Documentation ¶
Overview ¶
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- func NewTokenSource(ctx context.Context, auth esv1beta1.GCPSMAuth, projectID string, ...) (oauth2.TokenSource, error)
- type Client
- func (c *Client) Close(_ context.Context) error
- func (c *Client) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushRemoteRef) error
- func (c *Client) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
- func (c *Client) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
- func (c *Client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
- func (c *Client) PushSecret(ctx context.Context, payload []byte, remoteRef esv1beta1.PushRemoteRef) error
- func (c *Client) Validate() (esv1beta1.ValidationResult, error)
- type GoogleSecretManagerClient
- type IamClient
- type Provider
Constants ¶
const (
CloudPlatformRole = "https://www.googleapis.com/auth/cloud-platform"
)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Client ¶ added in v0.6.0
type Client struct {
// contains filtered or unexported fields
}
func (*Client) DeleteSecret ¶ added in v0.7.0
func (*Client) GetAllSecrets ¶ added in v0.6.0
func (c *Client) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
GetAllSecrets syncs multiple secrets from gcp provider into a single Kubernetes Secret.
func (*Client) GetSecret ¶ added in v0.6.0
func (c *Client) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
GetSecret returns a single secret from the provider.
func (*Client) GetSecretMap ¶ added in v0.6.0
func (c *Client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
GetSecretMap returns multiple k/v pairs from the provider.
func (*Client) PushSecret ¶ added in v0.7.0
func (c *Client) PushSecret(ctx context.Context, payload []byte, remoteRef esv1beta1.PushRemoteRef) error
PushSecret pushes a kubernetes secret key into gcp provider Secret.
type GoogleSecretManagerClient ¶
type GoogleSecretManagerClient interface { DeleteSecret(ctx context.Context, req *secretmanagerpb.DeleteSecretRequest, opts ...gax.CallOption) error AccessSecretVersion(ctx context.Context, req *secretmanagerpb.AccessSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error) ListSecrets(ctx context.Context, req *secretmanagerpb.ListSecretsRequest, opts ...gax.CallOption) *secretmanager.SecretIterator AddSecretVersion(ctx context.Context, req *secretmanagerpb.AddSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.SecretVersion, error) CreateSecret(ctx context.Context, req *secretmanagerpb.CreateSecretRequest, opts ...gax.CallOption) (*secretmanagerpb.Secret, error) Close() error GetSecret(ctx context.Context, req *secretmanagerpb.GetSecretRequest, opts ...gax.CallOption) (*secretmanagerpb.Secret, error) }
type IamClient ¶ added in v0.3.11
type IamClient interface { GenerateAccessToken(ctx context.Context, req *credentialspb.GenerateAccessTokenRequest, opts ...gax.CallOption) (*credentialspb.GenerateAccessTokenResponse, error) Close() error }
interface to GCP IAM API.
type Provider ¶ added in v0.6.0
type Provider struct{}
Provider is a secrets provider for GCP Secret Manager. It implements the necessary NewClient() and ValidateStore() funcs.
func (*Provider) Capabilities ¶ added in v0.7.0
func (p *Provider) Capabilities() esv1beta1.SecretStoreCapabilities
func (*Provider) NewClient ¶ added in v0.6.0
func (p *Provider) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube kclient.Client, namespace string) (esv1beta1.SecretsClient, error)
NewClient constructs a GCP Provider.
func (*Provider) ValidateStore ¶ added in v0.6.0
func (p *Provider) ValidateStore(store esv1beta1.GenericStore) error