GO-2024-2750: Kubernetes Secrets Store CSI Driver plugins arbitrary file write in github.com/Azure/secrets-store-csi-driver-provider-azure

provider

package

v1.0.0 Latest Latest Go to latest Published: Oct 22, 2021 License: MIT Imports: 29 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Azure/secrets-store-csi-driver-provider-azure

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ParseAzureEnvironment(cloudName string) (*azure.Environment, error)
type KeyVaultObject
type Provider
- func NewProvider() *Provider
- func (p *Provider) GetKeyVaultObjectContent(ctx context.Context, kvClient *kv.BaseClient, kvObject KeyVaultObject, ...) (content, version string, err error)
- func (p *Provider) MountSecretsStoreObjectContent(ctx context.Context, attrib map[string]string, secrets map[string]string, ...) (map[string][]byte, map[string]string, error)
type StringArray

Constants ¶

View Source

const (
	// VaultObjectTypeSecret secret vault object type
	VaultObjectTypeSecret string = "secret"
	// VaultObjectTypeKey key vault object type
	VaultObjectTypeKey string = "key"
	// VaultObjectTypeCertificate certificate vault object type
	VaultObjectTypeCertificate string = "cert"
)

Type of Azure Key Vault objects

Variables ¶

View Source

var (
	ConstructPEMChain = flag.Bool("construct-pem-chain", true, "explicitly reconstruct the pem chain in the order: SERVER, INTERMEDIATE, ROOT")
)

Functions ¶

func ParseAzureEnvironment ¶

func ParseAzureEnvironment(cloudName string) (*azure.Environment, error)

ParseAzureEnvironment returns azure environment by name

Types ¶

type KeyVaultObject ¶

type KeyVaultObject struct {
	// the name of the Azure Key Vault objects
	ObjectName string `json:"objectName" yaml:"objectName"`
	// the filename the object will be written to
	ObjectAlias string `json:"objectAlias" yaml:"objectAlias"`
	// the version of the Azure Key Vault objects
	ObjectVersion string `json:"objectVersion" yaml:"objectVersion"`
	// the type of the Azure Key Vault objects
	ObjectType string `json:"objectType" yaml:"objectType"`
	// the format of the Azure Key Vault objects
	// supported formats are PEM, PFX
	ObjectFormat string `json:"objectFormat" yaml:"objectFormat"`
	// The encoding of the object in KeyVault
	// Supported encodings are Base64, Hex, Utf-8
	ObjectEncoding string `json:"objectEncoding" yaml:"objectEncoding"`
}

KeyVaultObject holds keyvault object related config

type Provider ¶

type Provider struct {
	// contains filtered or unexported fields
}

Provider implements the secrets-store-csi-driver provider interface

func NewProvider ¶

func NewProvider() *Provider

NewProvider creates a new provider

func (*Provider) GetKeyVaultObjectContent ¶

func (p *Provider) GetKeyVaultObjectContent(ctx context.Context, kvClient *kv.BaseClient, kvObject KeyVaultObject, vaultURL string) (content, version string, err error)

GetKeyVaultObjectContent get content of the keyvault object

func (*Provider) MountSecretsStoreObjectContent ¶

func (p *Provider) MountSecretsStoreObjectContent(ctx context.Context, attrib map[string]string, secrets map[string]string, targetPath string, permission os.FileMode) (map[string][]byte, map[string]string, error)

MountSecretsStoreObjectContent mounts content of the secrets store object to target path

type StringArray ¶

type StringArray struct {
	Array []string `json:"array" yaml:"array"`
}

StringArray ...

Source Files ¶

View all Source files

provider.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL