secrets

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 28, 2023 License: Apache-2.0 Imports: 9 Imported by: 23

Documentation

Overview

Package secrets manages and retrieves secrets in the OpenStack Key Manager Service.

Example to List Secrets

createdQuery := &secrets.DateQuery{
	Date:   time.Date(2049, 6, 7, 1, 2, 3, 0, time.UTC),
	Filter: secrets.DateFilterLT,
}

listOpts := secrets.ListOpts{
	CreatedQuery: createdQuery,
}

allPages, err := secrets.List(client, listOpts).AllPages()
if err != nil {
	panic(err)
}

allSecrets, err := secrets.ExtractSecrets(allPages)
if err != nil {
	panic(err)
}

for _, v := range allSecrets {
	fmt.Printf("%v\n", v)
}

Example to Get a Secret

secret, err := secrets.Get(client, secretID).Extract()
if err != nil {
	panic(err)
}

fmt.Printf("%v\n", secret)

Example to Get a Payload

// if "Extract" method is not called, the HTTP connection will remain consumed
payload, err := secrets.GetPayload(client, secretID).Extract()
if err != nil {
	panic(err)
}

fmt.Println(string(payload))

Example to Create a Secrets

createOpts := secrets.CreateOpts{
	Algorithm:         "aes",
	BitLength:          256,
	Mode:               "cbc",
	Name:               "mysecret",
	Payload:            "super-secret",
	PayloadContentType: "text/plain",
	SecretType:         secrets.OpaqueSecret,
}

secret, err := secrets.Create(client, createOpts).Extract()
if err != nil {
	panic(err)
}

fmt.Println(secret.SecretRef)

Example to Add a Payload

updateOpts := secrets.UpdateOpts{
	ContentType: "text/plain",
	Payload:     "super-secret",
}

err := secrets.Update(client, secretID, updateOpts).ExtractErr()
if err != nil {
	panic(err)
}

Example to Delete a Secrets

err := secrets.Delete(client, secretID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Create Metadata for a Secret

createOpts := secrets.MetadataOpts{
	"foo":       "bar",
	"something": "something else",
}

ref, err := secrets.CreateMetadata(client, secretID, createOpts).Extract()
if err != nil {
	panic(err)
}

fmt.Printf("%v\n", ref)

Example to Get Metadata for a Secret

metadata, err := secrets.GetMetadata(client, secretID).Extract()
if err != nil {
	panic(err)
}

fmt.Printf("%v\n", metadata)

Example to Add Metadata to a Secret

metadatumOpts := secrets.MetadatumOpts{
	Key:   "foo",
	Value: "bar",
}

err := secrets.CreateMetadatum(client, secretID, metadatumOpts).ExtractErr()
if err != nil {
	panic(err)
}

Example to Update Metadata of a Secret

metadatumOpts := secrets.MetadatumOpts{
	Key:   "foo",
	Value: "bar",
}

metadatum, err := secrets.UpdateMetadatum(client, secretID, metadatumOpts).Extract()
if err != nil {
	panic(err)
}

fmt.Printf("%v\n", metadatum)

Example to Delete Metadata of a Secret

err := secrets.DeleteMetadatum(client, secretID, "foo").ExtractErr()
if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func List

List retrieves a list of Secrets.

Types

type CreateMetadataOptsBuilder

type CreateMetadataOptsBuilder interface {
	ToMetadataCreateMap() (map[string]interface{}, error)
}

CreateMetadataOptsBuilder allows extensions to add additional parameters to the CreateMetadata request.

type CreateMetadatumOptsBuilder

type CreateMetadatumOptsBuilder interface {
	ToMetadatumCreateMap() (map[string]interface{}, error)
}

CreateMetadatumOptsBuilder allows extensions to add additional parameters to the CreateMetadatum request.

type CreateOpts

type CreateOpts struct {
	// Algorithm is the algorithm of the secret.
	Algorithm string `json:"algorithm,omitempty"`

	// BitLength is the bit length of the secret.
	BitLength int `json:"bit_length,omitempty"`

	// Mode is the mode of encryption for the secret.
	Mode string `json:"mode,omitempty"`

	// Name is the name of the secret
	Name string `json:"name,omitempty"`

	// Payload is the secret.
	Payload string `json:"payload,omitempty"`

	// PayloadContentType is the content type of the payload.
	PayloadContentType string `json:"payload_content_type,omitempty"`

	// PayloadContentEncoding is the content encoding of the payload.
	PayloadContentEncoding string `json:"payload_content_encoding,omitempty"`

	// SecretType is the type of secret.
	SecretType SecretType `json:"secret_type,omitempty"`

	// Expiration is the expiration date of the secret.
	Expiration *time.Time `json:"-"`
}

CreateOpts provides options used to create a secrets.

func (CreateOpts) ToSecretCreateMap

func (opts CreateOpts) ToSecretCreateMap() (map[string]interface{}, error)

ToSecretCreateMap formats a CreateOpts into a create request.

type CreateOptsBuilder

type CreateOptsBuilder interface {
	ToSecretCreateMap() (map[string]interface{}, error)
}

CreateOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateResult

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult is the response from a Create operation. Call its Extract method to interpret it as a secrets.

func Create

func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult)

Create creates a new secrets.

func (CreateResult) Extract

func (r CreateResult) Extract() (*Secret, error)

Extract interprets any commonResult as a Secret.

type DateFilter

type DateFilter string

DateFilter represents a valid filter to use for filtering secrets by their date during a list.

const (
	DateFilterGT  DateFilter = "gt"
	DateFilterGTE DateFilter = "gte"
	DateFilterLT  DateFilter = "lt"
	DateFilterLTE DateFilter = "lte"
)

type DateQuery

type DateQuery struct {
	Date   time.Time
	Filter DateFilter
}

DateQuery represents a date field to be used for listing secrets. If no filter is specified, the query will act as if "equal" is used.

type DeleteResult

type DeleteResult struct {
	gophercloud.ErrResult
}

DeleteResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func Delete

func Delete(client *gophercloud.ServiceClient, id string) (r DeleteResult)

Delete deletes a secrets.

type GetPayloadOpts

type GetPayloadOpts struct {
	PayloadContentType string `h:"Accept"`
}

GetPayloadOpts represents options used for obtaining a payload.

func (GetPayloadOpts) ToSecretPayloadGetParams

func (opts GetPayloadOpts) ToSecretPayloadGetParams() (map[string]string, error)

ToSecretPayloadGetParams formats a GetPayloadOpts into a query string.

type GetPayloadOptsBuilder

type GetPayloadOptsBuilder interface {
	ToSecretPayloadGetParams() (map[string]string, error)
}

GetPayloadOptsBuilder allows extensions to add additional parameters to the GetPayload request.

type GetResult

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult is the response from a Get operation. Call its Extract method to interpret it as a secrets.

func Get

func Get(client *gophercloud.ServiceClient, id string) (r GetResult)

Get retrieves details of a secrets.

func (GetResult) Extract

func (r GetResult) Extract() (*Secret, error)

Extract interprets any commonResult as a Secret.

type ListOpts

type ListOpts struct {
	// Offset is the starting index within the total list of the secrets that
	// you would like to retrieve.
	Offset int `q:"offset"`

	// Limit is the maximum number of records to return.
	Limit int `q:"limit"`

	// Name will select all secrets with a matching name.
	Name string `q:"name"`

	// Alg will select all secrets with a matching algorithm.
	Alg string `q:"alg"`

	// Mode will select all secrets with a matching mode.
	Mode string `q:"mode"`

	// Bits will select all secrets with a matching bit length.
	Bits int `q:"bits"`

	// SecretType will select all secrets with a matching secret type.
	SecretType SecretType `q:"secret_type"`

	// ACLOnly will select all secrets with an ACL that contains the user.
	ACLOnly *bool `q:"acl_only"`

	// CreatedQuery will select all secrets with a created date matching
	// the query.
	CreatedQuery *DateQuery

	// UpdatedQuery will select all secrets with an updated date matching
	// the query.
	UpdatedQuery *DateQuery

	// ExpirationQuery will select all secrets with an expiration date
	// matching the query.
	ExpirationQuery *DateQuery

	// Sort will sort the results in the requested order.
	Sort string `q:"sort"`
}

ListOpts provides options to filter the List results.

func (ListOpts) ToSecretListQuery

func (opts ListOpts) ToSecretListQuery() (string, error)

ToSecretListQuery formats a ListOpts into a query string.

type ListOptsBuilder

type ListOptsBuilder interface {
	ToSecretListQuery() (string, error)
}

ListOptsBuilder allows extensions to add additional parameters to the List request

type MetadataCreateResult

type MetadataCreateResult struct {
	gophercloud.Result
}

MetadataCreateResult is the result of a metadata create request. Call its Extract method to interpret it as a map[string]string.

func CreateMetadata

func CreateMetadata(client *gophercloud.ServiceClient, secretID string, opts CreateMetadataOptsBuilder) (r MetadataCreateResult)

CreateMetadata will set metadata for a given secret.

func (MetadataCreateResult) Extract

func (r MetadataCreateResult) Extract() (map[string]string, error)

Extract interprets any MetadataCreateResult as a map[string]string.

type MetadataOpts

type MetadataOpts map[string]string

MetadataOpts is a map that contains key-value pairs for secret metadata.

func (MetadataOpts) ToMetadataCreateMap

func (opts MetadataOpts) ToMetadataCreateMap() (map[string]interface{}, error)

ToMetadataCreateMap converts a MetadataOpts into a request body.

type MetadataResult

type MetadataResult struct {
	gophercloud.Result
}

MetadataResult is the result of a metadata request. Call its Extract method to interpret it as a map[string]string.

func GetMetadata

func GetMetadata(client *gophercloud.ServiceClient, secretID string) (r MetadataResult)

GetMetadata will list metadata for a given secret.

func (MetadataResult) Extract

func (r MetadataResult) Extract() (map[string]string, error)

Extract interprets any MetadataResult as map[string]string.

type Metadatum

type Metadatum struct {
	Key   string `json:"key"`
	Value string `json:"value"`
}

Metadatum represents an individual metadata.

type MetadatumCreateResult

type MetadatumCreateResult struct {
	gophercloud.ErrResult
}

MetadatumCreateResult is the response from a metadata Create operation. Call it's ExtractErr to determine if the request succeeded or failed.

NOTE: This could be a MetadatumResponse but, at the time of testing, it looks like Barbican was returning errneous JSON in the response.

func CreateMetadatum

func CreateMetadatum(client *gophercloud.ServiceClient, secretID string, opts CreateMetadatumOptsBuilder) (r MetadatumCreateResult)

CreateMetadatum will add a single key/value metadata to a secret.

type MetadatumDeleteResult

type MetadatumDeleteResult struct {
	gophercloud.ErrResult
}

MetadatumDeleteResult is the response from a metadatum Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func DeleteMetadatum

func DeleteMetadatum(client *gophercloud.ServiceClient, secretID string, key string) (r MetadatumDeleteResult)

DeleteMetadatum will delete an individual metadatum from a secret.

type MetadatumOpts

type MetadatumOpts struct {
	Key   string `json:"key" required:"true"`
	Value string `json:"value" required:"true"`
}

MetadatumOpts represents a single metadata.

func (MetadatumOpts) ToMetadatumCreateMap

func (opts MetadatumOpts) ToMetadatumCreateMap() (map[string]interface{}, error)

ToMetadatumCreateMap converts a MetadatumOpts into a request body.

func (MetadatumOpts) ToMetadatumUpdateMap

func (opts MetadatumOpts) ToMetadatumUpdateMap() (map[string]interface{}, string, error)

ToMetadatumUpdateMap converts a MetadataOpts into a request body.

type MetadatumResult

type MetadatumResult struct {
	gophercloud.Result
}

MetadatumResult is the result of a metadatum request. Call its Extract method to interpret it as a map[string]string.

func GetMetadatum

func GetMetadatum(client *gophercloud.ServiceClient, secretID string, key string) (r MetadatumResult)

GetMetadatum will get a single key/value metadata from a secret.

func UpdateMetadatum

func UpdateMetadatum(client *gophercloud.ServiceClient, secretID string, opts UpdateMetadatumOptsBuilder) (r MetadatumResult)

UpdateMetadatum will update a single key/value metadata to a secret.

func (MetadatumResult) Extract

func (r MetadatumResult) Extract() (*Metadatum, error)

