bao

Documentation

Index

• Constants
• func NewProvider(_ context.Context, appConfig *common.Config) (provider.Provider, error)
• func Valid(envValue string) bool
• type Config
  • func LoadConfig() (*Config, error)
• type Provider
  • func (p *Provider) LoadSecrets(ctx context.Context, paths []string) ([]provider.Secret, error)

Constants

const (
	FromPathEnv = "BAO_FROM_PATH"
)

const (
	ProviderType = "bao"
)

Functions

func NewProvider

func NewProvider(_ context.Context, appConfig *common.Config) (provider.Provider, error)

func Valid

func Valid(envValue string) bool

If the path contains some string formatted as "bao:{STR}#{STR}" it is most probably a vault path

Types

type Config

type Config struct {
	IsLogin              bool   `json:"is_login"`
	Token                string `json:"token"`
	TokenFile            string `json:"token_file"`
	Role                 string `json:"role"`
	AuthPath             string `json:"auth_path"`
	AuthMethod           string `json:"auth_method"`
	TransitKeyID         string `json:"transit_key_id"`
	TransitPath          string `json:"transit_path"`
	TransitBatchSize     int    `json:"transit_batch_size"`
	IgnoreMissingSecrets bool   `json:"ignore_missing_secrets"`
	FromPath             string `json:"from_path"`
	RevokeToken          bool   `json:"revoke_token"`
}

func LoadConfig

func LoadConfig() (*Config, error)

type Provider

type Provider struct {
	// contains filtered or unexported fields
}

func (*Provider) LoadSecrets

func (p *Provider) LoadSecrets(ctx context.Context, paths []string) ([]provider.Secret, error)

LoadSecret's path formatting: <key>=<path> This formatting is necessary because the injector expects a map of key=value pairs. It also returns a map of key:value pairs, where the key is the environment variable name and the value is the secret value E.g. paths: MYSQL_PASSWORD=secret/data/mysql/password returns: []provider.Secret{provider.Secret{Path: "MYSQL_PASSWORD", Value: "password"}}