secrets

Documentation

Index

• Constants
• type Fetcher
• type PGPSigningSecret
  • func Fetch(namespace string, name string) (*PGPSigningSecret, error)
• type PgpKey
  • func NewPgpKey(privateKeyStr string, passphrase string, publicKeyStr string) (*PgpKey, error)
  • func (key *PgpKey) Fingerprint() string
  • func (key *PgpKey) PrivateKey() *packet.PrivateKey
  • func (key *PgpKey) PublicKey() *packet.PublicKey

Constants

const (
	// Public Key constant for Attestation Secrets.
	PrivateKey = "private"
	// Private Key constant for Attestation Secrets.
	PublicKey = "public"
	// Passphrase constant for Attestation Secrets.
	Passphrase = "passphrase"
)

Types

type Fetcher

type Fetcher func(namespace string, name string) (*PGPSigningSecret, error)

Fetcher is the function used to fetch kubernetes secret.

type PGPSigningSecret

type PGPSigningSecret struct {
	PgpKey     *PgpKey
	SecretName string
}

PGPSigningSecret represents gpg private/public key pair secret in your kubernetes cluster, where private key was decrypted with the passphrase. The secret expects private and public key to be stored in "private" and "public" keys, and private key to be decrypted with the "passphrase" key e.g. kubectl create secret generic my-secret --from-file=public=pub.gpg \ --from-file=private=priv.key --from-literal=passphrase=<value>

func Fetch

func Fetch(namespace string, name string) (*PGPSigningSecret, error)

Fetch fetches kubernetes secret

type PgpKey

type PgpKey struct {
	// contains filtered or unexported fields
}

PgpKey struct converts the base64 encoded PEM keys into openpgp private and public keys

func NewPgpKey

func NewPgpKey(privateKeyStr string, passphrase string, publicKeyStr string) (*PgpKey, error)

func (*PgpKey) Fingerprint

func (key *PgpKey) Fingerprint() string

func (*PgpKey) PrivateKey

func (key *PgpKey) PrivateKey() *packet.PrivateKey

func (*PgpKey) PublicKey

func (key *PgpKey) PublicKey() *packet.PublicKey