vault

package

v0.2.0 Latest Latest Go to latest Published: Jun 6, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/bank-vaults/secret-init

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func NewProvider(config *Config, appConfig *common.Config) (provider.Provider, error)
type Config
- func LoadConfig() (*Config, error)
type Provider
- func (p *Provider) LoadSecrets(_ context.Context, paths []string) ([]provider.Secret, error)

Constants ¶

View Source

const (
	TokenEnv                = "VAULT_TOKEN"
	TokenFileEnv            = "VAULT_TOKEN_FILE"
	AddrEnv                 = "VAULT_ADDR"
	AgentAddrEnv            = "VAULT_AGENT_ADDR"
	CACertEnv               = "VAULT_CACERT"
	CAPathEnv               = "VAULT_CAPATH"
	ClientCertEnv           = "VAULT_CLIENT_CERT"
	ClientKeyEnv            = "VAULT_CLIENT_KEY"
	ClientTimeoutEnv        = "VAULT_CLIENT_TIMEOUT"
	SRVLookupEnv            = "VAULT_SRV_LOOKUP"
	SkipVerifyEnv           = "VAULT_SKIP_VERIFY"
	NamespaceEnv            = "VAULT_NAMESPACE"
	TLSServerNameEnv        = "VAULT_TLS_SERVER_NAME"
	WrapTTLEnv              = "VAULT_WRAP_TTL"
	MFAEnv                  = "VAULT_MFA"
	MaxRetriesEnv           = "VAULT_MAX_RETRIES"
	ClusterAddrEnv          = "VAULT_CLUSTER_ADDR"
	RedirectAddrEnv         = "VAULT_REDIRECT_ADDR"
	CLINoColorEnv           = "VAULT_CLI_NO_COLOR"
	RateLimitEnv            = "VAULT_RATE_LIMIT"
	RoleEnv                 = "VAULT_ROLE"
	PathEnv                 = "VAULT_PATH"
	AuthMethodEnv           = "VAULT_AUTH_METHOD"
	TransitKeyIDEnv         = "VAULT_TRANSIT_KEY_ID"
	TransitPathEnv          = "VAULT_TRANSIT_PATH"
	TransitBatchSizeEnv     = "VAULT_TRANSIT_BATCH_SIZE"
	IgnoreMissingSecretsEnv = "VAULT_IGNORE_MISSING_SECRETS"
	PassthroughEnv          = "VAULT_PASSTHROUGH"
	LogLevelEnv             = "VAULT_LOG_LEVEL"
	RevokeTokenEnv          = "VAULT_REVOKE_TOKEN"
	FromPathEnv             = "VAULT_FROM_PATH"
)

Variables ¶

View Source

var (
	ProviderName     = "vault"
	ProviderEnvRegex = regexp.MustCompile(`(vault:)(.*)#(.*)`)
)

Functions ¶

func NewProvider ¶

func NewProvider(config *Config, appConfig *common.Config) (provider.Provider, error)

Types ¶

type Config ¶

type Config struct {
	IsLogin              bool   `json:"is_login"`
	Token                string `json:"token"`
	TokenFile            string `json:"token_file"`
	Role                 string `json:"role"`
	AuthPath             string `json:"auth_path"`
	AuthMethod           string `json:"auth_method"`
	TransitKeyID         string `json:"transit_key_id"`
	TransitPath          string `json:"transit_path"`
	TransitBatchSize     int    `json:"transit_batch_size"`
	IgnoreMissingSecrets bool   `json:"ignore_missing_secrets"`
	FromPath             string `json:"from_path"`
	RevokeToken          bool   `json:"revoke_token"`
}

func LoadConfig ¶

func LoadConfig() (*Config, error)

type Provider ¶

type Provider struct {
	// contains filtered or unexported fields
}

func (*Provider) LoadSecrets ¶

func (p *Provider) LoadSecrets(_ context.Context, paths []string) ([]provider.Secret, error)

LoadSecret's path formatting: <key>=<path> This formatting is necessary because the injector expects a map of key=value pairs. It also returns a map of key:value pairs, where the key is the environment variable name and the value is the secret value E.g. paths: MYSQL_PASSWORD=secret/data/mysql/password returns: []provider.Secret{provider.Secret{Path: "MYSQL_PASSWORD", Value: "password"}}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL