secretstores

package
v1.11.0-rc.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 23, 2023 License: Apache-2.0 Imports: 5 Imported by: 41

README

Secret Stores

Secret Stores provide a common way to interact with different secret stores, cloud/edge/commercial or open-source.

Implementing a new Secret Store

A compliant secret store needs to implement the SecretStore interface included in the secret_store.go file.

Documentation

Index

Constants

View Source
const DefaultSecretRefKeyName = "_value"

DefaultSecretRefKeyName is the default key if secretKeyRef.key is not given.

Variables

This section is empty.

Functions

func Ping added in v1.8.0

func Ping(ctx context.Context, secretStore SecretStore) error

Types

type BulkGetSecretRequest added in v1.0.0

type BulkGetSecretRequest struct {
	Metadata map[string]string `json:"metadata"`
}

BulkGetSecretRequest describes a bulk get secret request from a secret store.

type BulkGetSecretResponse added in v1.0.0

type BulkGetSecretResponse struct {
	Data map[string]map[string]string `json:"data"`
}

BulkGetSecretResponse describes the response object for all the secrets returned from a secret store.

type Feature added in v1.9.0

type Feature string

Feature names a feature that can be implemented by Secret Store components.

const (
	// FeatureMultipleKeyValuesPerSecret advertises that this SecretStore supports multiple keys-values under a single secret.
	FeatureMultipleKeyValuesPerSecret Feature = "MULTIPLE_KEY_VALUES_PER_SECRET"
)

func (Feature) IsPresent added in v1.9.0

func (f Feature) IsPresent(features []Feature) bool

IsPresent checks if a given feature is present in the list.

type GetSecretRequest

type GetSecretRequest struct {
	Name     string            `json:"name"`
	Metadata map[string]string `json:"metadata"`
}

GetSecretRequest describes a get secret request from a secret store.

type GetSecretResponse

type GetSecretResponse struct {
	Data map[string]string `json:"data"`
}

GetSecretResponse describes the response object for a secret returned from a secret store.

type Metadata

type Metadata struct {
	metadata.Base `json:",inline"`
}

Metadata contains a secretstore specific set of metadata properties.

type SecretStore

type SecretStore interface {
	// Init authenticates with the actual secret store and performs other init operation
	Init(ctx context.Context, metadata Metadata) error
	// GetSecret retrieves a secret using a key and returns a map of decrypted string/string values.
	GetSecret(ctx context.Context, req GetSecretRequest) (GetSecretResponse, error)
	// BulkGetSecret retrieves all secrets in the store and returns a map of decrypted string/string values.
	BulkGetSecret(ctx context.Context, req BulkGetSecretRequest) (BulkGetSecretResponse, error)
	// Features lists the features supported by the secret store.
	Features() []Feature
	// GetComponentMetadata returns the metadata options for the secret store.
	GetComponentMetadata() map[string]string
}

SecretStore is the interface for a component that handles secrets management.

Directories

Path Synopsis
alicloud
aws
azure
gcp
hashicorp
huaweicloud
local
env
tencentcloud
ssm

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL