Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RegisterDynamicSecretDependency ¶ added in v0.3.1
func RegisterDynamicSecretDependency(dep SecretsSubscriber, vlt *Vault, dc chan<- bool)
RegisterDynamicSecretDependency by registering
Types ¶
type Auth ¶
type Auth struct {
ClientToken string `json:"client_token"`
Accessor string `json:"accessor"`
Policies []string `json:"policies"`
}
Auth contains the token information for authenticating Vault requests
type Config ¶
type Config struct {
Addr string
PemCert string
GithubToken string
K8ServicePath string
K8MountPath string
K8Role string
}
Config contains the configuration information needed to do the initial setup of a Vault connection
type Metadata ¶
type Metadata struct {
Role string `json:"role"`
ServiceAccountName string `json:"service_account_name"`
ServiceAccountNamespace string `json:"service_account_namespace"`
ServiceAccountSecretName string `json:"service_account_secret_name"`
ServiceAccountUID string `json:"service_account_uid"`
}
Metadata contains important metadata for the Vault Token
type Secret ¶
type Secret struct {
RequestID string `json:"client_token"`
LeaseID string `json:"lease_id"`
Renewable bool `json:"renewable"`
LeaseDuration int `json:"lease_duration"`
Data map[string]string `json:"data"`
}
Secret contains all data from a Vault secret
type SecretSubscriptionSpec ¶ added in v0.3.1
type SecretSubscriptionSpec struct {
Paths []string
CallbackChan chan<- UpdatedSecret
}
SecretSubscriptionSpec a specification of the paths to the secrets that a subscriber is interested in
type SecretsSubscriber ¶ added in v0.3.1
type SecretsSubscriber interface {
GetSubscriptionSpec() SecretSubscriptionSpec
ReceiveAtStartup(UpdatedSecret)
// Here we assume that the subscriber starts its own
// go routine for receiving updated secrets on the channel
StartSecretsListener()
}
SecretsSubscriber implementors have are dependant on secrets (connections strings, service account credentials and similar), and want the dynamic aspects to be handled automatically.
type Token ¶
type Token struct {
Auth Auth `json:"auth"`
Metadata Metadata `json:"metadata"`
LeaseDuration int `json:"lease_duration"`
Renewable bool `json:"renewable"`
}
Token is used for authenticating Vault requests
type UpdatedSecret ¶ added in v0.3.1
UpdatedSecret a new version of a secret
func (UpdatedSecret) GetAllData ¶ added in v0.3.1
func (us UpdatedSecret) GetAllData() map[string]string
GetAllData combines all data in all secrets to a single map
type Vault ¶
Vault contains all information needed to get and interact with Vault secrets, after initial configuration.
func New ¶
New initiaizes a new Vault prepares it for interacting with secrets. It reads configuration information from the environment, configures a HTTP client and gets an authentification token to get secrets.
func (*Vault) Authenticate ¶
Authenticate uses supplied login information to authenticate to Vault and get an authentification token
Source Files