secret

package
v1.0.23 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 25, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// WildcardName is a special secret name that can be used to register a secret callback for any secret.
	WildcardName = "*"

	AuthModeNone             = "none"
	AuthModeUsernamePassword = "usernamepassword"
	AuthModeCert             = "clientcert"
	AuthModeCA               = "cacert"

	SecretUsernameKey = "username"
	SecretPasswordKey = "password"
	SecretClientKey   = "clientkey"
	SecretClientCert  = AuthModeCert
	SecretCACert      = AuthModeCA
)

Variables

This section is empty.

Functions

func IsSecurityEnabled

func IsSecurityEnabled() bool

IsSecurityEnabled determines if security has been enabled.

func NewSecretProvider

func NewSecretProvider(
	configuration interfaces.Configuration,
	envVars *environment.Variables,
	ctx context.Context,
	startupTimer startup.Timer,
	dic *di.Container,
	serviceKey string) (interfaces.SecretProviderExt, error)

NewSecretProvider creates a new fully initialized the Secret Provider.

Types

type InsecureProvider

type InsecureProvider struct {
	// contains filtered or unexported fields
}

InsecureProvider implements the SecretProvider interface for insecure secrets

func NewInsecureProvider

func NewInsecureProvider(config interfaces.Configuration, logger log.Logger, dic *di.Container) *InsecureProvider

NewInsecureProvider creates, initializes Provider for insecure secrets.

func (*InsecureProvider) DeregisterSecretUpdatedCallback

func (p *InsecureProvider) DeregisterSecretUpdatedCallback(secretName string)

DeregisterSecretUpdatedCallback removes a secret's registered callback secretName.

func (*InsecureProvider) GetAccessToken

func (p *InsecureProvider) GetAccessToken(_ string, _ string) (string, error)

GetAccessToken returns the AccessToken for the specified type, which in insecure mode is not need so just returning an empty token.

func (*InsecureProvider) GetMetricsToRegister

func (p *InsecureProvider) GetMetricsToRegister() map[string]any

GetMetricsToRegister returns all metric objects that needs to be registered.

func (*InsecureProvider) GetSecret

func (p *InsecureProvider) GetSecret(secretName string, keys ...string) (map[string]string, error)

GetSecret retrieves secrets from a Insecure Secrets secret store. secretName specifies the type or location of the secrets to retrieve. keys specifies the secrets which to retrieve. If no keys are provided then all the keys associated with the specified secretName will be returned.

func (*InsecureProvider) GetSelfJWT

func (p *InsecureProvider) GetSelfJWT() (string, error)

GetSelfJWT returns an encoded JWT for the current identity-based secret store token

func (*InsecureProvider) HasSecret

func (p *InsecureProvider) HasSecret(secretName string) (bool, error)

HasSecret returns true if the service's SecretStore contains a secret at the specified secretName.

func (*InsecureProvider) IsJWTValid

func (p *InsecureProvider) IsJWTValid(jwt string) (bool, error)

IsJWTValid evaluates a given JWT and returns a true/false if the JWT is valid (i.e. belongs to us and current) or not

func (*InsecureProvider) ListSecretNames

func (p *InsecureProvider) ListSecretNames() ([]string, error)

ListSecretNames returns a list of SecretName for the current service from an insecure/secure secret store.

func (*InsecureProvider) RegisterSecretUpdatedCallback

func (p *InsecureProvider) RegisterSecretUpdatedCallback(secretName string, callback func(secretName string)) error

RegisterSecretUpdatedCallback registers a callback for a secret. If you specify secret.WildcardName as the secretName, then the callback will be called for any updated secret. Callbacks set for a specific secretName are given a higher precedence over wildcard ones, and will be called instead of the wildcard one if both are present.

func (*InsecureProvider) SecretUpdatedAtSecretName

func (p *InsecureProvider) SecretUpdatedAtSecretName(secretName string)

SecretUpdatedAtSecretName performs updates and callbacks for an updated secret or secretName.

func (*InsecureProvider) SecretsLastUpdated

func (p *InsecureProvider) SecretsLastUpdated() time.Time

SecretsLastUpdated returns the last time insecure secrets were updated

func (*InsecureProvider) SecretsUpdated

func (p *InsecureProvider) SecretsUpdated()

SecretsUpdated resets LastUpdate time for the Insecure Secrets.

func (*InsecureProvider) StoreSecret

func (p *InsecureProvider) StoreSecret(secretName string, secrets map[string]string) error

StoreSecret stores the secrets, but is not supported for Insecure Secrets

type SecretData

type SecretData struct {
	Username     string
	Password     string
	KeyPemBlock  string
	CertPemBlock string
	CaPemBlock   string
}

func GetSecretData

func GetSecretData(secretName string, provider interfaces.SecretProvider) (SecretData, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL