Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TokenFileWriter ¶
type TokenFileWriter struct {
// contains filtered or unexported fields
}
TokenFileWriter is a mechanism to generates a token and writes it into a file specified by configuration
func NewWriter ¶
func NewWriter(lc logger.LoggingClient, sc secrets.SecretStoreClient, fileOpener fileioperformer.FileIoPerformer) TokenFileWriter
NewWriter instantiates a TokenFileWriter instance
func (TokenFileWriter) CreateAndWrite ¶
func (w TokenFileWriter) CreateAndWrite(rootToken string, tokenFilePath string, createTokenFunc tokencreatable.CreateTokenFunc) (tokencreatable.RevokeFunc, error)
CreateAndWrite generates a new token and writes it to the file specified by tokenFilePath the generation of the token requires root token privilege it overwrites the file if already exists returns error if anything fails during the whole process
func (TokenFileWriter) CreateMgmtTokenForConsulSecretsEngine ¶
func (w TokenFileWriter) CreateMgmtTokenForConsulSecretsEngine(rootToken string) (map[string]interface{}, tokencreatable.RevokeFunc, error)
CreateMgmtTokenForConsulSecretsEngine creates a new Vault token that allows the Consul bootstrapper to operate on managing Vault's Consul secrets engine related APIs (see reference: https://www.vaultproject.io/api-docs/secret/consul). The created Vault token is meant for serving the purpose of Consul ACL's bootstrapping as part of securing Consul process.
Requires a root token to create, and returns data/information containing the token, keeping the token without revoking it and hence always returning nil RevokeFunc in order to conform to the input type tokencreatable.CreateTokenFunc as its function argument; this function returns non-nil error if anything goes wrong during the creation. this function conforms to the signature of the tokencreatable.CreateTokenFunc type so that it can be passed to CreateAndWrite()
Source Files