types

package
v1.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2024 License: MIT Imports: 8 Imported by: 3

Documentation

Index

Constants

View Source 
const (
	// VaultObjectTypeSecret secret vault object type
	VaultObjectTypeSecret = "secret"
	// VaultObjectTypeKey key vault object type
	VaultObjectTypeKey = "key"
	// VaultObjectTypeCertificate certificate vault object type
	VaultObjectTypeCertificate = "cert"

	CertTypePem = "application/x-pem-file"
	CertTypePfx = "application/x-pkcs12"

	CertificateType = "CERTIFICATE"

	ObjectFormatPEM = "pem"
	ObjectFormatPFX = "pfx"

	ObjectEncodingHex    = "hex"
	ObjectEncodingBase64 = "base64"
	ObjectEncodingUtf8   = "utf-8"

	// pod identity NMI port
	PodIdentityNMIPort = "2579"

	CSIAttributePodName              = "csi.storage.k8s.io/pod.name"
	CSIAttributePodNamespace         = "csi.storage.k8s.io/pod.namespace"
	CSIAttributeServiceAccountTokens = "csi.storage.k8s.io/serviceAccount.tokens" // nolint

	// KeyVaultNameParameter is the name of the key vault name parameter
	KeyVaultNameParameter = "keyvaultName"
	// CloudNameParameter is the name of the cloud name parameter
	CloudNameParameter = "cloudName"
	// UsePodIdentityParameter is the name of the use pod identity parameter
	UsePodIdentityParameter = "usePodIdentity"
	// UseVMManagedIdentityParameter is the name of the use VM managed identity parameter
	UseVMManagedIdentityParameter = "useVMManagedIdentity"
	// UserAssignedIdentityIDParameter is the name of the user assigned identity ID parameter
	UserAssignedIdentityIDParameter = "userAssignedIdentityID"
	// TenantIDParameter is the name of the tenant ID parameter
	// TODO(aramase): change this from tenantId to tenantID after v1.2 release
	// ref: https://github.com/Azure/secrets-store-csi-driver-provider-azure/issues/857
	TenantIDParameter = "tenantId"
	// CloudEnvFileNameParameter is the name of the cloud env file name parameter
	CloudEnvFileNameParameter = "cloudEnvFileName"
	// ClientIDParameter is the name of the client ID parameter
	// This clientID is used for workload identity
	ClientIDParameter = "clientID"
	// ObjectsParameter is the name of the objects parameter
	ObjectsParameter = "objects"
)

Variables

This section is empty.

Functions

func GetClientID 

func GetClientID(parameters map[string]string) string

GetClientID returns the client ID

func GetCloudEnvFileName 

func GetCloudEnvFileName(parameters map[string]string) string

GetCloudEnvFileName returns the cloud env file name

func GetCloudName 

func GetCloudName(parameters map[string]string) string

GetCloudName returns the cloud name

func GetKeyVaultName 

func GetKeyVaultName(parameters map[string]string) string

GetKeyVaultName returns the key vault name

func GetObjects 

func GetObjects(parameters map[string]string) string

GetObjects returns the key vault objects

func GetPodName 

func GetPodName(parameters map[string]string) string

GetPodName returns the pod name

func GetPodNamespace 

func GetPodNamespace(parameters map[string]string) string

GetPodNamespace returns the pod namespace

func GetServiceAccountTokens 

func GetServiceAccountTokens(parameters map[string]string) string

GetServiceAccountTokens returns the service account tokens

func GetTenantID 

func GetTenantID(parameters map[string]string) string

GetTenantID returns the tenant ID

func GetUsePodIdentity 

func GetUsePodIdentity(parameters map[string]string) (bool, error)

GetUsePodIdentity returns if pod identity is enabled

func GetUseVMManagedIdentity 

func GetUseVMManagedIdentity(parameters map[string]string) (bool, error)

GetUseVMManagedIdentity returns if VM managed identity is enabled

func GetUserAssignedIdentityID 

func GetUserAssignedIdentityID(parameters map[string]string) string

GetUserAssignedIdentityID returns the user assigned identity ID

Types

type KeyVaultObject 

type KeyVaultObject struct {
	// the name of the Azure Key Vault objects
	ObjectName string `json:"objectName" yaml:"objectName"`
	// the filename the object will be written to
	ObjectAlias string `json:"objectAlias" yaml:"objectAlias"`
	// the version of the Azure Key Vault objects
	ObjectVersion string `json:"objectVersion" yaml:"objectVersion"`
	// The number of versions to load for this secret starting at the latest version
	ObjectVersionHistory int32 `json:"objectVersionHistory" yaml:"objectVersionHistory"`
	// the type of the Azure Key Vault objects
	ObjectType string `json:"objectType" yaml:"objectType"`
	// the format of the Azure Key Vault objects
	// supported formats are PEM, PFX
	ObjectFormat string `json:"objectFormat" yaml:"objectFormat"`
	// The encoding of the object in KeyVault
	// Supported encodings are Base64, Hex, Utf-8
	ObjectEncoding string `json:"objectEncoding" yaml:"objectEncoding"`
	// FilePermission is the file permissions
	FilePermission string `json:"filePermission" yaml:"filePermission"`
}

KeyVaultObject holds keyvault object related config

func (KeyVaultObject) GetFileName added in v1.3.0 

func (kv KeyVaultObject) GetFileName() string

GetFileName returns the file name for the secret 1. If the object alias is specified, it will be used 2. If the object alias is not specified, the object name will be used

func (KeyVaultObject) GetFilePermission added in v1.3.0 

func (kv KeyVaultObject) GetFilePermission(defaultFilePermission os.FileMode) (int32, error)

GetFilePermission returns the file permission and error if any

func (KeyVaultObject) GetObjectUID added in v1.3.0 

func (kv KeyVaultObject) GetObjectUID() string

GetObjectUID returns UID for the object with the format: <object type>/<object name> if syncing a single version <object type/<object name>/<version index> if syncing multiple versions

func (KeyVaultObject) IsSyncingSingleVersion added in v1.3.0 

func (kv KeyVaultObject) IsSyncingSingleVersion() bool

IsSyncingSingleVersion returns true if the object is configured to only sync a single specific version of the secret

type KeyVaultObjectVersion added in v1.3.0 

type KeyVaultObjectVersion struct {
	Version string
	Created time.Time
}

KeyVaultObjectVersion holds the version id and when that version was created for a specific version of a secret from KeyVault

type KeyVaultObjectVersionList added in v1.3.0 

type KeyVaultObjectVersionList []KeyVaultObjectVersion

KeyVaultObjectVersionList holds a list of KeyVaultObjectVersion

func (KeyVaultObjectVersionList) Len added in v1.3.0 

func (list KeyVaultObjectVersionList) Len() int

func (KeyVaultObjectVersionList) Less added in v1.3.0 

func (list KeyVaultObjectVersionList) Less(i, j int) bool

func (KeyVaultObjectVersionList) Swap added in v1.3.0 

func (list KeyVaultObjectVersionList) Swap(i, j int)

type SecretFile 

type SecretFile struct {
	Content  []byte
	Path     string
	FileMode int32
	UID      string
	Version  string
}

SecretFile holds content and metadata of a secret file that is sent back to the driver

type StringArray 

type StringArray struct {
	Array []string `json:"array" yaml:"array"`
}

StringArray holds a list of strings

func GetObjectsArray 

func GetObjectsArray(objects string) (StringArray, error)

GetObjectsArray returns the key vault objects array

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.