Documentation
¶
Index ¶
- Constants
- type KmsVCInterface
- type TokenProvider
- type VMInterface
- type VaultInterface
- type VaultManagementService
- func (vms *VaultManagementService) Capabilities() esv1beta1.SecretStoreCapabilities
- func (vms *VaultManagementService) Close(_ context.Context) error
- func (vms *VaultManagementService) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushSecretRemoteRef) error
- func (vms *VaultManagementService) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
- func (vms *VaultManagementService) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
- func (vms *VaultManagementService) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
- func (vms *VaultManagementService) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube kclient.Client, ...) (esv1beta1.SecretsClient, error)
- func (vms *VaultManagementService) PushSecret(ctx context.Context, secret *corev1.Secret, data esv1beta1.PushSecretData) error
- func (vms *VaultManagementService) Validate() (esv1beta1.ValidationResult, error)
- func (vms *VaultManagementService) ValidateStore(store esv1beta1.GenericStore) (admission.Warnings, error)
Constants ¶
View Source
const ( SecretNotFound = iota SecretExists SecretAPIError )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type KmsVCInterface ¶ added in v0.6.1
type KmsVCInterface interface {
GetVault(ctx context.Context, request keymanagement.GetVaultRequest) (response keymanagement.GetVaultResponse, err error)
}
type TokenProvider ¶ added in v0.9.9
type TokenProvider struct {
Name string
Namespace string
Audiences []string
Clientset kubernetes.Interface
}
TokenProvider implements the ServiceAccountTokenProvider interface to create service account tokens for OCI authentication.
func NewTokenProvider ¶ added in v0.9.9
func NewTokenProvider(clientset kubernetes.Interface, serviceAccountRef *esmeta.ServiceAccountSelector, namespace string) *TokenProvider
NewTokenProvider creates a new TokenProvider for a given service account.
func (*TokenProvider) ServiceAccountToken ¶ added in v0.9.9
func (t *TokenProvider) ServiceAccountToken() (string, error)
ServiceAccountToken creates a new service account token for OCI authentication.
type VMInterface ¶
type VMInterface interface {
GetSecretBundleByName(ctx context.Context, request secrets.GetSecretBundleByNameRequest) (secrets.GetSecretBundleByNameResponse, error)
}
type VaultInterface ¶ added in v0.9.9
type VaultInterface interface {
ListSecrets(ctx context.Context, request vault.ListSecretsRequest) (response vault.ListSecretsResponse, err error)
CreateSecret(ctx context.Context, request vault.CreateSecretRequest) (response vault.CreateSecretResponse, err error)
UpdateSecret(ctx context.Context, request vault.UpdateSecretRequest) (response vault.UpdateSecretResponse, err error)
ScheduleSecretDeletion(ctx context.Context, request vault.ScheduleSecretDeletionRequest) (response vault.ScheduleSecretDeletionResponse, err error)
}
type VaultManagementService ¶
type VaultManagementService struct {
Client VMInterface
KmsVaultClient KmsVCInterface
VaultClient VaultInterface
// contains filtered or unexported fields
}
func (*VaultManagementService) Capabilities ¶ added in v0.7.0
func (vms *VaultManagementService) Capabilities() esv1beta1.SecretStoreCapabilities
Capabilities return the provider supported capabilities (ReadOnly, WriteOnly, ReadWrite).
func (*VaultManagementService) Close ¶
func (vms *VaultManagementService) Close(_ context.Context) error
func (*VaultManagementService) DeleteSecret ¶ added in v0.7.0
func (vms *VaultManagementService) DeleteSecret(ctx context.Context, remoteRef esv1beta1.PushSecretRemoteRef) error
func (*VaultManagementService) GetAllSecrets ¶ added in v0.5.0
func (vms *VaultManagementService) GetAllSecrets(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error)
func (*VaultManagementService) GetSecret ¶
func (vms *VaultManagementService) GetSecret(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) ([]byte, error)
func (*VaultManagementService) GetSecretMap ¶
func (vms *VaultManagementService) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
func (*VaultManagementService) NewClient ¶
func (vms *VaultManagementService) NewClient(ctx context.Context, store esv1beta1.GenericStore, kube kclient.Client, namespace string) (esv1beta1.SecretsClient, error)
NewClient constructs a new secrets client based on the provided store.
func (*VaultManagementService) PushSecret ¶ added in v0.7.0
func (vms *VaultManagementService) PushSecret(ctx context.Context, secret *corev1.Secret, data esv1beta1.PushSecretData) error
func (*VaultManagementService) Validate ¶ added in v0.4.2
func (vms *VaultManagementService) Validate() (esv1beta1.ValidationResult, error)
func (*VaultManagementService) ValidateStore ¶ added in v0.5.0
func (vms *VaultManagementService) ValidateStore(store esv1beta1.GenericStore) (admission.Warnings, error)
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.