address would return Vault HTTP(s) address

func (*Client) CreateSecret

func (c *Client) CreateSecret(fullPath string, data map[string]interface{}) error

CreateSecret would create secret in Vault

func (*Client) DeleteSecret

func (c *Client) DeleteSecret(fullPath string) error

DeleteSecret would delete secret from Vault

func (*Client) GetRawSecret

func (c *Client) GetRawSecret(fullPath string) (*api.Secret, error)

GetRawSecret would get raw (unparsed secret) from Vault

func (*Client) GetSecret

func (c *Client) GetSecret(secretPath string) (string, bool, error)

GetSecret would return string (if found), bool that secret is base64 binary, error if something gets wrong

func (*Client) GetSecretData

func (c *Client) GetSecretData(secret *api.Secret, dataPath string) (string, error)

GetSecretData will return secret data as string from path dataPath

func (*Client) GetSecretWithPrefix

func (c *Client) GetSecretWithPrefix(prefix, secretPath string) (string, bool, error)

GetSecretWithPrefix would return string (if found), bool that secret is base64 binary, error if something gets wrong

func (*Client) Logical

func (c *Client) Logical() *api.Logical

Logical would return Logical client of Vault

func (*Client) SkipVerify

func (c *Client) SkipVerify() bool

SkipVerify would return if we should skip Vault TLS cert verification

type Option

type Option func(*Client) error

Option is a type of options for Vault Client

func Addr

func Addr(addr string, skipVerify bool) Option

Addr is option function to set Vault Addr for Client

func AuthMethod

func AuthMethod(authMethod string) Option

AuthMethod is option function to set Vault authentication method, only possibles are aws (default) and test (for testing)

func Config

func Config(config *api.Config) Option

Config is option function to set Vault config (for test purposes mainly)

func ContextWithCancelFN

func ContextWithCancelFN(ctx context.Context, cancelFn context.CancelFunc) Option

ContextWithCancelFN is option function to set channel for termination notifications from renew and also set upstream context

func Logger

func Logger(logger logr.Logger) Option

Logger will add logger to Vault client

func Role

func Role(role string) Option

Role is option function to set Vault login role for Client

func SecretsPathPrefix

func SecretsPathPrefix(prefix string) Option

SecretsPathPrefix is option function to set Vault secrets path prefix

func Timeout

func Timeout(timeout int) Option

Timeout is option function to set Vault http client timeout