Documentation
¶
Index ¶
- Constants
- func AppendAPIEndpoint(siteUrl string) string
- func ContainsSecret(secrets []models.Secret, key string) bool
- func EnsureUniqueSecretsByKey(secrets *[]models.Secret)
- func GetAwsEC2IdentityDocumentRegion(timeout int) (string, error)
- func GetAwsRegion() (string, error)
- func GetAzureMetadataToken(httpClient *resty.Client, customResource string) (string, error)
- func GetGCPIamServiceAccountToken(identityID string, serviceAccountKeyPath string) (string, error)
- func GetGCPMetadataToken(httpClient *resty.Client, identityID string) (string, error)
- func GetKubernetesServiceAccountToken(serviceAccountTokenPath string) (string, error)
- func SortSecretsByKeys(secrets []models.Secret) []models.Secret
- func TryParseErrorBody(res *resty.Response) string
- type AuthMethod
Constants ¶
View Source
const ( // Universal auth: INFISICAL_UNIVERSAL_AUTH_CLIENT_ID_ENV_NAME = "INFISICAL_UNIVERSAL_AUTH_CLIENT_ID" INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET_ENV_NAME = "INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET" // GCP auth: INFISICAL_GCP_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_GCP_AUTH_IDENTITY_ID" INFISICAL_GCP_IAM_SERVICE_ACCOUNT_KEY_FILE_PATH_ENV_NAME = "INFISICAL_GCP_IAM_SERVICE_ACCOUNT_KEY_FILE_PATH" // AWS auth: INFISICAL_AWS_IAM_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_AWS_IAM_AUTH_IDENTITY_ID" // Azure auth: INFISICAL_AZURE_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_AZURE_AUTH_IDENTITY_ID" // Kubernetes auth: INFISICAL_KUBERNETES_IDENTITY_ID_ENV_NAME = "INFISICAL_KUBERNETES_IDENTITY_ID" INFISICAL_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH_ENV_NAME = "INFISICAL_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH" // OIDC auth: INFISICAL_OIDC_AUTH_IDENTITY_ID_ENV_NAME = "INFISICAL_OIDC_AUTH_IDENTITY_ID" // Access token: INFISICAL_ACCESS_TOKEN_ENV_NAME = "INFISICAL_ACCESS_TOKEN" // AWS metadata service: AWS_EC2_METADATA_TOKEN_URL = "http://169.254.169.254/latest/api/token" AWS_EC2_INSTANCE_IDENTITY_DOCUMENT_URL = "http://169.254.169.254/latest/dynamic/instance-identity/document" // Azure metadata service: AZURE_METADATA_SERVICE_URL = "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=" // End of the URL needs to be appended with the resource AZURE_DEFAULT_RESOURCE = "https%3A%2F%2Fmanagement.azure.com/" )
Auth related:
View Source
const ( DEFAULT_INFISICAL_API_URL = "https://app.infisical.com/api" DEFAULT_KUBERNETES_SERVICE_ACCOUNT_TOKEN_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/token" )
General:
Variables ¶
This section is empty.
Functions ¶
func AppendAPIEndpoint ¶
func ContainsSecret ¶
containsSecret checks if the given key exists in the slice of secrets
func GetAwsRegion ¶
func GetAzureMetadataToken ¶
func GetGCPMetadataToken ¶
func SortSecretsByKeys ¶
Helper function to sort the secrets by key so we can create a consistent output
func TryParseErrorBody ¶
func TryParseErrorBody(res *resty.Response) string
If the status code is 400, there will most likely always be a body. The body is a json object with a message key. we need to try to parse it, but if it fails, we can just return an empty string. But if the status code is 500, there may not be a body. if there is, it will be a json object with a message key. we need to try to parse it, but if it fails, we can just return an empty string
Types ¶
type AuthMethod ¶
type AuthMethod string
const ( ACCESS_TOKEN AuthMethod = "ACCESS_TOKEN" UNIVERSAL_AUTH AuthMethod = "UNIVERSAL_AUTH" GCP_ID_TOKEN AuthMethod = "GCP_ID_TOKEN" GCP_IAM AuthMethod = "GCP_IAM" AWS_IAM AuthMethod = "AWS_IAM" KUBERNETES AuthMethod = "KUBERNETES" AZURE AuthMethod = "AZURE" OIDC_AUTH AuthMethod = "OIDC_AUTH" )
Source Files
Click to show internal directories.
Click to hide internal directories.