secretstores

package

v1.8.0-rc.1 Latest Latest Go to latest Published: Jun 21, 2022 License: Apache-2.0 Imports: 2 Imported by: 35

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dapr/components-contrib

README ¶

Secret Stores

Secret Stores provide a common way to interact with different secret stores, cloud/edge/commercial or open-source.

Currently supported secret stores are:

Kubernetes
Hashicorp Vault
Azure KeyVault
AWS Secret manager
GCP Cloud KMS
GCP Secret Manager
AlibabaCloud OOS Parameter Store
HuaweiCloud CSMS

Implementing a new Secret Store

A compliant secret store needs to implement the following interface:

type SecretStore interface {
  // Init authenticates with the actual secret store and performs other init operation
  Init(metadata Metadata) error

  // GetSecret retrieves a secret using a key and returns a map of decrypted string/string values
  GetSecret(req GetSecretRequest) (GetSecretResponse, error)

  // BulkGetSecrets retrieves all secrets in the store and returns a map of decrypted string/string values
  BulkGetSecret(req BulkGetSecretRequest) (BulkGetSecretResponse, error)
}

Documentation ¶

Constants ¶

View Source

const DefaultSecretRefKeyName = "_value"

DefaultSecretRefKeyName is the default key if secretKeyRef.key is not given.

Variables ¶

This section is empty.

Functions ¶

func Ping ¶ added in v1.8.0

func Ping(secretStore SecretStore) error

Types ¶

type BulkGetSecretRequest ¶ added in v1.0.0

type BulkGetSecretRequest struct {
	Metadata map[string]string `json:"metadata"`
}

BulkGetSecretRequest describes a bulk get secret request from a secret store.

type BulkGetSecretResponse ¶ added in v1.0.0

type BulkGetSecretResponse struct {
	Data map[string]map[string]string `json:"data"`
}

BulkGetSecretResponse describes the response object for all the secrets returned from a secret store.

type GetSecretRequest ¶

type GetSecretRequest struct {
	Name     string            `json:"name"`
	Metadata map[string]string `json:"metadata"`
}

GetSecretRequest describes a get secret request from a secret store.

type GetSecretResponse ¶

type GetSecretResponse struct {
	Data map[string]string `json:"data"`
}

GetSecretResponse describes the response object for a secret returned from a secret store.

type Metadata ¶

type Metadata struct {
	Properties map[string]string `json:"properties,omitempty"`
}

Metadata contains a secretstore specific set of metadata properties.

type SecretStore ¶

type SecretStore interface {
	// Init authenticates with the actual secret store and performs other init operation
	Init(metadata Metadata) error
	// GetSecret retrieves a secret using a key and returns a map of decrypted string/string values.
	GetSecret(req GetSecretRequest) (GetSecretResponse, error)
	// BulkGetSecret retrieves all secrets in the store and returns a map of decrypted string/string values.
	BulkGetSecret(req BulkGetSecretRequest) (BulkGetSecretResponse, error)
}

SecretStore is the interface for a component that handles secrets management.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
alicloud
parameterstore
aws
parameterstore
secretmanager
azure
keyvault
gcp
secretmanager
hashicorp
vault
huaweicloud
csms
kubernetes
local
env
file

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL