Documentation
¶
Index ¶
- Constants
- func IsSecurityEnabled() bool
- func NewSecretProvider(configuration interfaces.Configuration, envVars *environment.Variables, ...) (interfaces.SecretProviderExt, error)
- type InsecureProvider
- func (p *InsecureProvider) DeregisterSecretUpdatedCallback(secretName string)
- func (p *InsecureProvider) GetAccessToken(_ string, _ string) (string, error)
- func (p *InsecureProvider) GetMetricsToRegister() map[string]any
- func (p *InsecureProvider) GetSecret(secretName string, keys ...string) (map[string]string, error)
- func (p *InsecureProvider) GetSelfJWT() (string, error)
- func (p *InsecureProvider) HasSecret(secretName string) (bool, error)
- func (p *InsecureProvider) IsJWTValid(jwt string) (bool, error)
- func (p *InsecureProvider) ListSecretNames() ([]string, error)
- func (p *InsecureProvider) RegisterSecretUpdatedCallback(secretName string, callback func(secretName string)) error
- func (p *InsecureProvider) SecretUpdatedAtSecretName(secretName string)
- func (p *InsecureProvider) SecretsLastUpdated() time.Time
- func (p *InsecureProvider) SecretsUpdated()
- func (p *InsecureProvider) StoreSecret(secretName string, secrets map[string]string) error
- type SecretData
Constants ¶
const ( // WildcardName is a special secret name that can be used to register a secret callback for any secret. WildcardName = "*" AuthModeNone = "none" AuthModeUsernamePassword = "usernamepassword" AuthModeCert = "clientcert" AuthModeCA = "cacert" SecretUsernameKey = "username" SecretPasswordKey = "password" SecretClientKey = "clientkey" SecretClientCert = AuthModeCert SecretCACert = AuthModeCA )
Variables ¶
This section is empty.
Functions ¶
func IsSecurityEnabled ¶
func IsSecurityEnabled() bool
IsSecurityEnabled determines if security has been enabled.
func NewSecretProvider ¶
func NewSecretProvider( configuration interfaces.Configuration, envVars *environment.Variables, ctx context.Context, startupTimer startup.Timer, dic *di.Container, serviceKey string) (interfaces.SecretProviderExt, error)
NewSecretProvider creates a new fully initialized the Secret Provider.
Types ¶
type InsecureProvider ¶
type InsecureProvider struct {
// contains filtered or unexported fields
}
InsecureProvider implements the SecretProvider interface for insecure secrets
func NewInsecureProvider ¶
func NewInsecureProvider(config interfaces.Configuration, logger log.Logger, dic *di.Container) *InsecureProvider
NewInsecureProvider creates, initializes Provider for insecure secrets.
func (*InsecureProvider) DeregisterSecretUpdatedCallback ¶
func (p *InsecureProvider) DeregisterSecretUpdatedCallback(secretName string)
DeregisterSecretUpdatedCallback removes a secret's registered callback secretName.
func (*InsecureProvider) GetAccessToken ¶
func (p *InsecureProvider) GetAccessToken(_ string, _ string) (string, error)
GetAccessToken returns the AccessToken for the specified type, which in insecure mode is not need so just returning an empty token.
func (*InsecureProvider) GetMetricsToRegister ¶
func (p *InsecureProvider) GetMetricsToRegister() map[string]any
GetMetricsToRegister returns all metric objects that needs to be registered.
func (*InsecureProvider) GetSecret ¶
GetSecret retrieves secrets from a Insecure Secrets secret store. secretName specifies the type or location of the secrets to retrieve. keys specifies the secrets which to retrieve. If no keys are provided then all the keys associated with the specified secretName will be returned.
func (*InsecureProvider) GetSelfJWT ¶
func (p *InsecureProvider) GetSelfJWT() (string, error)
GetSelfJWT returns an encoded JWT for the current identity-based secret store token
func (*InsecureProvider) HasSecret ¶
func (p *InsecureProvider) HasSecret(secretName string) (bool, error)
HasSecret returns true if the service's SecretStore contains a secret at the specified secretName.
func (*InsecureProvider) IsJWTValid ¶
func (p *InsecureProvider) IsJWTValid(jwt string) (bool, error)
IsJWTValid evaluates a given JWT and returns a true/false if the JWT is valid (i.e. belongs to us and current) or not
func (*InsecureProvider) ListSecretNames ¶
func (p *InsecureProvider) ListSecretNames() ([]string, error)
ListSecretNames returns a list of SecretName for the current service from an insecure/secure secret store.
func (*InsecureProvider) RegisterSecretUpdatedCallback ¶
func (p *InsecureProvider) RegisterSecretUpdatedCallback(secretName string, callback func(secretName string)) error
RegisterSecretUpdatedCallback registers a callback for a secret. If you specify secret.WildcardName as the secretName, then the callback will be called for any updated secret. Callbacks set for a specific secretName are given a higher precedence over wildcard ones, and will be called instead of the wildcard one if both are present.
func (*InsecureProvider) SecretUpdatedAtSecretName ¶
func (p *InsecureProvider) SecretUpdatedAtSecretName(secretName string)
SecretUpdatedAtSecretName performs updates and callbacks for an updated secret or secretName.
func (*InsecureProvider) SecretsLastUpdated ¶
func (p *InsecureProvider) SecretsLastUpdated() time.Time
SecretsLastUpdated returns the last time insecure secrets were updated
func (*InsecureProvider) SecretsUpdated ¶
func (p *InsecureProvider) SecretsUpdated()
SecretsUpdated resets LastUpdate time for the Insecure Secrets.
func (*InsecureProvider) StoreSecret ¶
func (p *InsecureProvider) StoreSecret(secretName string, secrets map[string]string) error
StoreSecret stores the secrets, but is not supported for Insecure Secrets
type SecretData ¶
type SecretData struct {
Username string
Password string
KeyPemBlock string
CertPemBlock string
CaPemBlock string
}
func GetSecretData ¶
func GetSecretData(secretName string, provider interfaces.SecretProvider) (SecretData, error)
Source Files