vaultclient

package
v0.3.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 9, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CacheMiss

type CacheMiss struct {
	// contains filtered or unexported fields
}

func (*CacheMiss) Error

func (c *CacheMiss) Error() string

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client struct would hold connection to Vault

func New

func New(options ...Option) (*Client, error)

New would create Vault Client

func (*Client) AddPKI2Clean

func (c *Client) AddPKI2Clean(pkiPath string)

AddPKI2Clean would add your PKI to cleanup

func (*Client) CreateSecret

func (c *Client) CreateSecret(fullPath string, data map[string]interface{}) error

CreateSecret would create secret in Vault

func (*Client) DelCertFromCache

func (c *Client) DelCertFromCache(pkiPath string, cn string) error

DelCertFromCache will delete certificate with pkiPath from cache

func (*Client) DeleteSecret

func (c *Client) DeleteSecret(fullPath string) error

DeleteSecret would delete secret from Vault

func (*Client) GetCRL

func (c *Client) GetCRL(pkiPath string) (*x509.RevocationList, error)

GetCRL would return CRL

func (*Client) GetCertFromCache

func (c *Client) GetCertFromCache(pkiPath string, cn string) (string, string, string, error)

GetCertFromCache will fetch certificates from cache it will return: Cert, Key, CA, error if occured

func (*Client) GetSecret

func (c *Client) GetSecret(secretPath string) (string, bool, error)

GetSecret would return string (if found), bool that secret is base64 binary, error if something gets wrong

func (*Client) GetSignedCertificate

func (c *Client) GetSignedCertificate(
	pkiPath string,
	pkiRole string,
	certReq *certificates.Certificate) (*certificates.Certificate, error)

GetSignedCertificate is central point to come for new certificate, which might be provided from cache, signed by PKI's CA We will return certificate

func (*Client) PutToCache

func (c *Client) PutToCache(pkiPath, cn string, cert *certificates.Certificate) error

PutToCache will put to cache certificate

type Option

type Option func(*Client) error

Option is a type of options for Vault Client

func ContextWithCancelFN

func ContextWithCancelFN(ctx context.Context, cancelFn context.CancelFunc) Option

ContextWithCancelFN is option function to set channel for termination notifications from renew and also set upstream context

func Logger

func Logger(logger logr.Logger) Option

Logger will add logger to Vault client

func SecretsPathPrefix

func SecretsPathPrefix(prefix string) Option

SecretsPathPrefix is option function to set Vault secrets path prefix

func TLSCertsCachePath

func TLSCertsCachePath(path string) Option

TLSCertsCachePath is option function to set Vault TLS certs cache path

func VaultClient

func VaultClient(client vault.Client) Option

VaultClient will add interface to vault client, can be mocked

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL