Documentation
¶
Index ¶
Constants ¶
const ( RoleView = SecretRole("view") RoleRotate = SecretRole("rotate") RoleManage = SecretRole("manage") )
const ( StatusStaged = SecretStatus("staged") StatusActive = SecretStatus("active") )
const ( TypeBlob = SecretType("blob") TypePassword = SecretType("password") )
const ( PasswordLength = "password-length" PasswordSpecialChars = "password-special-chars" )
TODO(wallyworld) - use a schema to describe the config
const (
// AppSnippet denotes a secret belonging to an application.
AppSnippet = "app"
)
const (
// SecretScheme is the URL prefix for a secret.
SecretScheme = "secret"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecretConfig ¶
type SecretConfig struct {
Path string
RotateInterval *time.Duration
Status *SecretStatus
Description *string
Tags *map[string]string
Params map[string]interface{}
}
SecretConfig is used when creating a secret.
func NewPasswordSecretConfig ¶
func NewPasswordSecretConfig(length int, specialChars bool, nameParts ...string) *SecretConfig
NewPasswordSecretConfig is used to create an application scoped password secret.
func NewSecretConfig ¶
func NewSecretConfig(nameParts ...string) *SecretConfig
NewSecretConfig is used to create an application scoped blob secret.
func (*SecretConfig) Validate ¶
func (c *SecretConfig) Validate() error
Validate returns an error if the config is not valid.
type SecretData ¶
SecretData holds secret key values.
func CreatSecretData ¶
func CreatSecretData(asBase64 bool, args []string) (SecretData, error)
CreatSecretData creates a secret data bag from a list of arguments. The arguments are either all key=value or a singular value. If base64 is true, then the supplied value(s) are already base64 encoded, otherwise the values are base64 encoded as they are added to the data bag.
type SecretMetadata ¶
type SecretMetadata struct {
// Read only after creation.
URL *URL
Path string
// Version starts at 1 and is incremented
// whenever an incompatible change is made.
Version int
// These can be updated after creation.
Status SecretStatus
Description string
Tags map[string]string
RotateInterval time.Duration
// ID is a Juju ID for the secret.
ID int
// Provider is the name of the backend secrets store.
Provider string
// ProviderID is the ID used by the underlying secrets provider.
ProviderID string
// Revision is incremented each time the corresponding
// secret value is changed.
Revision int
CreateTime time.Time
UpdateTime time.Time
}
SecretMetadata holds metadata about a secret.
type SecretStatus ¶
type SecretStatus string
SecretStatus is the status of a secret.
func (SecretStatus) IsValid ¶
func (s SecretStatus) IsValid() bool
IsValid returns true if s is a valid secret status.
type SecretType ¶
type SecretType string
SecretType is the type of a secret. This is used when creating a secret.
func (SecretType) IsValid ¶
func (t SecretType) IsValid() bool
IsValid returns true if t is a valid secret type.
type SecretValue ¶
type SecretValue interface {
// EncodedValues returns the key values of a secret as
// the raw base64 encoded strings.
// For the special case where the secret only has a
// single key value "data", then use BinaryValue()
//to get the result.
EncodedValues() map[string]string
// Values returns the key values of a secret as strings.
// For the special case where the secret only has a
// single key value "data", then use StringValue()
//to get the result.
Values() (map[string]string, error)
// Singular returns true if the secret value represents a
// single data value rather than key values.
Singular() bool
// EncodedValue returns the value of the secret as the raw
// base64 encoded string.
// The secret must be a singular value.
EncodedValue() (string, error)
// Value returns the value of the secret as a string.
// The secret must be a singular value.
Value() (string, error)
}
SecretValue holds the value of a secret. Instances of SecretValue are returned by a secret store when a secret look up is performed. The underlying value is a map of base64 encoded values represented as []byte. Convenience methods exist to retrieve singular decoded string and encoded base64 string values.
func NewSecretValue ¶
func NewSecretValue(data map[string]string) SecretValue
NewSecretValue returns a secret using the specified map of values. The map values are assumed to be already base64 encoded.
type URL ¶
type URL struct {
ControllerUUID string
ModelUUID string
Path string
Attribute string
Revision int
}
URL represents a reference to a secret.
func NewSimpleURL ¶
NewSimpleURL returns a URL with the specified path.
func (*URL) OwnerApplication ¶
OwnerApplication returns the application part of a secret URL.
func (*URL) ShortString ¶
ShortString prints the URL without controller or model UUID.
func (*URL) WithAttribute ¶
WithAttribute returns the URL with the specified attribute.
func (*URL) WithRevision ¶
WithRevision returns the URL with the specified revision.
Source Files