Documentation
¶
Overview ¶
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Package conjur provides a Conjur provider for External Secrets.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- type Client
- func (p *Client) Close(_ context.Context) error
- func (p *Client) DeleteSecret(_ context.Context, _ esv1beta1.PushSecretRemoteRef) error
- func (p *Client) GetAllSecrets(_ context.Context, _ esv1beta1.ExternalSecretFind) (map[string][]byte, error)
- func (p *Client) GetConjurClient(ctx context.Context) (SecretsClient, error)
- func (p *Client) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
- func (p *Client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
- func (p *Client) PushSecret(_ context.Context, _ *corev1.Secret, _ esv1beta1.PushSecretData) error
- func (p *Client) Validate() (esv1beta1.ValidationResult, error)
- type ClientAPIImpl
- type Provider
- type SecretsClient
- type SecretsClientFactory
Constants ¶
const JwtLifespan = 600 // 10 minutes
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
StoreKind string
// contains filtered or unexported fields
}
Client is a provider for Conjur.
func (*Client) DeleteSecret ¶ added in v0.9.6
func (*Client) GetAllSecrets ¶ added in v0.9.6
func (p *Client) GetAllSecrets(_ context.Context, _ esv1beta1.ExternalSecretFind) (map[string][]byte, error)
GetAllSecrets returns all secrets from the provider. NOT IMPLEMENTED.
func (*Client) GetConjurClient ¶ added in v0.9.6
func (p *Client) GetConjurClient(ctx context.Context) (SecretsClient, error)
func (*Client) GetSecret ¶ added in v0.9.6
func (p *Client) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
GetSecret returns a single secret from the provider.
func (*Client) GetSecretMap ¶ added in v0.9.6
func (p *Client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
GetSecretMap returns multiple k/v pairs from the provider.
func (*Client) PushSecret ¶ added in v0.9.6
PushSecret will write a single secret into the provider.
type ClientAPIImpl ¶ added in v0.9.6
type ClientAPIImpl struct{}
ClientAPIImpl is an implementation of the ClientAPI interface.
func (*ClientAPIImpl) NewClientFromJWT ¶ added in v0.9.6
func (c *ClientAPIImpl) NewClientFromJWT(config conjurapi.Config, jwtToken, jwtServiceID string) (SecretsClient, error)
NewClientFromJWT creates a new Conjur client from a JWT token. cannot use the built-in function "conjurapi.NewClientFromJwt" because it requires environment variables see: https://github.com/cyberark/conjur-api-go/blob/b698692392a38e5d38b8440f32ab74206544848a/conjurapi/client.go#L130
func (*ClientAPIImpl) NewClientFromKey ¶ added in v0.9.6
func (c *ClientAPIImpl) NewClientFromKey(config conjurapi.Config, loginPair authn.LoginPair) (SecretsClient, error)
type Provider ¶
type Provider struct {
NewConjurProvider func(context context.Context, store esv1beta1.GenericStore, kube client.Client, namespace string, corev1 typedcorev1.CoreV1Interface, clientApi SecretsClientFactory) (esv1beta1.SecretsClient, error)
}
func (*Provider) Capabilities ¶
func (c *Provider) Capabilities() esv1beta1.SecretStoreCapabilities
Capabilities returns the provider Capabilities (Read, Write, ReadWrite).
func (*Provider) NewClient ¶
func (c *Provider) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, namespace string) (esv1beta1.SecretsClient, error)
NewClient creates a new Conjur client.
func (*Provider) ValidateStore ¶
ValidateStore validates the store.
type SecretsClient ¶ added in v0.9.6
SecretsClient is an interface for the Conjur client.
type SecretsClientFactory ¶ added in v0.9.6
type SecretsClientFactory interface {
NewClientFromKey(config conjurapi.Config, loginPair authn.LoginPair) (SecretsClient, error)
NewClientFromJWT(config conjurapi.Config, jwtToken string, jwtServiceID string) (SecretsClient, error)
}
SecretsClientFactory is an interface for creating a Conjur client.
Source Files
Directories