Documentation ¶
Overview ¶
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- type KmsVCInterface
- type TokenProvider
- type VMInterface
- type VaultInterface
- type VaultManagementService
- func (vms *VaultManagementService) Capabilities() esv1beta1.SecretStoreCapabilities
- func (vms *VaultManagementService) Close(_ context.Context) error
- func (vms *VaultManagementService) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushSecretRemoteRef) error
- func (vms *VaultManagementService) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
- func (vms *VaultManagementService) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
- func (vms *VaultManagementService) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
- func (vms *VaultManagementService) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube kclient.Client, ...) (esv1beta1.SecretsClient, error)
- func (vms *VaultManagementService) PushSecret(ctx context.Context, secret *corev1.Secret, data esv1beta1.PushSecretData) error
- func (vms *VaultManagementService) Validate() (esv1beta1.ValidationResult, error)
- func (vms *VaultManagementService) ValidateStore(store esv1beta1.GenericStore) (admission.Warnings, error)
Constants ¶
const ( SecretNotFound = iota SecretExists SecretAPIError )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type KmsVCInterface ¶ added in v0.6.1
type KmsVCInterface interface {
GetVault(ctx context.Context, request keymanagement.GetVaultRequest) (response keymanagement.GetVaultResponse, err error)
}
type TokenProvider ¶ added in v0.9.9
type TokenProvider struct { Name string Namespace string Audiences []string Clientset kubernetes.Interface }
TokenProvider implements the ServiceAccountTokenProvider interface to create service account tokens for OCI authentication.
func NewTokenProvider ¶ added in v0.9.9
func NewTokenProvider(clientset kubernetes.Interface, serviceAccountRef *esmeta.ServiceAccountSelector, namespace string) *TokenProvider
NewTokenProvider creates a new TokenProvider for a given service account.
func (*TokenProvider) ServiceAccountToken ¶ added in v0.9.9
func (t *TokenProvider) ServiceAccountToken() (string, error)
ServiceAccountToken creates a new service account token for OCI authentication.
type VMInterface ¶
type VMInterface interface {
GetSecretBundleByName(ctx context.Context, request secrets.GetSecretBundleByNameRequest) (secrets.GetSecretBundleByNameResponse, error)
}
type VaultInterface ¶ added in v0.9.9
type VaultInterface interface { ListSecrets(ctx context.Context, request vault.ListSecretsRequest) (response vault.ListSecretsResponse, err error) CreateSecret(ctx context.Context, request vault.CreateSecretRequest) (response vault.CreateSecretResponse, err error) UpdateSecret(ctx context.Context, request vault.UpdateSecretRequest) (response vault.UpdateSecretResponse, err error) ScheduleSecretDeletion(ctx context.Context, request vault.ScheduleSecretDeletionRequest) (response vault.ScheduleSecretDeletionResponse, err error) }
type VaultManagementService ¶
type VaultManagementService struct { Client VMInterface KmsVaultClient KmsVCInterface VaultClient VaultInterface // contains filtered or unexported fields }
func (*VaultManagementService) Capabilities ¶ added in v0.7.0
func (vms *VaultManagementService) Capabilities() esv1beta1.SecretStoreCapabilities
Capabilities return the provider supported capabilities (ReadOnly, WriteOnly, ReadWrite).
func (*VaultManagementService) Close ¶
func (vms *VaultManagementService) Close(_ context.Context) error
func (*VaultManagementService) DeleteSecret ¶ added in v0.7.0
func (vms *VaultManagementService) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushSecretRemoteRef) error
func (*VaultManagementService) GetAllSecrets ¶ added in v0.5.0
func (vms *VaultManagementService) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
func (*VaultManagementService) GetSecret ¶
func (vms *VaultManagementService) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
func (*VaultManagementService) GetSecretMap ¶
func (vms *VaultManagementService) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
func (*VaultManagementService) NewClient ¶
func (vms *VaultManagementService) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube kclient.Client, namespace string) (esv1beta1.SecretsClient, error)
NewClient constructs a new secrets client based on the provided store.
func (*VaultManagementService) PushSecret ¶ added in v0.7.0
func (vms *VaultManagementService) PushSecret(ctx context.Context, secret *corev1.Secret, data esv1beta1.PushSecretData) error
func (*VaultManagementService) Validate ¶ added in v0.4.2
func (vms *VaultManagementService) Validate() (esv1beta1.ValidationResult, error)
func (*VaultManagementService) ValidateStore ¶ added in v0.5.0
func (vms *VaultManagementService) ValidateStore(store esv1beta1.GenericStore) (admission.Warnings, error)