vault

package

v0.18.0 Latest Latest Go to latest Published: Jan 6, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/finleap-connect/vaultoperator

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func GetIsBinaryKey(key string) string
type AppRoleAuth
type AuthMethod
type Client
- func NewClient(addr, namespace string, method AuthMethod) (*Client, error)
type DevServer
- func NewDevServer() (*DevServer, error)
type TokenAuth
type TokenHandler
- func NewTokenHandler(c *Client, m AuthMethod) *TokenHandler
- func (h *TokenHandler) Close()
- func (h *TokenHandler) WaitForToken(timeout time.Duration) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrTimeout               = errors.New("did not receive vault token within time")
	ErrAuthMethodNotProvided = errors.New("method not provided")
	ErrMissingToken          = errors.New("missing client token")
	ErrNotFound              = errors.New("not found")
)

Functions ¶

func GetIsBinaryKey ¶

func GetIsBinaryKey(key string) string

Types ¶

type AppRoleAuth ¶

type AppRoleAuth struct {
	RoleID   string
	SecretID string
}

AppRoleAuth implements the the AppRole authentication method. See: https://www.vaultproject.io/docs/auth/approle.html

func (*AppRoleAuth) IsRenewable ¶

func (a *AppRoleAuth) IsRenewable() bool

func (a *AppRoleAuth) Login(c *Client) (*api.Secret, error)

func (*AppRoleAuth) Name ¶

func (a *AppRoleAuth) Name() string

type AuthMethod ¶

type AuthMethod interface {
	// Login creates a new authentication token.
	Login(*Client) (*api.Secret, error)
	// Name returns the name of the authentication method.
	Name() string
	// Check if token is renewable
	IsRenewable() bool
}

AuthMethod specifies an authentication method for the Hashicorp Vault API.

type Client ¶

type Client struct {
	*api.Client
	// contains filtered or unexported fields
}

func NewClient ¶

func NewClient(addr, namespace string, method AuthMethod) (*Client, error)

func (*Client) Close ¶

func (c *Client) Close()

func (*Client) CreateOrUpdate ¶

func (c *Client) CreateOrUpdate(path string, data map[string]interface{}) error

func (*Client) Get ¶

func (c *Client) Get(path, field string, version int) (string, error)

func (*Client) GetAll ¶

func (c *Client) GetAll(path string, version int) (map[string]string, error)

type DevServer ¶

type DevServer struct {
	// contains filtered or unexported fields
}

func NewDevServer ¶

func NewDevServer() (*DevServer, error)

func (*DevServer) ExecCommand ¶

func (s *DevServer) ExecCommand(arg ...string) error

func (*DevServer) GetClient ¶

func (s *DevServer) GetClient(namespace string) (*Client, error)

func (*DevServer) Stop ¶

func (s *DevServer) Stop() error

type TokenAuth ¶

type TokenAuth struct {
	Token string
}

func (*TokenAuth) IsRenewable ¶

func (a *TokenAuth) IsRenewable() bool

func (a *TokenAuth) Login(c *Client) (*api.Secret, error)

func (*TokenAuth) Name ¶

func (a *TokenAuth) Name() string

type TokenHandler ¶

type TokenHandler struct {
	// contains filtered or unexported fields
}

TokenHandler automatically deals with the renewal of tokens used for authentication with the Vault API. It uses the AuthMethod to generate new tokens if required (e.g. if the current token is not renewable anymore).

func NewTokenHandler ¶

func NewTokenHandler(c *Client, m AuthMethod) *TokenHandler

NewTokenHandler creates a new TokenHandler.

func (*TokenHandler) Close ¶

func (h *TokenHandler) Close()

Close the token handler and stop the background renewal process.

func (*TokenHandler) WaitForToken ¶

func (h *TokenHandler) WaitForToken(timeout time.Duration) error

WaitForToken blocks until a renewed token or the initial token has been received. It returns an error if no token is received before the timeout is reached.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL