Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Validate ¶
func Validate(given Set, spec map[string]bundle.Credential) error
Validate compares the given credentials with the spec.
This will result in an error only when the following conditions are true: - a credential in the spec is not present in the given set - the credential is required
It is allowed for spec to specify both an env var and a file. In such case, if the given set provides either, it will be considered valid.
Types ¶
type CredentialSet ¶
type CredentialSet struct { // Name is the name of the credentialset. Name string `json:"name" yaml:"name"` // Creadentials is a list of credential specs. Credentials []CredentialStrategy `json:"credentials" yaml:"credentials"` }
CredentialSet represents a collection of credentials
func Load ¶
func Load(path string) (*CredentialSet, error)
Load a CredentialSet from a file at a given path.
It does not load the individual credentials.
func (*CredentialSet) Resolve ¶
func (c *CredentialSet) Resolve() (Set, error)
Resolve looks up the credentials as described in Source, then copies the resulting value into the Value field of each credential strategy.
The typical workflow for working with a credential set is:
- Load the set
- Validate the credentials against a spec
- Resolve the credentials
- Expand them into bundle values
type CredentialStrategy ¶
type CredentialStrategy struct { // Name is the name of the credential. // Name is used to match a credential strategy to a bundle's credential. Name string `json:"name" yaml:"name"` // Source is the location of the credential. // During resolution, the source will be loaded, and the result temporarily placed // into Value. Source Source `json:"source,omitempty" yaml:"source,omitempty"` // Value holds the credential value. // When a credential is loaded, it is loaded into this field. In all // other cases, it is empty. This field is omitted during serialization. Value string `json:"-" yaml:"-"` }
CredentialStrategy represents a source credential and the destination to which it should be sent.
type Destination ¶
type Destination struct {
Value string `json:"value,omitempty" yaml:"value,omitempty"`
}
Destination reprents a strategy for injecting a credential into an image.
type Set ¶
Set is an actual set of resolved credentials. This is the output of resolving a credentialset file.
type Source ¶
type Source struct { Path string `json:"path,omitempty" yaml:"path,omitempty"` Command string `json:"command,omitempty" yaml:"command,omitempty"` Value string `json:"value,omitempty" yaml:"value,omitempty"` EnvVar string `json:"env,omitempty" yaml:"env,omitempty"` }
Source represents a strategy for loading a credential from local host.