Extract interprets any MetadatumResult as a map[string]string.

type PayloadResult

type PayloadResult struct {
	gophercloud.Result
	Body io.ReadCloser
}

PayloadResult is the response from a GetPayload operation. Call its Extract method to extract the payload as a string.

func GetPayload

func GetPayload(client *gophercloud.ServiceClient, id string, opts GetPayloadOptsBuilder) (r PayloadResult)

GetPayload retrieves the payload of a secret.

func (PayloadResult) Extract

func (r PayloadResult) Extract() ([]byte, error)

Extract is a function that takes a PayloadResult's io.Reader body and reads all available data into a slice of bytes. Please be aware that due to the nature of io.Reader is forward-only - meaning that it can only be read once and not rewound. You can recreate a reader from the output of this function by using bytes.NewReader(downloadBytes)

type Secret

type Secret struct {
	// BitLength is the bit length of the secret.
	BitLength int `json:"bit_length"`

	// Algorithm is the algorithm type of the secret.
	Algorithm string `json:"algorithm"`

	// Expiration is the expiration date of the secret.
	Expiration time.Time `json:"-"`

	// ContentTypes are the content types of the secret.
	ContentTypes map[string]string `json:"content_types"`

	// Created is the created date of the secret.
	Created time.Time `json:"-"`

	// CreatorID is the creator of the secret.
	CreatorID string `json:"creator_id"`

	// Mode is the mode of the secret.
	Mode string `json:"mode"`

	// Name is the name of the secret.
	Name string `json:"name"`

	// SecretRef is the URL to the secret.
	SecretRef string `json:"secret_ref"`

	// SecretType represents the type of secret.
	SecretType string `json:"secret_type"`

	// Status represents the status of the secret.
	Status string `json:"status"`

	// Updated is the updated date of the secret.
	Updated time.Time `json:"-"`
}

Secret represents a secret stored in the key manager service.

func ExtractSecrets

func ExtractSecrets(r pagination.Page) ([]Secret, error)

ExtractSecrets returns a slice of Secrets contained in a single page of results.

func (*Secret) UnmarshalJSON

func (r *Secret) UnmarshalJSON(b []byte) error

type SecretPage

type SecretPage struct {
	pagination.LinkedPageBase
}

SecretPage is a single page of secrets results.

func (SecretPage) IsEmpty

func (r SecretPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of secrets contains any results.

func (SecretPage) NextPageURL

func (r SecretPage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type SecretType

type SecretType string

SecretType represents a valid secret type.

const (
	SymmetricSecret   SecretType = "symmetric"
	PublicSecret      SecretType = "public"
	PrivateSecret     SecretType = "private"
	PassphraseSecret  SecretType = "passphrase"
	CertificateSecret SecretType = "certificate"
	OpaqueSecret      SecretType = "opaque"
)

type UpdateMetadatumOptsBuilder

type UpdateMetadatumOptsBuilder interface {
	ToMetadatumUpdateMap() (map[string]interface{}, string, error)
}

UpdateMetadatumOptsBuilder allows extensions to add additional parameters to the UpdateMetadatum request.

type UpdateOpts

type UpdateOpts struct {
	// ContentType represents the content type of the payload.
	ContentType string `h:"Content-Type"`

	// ContentEncoding represents the content encoding of the payload.
	ContentEncoding string `h:"Content-Encoding"`

	// Payload is the payload of the secret.
	Payload string
}

UpdateOpts represents parameters to add a payload to an existing secret which does not already contain a payload.

func (UpdateOpts) ToSecretUpdateRequest

func (opts UpdateOpts) ToSecretUpdateRequest() (string, map[string]string, error)

ToUpdateCreateRequest formats a UpdateOpts into an update request.

type UpdateOptsBuilder

type UpdateOptsBuilder interface {
	ToSecretUpdateRequest() (string, map[string]string, error)
}

UpdateOptsBuilder allows extensions to add additional parameters to the Update request.

type UpdateResult

type UpdateResult struct {
	gophercloud.ErrResult
}

UpdateResult is the response from an Update operation. Call its ExtractErr to determine if the request succeeded or failed.

func Update

func Update(client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult)

Update modifies the attributes of a secrets.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL