types

package

v3.1.0 Latest Latest Go to latest Published: Nov 6, 2023 License: Apache-2.0 Imports: 3 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edgexfoundry/go-mod-secrets

Links

Open Source Insights

Documentation ¶

Index ¶

type AuthenticationInfo
type BootStrapACLTokenInfo
type ConsulRole
- func NewConsulRole(name string, tokenType ConsulTokenType, policies []Policy, localUse bool) ConsulRole
type ConsulTokenType
type InitResponse
type Policy
type RuntimeTokenProviderInfo
- func (provider RuntimeTokenProviderInfo) BuildProviderURL(path string) (string, error)
type SecretConfig
type TokenMetadata

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthenticationInfo ¶

type AuthenticationInfo struct {
	AuthType  string
	AuthToken string
}

AuthenticationInfo contains authentication information to be used when communicating with an HTTP based provider

type BootStrapACLTokenInfo ¶

type BootStrapACLTokenInfo struct {
	SecretID string   `json:"SecretID"`
	Policies []Policy `json:"Policies"`
}

BootStrapACLTokenInfo is the key portion of the response metadata from consulACLBootstrapAPI

type ConsulRole ¶

type ConsulRole struct {
	RoleName    string   `json:"name"`
	TokenType   string   `json:"token_type"`
	PolicyNames []string `json:"policies,omitempty"`
	Local       bool     `json:"local,omitempty"`
	TimeToLive  string   `json:"TTL,omitempty"`
}

func NewConsulRole ¶

func NewConsulRole(name string, tokenType ConsulTokenType, policies []Policy, localUse bool) ConsulRole

type ConsulTokenType ¶

type ConsulTokenType string

const (
	/*
	 * The following are available Consul token types that can be used for specifying in the role-based tokens
	 * created via /consul/creds secret engine Vault API.
	 * For the details, see reference https://www.vaultproject.io/api/secret/consul#create-update-role
	 */
	// ManagementType is the type of Consul role can be used to create tokens when role-based API /consul/creds is called
	// the management type of created tokens is automatically granted the built-in global management policy
	ManagementType ConsulTokenType = "management"
	// ClientType is the type of Consul role that can be used to create tokens when role-based API /consul/creds is called
	// the regular client type of created tokens is associated with custom policies
	ClientType ConsulTokenType = "client"
)

type InitResponse ¶

type InitResponse struct {
	Keys          []string `json:"keys,omitempty"`
	KeysBase64    []string `json:"keys_base64,omitempty"`
	EncryptedKeys []string `json:"encrypted_keys,omitempty"`
	Nonces        []string `json:"nonces,omitempty"`
	RootToken     string   `json:"root_token,omitempty"`
}

InitResponse contains a Secret Store init response

type Policy ¶

type Policy struct {
	ID   string `json:"ID"`
	Name string `json:"Name"`
}

type RuntimeTokenProviderInfo ¶

type RuntimeTokenProviderInfo struct {
	Enabled        bool
	Protocol       string
	Host           string
	Port           int
	TrustDomain    string
	EndpointSocket string
	// comma-separated list of required secrets for the service
	// currently we have redis in a typical use case
	RequiredSecrets string
}

RuntimeTokenProviderInfo contains the information about the server of a runtime secret token provider

func (RuntimeTokenProviderInfo) BuildProviderURL ¶

func (provider RuntimeTokenProviderInfo) BuildProviderURL(path string) (string, error)

type SecretConfig ¶

type SecretConfig struct {
	Type string
	Host string
	Port int
	// BasePath is the base path to the secret's location in the secret store
	BasePath string
	// SecretsFile is path to optional JSON file containing secrets to seed into service's SecretStore
	SecretsFile    string
	Protocol       string
	Namespace      string
	RootCaCertPath string
	ServerName     string
	Authentication AuthenticationInfo
	// RuntimeTokenProvider could be optional if not using delayed start from a runtime token provider
	RuntimeTokenProvider RuntimeTokenProviderInfo
}

SecretConfig contains configuration settings used to communicate with an HTTP based secret provider

func (SecretConfig) BuildRequestURL ¶

func (c SecretConfig) BuildRequestURL(subPath string) (string, error)

BuildRequestURL constructs a request URL for send the a request to the secrets engine

func (SecretConfig) BuildSecretNameURL ¶

func (c SecretConfig) BuildSecretNameURL(secretName string) (string, error)

BuildSecretNameURL constructs a URL to the service's secret with in it's secret store secretName is the name of the secret in the service's secret store

func (SecretConfig) BuildURL ¶

func (c SecretConfig) BuildURL(path string) (string, error)

BuildURL constructs a URL which can be used to identify a HTTP based secret provider

func (SecretConfig) IsRuntimeProviderEnabled ¶

func (c SecretConfig) IsRuntimeProviderEnabled() bool

IsRuntimeProviderEnabled returns whether the token provider is using runtime token mechanism

type TokenMetadata ¶

type TokenMetadata struct {
	Accessor   string   `json:"accessor"`
	ExpireTime string   `json:"expire_time"`
	Path       string   `json:"path"`
	Policies   []string `json:"policies"`
	Period     int      `json:"period"` // in seconds
	Renewable  bool     `json:"renewable"`
	Ttl        int      `json:"ttl"` // in seconds
}

TokenMetadata has introspection data about a token and is the "data" sub-structure for token lookup, i.e. TokenLookupResponse, and token self-lookup

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL