The highest tagged major version is v4.

secrets

package

v2.0.0-dev.8 Latest Latest Go to latest Published: Mar 1, 2021 License: Apache-2.0 Imports: 6 Imported by: 4

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/edgexfoundry/go-mod-secrets

Documentation ¶

Index ¶

Constants
type SecretClient
- func NewSecretsClient(ctx context.Context, config types.SecretConfig, lc logger.LoggingClient, ...) (SecretClient, error)
type SecretStoreClient
- func NewSecretStoreClient(config types.SecretConfig, lc logger.LoggingClient, requester pkg.Caller) (SecretStoreClient, error)

Constants ¶

View Source

const Vault = "vault"

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type SecretClient ¶

type SecretClient interface {
	// GetSecrets retrieves secrets from a secret store.
	// subPath specifies the type or location of the secrets to retrieve. If specified it is appended
	// to the base path from the SecretConfig
	// keys specifies the secrets which to retrieve. If no keys are provided then all the keys associated with the
	// specified path will be returned.
	GetSecrets(subPath string, keys ...string) (map[string]string, error)

	// StoreSecrets stores the secrets to a secret store.
	// it sets the values requested at provided keys
	// subPath specifies the type or location of the secrets to store. If specified it is appended
	// to the base path from the SecretConfig
	// secrets map specifies the "key": "value" pairs of secrets to store
	StoreSecrets(subPath string, secrets map[string]string) error
}

SecretClient provides a contract for storing and retrieving secrets from a secret store provider.

func NewSecretsClient ¶

func NewSecretsClient(ctx context.Context, config types.SecretConfig, lc logger.LoggingClient, callback pkg.TokenExpiredCallback) (SecretClient, error)

NewSecretsClient creates a new instance of a SecretClient based on the passed in configuration. The SecretClient allows access to secret(s) for the configured token.

type SecretStoreClient ¶

type SecretStoreClient interface {
	HealthCheck() (int, error)
	Init(secretThreshold int, secretShares int) (types.InitResponse, error)
	Unseal(keysBase64 []string) error
	InstallPolicy(token string, policyName string, policyDocument string) error
	CheckSecretEngineInstalled(token string, mountPoint string, engine string) (bool, error)
	EnableKVSecretEngine(token string, mountPoint string, kvVersion string) error
	EnableConsulSecretEngine(token string, mountPoint string, defaultLeaseTTL string) error
	RegenRootToken(keys []string) (string, error)
	CreateToken(token string, parameters map[string]interface{}) (map[string]interface{}, error)
	ListTokenAccessors(token string) ([]string, error)
	RevokeTokenAccessor(token string, accessor string) error
	LookupTokenAccessor(token string, accessor string) (types.TokenMetadata, error)
	LookupToken(token string) (types.TokenMetadata, error)
	RevokeToken(token string) error
}

SecretStoreClient provides a contract for managing a Secret Store from a secret store provider.

func NewSecretStoreClient ¶

func NewSecretStoreClient(config types.SecretConfig, lc logger.LoggingClient, requester pkg.Caller) (SecretStoreClient, error)

NewSecretStoreClient creates a new instance of a SecretClient based on the passed in configuration. The SecretStoreClient provides management functionality to manage the secret store.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL