secrets

package

v1.4.6-1346 Latest Latest Go to latest Published: Jan 3, 2023 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cyberark/secrets-provider-for-k8s

Documentation ¶

Index ¶

Variables
type CommonProviderConfig
type ProviderConfig
type ProviderFunc
- func NewProviderForType(traceContext context.Context, secretsRetrieverFunc conjur.RetrieveSecretsFunc, ...) (ProviderFunc, []error)
- func RetryableSecretProvider(retryInterval time.Duration, retryCountLimit int, provideSecrets ProviderFunc) ProviderFunc
type ProviderRefreshConfig
type RepeatableProviderFunc
- func RepeatableSecretProvider(refreshConfig ProviderRefreshConfig, provideSecrets ProviderFunc) RepeatableProviderFunc

Constants ¶

This section is empty.

Variables ¶

View Source

var FullVersionName = fmt.Sprintf("%s-%s", Version, Tag)

FullVersionName is the user-visible aggregation of version and tag of this codebase

View Source

var Tag = "dev"

Tag field denotes the specific build type for the broker. It may be replaced by compile-time variables if needed to provide the git commit information in the final binary.

View Source

var Version = "1.4.5"

Version field is a SemVer that should indicate the baked-in version

Functions ¶

This section is empty.

Types ¶

type CommonProviderConfig ¶

type CommonProviderConfig struct {
	StoreType       string
	SanitizeEnabled bool
}

CommonProviderConfig provides config that is common to all providers

type ProviderConfig ¶

type ProviderConfig struct {
	CommonProviderConfig
	k8sSecretsStorage.K8sProviderConfig
	pushtofile.P2FProviderConfig
}

ProviderConfig provides the configuration necessary to create a secrets Provider.

type ProviderFunc ¶

type ProviderFunc func() (updated bool, err error)

ProviderFunc describes a function type responsible for providing secrets to an unspecified target. It returns either an error, or a flag that indicates whether any target secret files or Kubernetes Secrets have been updated.

func NewProviderForType ¶

func NewProviderForType(
	traceContext context.Context,
	secretsRetrieverFunc conjur.RetrieveSecretsFunc,
	providerConfig ProviderConfig,
) (ProviderFunc, []error)

NewProviderForType returns a ProviderFunc responsible for providing secrets in a given mode.

func RetryableSecretProvider ¶

func RetryableSecretProvider(
	retryInterval time.Duration,
	retryCountLimit int,
	provideSecrets ProviderFunc,
) ProviderFunc

RetryableSecretProvider returns a new ProviderFunc, which wraps the provided ProviderFunc in a limitedBackOff-restricted Retry call.

type ProviderRefreshConfig ¶

type ProviderRefreshConfig struct {
	Mode                  string
	SecretRefreshInterval time.Duration
	ProviderQuit          chan struct{}
}

ProviderRefreshConfig specifies the secret refresh configuration for a repeatable secret provider.

type RepeatableProviderFunc ¶

type RepeatableProviderFunc func() error

RepeatableProviderFunc describes a function type that is capable of looping indefinitely while providing secrets to unspecified targets.

func RepeatableSecretProvider ¶

func RepeatableSecretProvider(
	refreshConfig ProviderRefreshConfig,
	provideSecrets ProviderFunc,
) RepeatableProviderFunc

RepeatableSecretProvider returns a new ProviderFunc, which wraps a retryable ProviderFunc inside a function that operates in one of three modes:

Run once and return (for init or application container modes)
Run once and sleep forever (for sidecar mode without periodic refresh)
Run periodically (for sidecar mode with periodic refresh)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
annotations
clients
conjur
conjur/mocks
k8s
config
k8s_secrets_storage
mocks
pushtofile

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL