Documentation
¶
Index ¶
Constants ¶
View Source
const ( // Secret storage with global scope can be accessed by all projects GlobalSecretStorageScope SecretStorageScope = "global" // Secret storage with project scope can only be accessed by the project that it belongs to ProjectSecretStorageScope SecretStorageScope = "project" // InternalSecretStorageType secret storage stores secret in the MLP database InternalSecretStorageType SecretStorageType = "internal" // VaultSecretStorageType secret storage stores secret in a Vault instance VaultSecretStorageType SecretStorageType = "vault" // Use gcp authentication method to communicate with Vault // https://developer.hashicorp.com/vault/docs/auth/gcp GCPAuthMethod AuthMethod = "gcp" // Use gce authentication method to communicate with Vault // https://developer.hashicorp.com/vault/docs/auth/gcp#gce-login GCEGCPAuthType GCPAuthType = "gce" // Use iam authentication method to communicate with Vault // https://developer.hashicorp.com/vault/docs/auth/gcp#iam-login IAMGCPAuthType GCPAuthType = "iam" // Use token authentication method to communicate with Vault // Only use this method when Vault is running in dev mode TokenAuthMethod AuthMethod = "token" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Application ¶
type Application struct {
ID ID `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Href string `json:"href"`
IconName string `json:"icon" gorm:"column:icon"`
UseProjects bool `json:"use_projects"`
IsInBeta bool `json:"is_in_beta"`
IsDisabled bool `json:"is_disabled"`
Config *ApplicationConfig `json:"config"`
}
type ApplicationConfig ¶
type ApplicationConfig struct {
Sections []ApplicationSection `json:"sections"`
}
func (*ApplicationConfig) Scan ¶
func (c *ApplicationConfig) Scan(value interface{}) error
type ApplicationSection ¶
func (*ApplicationSection) Scan ¶
func (c *ApplicationSection) Scan(value interface{}) error
type AuthMethod ¶ added in v1.8.0
type AuthMethod string
AuthMethod is the authentication type to be used when communicating with Vault
type CreatedUpdated ¶
type GCPAuthType ¶ added in v1.8.0
type GCPAuthType string
GCPAuthType is the GCP authentication type to be used when communicating with Vault
type Project ¶
type Project struct {
ID ID `json:"id"`
Name string `json:"name" validate:"required,min=3,max=50,subdomain_rfc1123"`
// nolint:lll // Next line is 121 characters (lll)
MLFlowTrackingURL string `json:"mlflow_tracking_url" gorm:"column:mlflow_tracking_url" validate:"omitempty,url"`
Administrators pq.StringArray `json:"administrators" gorm:"column:administrators;type:varchar(256)[]"`
Readers pq.StringArray `json:"readers" gorm:"column:readers;type:varchar(256)[]"`
Team string `json:"team" validate:"required,min=1,max=64"`
Stream string `json:"stream" validate:"required,min=1,max=64"`
Labels Labels `json:"labels,omitempty" gorm:"column:labels"`
CreatedUpdated
}
type Secret ¶
type Secret struct {
// ID is the unique identifier of the secret
ID ID `json:"id"`
// ProjectID is the unique identifier of the project
ProjectID ID `json:"project_id"`
// Project is the project of the secret
Project *Project `json:"-"`
// Name is the name of the secret
Name string `json:"name"`
// Data is secret value
Data string `json:"data"`
// SecretStorageID is the unique identifier of the secret storage for storing the secret
SecretStorageID *ID `json:"secret_storage_id,omitempty"`
// SecretStorage is the secret storage for storing the secret
SecretStorage *SecretStorage `json:"secret_storage,omitempty"`
// CreatedUpdated is the timestamp of the secret creation and update
CreatedUpdated
}
Secret represents user defined secret
func (*Secret) CopyValueFrom ¶
func (*Secret) IsValidForInsertion ¶
func (*Secret) IsValidForMutation ¶
type SecretStorage ¶ added in v1.8.0
type SecretStorage struct {
// ID is the unique identifier of the secret storage
ID ID `json:"id"`
// Name is the name of the secret storage
Name string `json:"name"`
// Type is the type of the secret storage
Type SecretStorageType `json:"type"`
// Scope of the secret storage, it can be either "global" or "project"
Scope SecretStorageScope `json:"scope"`
// ProjectID is the ID of the project that the secret storage belongs to when the scope is "project"
ProjectID *ID `json:"project_id,omitempty"`
// Project is the project that the secret storage belongs to when the scope is "project"
Project *Project `json:"-"`
// Config is type-specific secret storage configuration
Config SecretStorageConfig `json:"config,omitempty"`
// CreatedUpdated is the timestamp of the creation and last update of the secret storage
CreatedUpdated
}
SecretStorage represents the external secret storage service for storing a secret
func (*SecretStorage) MergeValue ¶ added in v1.8.0
func (s *SecretStorage) MergeValue(other *SecretStorage) error
func (*SecretStorage) ValidateForCreation ¶ added in v1.8.0
func (s *SecretStorage) ValidateForCreation() error
func (*SecretStorage) ValidateForMutation ¶ added in v1.8.0
func (s *SecretStorage) ValidateForMutation() error
type SecretStorageConfig ¶ added in v1.8.0
type SecretStorageConfig struct {
// VaultConfig is the configuration of the Vault secret storage.
// This field is populated when the type is "vault"
VaultConfig *VaultConfig `json:"vault_config,omitempty"`
}
func (*SecretStorageConfig) Scan ¶ added in v1.8.0
func (c *SecretStorageConfig) Scan(value interface{}) error
type SecretStorageScope ¶ added in v1.8.0
type SecretStorageScope string
SecretStorageScope is the scope of the secret storage
type SecretStorageType ¶ added in v1.8.0
type SecretStorageType string
SecretStorageType is the type of the secret storage
type VaultConfig ¶ added in v1.8.0
type VaultConfig struct {
// Vault URL
URL string `json:"url"`
// Role to be used when communicating with Vault
Role string `json:"role"`
// MountPath is the path of the secret storage in Vault
MountPath string `json:"mount_path"`
// PathPrefix is the prefix of the path of the secret in Vault
PathPrefix string `json:"path_prefix"`
// AuthMethod is the authentication method to be used when communicating with Vault
AuthMethod AuthMethod `json:"auth_method"`
// GCPAuthType is the GCP authentication type to be used when communicating with Vault.
// The value can be either "iam" or "gce"
GCPAuthType GCPAuthType `json:"gcp_auth_type,omitempty"`
// Token is the token to be used when communicating with Vault
// This field is only used when the auth method is "token"
// Only use this method when Vault is running in dev mode
Token string `json:"token,omitempty"`
// ServiceAccountEmail is the service account email to be used when communicating with Vault
// This field is only used when the AuthMethod is "gcp" and GCPAuthType is "iam"
ServiceAccountEmail string `json:"service_account_email"`
}
VaultConfig is the configuration of the Vault secret storage
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.