Documentation ¶
Index ¶
- Constants
- func GetClientID(parameters map[string]string) string
- func GetCloudEnvFileName(parameters map[string]string) string
- func GetCloudName(parameters map[string]string) string
- func GetKeyVaultName(parameters map[string]string) string
- func GetObjects(parameters map[string]string) string
- func GetPodName(parameters map[string]string) string
- func GetPodNamespace(parameters map[string]string) string
- func GetServiceAccountTokens(parameters map[string]string) string
- func GetTenantID(parameters map[string]string) string
- func GetUsePodIdentity(parameters map[string]string) (bool, error)
- func GetUseVMManagedIdentity(parameters map[string]string) (bool, error)
- func GetUserAssignedIdentityID(parameters map[string]string) string
- type KeyVaultObject
- type KeyVaultObjectVersion
- type KeyVaultObjectVersionList
- type SecretFile
- type StringArray
Constants ¶
const ( // VaultObjectTypeSecret secret vault object type VaultObjectTypeSecret = "secret" // VaultObjectTypeKey key vault object type VaultObjectTypeKey = "key" // VaultObjectTypeCertificate certificate vault object type VaultObjectTypeCertificate = "cert" CertTypePem = "application/x-pem-file" CertTypePfx = "application/x-pkcs12" CertificateType = "CERTIFICATE" ObjectFormatPEM = "pem" ObjectFormatPFX = "pfx" ObjectEncodingHex = "hex" ObjectEncodingBase64 = "base64" ObjectEncodingUtf8 = "utf-8" // pod identity NMI port PodIdentityNMIPort = "2579" CSIAttributePodName = "csi.storage.k8s.io/pod.name" CSIAttributePodNamespace = "csi.storage.k8s.io/pod.namespace" CSIAttributeServiceAccountTokens = "csi.storage.k8s.io/serviceAccount.tokens" // nolint // KeyVaultNameParameter is the name of the key vault name parameter KeyVaultNameParameter = "keyvaultName" // CloudNameParameter is the name of the cloud name parameter CloudNameParameter = "cloudName" // UsePodIdentityParameter is the name of the use pod identity parameter UsePodIdentityParameter = "usePodIdentity" // UseVMManagedIdentityParameter is the name of the use VM managed identity parameter UseVMManagedIdentityParameter = "useVMManagedIdentity" // UserAssignedIdentityIDParameter is the name of the user assigned identity ID parameter UserAssignedIdentityIDParameter = "userAssignedIdentityID" // TenantIDParameter is the name of the tenant ID parameter // TODO(aramase): change this from tenantId to tenantID after v1.2 release // ref: https://github.com/Azure/secrets-store-csi-driver-provider-azure/issues/857 TenantIDParameter = "tenantId" // CloudEnvFileNameParameter is the name of the cloud env file name parameter CloudEnvFileNameParameter = "cloudEnvFileName" // ClientIDParameter is the name of the client ID parameter // This clientID is used for workload identity ClientIDParameter = "clientID" // ObjectsParameter is the name of the objects parameter ObjectsParameter = "objects" )
Variables ¶
This section is empty.
Functions ¶
func GetClientID ¶
GetClientID returns the client ID
func GetCloudEnvFileName ¶
GetCloudEnvFileName returns the cloud env file name
func GetCloudName ¶
GetCloudName returns the cloud name
func GetKeyVaultName ¶
GetKeyVaultName returns the key vault name
func GetObjects ¶
GetObjects returns the key vault objects
func GetPodName ¶
GetPodName returns the pod name
func GetPodNamespace ¶
GetPodNamespace returns the pod namespace
func GetServiceAccountTokens ¶
GetServiceAccountTokens returns the service account tokens
func GetTenantID ¶
GetTenantID returns the tenant ID
func GetUsePodIdentity ¶
GetUsePodIdentity returns if pod identity is enabled
func GetUseVMManagedIdentity ¶
GetUseVMManagedIdentity returns if VM managed identity is enabled
func GetUserAssignedIdentityID ¶
GetUserAssignedIdentityID returns the user assigned identity ID
Types ¶
type KeyVaultObject ¶
type KeyVaultObject struct { // the name of the Azure Key Vault objects ObjectName string `json:"objectName" yaml:"objectName"` // the filename the object will be written to ObjectAlias string `json:"objectAlias" yaml:"objectAlias"` // the version of the Azure Key Vault objects ObjectVersion string `json:"objectVersion" yaml:"objectVersion"` // The number of versions to load for this secret starting at the latest version ObjectVersionHistory int32 `json:"objectVersionHistory" yaml:"objectVersionHistory"` // the type of the Azure Key Vault objects ObjectType string `json:"objectType" yaml:"objectType"` // the format of the Azure Key Vault objects // supported formats are PEM, PFX ObjectFormat string `json:"objectFormat" yaml:"objectFormat"` // The encoding of the object in KeyVault // Supported encodings are Base64, Hex, Utf-8 ObjectEncoding string `json:"objectEncoding" yaml:"objectEncoding"` // FilePermission is the file permissions FilePermission string `json:"filePermission" yaml:"filePermission"` }
KeyVaultObject holds keyvault object related config
func (KeyVaultObject) GetFileName ¶ added in v1.3.0
func (kv KeyVaultObject) GetFileName() string
GetFileName returns the file name for the secret 1. If the object alias is specified, it will be used 2. If the object alias is not specified, the object name will be used
func (KeyVaultObject) GetFilePermission ¶ added in v1.3.0
func (kv KeyVaultObject) GetFilePermission(defaultFilePermission os.FileMode) (int32, error)
GetFilePermission returns the file permission and error if any
func (KeyVaultObject) GetObjectUID ¶ added in v1.3.0
func (kv KeyVaultObject) GetObjectUID() string
GetObjectUID returns UID for the object with the format: <object type>/<object name> if syncing a single version <object type/<object name>/<version index> if syncing multiple versions
func (KeyVaultObject) IsSyncingSingleVersion ¶ added in v1.3.0
func (kv KeyVaultObject) IsSyncingSingleVersion() bool
IsSyncingSingleVersion returns true if the object is configured to only sync a single specific version of the secret
type KeyVaultObjectVersion ¶ added in v1.3.0
KeyVaultObjectVersion holds the version id and when that version was created for a specific version of a secret from KeyVault
type KeyVaultObjectVersionList ¶ added in v1.3.0
type KeyVaultObjectVersionList []KeyVaultObjectVersion
KeyVaultObjectVersionList holds a list of KeyVaultObjectVersion
func (KeyVaultObjectVersionList) Len ¶ added in v1.3.0
func (list KeyVaultObjectVersionList) Len() int
func (KeyVaultObjectVersionList) Less ¶ added in v1.3.0
func (list KeyVaultObjectVersionList) Less(i, j int) bool
func (KeyVaultObjectVersionList) Swap ¶ added in v1.3.0
func (list KeyVaultObjectVersionList) Swap(i, j int)
type SecretFile ¶
SecretFile holds content and metadata of a secret file that is sent back to the driver
type StringArray ¶
type StringArray struct {
Array []string `json:"array" yaml:"array"`
}
StringArray holds a list of strings
func GetObjectsArray ¶
func GetObjectsArray(objects string) (StringArray, error)
GetObjectsArray returns the key vault objects array