agentint

package
v1.2.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 26, 2020 License: MPL-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrRenewerMissingInput  = errors.New("missing input to renewer")
	ErrRenewerMissingSecret = errors.New("missing secret to renew")
	ErrRenewerNotRenewable  = errors.New("secret is not renewable")
	ErrRenewerNoSecretData  = errors.New("returned empty secret data")

	// DefaultRenewerRenewBuffer is the default size of the buffer for renew
	// messages on the channel.
	DefaultRenewerRenewBuffer = 5
)

Functions

This section is empty.

Types

type Renewer

type Renewer struct {
	// contains filtered or unexported fields
}

Renewer is a process for renewing a secret.

renewer, err := client.NewRenewer(&RenewerInput{
	Secret: mySecret,
})
go renewer.Renew()
defer renewer.Stop()

for {
	select {
	case err := <-renewer.DoneCh():
		if err != nil {
			log.Fatal(err)
		}

		// Renewal is now over
	case renewal := <-renewer.RenewCh():
		log.Printf("Successfully renewed: %#v", renewal)
	}
}

The `DoneCh` will return if renewal fails or if the remaining lease duration after a renewal is less than or equal to the grace (in number of seconds). In both cases, the caller should attempt a re-read of the secret or reauthenticate to get a new token. Clients should check the return value of the channel to see if renewal was successful.

func NewRenewer

func NewRenewer(c *api.Client, i *RenewerInput) (*Renewer, error)

NewRenewer creates a new Renewer from the given input.

func (*Renewer) DoneCh

func (r *Renewer) DoneCh() <-chan error

DoneCh returns the channel where the Renewer will publish when renewal stops. If there is an error, this will be an error.

func (*Renewer) Renew

func (r *Renewer) Renew()

Renew starts a background process for renewing this secret. When the secret has auth data, this attempts to renew the auth (token). When the secret has a lease, this attempts to renew the lease.

func (*Renewer) RenewCh

func (r *Renewer) RenewCh() <-chan *renewOutput

RenewCh is a channel that receives a message when a successful renewal takes place and includes metadata about the renewal.

func (*Renewer) Stop

func (r *Renewer) Stop()

Stop stops the Renewer.

type RenewerInput

type RenewerInput struct {
	// Secret is the secret to renew
	Secret *api.Secret

	// DEPRECATED: this does not do anything.
	Grace time.Duration

	// Rand is the randomizer to use for underlying randomization. If not
	// provided, one will be generated and seeded automatically. If provided, it
	// is assumed to have already been seeded.
	Rand *rand.Rand

	// RenewBuffer is the size of the buffered channel where renew messages are
	// dispatched.
	RenewBuffer int

	// The new TTL, in seconds, that should be set on the lease. The TTL set
	// here may or may not be honored by the vault server, based on Vault
	// configuration or any associated max TTL values.
	Increment int
}

RenewerInput is used as input to the renew function.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL