Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticationInfo ¶
AuthenticationInfo contains authentication information to be used when communicating with an HTTP based provider
type BootStrapACLTokenInfo ¶
type BootStrapACLTokenInfo struct {
SecretID string `json:"SecretID"`
Policies []Policy `json:"Policies"`
}
BootStrapACLTokenInfo is the key portion of the response metadata from consulACLBootstrapAPI
type InitResponse ¶
type InitResponse struct {
Keys []string `json:"keys,omitempty"`
KeysBase64 []string `json:"keys_base64,omitempty"`
EncryptedKeys []string `json:"encrypted_keys,omitempty"`
Nonces []string `json:"nonces,omitempty"`
RootToken string `json:"root_token,omitempty"`
}
InitResponse contains a Secret Store init response
type RuntimeTokenProviderInfo ¶
type RuntimeTokenProviderInfo struct {
Enabled bool
Protocol string
Host string
Port int
TrustDomain string
EndpointSocket string
// comma-separated list of required secrets for the service
// currently we have redis in a typical use case
RequiredSecrets string
}
RuntimeTokenProviderInfo contains the information about the server of a runtime secret token provider
func (RuntimeTokenProviderInfo) BuildProviderURL ¶
func (provider RuntimeTokenProviderInfo) BuildProviderURL(path string) (string, error)
type SecretConfig ¶
type SecretConfig struct {
Type string
Host string
Port int
// BasePath is the base path to the secret's location in the secret store
BasePath string
// SecretsFile is path to optional JSON file containing secrets to seed into service's SecretStore
SecretsFile string
Protocol string
Namespace string
RootCaCertPath string
ServerName string
Authentication AuthenticationInfo
// RuntimeTokenProvider could be optional if not using delayed start from a runtime token provider
RuntimeTokenProvider RuntimeTokenProviderInfo
}
SecretConfig contains configuration settings used to communicate with an HTTP based secret provider
func (SecretConfig) BuildRequestURL ¶
func (c SecretConfig) BuildRequestURL(subPath string) (string, error)
BuildRequestURL constructs a request URL for send the a request to the secrets engine
func (SecretConfig) BuildSecretNameURL ¶
func (c SecretConfig) BuildSecretNameURL(secretName string) (string, error)
BuildSecretNameURL constructs a URL to the service's secret with in it's secret store secretName is the name of the secret in the service's secret store
func (SecretConfig) BuildURL ¶
func (c SecretConfig) BuildURL(path string) (string, error)
BuildURL constructs a URL which can be used to identify a HTTP based secret provider
func (SecretConfig) IsRuntimeProviderEnabled ¶
func (c SecretConfig) IsRuntimeProviderEnabled() bool
IsRuntimeProviderEnabled returns whether the token provider is using runtime token mechanism
type TokenMetadata ¶
type TokenMetadata struct {
Accessor string `json:"accessor"`
ExpireTime string `json:"expire_time"`
Path string `json:"path"`
Policies []string `json:"policies"`
Period int `json:"period"` // in seconds
Renewable bool `json:"renewable"`
Ttl int `json:"ttl"` // in seconds
}
TokenMetadata has introspection data about a token and is the "data" sub-structure for token lookup, i.e. TokenLookupResponse, and token self-lookup
Source Files