README
¶
go-config-yourself/pkg/file
A library to read go-config-yourself config files from your golang application.
Usage
package main
import "fmt"
import "github.com/blinhealth/go-config-yourself/pkg/file"
func main() {
cfg, err := file.Load("./config/my-file.yml")
if err != nil {
panic(err)
}
plaintextValue, err := cfg.Get("path.to.secret")
if err == nil {
fmt.Println(fmt.Sprintf("The password is %s", plaintextValue))
// Outputs: The password is hunter2
}
mapOfValues, err := cfg.GetAll()
if err == nil {
fmt.Println(fmt.Sprintf("The file as a map looks like: %v", mapOfValues))
// Outputs: The file as a map looks like: map[string]...
}
}
Documentation
¶
Overview ¶
Package file provides an API to work encrypted config files
Example ¶
Example usage of the package to load a file and operate on it
package main
import (
"fmt"
"github.com/blinkhealth/go-config-yourself/pkg/file"
)
func main() {
// Load your config from a file
cfg, err := file.Load("./config/my-file.yml")
if err != nil {
return
}
// Set some values
if err := cfg.Set("path.to.secret", []byte("🤫")); err != nil {
return
}
// Read them back
var plaintextValue interface{}
if plaintextValue, err = cfg.Get("path.to.secret"); err == nil {
return
}
fmt.Println(fmt.Sprintf("The password is %s", plaintextValue))
// Outputs: The password is 🤫
// Or get all of them at once, decrypted as a map
mapOfValues, err := cfg.GetAll()
if err == nil {
fmt.Println(fmt.Sprintf("The file as a map looks like: %v", mapOfValues))
// Outputs: The file as a map looks like: map[string]...
}
// Serialize it as YAML
if bytes, err := cfg.Serialize(); err == nil {
fmt.Println(bytes)
// Outputs:
// crypto:
// provider: password
// key: someBase64Key
// path:
// to:
// secret:
// ciphertext: someBase64Ciphertext
// encrypted: true
// hash: theSha256HashOfPlaintext
}
}
Output:
Index ¶
- type ConfigFile
- func (cfg *ConfigFile) Get(keyPath string) (value interface{}, err error)
- func (cfg *ConfigFile) GetAll() (tree map[string]interface{}, err error)
- func (cfg *ConfigFile) HasCrypto() bool
- func (cfg *ConfigFile) ListSecrets() []string
- func (cfg *ConfigFile) Rekey(providerName string, providerArgs map[string]interface{}) (newFile *ConfigFile, err error)
- func (cfg *ConfigFile) Serialize() ([]byte, error)
- func (cfg *ConfigFile) Set(keyPath string, plainText []byte) (err error)
- func (cfg *ConfigFile) VeryInsecurelySetPlaintext(keyPath string, plainText []byte) error
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConfigFile ¶
type ConfigFile struct {
// The name of this config file's provider, one of `kms`, `gpg`, or `password`
Provider string
// contains filtered or unexported fields
}
ConfigFile wraps parsed yaml data and provides an interface to interact with it
func Create ¶
func Create(providerName string, providerArgs map[string]interface{}) (config *ConfigFile, err error)
Create a new ConfigFile, initializing its crypto provider with given arguments.
The user may be prompted for details if connected to a TTY and these are not provided by `providerArgs`
func Load ¶
func Load(path string) (config *ConfigFile, err error)
Load a file at a give path and return a ConfigFile
func (*ConfigFile) Get ¶
func (cfg *ConfigFile) Get(keyPath string) (value interface{}, err error)
Get returns the value at this dot-delimited `keyPath`
func (*ConfigFile) GetAll ¶
func (cfg *ConfigFile) GetAll() (tree map[string]interface{}, err error)
GetAll decrypts all secrets and returns the file as a map
func (*ConfigFile) HasCrypto ¶
func (cfg *ConfigFile) HasCrypto() bool
HasCrypto tells whether this file has a crypto provider or not
func (*ConfigFile) ListSecrets ¶
func (cfg *ConfigFile) ListSecrets() []string
ListSecrets returns a slice of all the encrypted keyPaths in this config file
func (*ConfigFile) Rekey ¶
func (cfg *ConfigFile) Rekey(providerName string, providerArgs map[string]interface{}) (newFile *ConfigFile, err error)
Rekey creates a copy of this file, initializing its crypto provider with given arguments, and reencrypts all secrets. The original ConfigFile will not be modified.
The user may be prompted for details if connected to a TTY and these are not provided by `providerArgs`
func (*ConfigFile) Serialize ¶
func (cfg *ConfigFile) Serialize() ([]byte, error)
Serialize the config into YAML
func (*ConfigFile) Set ¶
func (cfg *ConfigFile) Set(keyPath string, plainText []byte) (err error)
Set into `keyPath` the encrypted value for `plainText`
func (*ConfigFile) VeryInsecurelySetPlaintext ¶
func (cfg *ConfigFile) VeryInsecurelySetPlaintext(keyPath string, plainText []byte) error
VeryInsecurelySetPlaintext very insecurely sets `plainText`, without encrypting, at `keyPath`
Source Files