Documentation ¶
Index ¶
Constants ¶
View Source
const ( InvalidVaultUrl = "vault must be a valid HTTP/HTTPS url" InvalidSecretEngine = "either kvEngineName or quorumSignerEngineName must be set" UnlockNotSupported = "unlock is not supported when using quorumSignerEngine" InvalidAccountDirectory = "accountDirectory must be a valid absolute file url" InvalidAuthentication = "authentication must contain roleId, secretId and approlePath OR only token, and the given environment variables must be set" InvalidCaCert = "caCert must be a valid absolute file url" InvalidClientCert = "clientCert must be a valid absolute file url" InvalidClientKey = "clientKey must be a valid absolute file url" InvalidSecretName = "secretName must be set" InvalidOverwriteProtection = "currentVersion and insecureDisable cannot both be set" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccountFile ¶
type AccountFile struct { Path string Contents AccountFileJSON }
type AccountFileJSON ¶
func (*AccountFileJSON) AccountURL ¶
func (c *AccountFileJSON) AccountURL(vaultURL, secretEngineName, apiEndpoint string) (*url.URL, error)
type EnvironmentVariable ¶
func (EnvironmentVariable) Get ¶
func (e EnvironmentVariable) Get() string
func (EnvironmentVariable) IsSet ¶
func (e EnvironmentVariable) IsSet() bool
func (EnvironmentVariable) String ¶
func (e EnvironmentVariable) String() string
type NewAccount ¶
type NewAccount struct { SecretName string OverwriteProtection OverwriteProtection }
func (*NewAccount) AccountFile ¶
func (c *NewAccount) AccountFile(path string, address string, secretVersion int64) AccountFile
func (NewAccount) Validate ¶
func (c NewAccount) Validate() error
type OverwriteProtection ¶
type VaultClient ¶
type VaultClient struct { VaultClientBase KVEngineName string // the path of the K/V v2 secret engine. May be nil. Use SecretEngineName to get the configured secret engine. QuorumSignerEngineName string // the path of the quorum-signer secret engine. May be nil. Use SecretEngineName to get the configured secret engine. Unlock []string }
func (*VaultClient) MarshalJSON ¶
func (c *VaultClient) MarshalJSON() ([]byte, error)
func (VaultClient) ReadEndpoint ¶
func (c VaultClient) ReadEndpoint() string
ReadEndpoint returns the endpoint used to read/GET accounts for the configured secret engine
func (VaultClient) SecretEngineName ¶
func (c VaultClient) SecretEngineName() string
SecretEngineName returns the name of the configured secret engine
func (VaultClient) Type ¶
func (c VaultClient) Type() ClientType
func (*VaultClient) UnmarshalJSON ¶
func (c *VaultClient) UnmarshalJSON(b []byte) error
func (VaultClient) Validate ¶
func (c VaultClient) Validate() error
type VaultClientAuthentication ¶
type VaultClientAuthentication struct { Token *EnvironmentVariable RoleId *EnvironmentVariable SecretId *EnvironmentVariable ApprolePath *EnvironmentVariable }
type VaultClientBase ¶
type VaultClientBase struct { Vault *url.URL AccountDirectory *url.URL Authentication VaultClientAuthentication TLS VaultClientTLS }
VaultClientBase encapsulates common config fields between the kv and quorum-signer vault clients to simplify validation
func (VaultClientBase) Validate ¶
func (c VaultClientBase) Validate() error
Click to show internal directories.
Click to hide internal directories.