vault

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 25, 2017 License: MPL-2.0 Imports: 13 Imported by: 22

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// for authenticating this web server with vault
	VaultAddress = ""
	VaultSkipTLS = false
)
View Source
var (
	GithubCurrentCommit = ""
)

Functions

func DeleteFromCubbyhole

func DeleteFromCubbyhole(name string) (*api.Secret, error)

func GenerateRootCancel

func GenerateRootCancel() error

func GenerateRootInit

func GenerateRootInit(otp string) (*api.GenerateRootStatusResponse, error)

func GenerateRootStatus

func GenerateRootStatus() (*api.GenerateRootStatusResponse, error)

lookup current root generation status

func GenerateRootUpdate

func GenerateRootUpdate(shard, nonce string) (*api.GenerateRootStatusResponse, error)

func LoadRuntimeConfig added in v0.4.0

func LoadRuntimeConfig(configPath string) error

func NewVaultClient added in v0.3.0

func NewVaultClient() (*api.Client, error)

func ReadFromCubbyhole

func ReadFromCubbyhole(name string) (*api.Secret, error)

func StartGoldfishWrapper added in v0.3.0

func StartGoldfishWrapper(wrappingToken, login, id string) error

func UnwrapData added in v0.2.5

func UnwrapData(wrappingToken string) (map[string]interface{}, error)

func VaultHealth

func VaultHealth() (string, error)

func WrapData added in v0.2.5

func WrapData(wrapttl string, data map[string]interface{}) (string, error)

func WriteToCubbyhole

func WriteToCubbyhole(name string, data map[string]interface{}) (interface{}, error)

Types

type AuthInfo

type AuthInfo struct {
	Type string `json:"Type" form:"Type" query:"Type"`
	ID   string `json:"ID" form:"ID" query:"ID"`
	Pass string `json:"password" form:"Password" query:"Password"`
}

func (*AuthInfo) CapabilitiesSelf added in v0.3.2

func (auth *AuthInfo) CapabilitiesSelf(path string) ([]string, error)

returns a list of capabilities the current auth has on a given path

func (*AuthInfo) Clear

func (auth *AuthInfo) Clear()

zeros out credentials, call by defer

func (AuthInfo) Client

func (auth AuthInfo) Client() (*api.Client, error)

constructs a client with server's vault address and client access token

func (AuthInfo) CreateToken

func (auth AuthInfo) CreateToken(opts *api.TokenCreateRequest, wrapttl string) (*api.Secret, error)

func (*AuthInfo) DecryptAuth

func (auth *AuthInfo) DecryptAuth() error

decrypt auth details with transit backend

func (AuthInfo) DecryptTransit

func (auth AuthInfo) DecryptTransit(key string, cipher string) (string, error)

decrypt given cipher with userTransitKey

func (AuthInfo) DeletePolicy

func (auth AuthInfo) DeletePolicy(name string) error

func (AuthInfo) DeleteRaw added in v0.5.1

func (auth AuthInfo) DeleteRaw(path string) (*api.Secret, error)

func (AuthInfo) DeleteSecret added in v0.4.1

func (auth AuthInfo) DeleteSecret(path string) (interface{}, error)

func (*AuthInfo) EncryptAuth

func (auth *AuthInfo) EncryptAuth() error

encrypt auth details with transit backend

func (AuthInfo) EncryptTransit

func (auth AuthInfo) EncryptTransit(key string, plaintext string) (string, error)

encrypt given string with userTransitKey

func (AuthInfo) GetBulletins

func (auth AuthInfo) GetBulletins() ([]map[string]interface{}, error)

func (AuthInfo) GetMount

func (auth AuthInfo) GetMount(path string) (*api.MountConfigOutput, error)

func (AuthInfo) GetPolicy

func (auth AuthInfo) GetPolicy(name string) (string, error)

func (AuthInfo) GetRole

func (auth AuthInfo) GetRole(rolename string) (interface{}, error)

func (AuthInfo) GetTokenAccessors added in v0.5.0

func (auth AuthInfo) GetTokenAccessors() ([]interface{}, error)

func (AuthInfo) ListApproleRoles added in v0.5.1

func (auth AuthInfo) ListApproleRoles() ([]Role, error)

func (AuthInfo) ListMounts

func (auth AuthInfo) ListMounts() (map[string]*api.MountOutput, error)

returns list of current mounts, if authorized

func (AuthInfo) ListPolicies

func (auth AuthInfo) ListPolicies() ([]string, error)

func (AuthInfo) ListRoles

func (auth AuthInfo) ListRoles() (interface{}, error)

func (AuthInfo) ListSecret

func (auth AuthInfo) ListSecret(path string) ([]interface{}, error)

func (AuthInfo) ListUserpassUsers added in v0.5.1

func (auth AuthInfo) ListUserpassUsers() ([]UserpassUser, error)

func (*AuthInfo) Login

func (auth *AuthInfo) Login() (map[string]interface{}, error)

verifies whether auth ID and password are valid if valid, creates a client access token and returns the metadata

func (AuthInfo) LookupSelf

func (auth AuthInfo) LookupSelf() (*api.Secret, error)

func (AuthInfo) LookupTokenByAccessor added in v0.5.0

func (auth AuthInfo) LookupTokenByAccessor(accs string) ([]interface{}, error)

func (AuthInfo) PutPolicy

func (auth AuthInfo) PutPolicy(name, rules string) error

func (AuthInfo) ReadSecret

func (auth AuthInfo) ReadSecret(path string) (map[string]interface{}, error)

func (AuthInfo) RenewSelf

func (auth AuthInfo) RenewSelf() (*api.Secret, error)

func (AuthInfo) RevokeSelf

func (auth AuthInfo) RevokeSelf() error

func (AuthInfo) RevokeTokenByAccessor added in v0.5.1

func (auth AuthInfo) RevokeTokenByAccessor(acc string) error

func (AuthInfo) TuneMount

func (auth AuthInfo) TuneMount(path string, config api.MountConfigInput) error

func (*AuthInfo) UnwrapData added in v0.3.2

func (auth *AuthInfo) UnwrapData(wrappingToken string) (map[string]interface{}, error)

func (*AuthInfo) WrapData added in v0.3.2

func (auth *AuthInfo) WrapData(wrapttl string, raw string) (string, error)

func (AuthInfo) WriteSecret

func (auth AuthInfo) WriteSecret(path string, raw string) (interface{}, error)

type Config

type Config struct {
	ServerTransitKey  string
	UserTransitKey    string
	TransitBackend    string
	DefaultSecretPath string
	BulletinPath      string

	SlackWebhook string
	SlackChannel string

	GithubAccessToken  string
	GithubRepoOwner    string
	GithubRepo         string
	GithubPoliciesPath string
	GithubTargetBranch string

	// fields that goldfish will write
	LastUpdated         string `hash:"ignore"`
	GithubCurrentCommit string
}

func GetConfig

func GetConfig() Config

type Role added in v0.5.1

type Role struct {
	Roleid             string
	Token_TTL          int
	Token_max_TTL      int
	Secret_id_TTL      int
	Secret_id_num_uses int
	Policies           []string
	Period             int
	Bind_secret_id     bool
	Bound_cidr_list    string
}

type UserpassUser added in v0.5.1

type UserpassUser struct {
	Name     string
	TTL      int
	Max_TTL  int
	Policies string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL