config

package
v1.4.6-1370 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 3, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	K8s                       = "k8s_secrets"
	File                      = "file"
	ConjurMapKey              = "conjur-map"
	DefaultRetryCountLimit    = 5
	DefaultRetryIntervalSec   = 1
	MinRetryValue             = 0
	MinRefreshInterval        = time.Second
	DefaultRefreshIntervalStr = "5m"
	DefaultSanitizeEnabled    = true
)

Constants for Secrets Provider operation modes, and Defaults for some SP settings

View Source 
const (
	TYPESTRING annotationType = iota
	TYPEINT
	TYPEBOOL
)

Represents each annotation input value type, used during input value validation

View Source 
const (
	AuthnIdentityKey      = "conjur.org/authn-identity"
	JwtTokenPath          = "conjur.org/jwt-token-path"
	ContainerModeKey      = "conjur.org/container-mode"
	SecretsDestinationKey = "conjur.org/secrets-destination"

	// SecretsRefreshIntervalKey is the Annotation key for setting the interval
	// for retrieving Conjur secrets and updating Kubernetes Secrets or
	// application secret files if necessary.
	SecretsRefreshIntervalKey = "conjur.org/secrets-refresh-interval"
	// SecretsRefreshEnabledKey is the Annotation key for enabling the refresh
	SecretsRefreshEnabledKey = "conjur.org/secrets-refresh-enabled"
	// RemoveDeletedSecretsKey is the annotaion key for enabling removing deleted secrets
	RemoveDeletedSecretsKey = "conjur.org/remove-deleted-secrets-enabled"
)

Variables

View Source 
var DefaultRefreshInterval, _ = time.ParseDuration(DefaultRefreshIntervalStr)

Functions

func GatherSecretsProviderSettings 

func GatherSecretsProviderSettings(annotations map[string]string) map[string]string

GatherSecretsProviderSettings returns a string-to-string map of all provided environment variables and parsed, valid annotations that are concerned with Secrets Provider Config.

func ValidateAnnotations 

func ValidateAnnotations(annotations map[string]string) ([]error, []error)

ValidateAnnotations confirms that the provided annotations are properly formated, have the proper value type, and if the annotation in question had a defined set of accepted values, the provided value is confirmed. Function returns a list of Error logs, and a list of Info logs.

func ValidateSecretsProviderSettings 

func ValidateSecretsProviderSettings(envAndAnnots map[string]string) ([]error, []error)

ValidateSecretsProviderSettings confirms that the provided environment variable and annotation settings yield a valid Secrets Provider configuration. Returns a list of Error logs, and a list of Info logs.

Types

type Config 

type Config struct {
	PodNamespace           string
	RequiredK8sSecrets     []string
	RetryCountLimit        int
	RetryIntervalSec       int
	StoreType              string
	SecretsRefreshInterval time.Duration
	SanitizeEnabled        bool
}

Config defines the configuration parameters for the authentication requests

func NewConfig 

func NewConfig(settings map[string]string) *Config

NewConfig creates a new Secrets Provider configuration for a validated map of environment variable and annotation settings.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.