credentials

package
v0.4.0-beta1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 10, 2019 License: MIT Imports: 7 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Validate

func Validate(given Set, spec map[string]bundle.Credential) error

Validate compares the given credentials with the spec.

This will result in an error only when the following conditions are true: - a credential in the spec is not present in the given set - the credential is required

It is allowed for spec to specify both an env var and a file. In such case, if the given set provides either, it will be considered valid.

Types

type CredentialSet

type CredentialSet struct {
	// Name is the name of the credentialset.
	Name string `json:"name" yaml:"name"`
	// Creadentials is a list of credential specs.
	Credentials []CredentialStrategy `json:"credentials" yaml:"credentials"`
}

CredentialSet represents a collection of credentials

func Load

func Load(path string) (*CredentialSet, error)

Load a CredentialSet from a file at a given path.

It does not load the individual credentials.

func (*CredentialSet) Resolve

func (c *CredentialSet) Resolve() (Set, error)

Resolve looks up the credentials as described in Source, then copies the resulting value into the Value field of each credential strategy.

The typical workflow for working with a credential set is:

  • Load the set
  • Validate the credentials against a spec
  • Resolve the credentials
  • Expand them into bundle values

type CredentialStrategy

type CredentialStrategy struct {
	// Name is the name of the credential.
	// Name is used to match a credential strategy to a bundle's credential.
	Name string `json:"name" yaml:"name"`
	// Source is the location of the credential.
	// During resolution, the source will be loaded, and the result temporarily placed
	// into Value.
	Source Source `json:"source,omitempty" yaml:"source,omitempty"`
	// Value holds the credential value.
	// When a credential is loaded, it is loaded into this field. In all
	// other cases, it is empty. This field is omitted during serialization.
	Value string `json:"-" yaml:"-"`
}

CredentialStrategy represents a source credential and the destination to which it should be sent.

type Destination

type Destination struct {
	Value string `json:"value,omitempty" yaml:"value,omitempty"`
}

Destination reprents a strategy for injecting a credential into an image.

type Set

type Set map[string]string

Set is an actual set of resolved credentials. This is the output of resolving a credentialset file.

func (Set) Expand

func (s Set) Expand(b *bundle.Bundle, stateless bool) (env, files map[string]string, err error)

Expand expands the set into env vars and paths per the spec in the bundle.

This matches the credentials required by the bundle to the credentials present in the credentialset, and then expands them per the definition in the Bundle.

func (Set) Merge

func (s Set) Merge(s2 Set) error

Merge merges a second Set into the base.

Duplicate credential names are not allow and will result in an error, this is the case even if the values are identical.

type Source

type Source struct {
	Path    string `json:"path,omitempty" yaml:"path,omitempty"`
	Command string `json:"command,omitempty" yaml:"command,omitempty"`
	Value   string `json:"value,omitempty" yaml:"value,omitempty"`
	EnvVar  string `json:"env,omitempty" yaml:"env,omitempty"`
}

Source represents a strategy for loading a credential from local host.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL