Documentation ¶
Overview ¶
Package secrets manages and retrieves secrets in the OpenStack Key Manager Service.
Example to List Secrets
createdQuery := &secrets.DateQuery{ Date: time.Date(2049, 6, 7, 1, 2, 3, 0, time.UTC), Filter: secrets.DateFilterLT, } listOpts := secrets.ListOpts{ CreatedQuery: createdQuery, } allPages, err := secrets.List(client, listOpts).AllPages() if err != nil { panic(err) } allSecrets, err := secrets.ExtractSecrets(allPages) if err != nil { panic(err) } for _, v := range allSecrets { fmt.Printf("%v\n", v) }
Example to Get a Secret
secret, err := secrets.Get(client, secretID).Extract() if err != nil { panic(err) } fmt.Printf("%v\n", secret)
Example to Get a Payload
payload, err := secrets.GetPayload(client, secretID).Extract() if err != nil { panic(err) } fmt.Println(string(payload))
Example to Create a Secrets
createOpts := secrets.CreateOpts{ Algorithm: "aes", BitLength: 256, Mode: "cbc", Name: "mysecret", Payload: "super-secret", PayloadContentType: "text/plain", SecretType: secrets.OpaqueSecret, } secret, err := secrets.Create(client, createOpts).Extract() if err != nil { panic(err) } fmt.Println(secret.SecretRef)
Example to Add a Payload
updateOpts := secrets.UpdateOpts{ ContentType: "text/plain", Payload: "super-secret", } err := secrets.Update(client, secretID, updateOpts).ExtractErr() if err != nil { panic(err) }
Example to Delete a Secrets
err := secrets.Delete(client, secretID).ExtractErr() if err != nil { panic(err) }
Example to Create Metadata for a Secret
createOpts := secrets.MetadataOpts{ "foo": "bar", "something": "something else", } ref, err := secrets.CreateMetadata(client, secretID, createOpts).Extract() if err != nil { panic(err) } fmt.Printf("%v\n", ref)
Example to Get Metadata for a Secret
metadata, err := secrets.GetMetadata(client, secretID).Extract() if err != nil { panic(err) } fmt.Printf("%v\n", metadata)
Example to Add Metadata to a Secret
metadatumOpts := secrets.MetadatumOpts{ Key: "foo", Value: "bar", } err := secrets.CreateMetadatum(client, secretID, metadatumOpts).ExtractErr() if err != nil { panic(err) }
Example to Update Metadata of a Secret
metadatumOpts := secrets.MetadatumOpts{ Key: "foo", Value: "bar", } metadatum, err := secrets.UpdateMetadatum(client, secretID, metadatumOpts).Extract() if err != nil { panic(err) } fmt.Printf("%v\n", metadatum)
Example to Delete Metadata of a Secret
err := secrets.DeleteMetadatum(client, secretID, "foo").ExtractErr() if err != nil { panic(err) }
Index ¶
- func List(client *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pager
- type CreateMetadataOptsBuilder
- type CreateMetadatumOptsBuilder
- type CreateOpts
- type CreateOptsBuilder
- type CreateResult
- type DateFilter
- type DateQuery
- type DeleteResult
- type GetPayloadOpts
- type GetPayloadOptsBuilder
- type GetResult
- type ListOpts
- type ListOptsBuilder
- type MetadataCreateResult
- type MetadataOpts
- type MetadataResult
- type Metadatum
- type MetadatumCreateResult
- type MetadatumDeleteResult
- type MetadatumOpts
- type MetadatumResult
- type PayloadResult
- type Secret
- type SecretPage
- type SecretType
- type UpdateMetadatumOptsBuilder
- type UpdateOpts
- type UpdateOptsBuilder
- type UpdateResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func List ¶
func List(client *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pager
List retrieves a list of Secrets.
Types ¶
type CreateMetadataOptsBuilder ¶
CreateMetadataOptsBuilder allows extensions to add additional parameters to the CreateMetadata request.
type CreateMetadatumOptsBuilder ¶
type CreateMetadatumOptsBuilder interface {
ToMetadatumCreateMap() (map[string]interface{}, error)
}
CreateMetadatumOptsBuilder allows extensions to add additional parameters to the CreateMetadatum request.
type CreateOpts ¶
type CreateOpts struct { // Algorithm is the algorithm of the secret. Algorithm string `json:"algorithm,omitempty"` // BitLength is the bit length of the secret. BitLength int `json:"bit_length,omitempty"` // Mode is the mode of encryption for the secret. Mode string `json:"mode,omitempty"` // Name is the name of the secret Name string `json:"name,omitempty"` // Payload is the secret. Payload string `json:"payload,omitempty"` // PayloadContentType is the content type of the payload. PayloadContentType string `json:"payload_content_type,omitempty"` // PayloadContentEncoding is the content encoding of the payload. PayloadContentEncoding string `json:"payload_content_encoding,omitempty"` // SecretType is the type of secret. SecretType SecretType `json:"secret_type,omitempty"` // Expiration is the expiration date of the secret. Expiration *time.Time `json:"-"` }
CreateOpts provides options used to create a secrets.
func (CreateOpts) ToSecretCreateMap ¶
func (opts CreateOpts) ToSecretCreateMap() (map[string]interface{}, error)
ToSecretCreateMap formats a CreateOpts into a create request.
type CreateOptsBuilder ¶
CreateOptsBuilder allows extensions to add additional parameters to the Create request.
type CreateResult ¶
type CreateResult struct {
// contains filtered or unexported fields
}
CreateResult is the response from a Create operation. Call its Extract method to interpret it as a secrets.
func Create ¶
func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult)
Create creates a new secrets.
type DateFilter ¶
type DateFilter string
DateFilter represents a valid filter to use for filtering secrets by their date during a list.
const ( DateFilterGT DateFilter = "gt" DateFilterGTE DateFilter = "gte" DateFilterLT DateFilter = "lt" DateFilterLTE DateFilter = "lte" )
type DateQuery ¶
type DateQuery struct { Date time.Time Filter DateFilter }
DateQuery represents a date field to be used for listing secrets. If no filter is specified, the query will act as if "equal" is used.
type DeleteResult ¶
type DeleteResult struct {
gophercloud.ErrResult
}
DeleteResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.
func Delete ¶
func Delete(client *gophercloud.ServiceClient, id string) (r DeleteResult)
Delete deletes a secrets.
type GetPayloadOpts ¶
type GetPayloadOpts struct {
PayloadContentType string `h:"Accept"`
}
GetPayloadOpts represents options used for obtaining a payload.
func (GetPayloadOpts) ToSecretPayloadGetParams ¶
func (opts GetPayloadOpts) ToSecretPayloadGetParams() (map[string]string, error)
ToSecretPayloadGetParams formats a GetPayloadOpts into a query string.
type GetPayloadOptsBuilder ¶
GetPayloadOptsBuilder allows extensions to add additional parameters to the GetPayload request.
type GetResult ¶
type GetResult struct {
// contains filtered or unexported fields
}
GetResult is the response from a Get operation. Call its Extract method to interpret it as a secrets.
func Get ¶
func Get(client *gophercloud.ServiceClient, id string) (r GetResult)
Get retrieves details of a secrets.
type ListOpts ¶
type ListOpts struct { // Offset is the starting index within the total list of the secrets that // you would like to retrieve. Offset int `q:"offset"` // Limit is the maximum number of records to return. Limit int `q:"limit"` // Name will select all secrets with a matching name. Name string `q:"name"` // Alg will select all secrets with a matching algorithm. Alg string `q:"alg"` // Mode will select all secrets with a matching mode. Mode string `q:"mode"` // Bits will select all secrets with a matching bit length. Bits int `q:"bits"` // SecretType will select all secrets with a matching secret type. SecretType SecretType `q:"secret_type"` // ACLOnly will select all secrets with an ACL that contains the user. ACLOnly *bool `q:"acl_only"` // CreatedQuery will select all secrets with a created date matching // the query. CreatedQuery *DateQuery // UpdatedQuery will select all secrets with an updated date matching // the query. UpdatedQuery *DateQuery // ExpirationQuery will select all secrets with an expiration date // matching the query. ExpirationQuery *DateQuery // Sort will sort the results in the requested order. Sort string `q:"sort"` }
ListOpts provides options to filter the List results.
func (ListOpts) ToSecretListQuery ¶
ToSecretListQuery formats a ListOpts into a query string.
type ListOptsBuilder ¶
ListOptsBuilder allows extensions to add additional parameters to the List request
type MetadataCreateResult ¶
type MetadataCreateResult struct {
gophercloud.Result
}
MetadataCreateResult is the result of a metadata create request. Call its Extract method to interpret it as a map[string]string.
func CreateMetadata ¶
func CreateMetadata(client *gophercloud.ServiceClient, secretID string, opts CreateMetadataOptsBuilder) (r MetadataCreateResult)
CreateMetadata will set metadata for a given secret.
type MetadataOpts ¶
MetadataOpts is a map that contains key-value pairs for secret metadata.
func (MetadataOpts) ToMetadataCreateMap ¶
func (opts MetadataOpts) ToMetadataCreateMap() (map[string]interface{}, error)
ToMetadataCreateMap converts a MetadataOpts into a request body.
type MetadataResult ¶
type MetadataResult struct {
gophercloud.Result
}
MetadataResult is the result of a metadata request. Call its Extract method to interpret it as a map[string]string.
func GetMetadata ¶
func GetMetadata(client *gophercloud.ServiceClient, secretID string) (r MetadataResult)
GetMetadata will list metadata for a given secret.
type MetadatumCreateResult ¶
type MetadatumCreateResult struct {
gophercloud.ErrResult
}
MetadatumCreateResult is the response from a metadata Create operation. Call it's ExtractErr to determine if the request succeeded or failed.
NOTE: This could be a MetadatumResponse but, at the time of testing, it looks like Barbican was returning errneous JSON in the response.
func CreateMetadatum ¶
func CreateMetadatum(client *gophercloud.ServiceClient, secretID string, opts CreateMetadatumOptsBuilder) (r MetadatumCreateResult)
CreateMetadatum will add a single key/value metadata to a secret.
type MetadatumDeleteResult ¶
type MetadatumDeleteResult struct {
gophercloud.ErrResult
}
MetadatumDeleteResult is the response from a metadatum Delete operation. Call its ExtractErr to determine if the request succeeded or failed.
func DeleteMetadatum ¶
func DeleteMetadatum(client *gophercloud.ServiceClient, secretID string, key string) (r MetadatumDeleteResult)
DeleteMetadatum will delete an individual metadatum from a secret.
type MetadatumOpts ¶
type MetadatumOpts struct { Key string `json:"key" required:"true"` Value string `json:"value" required:"true"` }
MetadatumOpts represents a single metadata.
func (MetadatumOpts) ToMetadatumCreateMap ¶
func (opts MetadatumOpts) ToMetadatumCreateMap() (map[string]interface{}, error)
ToMetadatumCreateMap converts a MetadatumOpts into a request body.
func (MetadatumOpts) ToMetadatumUpdateMap ¶
func (opts MetadatumOpts) ToMetadatumUpdateMap() (map[string]interface{}, string, error)
ToMetadatumUpdateMap converts a MetadataOpts into a request body.
type MetadatumResult ¶
type MetadatumResult struct {
gophercloud.Result
}
MetadatumResult is the result of a metadatum request. Call its Extract method to interpret it as a map[string]string.
func GetMetadatum ¶
func GetMetadatum(client *gophercloud.ServiceClient, secretID string, key string) (r MetadatumResult)
GetMetadatum will get a single key/value metadata from a secret.
func UpdateMetadatum ¶
func UpdateMetadatum(client *gophercloud.ServiceClient, secretID string, opts UpdateMetadatumOptsBuilder) (r MetadatumResult)
UpdateMetadatum will update a single key/value metadata to a secret.
func (MetadatumResult) Extract ¶
func (r MetadatumResult) Extract() (*Metadatum, error)
Extract interprets any MetadatumResult as a map[string]string.
type PayloadResult ¶
type PayloadResult struct { gophercloud.Result Body io.ReadCloser }
PayloadResult is the response from a GetPayload operation. Call its Extract method to extract the payload as a string.
func GetPayload ¶
func GetPayload(client *gophercloud.ServiceClient, id string, opts GetPayloadOptsBuilder) (r PayloadResult)
GetPayload retrieves the payload of a secret.
func (PayloadResult) Extract ¶
func (r PayloadResult) Extract() ([]byte, error)
Extract is a function that takes a PayloadResult's io.Reader body and reads all available data into a slice of bytes. Please be aware that due to the nature of io.Reader is forward-only - meaning that it can only be read once and not rewound. You can recreate a reader from the output of this function by using bytes.NewReader(downloadBytes)
type Secret ¶
type Secret struct { // BitLength is the bit length of the secret. BitLength int `json:"bit_length"` // Algorithm is the algorithm type of the secret. Algorithm string `json:"algorithm"` // Expiration is the expiration date of the secret. Expiration time.Time `json:"-"` // ContentTypes are the content types of the secret. ContentTypes map[string]string `json:"content_types"` // Created is the created date of the secret. Created time.Time `json:"-"` // CreatorID is the creator of the secret. CreatorID string `json:"creator_id"` // Mode is the mode of the secret. Mode string `json:"mode"` // Name is the name of the secret. Name string `json:"name"` // SecretRef is the URL to the secret. SecretRef string `json:"secret_ref"` // SecretType represents the type of secret. SecretType string `json:"secret_type"` // Status represents the status of the secret. Status string `json:"status"` // Updated is the updated date of the secret. Updated time.Time `json:"-"` }
Secret represents a secret stored in the key manager service.
func ExtractSecrets ¶
func ExtractSecrets(r pagination.Page) ([]Secret, error)
ExtractSecrets returns a slice of Secrets contained in a single page of results.
func (*Secret) UnmarshalJSON ¶
type SecretPage ¶
type SecretPage struct {
pagination.LinkedPageBase
}
SecretPage is a single page of secrets results.
func (SecretPage) IsEmpty ¶
func (r SecretPage) IsEmpty() (bool, error)
IsEmpty determines whether or not a page of secrets contains any results.
func (SecretPage) NextPageURL ¶
func (r SecretPage) NextPageURL() (string, error)
NextPageURL extracts the "next" link from the links section of the result.
type SecretType ¶
type SecretType string
SecretType represents a valid secret type.
const ( SymmetricSecret SecretType = "symmetric" PublicSecret SecretType = "public" PrivateSecret SecretType = "private" PassphraseSecret SecretType = "passphrase" CertificateSecret SecretType = "certificate" OpaqueSecret SecretType = "opaque" )
type UpdateMetadatumOptsBuilder ¶
type UpdateMetadatumOptsBuilder interface {
ToMetadatumUpdateMap() (map[string]interface{}, string, error)
}
UpdateMetadatumOptsBuilder allows extensions to add additional parameters to the UpdateMetadatum request.
type UpdateOpts ¶
type UpdateOpts struct { // ContentType represents the content type of the payload. ContentType string `h:"Content-Type"` // ContentEncoding represents the content encoding of the payload. ContentEncoding string `h:"Content-Encoding"` // Payload is the payload of the secret. Payload string }
UpdateOpts represents parameters to add a payload to an existing secret which does not already contain a payload.
func (UpdateOpts) ToSecretUpdateRequest ¶
func (opts UpdateOpts) ToSecretUpdateRequest() (string, map[string]string, error)
ToUpdateCreateRequest formats a UpdateOpts into an update request.
type UpdateOptsBuilder ¶
UpdateOptsBuilder allows extensions to add additional parameters to the Update request.
type UpdateResult ¶
type UpdateResult struct {
gophercloud.ErrResult
}
UpdateResult is the response from an Update operation. Call its ExtractErr to determine if the request succeeded or failed.
func Update ¶
func Update(client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult)
Update modifies the attributes of a secrets.