secret

package
v0.0.0-...-e7c744b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 21, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AlreadyExistsError 

type AlreadyExistsError struct {
	OrganizationID uint
	SecretID       string
}

AlreadyExistsError is returned when a secret already exists in the store.

func (AlreadyExistsError) Conflict 

func (AlreadyExistsError) Conflict() bool

Conflict tells the consumer that this error is related to a conflicting request. Can be used to translate the error to the consumer's response format (eg. status codes).

func (AlreadyExistsError) Details 

func (e AlreadyExistsError) Details() []interface{}

Details returns error details.

func (AlreadyExistsError) Error 

func (AlreadyExistsError) Error() string

Error implements the error interface.

func (AlreadyExistsError) ServiceError 

func (AlreadyExistsError) ServiceError() bool

ServiceError tells the consumer that this is a business error and it should be returned to the client. Non-service errors are usually translated into "internal" errors.

type CleanupType 

type CleanupType interface {
	// Cleanup is called before a secret is deleted to allow the type to clean up any resources used for the secret.
	Cleanup(organizationID uint, data map[string]string, tags []string) error
}

CleanupType can be implemented by a secret type that adds secret cleanup abilities to the type.

This is added temporarily for PKE secret type.

type FieldDefinition 

type FieldDefinition struct {
	Name            string `json:"name"`
	Description     string `json:"description,omitempty"`
	Required        bool   `json:"required"`
	IsSafeToDisplay bool   `json:"IsSafeToDisplay,omitempty"`
	Opaque          bool   `json:"opaque,omitempty"`
}

FieldDefinition describes a secret field.

type GeneratorType 

type GeneratorType interface {
	// ValidateNew validates a new, potentially incomplete secret.
	//
	// If the first returned result is false, the secret is incomplete and needs generation.
	ValidateNew(data map[string]string) (bool, error)

	// Generate generates values for the secret.
	//
	// Note: organizationID, secretName and tags are added for the PKE type.
	Generate(organizationID uint, secretName string, data map[string]string, tags []string) (map[string]string, error)
}

GeneratorType can be implemented by a secret type that adds secret generation abilities to the type.

When a type can generate secrets, a secret should be validated differently.

type Model 

type Model struct {
	ID        string            `mapstructure:"-"`
	Name      string            `mapstructure:"name"`
	Type      string            `mapstructure:"type"`
	Values    map[string]string `mapstructure:"values"`
	Tags      []string          `mapstructure:"tags"`
	UpdatedAt time.Time         `mapstructure:"-"`
	UpdatedBy string            `mapstructure:"updatedBy"`
}

Model is an internal, low-level representation of a secret.

type NotFoundError 

type NotFoundError struct {
	OrganizationID uint
	SecretID       string
}

NotFoundError is returned when a secret cannot be found.

func (NotFoundError) Details 

func (e NotFoundError) Details() []interface{}

Details returns error details.

func (NotFoundError) Error 

func (NotFoundError) Error() string

Error implements the error interface.

func (NotFoundError) NotFound 

func (NotFoundError) NotFound() bool

NotFound tells a consumer that this error is related to a resource being not found. Can be used to translate the error to the consumer's response format (eg. status codes).

func (NotFoundError) ServiceError 

func (NotFoundError) ServiceError() bool

ServiceError tells the consumer that this is a business error and it should be returned to the client. Non-service errors are usually translated into "internal" errors.

type ProcessorType 

type ProcessorType interface {
	// Process processes values for the secret.
	Process(data map[string]string) (map[string]string, error)
}

ProcessorType can be implemented by a secret type that adds secret processing abilities to the type.

Secret processing is done when a secret is created or updated (eg. making sure a secret is in a specific format).

type Store 

type Store interface {
	// Create writes a new secret in the store.
	//
	// Compared to Put, Create returns a AlreadyExistsError if the secret already exists.
	Create(ctx context.Context, organizationID uint, model Model) error

	// Put updates an existing secret or writes a new one in the store.
	Put(ctx context.Context, organizationID uint, model Model) error

	// Get retrieves a secret from the store.
	Get(ctx context.Context, organizationID uint, id string) (Model, error)

	// List lists secrets in the store.
	List(ctx context.Context, organizationID uint) ([]Model, error)

	// Delete deletes a secret from the store.
	Delete(ctx context.Context, organizationID uint, id string) error
}

Store is a low-level interface for a key-value like secret store.

type Type 

type Type interface {
	// Name is the type name.
	Name() string

	// Definition returns a descriptor for the secret type.
	//
	// Definition is currently used by clients and internally for validating certain types.
	Definition() TypeDefinition

	// Validate validates a secret.
	Validate(data map[string]string) error
}

Type describes a secret type.

type TypeDefinition 

type TypeDefinition struct {
	Fields []FieldDefinition `json:"fields"`
}

TypeDefinition describes the structure of a secret type.

type TypeList 

type TypeList struct {
	// contains filtered or unexported fields
}

TypeList is an accessor to a list of secret types.

func NewTypeList 

func NewTypeList(types []Type) TypeList

NewTypeList returns a new TypeList.

func (TypeList) Type 

func (t TypeList) Type(typ string) Type

Type returns a type from the list (if it exists).

func (TypeList) Types 

func (t TypeList) Types() []Type

Types returns the list of secret types.

type ValidationError 

type ValidationError struct {
	// contains filtered or unexported fields
}

ValidationError is returned when a request is semantically invalid.

func NewValidationError 

func NewValidationError(message string, violations []string) ValidationError

NewValidationError returns a new ValidationError.

func (ValidationError) Error 

func (e ValidationError) Error() string

Error implements the error interface.

func (ValidationError) ServiceError 

func (ValidationError) ServiceError() bool

ServiceError tells the consumer whether this error is caused by invalid input supplied by the client. Client errors are usually returned to the consumer without retrying the operation.

func (ValidationError) Validation 

func (ValidationError) Validation() bool

Validation tells a client that this error is related to a semantic validation of the request. Can be used to translate the error to status codes for example.

func (ValidationError) Violations 

func (e ValidationError) Violations() []string

Violations returns details of the failed validation.

type VerifierType 

type VerifierType interface {
	// Verify verifies a secret.
	Verify(data map[string]string) error
}

VerifierType can be implemented by a secret type that adds secret verification abilities to the type.

Verification can check if credentials are actually valid (ie. can access a remote service).

Source Files

View all Source files

Directories

Path Synopsis
ssh
sshadapter
sshdriver

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.