vault

package module
v0.0.0-...-8d6fa2b Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 16, 2024 License: Apache-2.0, BSD-3-Clause Imports: 13 Imported by: 0

Documentation

Overview

Package vault contains functions to construct or augment an http.Client that will integrate with the github.com/hashicorp/vault/api and collect traces to send to Datadog.

The easiest way to use this package is to create an http.Client with NewHTTPClient, and put it in the Vault API config that is passed to the

If you are already using your own http.Client with the Vault API, you can use the WrapHTTPClient function to wrap the client with the tracer code. Your http.Client will continue to work as before, but will also capture traces.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewHTTPClient

func NewHTTPClient(opts ...Option) *http.Client

NewHTTPClient returns an http.Client for use in the Vault API config Client. A set of options can be passed in for further configuration.

Example

This is the most basic way to enable tracing with Vault.

package main

import (
	"log"

	"github.com/hashicorp/vault/api"

	vaulttrace "github.com/DataDog/dd-trace-go/v2/contrib/hashicorp/vault"
)

func main() {
	c, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.NewHTTPClient(),
		Address:    "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}
	// This call wil be traced
	c.Logical().Read("/secret/key")
}
Output:

Example (WithOptions)

NewHTTPClient can be called with additional options for further configuration.

package main

import (
	"log"

	"github.com/hashicorp/vault/api"

	vaulttrace "github.com/DataDog/dd-trace-go/v2/contrib/hashicorp/vault"
)

func main() {
	c, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.NewHTTPClient(
			vaulttrace.WithService("my.vault"),
			vaulttrace.WithAnalytics(true),
		),
		Address: "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}
	// This call wil be traced
	c.Logical().Read("/secret/key")
}
Output:

func WrapHTTPClient

func WrapHTTPClient(c *http.Client, opts ...Option) *http.Client

WrapHTTPClient takes an existing http.Client and wraps the underlying transport with tracing.

Example

If you already have an http.Client that you're using, you can add tracing to it with WrapHTTPClient.

package main

import (
	"fmt"
	"log"
	"net/http"

	"github.com/hashicorp/vault/api"

	vaulttrace "github.com/DataDog/dd-trace-go/v2/contrib/hashicorp/vault"
)

func main() {
	// We use a custom *http.Client to talk to Vault.
	c := &http.Client{
		CheckRedirect: func(r *http.Request, via []*http.Request) error {
			if len(via) > 5 {
				return fmt.Errorf("won't perform more that 5 redirects")
			}
			return nil
		},
	}
	client, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.WrapHTTPClient(c),
		Address:    "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}

	// This call wil be traced
	client.Logical().Read("/secret/key")
}
Output:

Example (WithOptions)

WrapHTTPClient can be called with additional options to configure the integration.

package main

import (
	"fmt"
	"log"
	"net/http"

	"github.com/hashicorp/vault/api"

	vaulttrace "github.com/DataDog/dd-trace-go/v2/contrib/hashicorp/vault"
)

func main() {
	// We use a custom *http.Client to talk to Vault.
	c := &http.Client{
		CheckRedirect: func(r *http.Request, via []*http.Request) error {
			if len(via) > 5 {
				return fmt.Errorf("won't perform more that 5 redirects")
			}
			return nil
		},
	}
	client, err := api.NewClient(&api.Config{
		HttpClient: vaulttrace.WrapHTTPClient(
			c,
			vaulttrace.WithService("my.vault"),
			vaulttrace.WithAnalytics(true),
		),
		Address: "http://vault.mydomain.com:8200",
	})
	if err != nil {
		log.Fatalf("Failed to create Vault client: %s\n", err)
	}
	// This call wil be traced
	client.Logical().Read("/secret/key")
}
Output:

Types

type Option

type Option interface {
	// contains filtered or unexported methods
}

Option describes options for the Vault integration.

type OptionFn

type OptionFn func(*config)

OptionFn represents options applicable to NewHTTPClient and WrapHTTPClient.

func WithAnalytics

func WithAnalytics(on bool) OptionFn

WithAnalytics enables or disables Trace Analytics for all started spans.

func WithAnalyticsRate

func WithAnalyticsRate(rate float64) OptionFn

WithAnalyticsRate sets the sampling rate for Trace Analytics events correlated to started spans.

func WithService

func WithService(name string) OptionFn

WithService sets the given service name for the http.Client.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL